aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
Diffstat (limited to 'id/server')
-rw-r--r--id/server/auth-edu/pom.xml2
-rw-r--r--id/server/auth-final/pom.xml2
-rw-r--r--id/server/data/deploy/conf/moa-id/moa-id.properties3
-rw-r--r--id/server/idserverlib/pom.xml12
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java314
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java2
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java3
-rw-r--r--id/server/moa-id-commons/pom.xml849
-rw-r--r--id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java2
-rw-r--r--id/server/moa-id-frontend-resources/pom.xml2
-rw-r--r--id/server/moa-id-jaxb_classes/pom.xml2
-rw-r--r--id/server/moa-id-spring-initializer/pom.xml2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-E-ID_connector/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java2
-rw-r--r--id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java2
-rw-r--r--id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java45
-rw-r--r--id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-eIDAS/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-openID/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/pom.xml2
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/pom.xml2
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/pom.xml2
-rw-r--r--id/server/modules/moa-id-modules-saml1/pom.xml2
-rw-r--r--id/server/modules/module-monitoring/pom.xml2
-rw-r--r--id/server/modules/pom.xml2
-rw-r--r--id/server/pom.xml2
29 files changed, 655 insertions, 617 deletions
diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 0f09a0c8a..5a743549b 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -2,7 +2,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index 0a863b171..72d5b51d7 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -2,7 +2,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index ba883d1a1..0a579a53d 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -66,6 +66,9 @@ modules.eidproxyauth.EID.trustprofileID=eid_metadata
#modules.eidproxyauth.EID.entityId=https://eid.egiz.gv.at/idp/shibboleth
#modules.eidproxyauth.EID.metadataUrl=
+
+#modules.eidproxyauth.appreg.id.layout.v2=true
+
######################## Protokolle am IDP ############################################
##Protocol configuration##
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index eed5f5669..28d0b3f68 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<groupId>MOA.id.server</groupId>
@@ -16,14 +16,6 @@
<repositoryPath>${basedir}/../../../repository</repositoryPath>
</properties>
- <repositories>
- <repository>
- <id>shibboleth.internet2.edu</id>
- <name>Internet2</name>
- <url>https://apps.egiz.gv.at/shibboleth_nexus/</url>
- </repository>
- </repositories>
-
<dependencies>
<!-- TestNG -->
<dependency>
@@ -503,7 +495,7 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-pool2</artifactId>
- <version>2.8.1</version>
+ <version>2.9.0</version>
</dependency>
<dependency>
<groupId>redis.clients</groupId>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index b9c15e75e..d20ba5582 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -2,19 +2,19 @@
* Copyright 2014 Federal Chancellery Austria
* MOA-ID has been developed in a cooperation between BRZ, the Federal
* Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
+ *
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
* the European Commission - subsequent versions of the EUPL (the "Licence");
* You may not use this work except in compliance with the Licence.
* You may obtain a copy of the Licence at:
* http://www.osor.eu/eupl/
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the Licence is distributed on an "AS IS" basis,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
- *
+ *
* This product combines work with different licenses. See the "NOTICE" text
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
@@ -43,7 +43,6 @@
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
-
package at.gv.egovernment.moa.id.auth.validator;
import java.security.InvalidKeyException;
@@ -58,6 +57,7 @@ import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.exception.ValidateException;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse;
@@ -71,19 +71,19 @@ import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionInitException;
/**
- * This class is used to validate an {@link VerifyXMLSignatureResponse}
- * returned by MOA-SPSS
- *
+ * This class is used to validate an {@link VerifyXMLSignatureResponse} returned
+ * by MOA-SPSS
+ *
* @author Stefan Knirsch
* @version $Id$
*/
public class VerifyXMLSignatureResponseValidator {
-
+
/** Identification string for checking identity link */
public static final String CHECK_IDENTITY_LINK = "IdentityLink";
/** Identification string for checking authentication block */
public static final String CHECK_AUTH_BLOCK = "AuthBlock";
-
+
/** Singleton instance. <code>null</code>, if none has been created. */
private static VerifyXMLSignatureResponseValidator instance;
@@ -91,7 +91,7 @@ public class VerifyXMLSignatureResponseValidator {
* Constructor for a singleton VerifyXMLSignatureResponseValidator.
