diff options
Diffstat (limited to 'id/server/modules/moa-id-modules-saml1')
6 files changed, 60 insertions, 57 deletions
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml index 323edee8d..0463bf8d9 100644 --- a/id/server/modules/moa-id-modules-saml1/pom.xml +++ b/id/server/modules/moa-id-modules-saml1/pom.xml @@ -26,6 +26,13 @@ </dependency> <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-commons</artifactId> + <type>test-jar</type> + <scope>test</scope> + </dependency> + + <dependency> <groupId>MOA.id.server</groupId> <artifactId>moa-id-lib</artifactId> </dependency> diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java index fc04fa9a7..f6c8cb6e3 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java @@ -29,9 +29,9 @@ import java.text.MessageFormat; import java.util.Calendar; import java.util.List; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index c421bf8cc..d3ebffdfd 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -22,16 +22,12 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.saml1; -import java.util.List; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; @@ -43,7 +39,6 @@ import at.gv.egovernment.moa.id.data.SLOInformationInterface; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.URLEncoder; -import eu.eidas.auth.commons.IPersonalAttributeList; @Service("SAML1_GetArtifactAction") public class GetArtifactAction implements IAction { @@ -74,13 +69,16 @@ public class GetArtifactAction implements IAction { try { IOAAuthParameters oaParam = req.getOnlineApplicationConfiguration(); + //TODO: add eIDAS to SAML1 protocol if it is really necessary + // add other stork attributes to MOA assertion if available - IPersonalAttributeList storkAttributes = authData.getGenericData( - AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, - IPersonalAttributeList.class); +// IPersonalAttributeList storkAttributes = authData.getGenericData( +// AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, +// IPersonalAttributeList.class); + Object storkAttributes = null; if(null != storkAttributes) { - List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = saml1server.addAdditionalSTORKAttributes(storkAttributes); - authData.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes); +// List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = saml1server.addAdditionalSTORKAttributes(storkAttributes); +// authData.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes); Logger.info("MOA assertion assembled and SAML Artifact generated."); } diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationData.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationData.java index d48c0a9bb..2a7cce89e 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationData.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationData.java @@ -49,7 +49,7 @@ package at.gv.egovernment.moa.id.protocols.saml1; import java.text.ParseException; import java.util.List; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index 0ec0d95a2..df8f13544 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -25,7 +25,6 @@ package at.gv.egovernment.moa.id.protocols.saml1; import java.io.ByteArrayOutputStream; import java.io.IOException; import java.util.List; -import java.util.Vector; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -37,7 +36,6 @@ import javax.xml.namespace.QName; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; -import org.apache.commons.lang3.StringEscapeUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.w3c.dom.Element; @@ -51,8 +49,6 @@ import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; @@ -63,6 +59,7 @@ import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import at.gv.egovernment.moa.id.commons.api.IRequest; +import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters; import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -82,8 +79,6 @@ import at.gv.util.xsd.persondata.IdentificationType.Value; import at.gv.util.xsd.persondata.PersonNameType; import at.gv.util.xsd.persondata.PersonNameType.FamilyName; import at.gv.util.xsd.persondata.PhysicalPersonType; -import eu.eidas.auth.commons.IPersonalAttributeList; -import eu.eidas.auth.commons.PersonalAttribute; //import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; @Service("SAML1AuthenticationServer") @@ -95,7 +90,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { * time out in milliseconds used by {@link cleanup} for authentication data * store */ - private static final long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes + private static final int authDataTimeOut = 2 * 60 * 1000; // default 2 minutes public Throwable getErrorResponse(String samlArtifact) throws AuthenticationException { @@ -127,41 +122,43 @@ public class SAML1AuthenticationServer extends AuthenticationServer { return error; } - /** - * Transforms additional STORK attributes to MOA Extended attributes - * @param iPersonalAttributeList STORK attribute list - * @return - */ - public List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) { - List<ExtendedSAMLAttribute> moaExtendedSAMLAttributeList = new Vector<ExtendedSAMLAttribute>(); - - if(null == iPersonalAttributeList) - return moaExtendedSAMLAttributeList; - - Logger.trace("Adding the following attributes to MOA assertion: "); - int count = 0; - - for (PersonalAttribute attribute : iPersonalAttributeList) { - Object attributeValue = attribute.getValue(); - if (null == attributeValue) - attributeValue = attribute.getComplexValue(); - - // escape attributeValue - attributeValue = StringEscapeUtils.escapeXml10(attributeValue.toString()); - // and remove trailing and tailing brackets. Might break something but we never saw an array with more than one entry! - attributeValue = ((String) attributeValue).substring(1, ((String) attributeValue).length() - 1); - - ExtendedSAMLAttribute extendedSAMLAttribute = - new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0); - moaExtendedSAMLAttributeList.add(extendedSAMLAttribute); - count++; - Logger.trace("Additional attribute: " + attribute.getName()); - } - - Logger.debug("Added " + count + " STORK attribute(s) to the MOA assertion."); - - return moaExtendedSAMLAttributeList; - } + + //TODO: add eIDAS to SAML1 protocol if it is really necessary +// /** +// * Transforms additional STORK attributes to MOA Extended attributes +// * @param iPersonalAttributeList STORK attribute list +// * @return +// */ +// public List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) { +// List<ExtendedSAMLAttribute> moaExtendedSAMLAttributeList = new Vector<ExtendedSAMLAttribute>(); +// +// if(null == iPersonalAttributeList) +// return moaExtendedSAMLAttributeList; +// +// Logger.trace("Adding the following attributes to MOA assertion: "); +// int count = 0; +// +// for (PersonalAttribute attribute : iPersonalAttributeList) { +// Object attributeValue = attribute.getValue(); +// if (null == attributeValue) +// attributeValue = attribute.getComplexValue(); +// +// // escape attributeValue +// attributeValue = StringEscapeUtils.escapeXml10(attributeValue.toString()); +// // and remove trailing and tailing brackets. Might break something but we never saw an array with more than one entry! +// attributeValue = ((String) attributeValue).substring(1, ((String) attributeValue).length() - 1); +// +// ExtendedSAMLAttribute extendedSAMLAttribute = +// new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0); +// moaExtendedSAMLAttributeList.add(extendedSAMLAttribute); +// count++; +// Logger.trace("Additional attribute: " + attribute.getName()); +// } +// +// Logger.debug("Added " + count + " STORK attribute(s) to the MOA assertion."); +// +// return moaExtendedSAMLAttributeList; +// } /** @@ -210,7 +207,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { protocolRequest.getOAURL(), protocolRequest.getRequestID(), null); - authenticationDataStore.put(samlArtifact, error); + authenticationDataStore.put(samlArtifact, error, authDataTimeOut); return samlArtifact; } @@ -721,7 +718,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { //synchronized (authenticationDataStore) { Logger.debug("Assertion stored for SAML Artifact: " + samlArtifact); - authenticationDataStore.put(samlArtifact, samlAssertion); + authenticationDataStore.put(samlArtifact, samlAssertion,authDataTimeOut); //} } catch (AuthenticationException ex) { diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java index 42fafc01e..1d3525626 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java @@ -26,6 +26,7 @@ import java.util.ArrayList; import java.util.Collection; import java.util.List; +import org.opensaml.saml2.metadata.provider.MetadataProvider; import org.springframework.beans.factory.config.BeanDefinition; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; @@ -81,7 +82,7 @@ public class SAML1RequestImpl extends RequestImpl { * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes() */ @Override - public Collection<String> getRequestedAttributes() { + public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) { List<String> reqAttr = new ArrayList<String>(); reqAttr.addAll(SAML1Protocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION); |