diff options
Diffstat (limited to 'id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java')
-rw-r--r-- | id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java | 128 |
1 files changed, 60 insertions, 68 deletions
diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java index 26635e337..1dcaf4c95 100644 --- a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java @@ -64,10 +64,8 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException; import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; /** - * Class that wraps the operations over SAML tokens, both generation and - * validation of SAML requests and SAML responses. Compliant with "OASIS Secure - * Assertion Markup Language (SAML) 2.0, May 2005", but taking into account - * STORK specific requirements. + * Class that wraps the operations over SAML tokens, both generation and validation of SAML requests and SAML responses. Compliant with "OASIS Secure Assertion Markup Language (SAML) 2.0, May 2005", + * but taking into account STORK specific requirements. * * @author fjquevedo * @author iinigo @@ -85,8 +83,7 @@ public class SAMLEngine { private static Map<String, Map<String, Object>> instances; /** The logger. */ - private static final Logger LOG = LoggerFactory.getLogger(SAMLEngine.class - .getName()); + private static final Logger LOG = LoggerFactory.getLogger(SAMLEngine.class.getName()); /** The Constant MODULE_SIGN_CONF. */ private static final String MODULE_SIGN_CONF = "SignatureConf"; @@ -100,7 +97,14 @@ public class SAMLEngine { /** The Constant SAML_ENGINE_FILE_CONF. */ private static final String SAML_ENGINE_FILE_CONF = "fileConfiguration"; - /** The codification of characters. */ + /** + * Additional trust store for HW signing + */ + private static final String HW_TRUST_STORE_CONF = "softTrustStoreConfig"; + + /** + * The codification of characters. + */ private static final String CHARACTER_ENCODING = "UTF-8"; /** The SAML core. */ @@ -109,7 +113,6 @@ public class SAMLEngine { /** The Module of Signature. */ private SAMLEngineSignI signer; - /** Initializes the SAML engine. */ /** Configure Document Builder Factory. */ @@ -134,23 +137,16 @@ public class SAMLEngine { } /** - * Method that initializes the basic services for the SAML Engine, like the - * OpenSAML library and the BouncyCastle provider. + * Method that initializes the basic services for the SAML Engine, like the OpenSAML library and the BouncyCastle provider. */ private static void startUp() { LOG.info("SAMLEngine: Initialize OpenSAML"); - - -/* Commented because it makes a problems with PVP2 MOA-ID - try { - DefaultBootstrap.bootstrap(); - } catch (ConfigurationException e) { - LOG.error("Problem initializing the OpenSAML library."); - throw new STORKSAMLEngineRuntimeException(e); - } -*/ + /* + * Commented because it makes a problems with PVP2 MOA-ID try { DefaultBootstrap.bootstrap(); } catch (ConfigurationException e) { LOG.error("Problem initializing the OpenSAML library."); + * throw new STORKSAMLEngineRuntimeException(e); } + */ LOG.debug("Read all file configurations. (instances of SAMLEngine)"); try { @@ -162,8 +158,7 @@ public class SAMLEngine { LOG.debug("Create all instances of saml engine. (instances of SAMLEngine)"); try { - instances = ConfigurationCreator - .createConfiguration(instanceConfigs); + instances = ConfigurationCreator.createConfiguration(instanceConfigs); } catch (STORKSAMLEngineException e) { LOG.error("Error initializing instances from Stork SAML engine."); throw new STORKSAMLEngineRuntimeException(e); @@ -173,12 +168,13 @@ public class SAMLEngine { /** * Instantiates a new SAML engine. * - * @param nameInstance the name instance + * @param nameInstance + * the name instance * - * @throws STORKSAMLEngineException the STORKSAML engine exception + * @throws STORKSAMLEngineException + * the STORKSAML engine exception */ - protected SAMLEngine(final String nameInstance) - throws STORKSAMLEngineException { + protected SAMLEngine(final String nameInstance) throws STORKSAMLEngineException { LOG.info("Loading Specific Configuration."); LOG.debug("Create intance of saml messages."); @@ -187,8 +183,7 @@ public class SAMLEngine { if (instance == null || instance.isEmpty()) { LOG.error("Instance: " + nameInstance + " not exist."); - throw new STORKSAMLEngineException("Instance: " + nameInstance - + " not exist."); + throw new STORKSAMLEngineException("Instance: " + nameInstance + " not exist."); } Properties properties = (Properties) instance.get(SAML_ENGINE_CONF); @@ -200,12 +195,10 @@ public class SAMLEngine { samlCore = new STORKSAMLCore(properties); - final HashMap<String, String> propertiesSign = (HashMap<String, String>) instance - .get(MODULE_SIGN_CONF); + final HashMap<String, String> propertiesSign = (HashMap<String, String>) instance.get(MODULE_SIGN_CONF); LOG.debug("Loading Module of sign."); - signer = SignModuleFactory.getInstance(propertiesSign - .get(SAML_ENGINE_SIGN_CLASS)); + signer = SignModuleFactory.getInstance(propertiesSign.get(SAML_ENGINE_SIGN_CLASS)); try { LOG.info("Initialize module of sign."); @@ -213,8 +206,7 @@ public class SAMLEngine { LOG.info("Load cryptographic service provider of module of sign."); signer.loadCryptServiceProvider(); } catch (SAMLEngineException e) { - LOG.error("Error create signature module: " - + propertiesSign.get(SAML_ENGINE_FILE_CONF)); + LOG.error("Error create signature module: " + propertiesSign.get(SAML_ENGINE_FILE_CONF)); LOG.info("Exception" + e); throw new STORKSAMLEngineException(e); } @@ -239,30 +231,28 @@ public