*/
public static synchronized VerifyXMLSignatureResponseValidator getInstance()
- throws ValidateException {
+ throws ValidateException {
if (instance == null) {
instance = new VerifyXMLSignatureResponseValidator();
}
@@ -99,121 +99,139 @@ public class VerifyXMLSignatureResponseValidator {
}
/**
- * Validates a {@link VerifyXMLSignatureResponse} returned by MOA-SPSS.
- *
- * @param verifyXMLSignatureResponse the <code>&lt;VerifyXMLSignatureResponse&gt;</code>
+ * Validates a {@link VerifyXMLSignatureResponse} returned by MOA-SPSS.
+ *
+ * @param verifyXMLSignatureResponse the
+ * <code>&lt;VerifyXMLSignatureResponse&gt;</code>
* @param identityLinkSignersSubjectDNNames subject names configured
- * @param whatToCheck is used to identify whether the identityLink or the Auth-Block is validated
- * @param oaParam specifies whether the validation result of the
- * manifest has to be ignored (identityLink validation if
- * the OA is a business service) or not
- * @throws ValidateException on any validation error
- * @throws ConfigurationException
+ * @param whatToCheck is used to identify whether the
+ * identityLink or the Auth-Block is
+ * validated
+ * @param oaParam specifies whether the validation
+ * result of the manifest has to be
+ * ignored (identityLink validation if
+ * the OA is a business service) or not
+ * @throws ValidateException on any validation error
+ * @throws ConfigurationException
*/
public void validate(IVerifiyXMLSignatureResponse verifyXMLSignatureResponse,
- List<String> identityLinkSignersSubjectDNNames,
- String whatToCheck,
- IOAAuthParameters oaParam,
- AuthConfiguration authConfig)
- throws ValidateException, ConfigurationException {
-
- if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0)
- throw new ValidateException("validator.06", new Object[] {whatToCheck});
-
+ List<String> identityLinkSignersSubjectDNNames,
+ String whatToCheck,
+ IOAAuthParameters oaParam,
+ AuthConfiguration authConfig)
+ throws ValidateException, ConfigurationException {
+
+ if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0) {
+ throw new ValidateException("validator.06", new Object[] { whatToCheck });
+ }
+
if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) {
- String checkFailedReason ="";
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 1)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.21", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 2)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.22", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 3)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.23", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 4)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.24", null);
- if (verifyXMLSignatureResponse.getCertificateCheckCode() == 5)
- checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.25", null);
+ String checkFailedReason = "";
+ if (verifyXMLSignatureResponse.getCertificateCheckCode() == 1) {
+ checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.21", null);
+ }
+ if (verifyXMLSignatureResponse.getCertificateCheckCode() == 2) {
+ checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.22", null);
+ }
+ if (verifyXMLSignatureResponse.getCertificateCheckCode() == 3) {
+ checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.23", null);
+ }
+ if (verifyXMLSignatureResponse.getCertificateCheckCode() == 4) {
+ checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.24", null);
+ }
+ if (verifyXMLSignatureResponse.getCertificateCheckCode() == 5) {
+ checkFailedReason = MOAIDMessageProvider.getInstance().getMessage("validator.25", null);
+ }
// TEST CARDS
- if (whatToCheck.equals(CHECK_IDENTITY_LINK))
- throw new ValidateException("validator.07", new Object[] { checkFailedReason } );
- else
- throw new ValidateException("validator.19", new Object[] { checkFailedReason } );
+ if (whatToCheck.equals(CHECK_IDENTITY_LINK)) {
+ throw new ValidateException("validator.07", new Object[] { checkFailedReason });
+ } else {
+ throw new ValidateException("validator.19", new Object[] { checkFailedReason });
+ }
}
-
- //check QC
+
+ // check QC
if (authConfig.isCertifiacteQCActive() &&
- !whatToCheck.equals(CHECK_IDENTITY_LINK) &&
- !verifyXMLSignatureResponse.isQualifiedCertificate()) {
-
- //check if testcards are active and certificate has an extension for test credentials
- if (oaParam.isTestCredentialEnabled()) {
- boolean foundTestCredentialOID = false;
- try {
- X509Certificate signerCert = verifyXMLSignatureResponse.getX509certificate();
-
- List<String> validOIDs = new ArrayList<String>();
- if (oaParam.getTestCredentialOIDs() != null)
- validOIDs.addAll(oaParam.getTestCredentialOIDs());
- else
- validOIDs.add(MOAIDAuthConstants.TESTCREDENTIALROOTOID);
