diff options
Diffstat (limited to 'id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java')
-rw-r--r-- | id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java | 33 |
1 files changed, 19 insertions, 14 deletions
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java index 189fcd2f6..4a5511df4 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java @@ -99,7 +99,18 @@ import com.google.gson.JsonObject; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.IAuthData; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.utils.Random; +import at.gv.egiz.eaaf.modules.pvp2.api.IPVP2BasicConfiguration; +import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException; +import at.gv.egiz.eaaf.modules.pvp2.idp.exception.SAMLRequestNotSignedException; +import at.gv.egiz.eaaf.modules.pvp2.idp.impl.builder.PVP2AssertionBuilder; +import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils; +import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionAttributeExtractorExeption; +import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionValidationExeption; +import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants; import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.Pair; @@ -116,17 +127,8 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.data.IMOAAuthData; import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSignedException; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; @@ -141,6 +143,9 @@ import iaik.x509.X509Certificate; @Service("SSOContainerUtils") public class SSOContainerUtils { + @Autowired(required=true) private IPVP2BasicConfiguration pvpConfiguration; + @Autowired(required=true) private PVP2AssertionBuilder assertionBuilder; + private static final String PVP_HOLDEROFKEY_NAME = PVPConstants.URN_OID_PREFIX + "1.2.40.0.10.2.1.1.261.xx.xx"; @@ -272,7 +277,7 @@ public class SSOContainerUtils { } - public Response validateReceivedSSOContainer(String signedEncryptedContainer) throws IOException, XMLParserException, UnmarshallingException, MOAIDException { + public Response validateReceivedSSOContainer(String signedEncryptedContainer) throws IOException, XMLParserException, UnmarshallingException, MOAIDException, SAMLRequestNotSignedException, NoCredentialsException, CredentialsNotAvailableException, AssertionValidationExeption { final BasicParserPool ppMgr = new BasicParserPool(); final HashMap<String, Boolean> features = new HashMap<String, Boolean>(); features.put(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE); @@ -296,7 +301,7 @@ public class SSOContainerUtils { } catch (ValidationException e) { Logger.error("Failed to validate Signature", e); throw new SAMLRequestNotSignedException(e); - } + } Credential credential = credentials.getIDPAssertionSigningCredential(); if (credential == null) { @@ -340,7 +345,7 @@ public class SSOContainerUtils { public String generateSignedAndEncryptedSSOContainer(String authURL, IAuthenticationSession authSession, Date date, byte[] hashedSecret) { try { - String entityID = PVPConfiguration.getInstance().getIDPSSOMetadataService(authURL); + String entityID = pvpConfiguration.getIDPEntityId(authURL); AuthnContextClassRef authnContextClassRef = SAML2Utils .createSAMLObject(AuthnContextClassRef.class); authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel()); @@ -369,7 +374,7 @@ public class SSOContainerUtils { IMOAAuthData authData = new SSOTransferAuthenticationData(authConfig, authSession); - Assertion assertion = PVP2AssertionBuilder.buildGenericAssertion( + Assertion assertion = assertionBuilder.buildGenericAssertion( entityID, entityID, new DateTime(date.getTime()), @@ -405,7 +410,7 @@ public class SSOContainerUtils { return container.toString(); - } catch (ConfigurationException | EncryptionException | CredentialsNotAvailableException | SecurityException | ParserConfigurationException | MarshallingException | SignatureException | TransformerFactoryConfigurationError | TransformerException | IOException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchPaddingException e) { + } catch (EncryptionException | SecurityException | ParserConfigurationException | MarshallingException | SignatureException | TransformerFactoryConfigurationError | TransformerException | IOException | InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchPaddingException | EAAFException e) { Logger.warn("SSO container generation FAILED.", e); } |