diff options
Diffstat (limited to 'id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java')
-rw-r--r-- | id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java | 238 |
1 files changed, 0 insertions, 238 deletions
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java deleted file mode 100644 index 7f06c604b..000000000 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/PVPAuthenticationProvider.java +++ /dev/null @@ -1,238 +0,0 @@ -/* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ -package at.gv.egovernment.moa.id.protocols.stork2.attributeproviders; - -import java.io.StringWriter; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; - -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.IAuthData; -import at.gv.egovernment.moa.id.protocols.stork2.ExternalAttributeRequestRequiredException; -import at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest; -import at.gv.egovernment.moa.id.protocols.stork2.UnsupportedAttributeException; -import at.gv.egovernment.moa.id.util.HTTPUtils; -import at.gv.egovernment.moa.id.util.VelocityProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.StringUtils; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -/** - * @author tlenz - * - */ -public class PVPAuthenticationProvider extends AttributeProvider { - - private String destination = null; - private MOASTORKRequest moastorkRequest = null; - - /** - * @param attributes - * @param attributes2 - */ - public PVPAuthenticationProvider(String url, String attributes) { - super(attributes); - this.destination = url; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute, java.lang.String, at.gv.egovernment.moa.id.data.IAuthData) - */ - @Override - protected IPersonalAttributeList acquire(PersonalAttribute attribute, - MOASTORKRequest moastorkRequest, IAuthData authData) - throws UnsupportedAttributeException, - ExternalAttributeRequestRequiredException, MOAIDException { - - this.moastorkRequest = moastorkRequest; - // break if we cannot handle the requested attribute - if (!getSupportedAttributeNames().contains(attribute.getName())) { - Logger.info("Attribute " + attribute.getName() + " not supported by the provider: " + getAttrProviderName()); - throw new UnsupportedAttributeException(); - - } - - Logger.info("Thrown external request by: " + getAttrProviderName()); - throw new ExternalAttributeRequestRequiredException(this); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#performRedirect(java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) - */ - @Override - public void performRedirect(String url, HttpServletRequest req, - HttpServletResponse resp, OAAuthParameter oaParam) - throws MOAIDException { - - String spSector = "Business"; - String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); - String spApplication = spInstitution; - String spCountryCode = moastorkRequest.getSpCountry(); - - if ((spCountryCode == null) || (spCountryCode.length()<2)) { - spCountryCode = oaParam.getTarget(); - Logger.info("Setting spcountry target: " + oaParam.getTarget()); - Logger.info("idlink ident " + oaParam.getIdentityLinkDomainIdentifier()); - Logger.info("idlink type " + oaParam.getIdentityLinkDomainIdentifierType()); - Logger.info("Setting spcountry target friendly : " + oaParam.getTargetFriendlyName()); - Logger.info("Oatype : " + oaParam.getOaType()); - Logger.info("puburl : " + oaParam.getPublicURLPrefix()); - if ("STORK".equals(oaParam.getIdentityLinkDomainIdentifierType())) { - - spCountryCode = oaParam.getIdentityLinkDomainIdentifier().substring(oaParam.getIdentityLinkDomainIdentifier().length()-2); - Logger.info("Set to " +spCountryCode); - } - - } - - //generate AttrQueryRequest - STORKAuthnRequest authRequest = new STORKAuthnRequest(); - authRequest.setDestination(destination); - authRequest.setAssertionConsumerServiceURL(url); - authRequest.setIssuer(HTTPUtils.getBaseURL(req)); - authRequest.setQaa(oaParam.getQaaLevel()); - authRequest.setSpInstitution(spInstitution); - authRequest.setCountry(spCountryCode); - authRequest.setSpCountry(spCountryCode); - authRequest.setSpApplication(spApplication); - authRequest.setProviderName(spApplication); - authRequest.setSpSector(spSector); - authRequest.setPersonalAttributeList(moastorkRequest.getPersonalAttributeList()); - - authRequest.setCitizenCountryCode("AT"); - //authRequest.setQaa(oaParam.getQaaLevel()); - authRequest.setQaa(moastorkRequest.getStorkAuthnRequest().getQaa()); - - - - - Logger.info("STORK AttrRequest successfully assembled."); - - STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP"); - try { - - authRequest = samlEngine.generateSTORKAuthnRequest(authRequest); - } catch (STORKSAMLEngineException e) { - Logger.error("Could not sign STORK SAML AttrRequest.", e); - throw new MOAIDException("stork.00", null); - } - - Logger.info("STORK AttrRequest successfully signed!"); - - //validate AuthnRequest - try { - samlEngine.validateSTORKAuthnRequest(authRequest.getTokenSaml()); - } catch (STORKSAMLEngineException e) { - Logger.error("STORK SAML AuthnRequest not valid.", e); - throw new MOAIDException("stork.01", null); - } - - Logger.debug("STORK AuthnRequest successfully internally validated."); - - try { - Logger.trace("Initialize VelocityEngine..."); - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); - VelocityContext context = new VelocityContext(); - context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authRequest.getTokenSaml())); - context.put("action", destination); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); - - } catch (Exception e) { - Logger.error("Error sending STORK SAML AttrRequest.", e); - throw new MOAIDException("stork.11", null); - - } - Logger.info("STORK AttrRequest successfully rendered!"); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) - */ - @Override - public IPersonalAttributeList parse(HttpServletRequest httpReq) - throws UnsupportedAttributeException, MOAIDException { - - throw new UnsupportedAttributeException(); - -// Logger.info(this.getClass().getSimpleName() + " tries to extract SAMLResponse out of HTTP Request"); -// //extract STORK Response from HTTP Request -// //Decodes SAML Response -// byte[] decSamlToken; -// try { -// decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); -// } catch(NullPointerException e) { -// throw new UnsupportedAttributeException(); -// } -// -// //Get SAMLEngine instance -// STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); -// -// STORKAuthnResponse authnResponse = null; -// try { -// //validate SAML Token -// Logger.debug("Starting validation of SAML response"); -// authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, (String) httpReq.getRemoteHost()); -// Logger.info("SAML response successfully verified!"); -// -// }catch(STORKSAMLEngineException e){ -// Logger.error("Failed to verify STORK SAML Response", e); -// throw new MOAIDException("stork.05", null); -// } -// -// return authnResponse.getPersonalAttributeList(); - - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider#getPriority() - */ - @Override - public int getPriority() { - return 1; - } - - public String getAttrProviderName() { - return this.getClass().getName(); - } -} |