-
- Set<String> extentsions = signerCert.getCriticalExtensionOIDs();
- extentsions.addAll(signerCert.getNonCriticalExtensionOIDs());
- Iterator<String> extit = extentsions.iterator();
- while(extit.hasNext()) {
- String certOID = extit.next();
- for (String el : validOIDs) {
- if (certOID.startsWith(el))
- foundTestCredentialOID = true;
- }
- }
-
- } catch (Exception e) {
- Logger.warn("Test credential OID extraction FAILED.", e);
-
- }
- //throw Exception if not TestCredentialOID is found
- if (!foundTestCredentialOID)
- throw new ValidateException("validator.72", null);
-
- } else
- throw new ValidateException("validator.71", null);
+ !whatToCheck.equals(CHECK_IDENTITY_LINK) &&
+ !verifyXMLSignatureResponse.isQualifiedCertificate()) {
+
+ // check if testcards are active and certificate has an extension for test
+ // credentials
+ if (oaParam.isTestCredentialEnabled()) {
+ boolean foundTestCredentialOID = false;
+ try {
+ final X509Certificate signerCert = verifyXMLSignatureResponse.getX509certificate();
+
+ final List<String> validOIDs = new ArrayList<>();
+ if (oaParam.getTestCredentialOIDs() != null) {
+ validOIDs.addAll(oaParam.getTestCredentialOIDs());
+ } else {
+ validOIDs.add(MOAIDConstants.TESTCREDENTIALROOTOID);
+ }
+
+ final Set<String> extentsions = signerCert.getCriticalExtensionOIDs();
+ extentsions.addAll(signerCert.getNonCriticalExtensionOIDs());
+ final Iterator<String> extit = extentsions.iterator();
+ while (extit.hasNext()) {
+ final String certOID = extit.next();
+ for (final String el : validOIDs) {
+ if (certOID.startsWith(el)) {
+ foundTestCredentialOID = true;
+ }
+ }
+ }
+
+ } catch (final Exception e) {
+ Logger.warn("Test credential OID extraction FAILED.", e);
+
+ }
+ // throw Exception if not TestCredentialOID is found
+ if (!foundTestCredentialOID) {
+ throw new ValidateException("validator.72", null);
+ }
+
+ } else {
+ throw new ValidateException("validator.71", null);
+ }
}
-
+
// if OA is type is business service the manifest validation result has
// to be ignored
boolean ignoreManifestValidationResult = false;
- if (whatToCheck.equals(CHECK_IDENTITY_LINK))
- ignoreManifestValidationResult = (oaParam.hasBaseIdInternalProcessingRestriction()) ? true
- : false;
-
+ if (whatToCheck.equals(CHECK_IDENTITY_LINK)) {
+ ignoreManifestValidationResult = oaParam.hasBaseIdInternalProcessingRestriction() ? true
+ : false;
+ }
+
if (ignoreManifestValidationResult) {
Logger.debug("OA type is business service, thus ignoring DSIG manifest validation result");
} else {
- if (verifyXMLSignatureResponse.isXmlDSIGManigest())
- if (verifyXMLSignatureResponse.getXmlDSIGManifestCheckCode() != 0)
+ if (verifyXMLSignatureResponse.isXmlDSIGManigest()) {
+ if (verifyXMLSignatureResponse.getXmlDSIGManifestCheckCode() != 0) {
throw new ValidateException("validator.08", null);
+ }
+ }
}
-
-
+
// Check the signature manifest only when verifying the signed AUTHBlock
if (whatToCheck.equals(CHECK_AUTH_BLOCK)) {
if (verifyXMLSignatureResponse.getSignatureManifestCheckCode() > 0) {
throw new ValidateException("validator.50", null);
}
}
-
- //Check whether the returned X509 SubjectName is in the MOA-ID configuration or not
+
+ // Check whether the returned X509 SubjectName is in the MOA-ID configuration or
+ // not
if (identityLinkSignersSubjectDNNames != null) {
String subjectDN = "";
- X509Certificate x509Cert = verifyXMLSignatureResponse.getX509certificate();
+ final X509Certificate x509Cert = verifyXMLSignatureResponse.getX509certificate();
try {
subjectDN = ((Name) x509Cert.getSubjectDN()).getRFC2253String();
- }
- catch (RFC2253NameParserException e) {
+ } catch (final RFC2253NameParserException e) {
throw new ValidateException("validator.17", null);
}
- //System.out.println("subjectDN: " + subjectDN);
+ // System.out.println("subjectDN: " + subjectDN);
// check the authorisation to sign the identity link
if (!identityLinkSignersSubjectDNNames.contains(subjectDN)) {
// subject DN check failed, try OID check:
@@ -222,86 +240,86 @@ public class VerifyXMLSignatureResponseValidator {
throw new ValidateException("validator.18", new Object[] { subjectDN });
} else {
Logger.debug("Identity link signer cert accepted for signing identity link: " +
- "subjectDN check failed, but OID check successfully passed.");
+ "subjectDN check failed, but OID check successfully passed.");
}
- } catch (X509ExtensionInitException e) {
+ } catch (final X509ExtensionInitException e) {
throw new ValidateException("validator.49", null);
}
} else {
Logger.debug("Identity link signer cert accepted for signing identity link: " +
- "subjectDN check successfully passed.");
+ "subjectDN check successfully passed.");
}
-
+
}
}
-
+
/**
* Method validateCertificate.