class SAMLEngine { } /** - * Method that transform the received SAML object into a byte array - * representation. + * Method that transform the received SAML object into a byte array representation. * - * @param samlToken the SAML token. + * @param samlToken + * the SAML token. * * @return the byte[] of the SAML token. * - * @throws SAMLEngineException the SAML engine exception + * @throws SAMLEngineException + * the SAML engine exception */ - private byte[] marshall(final XMLObject samlToken) - throws SAMLEngineException { + private byte[] marshall(final XMLObject samlToken) throws SAMLEngineException { try { javax.xml.parsers.DocumentBuilder docBuilder = null; - final MarshallerFactory marshallerFactory = Configuration - .getMarshallerFactory(); + final MarshallerFactory marshallerFactory = Configuration.getMarshallerFactory(); final Marshaller marshaller; if (samlToken.getElementQName().toString().endsWith(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) marshaller = new CustomAttributeQueryMarshaller(); else - marshaller = marshallerFactory - .getMarshaller(samlToken); + marshaller = marshallerFactory.getMarshaller(samlToken); docBuilder = dbf.newDocumentBuilder(); @@ -274,13 +264,12 @@ public class SAMLEngine { final DOMSource domSource = new DOMSource(doc); final StringWriter writer = new StringWriter(); final StreamResult result = new StreamResult(writer); - final TransformerFactory transFactory = TransformerFactory - .newInstance(); + final TransformerFactory transFactory = TransformerFactory.newInstance(); Transformer transformer; transformer = transFactory.newTransformer(); transformer.transform(domSource, result); - LOG.debug("SAML request \n"+ writer.toString()); + LOG.debug("SAML request \n" + writer.toString()); return writer.toString().getBytes(CHARACTER_ENCODING); } catch (ParserConfigurationException e) { @@ -304,14 +293,15 @@ public class SAMLEngine { /** * Method that signs a SAML Token. * - * @param tokenSaml the token SAML + * @param tokenSaml + * the token SAML * * @return the SAML object sign * - * @throws SAMLEngineException the SAML engine exception + * @throws SAMLEngineException + * the SAML engine exception */ - private SignableSAMLObject sign(final SignableSAMLObject tokenSaml) - throws SAMLEngineException { + private SignableSAMLObject sign(final SignableSAMLObject tokenSaml) throws SAMLEngineException { LOG.debug("Sign SamlToken."); signer.sign(tokenSaml); return tokenSaml; @@ -320,31 +310,32 @@ public class SAMLEngine { /** * Sign and transform to byte array. * - * @param samlToken the SAML token + * @param samlToken + * the SAML token * * @return the byte[] of the SAML token * - * @throws SAMLEngineException the SAML engine exception + * @throws SAMLEngineException + * the SAML engine exception */ - protected final byte[] signAndMarshall(final SignableSAMLObject samlToken) - throws SAMLEngineException { + protected final byte[] signAndMarshall(final SignableSAMLObject samlToken) throws SAMLEngineException { LOG.debug("Marshall Saml Token."); SignableSAMLObject signElement = sign(samlToken); return marshall(signElement); } /** - * Method that unmarshalls a SAML Object from a byte array representation to - * an XML Object. + * Method that unmarshalls a SAML Object from a byte array representation to an XML Object. * - * @param samlToken Byte array representation of a SAML Object + * @param samlToken + * Byte array representation of a SAML Object * * @return XML Object (superclass of SAMLObject) * - * @throws SAMLEngineException the SAML engine exception + * @throws SAMLEngineException + * the SAML engine exception */ - protected final XMLObject unmarshall(final byte[] samlToken) - throws SAMLEngineException { + protected final XMLObject unmarshall(final byte[] samlToken) throws SAMLEngineException { try { // Get parser pool manager final BasicParserPool ppMgr = new BasicParserPool(); @@ -358,12 +349,12 @@ public class SAMLEngine { // Parse SAMLToken Document document = ppMgr.parse(new ByteArrayInputStream(samlToken)); - if (document != null){ + if (document != null) { final Element root = document.getDocumentElement(); // Get appropriate unmarshaller final UnmarshallerFactory unmarshallerFact = Configuration.getUnmarshallerFactory(); // Unmarshall using the SAML Token root element - if (unmarshallerFact != null && root != null){ + if (unmarshallerFact != null && root != null) { final Unmarshaller unmarshaller; if (root.getLocalName().equals(CustomAttributeQuery.DEFAULT_ELEMENT_LOCAL_NAME)) unmarshaller = new CustomAttributeQueryUnmarshaller(); @@ -371,7 +362,7 @@ public class SAMLEngine { unmarshaller = unmarshallerFact.getUnmarshaller(root); try { return unmarshaller.unmarshall(root); - } catch (NullPointerException e){ + } catch (NullPointerException e) { LOG.error("Error element tag incomplet or null."); throw new SAMLEngineException("NullPointerException", e); } @@ -398,14 +389,15 @@ public class SAMLEngine { /** * Method that validates an XML Signature contained in a SAML Token. * - * @param samlToken the SAML token + * @param samlToken + * the SAML token * * @return the SAML object * - * @throws SAMLEngineException the SAML engine exception + * @throws SAMLEngineException + * the SAML engine exception */ - protected final SAMLObject validateSignature( - final SignableSAMLObject samlToken) throws SAMLEngineException { + protected final SAMLObject validateSignature(final SignableSAMLObject samlToken) throws SAMLEngineException { LOG.info("Validate Signature"); signer.validateSignature(samlToken); |