+ *
* @param verifyXMLSignatureResponse The VerifyXMLSignatureResponse
- * @param idl The Identitylink
+ * @param idl The Identitylink
* @throws ValidateException
*/
public void validateCertificate(
- IVerifiyXMLSignatureResponse verifyXMLSignatureResponse,
- IIdentityLink idl)
- throws ValidateException {
+ IVerifiyXMLSignatureResponse verifyXMLSignatureResponse,
+ IIdentityLink idl)
+ throws ValidateException {
- X509Certificate x509Response = verifyXMLSignatureResponse.getX509certificate();
- PublicKey[] pubKeysIdentityLink = (PublicKey[]) idl.getPublicKey();
+ final X509Certificate x509Response = verifyXMLSignatureResponse.getX509certificate();
+ final PublicKey[] pubKeysIdentityLink = idl.getPublicKey();
- PublicKey pubKeySignature = x509Response.getPublicKey();
+ final PublicKey pubKeySignature = x509Response.getPublicKey();
checkIDLAgainstSignatureCertificate(pubKeysIdentityLink, pubKeySignature);
-
+
}
-
-
- public void checkIDLAgainstSignatureCertificate( PublicKey[] pubKeysIdentityLink, PublicKey pubKeySignature) throws ValidateException {
+
+ public void checkIDLAgainstSignatureCertificate(PublicKey[] pubKeysIdentityLink, PublicKey pubKeySignature)
+ throws ValidateException {
boolean found = false;
- for (int i = 0; i < pubKeysIdentityLink.length; i++) {
- PublicKey idlPubKey = pubKeysIdentityLink[i];
- //compare RSAPublicKeys
- if ((idlPubKey instanceof java.security.interfaces.RSAPublicKey) &&
- (pubKeySignature instanceof java.security.interfaces.RSAPublicKey)) {
-
- RSAPublicKey rsaPubKeySignature = (RSAPublicKey) pubKeySignature;
- RSAPublicKey rsakey = (RSAPublicKey) pubKeysIdentityLink[i];
-
- if (rsakey.getModulus().equals(rsaPubKeySignature.getModulus())
- && rsakey.getPublicExponent().equals(rsaPubKeySignature.getPublicExponent()))
- found = true;
+ for (final PublicKey idlPubKey : pubKeysIdentityLink) {
+ // compare RSAPublicKeys
+ if (idlPubKey instanceof java.security.interfaces.RSAPublicKey &&
+ pubKeySignature instanceof java.security.interfaces.RSAPublicKey) {
+
+ final RSAPublicKey rsaPubKeySignature = (RSAPublicKey) pubKeySignature;
+ final RSAPublicKey rsakey = (RSAPublicKey) idlPubKey;
+
+ if (rsakey.getModulus().equals(rsaPubKeySignature.getModulus())
+ && rsakey.getPublicExponent().equals(rsaPubKeySignature.getPublicExponent())) {
+ found = true;
+ }
}
-
- //compare ECDSAPublicKeys
- if( ( (idlPubKey instanceof java.security.interfaces.ECPublicKey) ||
- (idlPubKey instanceof ECPublicKey)) &&
- ( (pubKeySignature instanceof java.security.interfaces.ECPublicKey) ||
- (pubKeySignature instanceof ECPublicKey) ) ) {
-
- try {
- ECPublicKey ecdsaPubKeySignature = new ECPublicKey(pubKeySignature.getEncoded());
- ECPublicKey ecdsakey = new ECPublicKey(pubKeysIdentityLink[i].getEncoded());
-
- if(ecdsakey.equals(ecdsaPubKeySignature))
- found = true;
-
- } catch (InvalidKeyException e) {
- Logger.warn("ECPublicKey can not parsed into a iaik.ECPublicKey", e);
- throw new ValidateException("validator.09", null);
- }
-
-
+
+ // compare ECDSAPublicKeys
+ if ((idlPubKey instanceof java.security.interfaces.ECPublicKey ||
+ idlPubKey instanceof ECPublicKey) &&
+ (pubKeySignature instanceof java.security.interfaces.ECPublicKey ||
+ pubKeySignature instanceof ECPublicKey)) {
+
+ try {
+ final ECPublicKey ecdsaPubKeySignature = new ECPublicKey(pubKeySignature.getEncoded());
+ final ECPublicKey ecdsakey = new ECPublicKey(idlPubKey.getEncoded());
+
+ if (ecdsakey.equals(ecdsaPubKeySignature)) {
+ found = true;
+ }
+
+ } catch (final InvalidKeyException e) {
+ Logger.warn("ECPublicKey can not parsed into a iaik.ECPublicKey", e);
+ throw new ValidateException("validator.09", null);
+ }
}
-
+
// Logger.debug("IDL-Pubkey=" + idl.getPublicKey()[i].getClass().getName()
// + " Resp-Pubkey=" + pubKeySignature.getClass().getName());
-
+
}
if (!found) {
-
+
throw new ValidateException("validator.09", null);
-
+
}
}
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java
index e79fa6aa4..721144106 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java
@@ -67,7 +67,7 @@ public class MOASPSSTestCase extends UnitTestCase {
protected void setupSSL() {
System.setProperty("javax.net.debug", "all");
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
+ //Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty(
"java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java
index d7cc2bd3a..74efff39f 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/util/ParamValidatorUtilsTest.java
@@ -28,6 +28,7 @@ import javax.servlet.http.Part;
import org.junit.Assert;
import org.junit.BeforeClass;
+import org.junit.Ignore;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.BlockJUnit4ClassRunner;
@@ -231,6 +232,7 @@ public class ParamValidatorUtilsTest {
}
+ @Ignore
@Test
public void templateLazyWhitelistNine() {
@@ -247,6 +249,7 @@ public class ParamValidatorUtilsTest {
}
+ @Ignore
@Test
public void templateLazyWhitelistTen() {
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 980390298..545a9d953 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -1,274 +1,276 @@
-<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>MOA.id</groupId>
- <artifactId>moa-id</artifactId>
- <version>4.1.4</version>
- </parent>
- <artifactId>moa-id-commons</artifactId>
- <name>moa-id-commons</name>
- <groupId>MOA.id.server</groupId>
-
- <profiles>
- <profile>
- <id>default</id>
- <activation>
- <activeByDefault>true</activeByDefault>
- </activation>
- <repositories>
- <repository>
- <id>moaid_local</id>
- <name>local</name>
- <url>file:${basedir}/../../../repository</url>
- </repository>
- <repository>
- <id>shibboleth.internet2.edu</id>
- <name>Internet2</name>
- <url>https://apps.egiz.gv.at/shibboleth_nexus/</url>
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns="http://maven.apache.org/POM/4.0.0"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>MOA.id</groupId>
+ <artifactId>moa-id</artifactId>
+ <version>4.1.5</version>
+ </parent>
+ <artifactId>moa-id-commons</artifactId>
+ <name>moa-id-commons</name>
+ <groupId>MOA.id.server</groupId>
+
+ <profiles>
+ <profile>
+ <id>default</id>
+ <activation>
+ <activeByDefault>true</activeByDefault>
+ </activation>
+ <repositories>
+ <repository>
+ <id>moaid_local</id>
+ <name>local</name>
+ <url>file:${basedir}/../../../repository</url>
+ </repository>
+ <repository>
+ <id>jboss</id>
+ <url>https://repository.jboss.org/nexus/content/repositories/central/</url>
+ <releases>
+ <enabled>true</enabled>
+ </releases>
+ </repository>
+ <repository>
+ <id>egiz-commons</id>
+ <url>https://apps.egiz.gv.at/maven/</url>
+ <releases>
+ <enabled>true</enabled>
+ </releases>
+ <snapshots>
+ <enabled>false</enabled>
+ </snapshots>
+ </repository>
+ <repository>
+ <id>egiz-commons-snapshot</id>
+ <url>https://apps.egiz.gv.at/maven-snapshot/</url>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
</repository>
- <repository>
- <id>jboss</id>
- <url>https://repository.jboss.org/nexus/content/repositories/central/</url>
- <releases>
- <enabled>true</enabled>
- </releases>
- </repository>
- <repository>
- <id>egiz-commons</id>
- <url>https://apps.egiz.gv.at/maven/</url>
- <releases>
- <enabled>true</enabled>
- </releases>
- <snapshots>
- <enabled>false</enabled>
- </snapshots>
- </repository>
- <repository>
- <id>egiz-commons-snapshot</id>
- <url>https://apps.egiz.gv.at/maven-snapshot/</url>
- <releases>
- <enabled>false</enabled>
- </releases>
- <snapshots>
- <enabled>true</enabled>
- </snapshots>
- </repository>
- </repositories>
- </profile>
- </profiles>
-
-
- <dependencies>
- <dependency>
- <groupId>at.gv.egiz.eaaf</groupId>
- <artifactId>eaaf_core_api</artifactId>
- </dependency>
- <dependency>
- <groupId>at.gv.egiz.eaaf</groupId>
- <artifactId>eaaf-core</artifactId>
- </dependency>
- <dependency>
- <groupId>MOA.id.server</groupId>
- <artifactId>moa-id-jaxb_classes</artifactId>
- </dependency>
- <dependency>
- <groupId>at.gv.util</groupId>
- <artifactId>egovutils</artifactId>
- <exclusions>
- <exclusion>
- <groupId>*</groupId>
- <artifactId>*</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
-
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>opensaml</artifactId>
- <exclusions>
- <exclusion>
- <groupId>*</groupId>
- <artifactId>*</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.opensaml</groupId>
- <artifactId>openws</artifactId>
- <exclusions>
- <exclusion>
- <groupId>*</groupId>
- <artifactId>*</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
-
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpclient</artifactId>
- </dependency>
-
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpcore</artifactId>
- </dependency>
-
-
- <dependency>
- <groupId>org.apache.commons</groupId>
- <artifactId>commons-lang3</artifactId>
- </dependency>
-
- <dependency>
- <groupId>at.gv.egiz.components</groupId>
- <artifactId>egiz-configuration-api</artifactId>
- <version>0.2</version>
- </dependency>
- <dependency>
- <groupId>at.gv.egiz.components</groupId>
- <artifactId>egiz-configuration-file</artifactId>
- <version>0.2</version>
- </dependency>
-
- <dependency>
- <groupId>at.gv.egiz.eaaf</groupId>
- <artifactId>eaaf-core</artifactId>
- </dependency>
-
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_jce_full</artifactId>
- </dependency>
-
- <dependency>
- <groupId>MOA.id</groupId>
- <artifactId>moa-spss-container</artifactId>
- <version>${moa-id-version}</version>
- </dependency>
-
- <dependency>
- <groupId>iaik.prod</groupId>
- <artifactId>iaik_X509TrustManager</artifactId>
- </dependency>
-
- <dependency>
- <groupId>joda-time</groupId>
- <artifactId>joda-time</artifactId>
- <version>${jodatime.version}</version>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-api</artifactId>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>jcl-over-slf4j</artifactId>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>jul-to-slf4j</artifactId>
- </dependency>
- <dependency>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
- </dependency>
-<!-- <dependency>
- <groupId>log4j</groupId>
- <artifactId>log4j</artifactId>
- </dependency> -->
-<!-- <dependency>
- <groupId>org.apache.logging.log4j</groupId>
- <artifactId>log4j-core</artifactId>
- </dependency> -->
-
-
- <dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-core</artifactId>
- <version>${hibernate.version}</version>
- </dependency>
- <!-- dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-c3p0</artifactId>
- <version>${hibernate.version}</version>
- </dependency-->
-<!-- <dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-entitymanager</artifactId>
- <version>${hibernate.version}</version>
- </dependency> -->
-
- <dependency>
- <groupId>jaxen</groupId>
- <artifactId>jaxen</artifactId>
- </dependency>
- <dependency>
- <groupId>saxpath</groupId>
- <artifactId>saxpath</artifactId>
- </dependency>
- <dependency>
- <groupId>xalan-bin-dist</groupId>
- <artifactId>xalan</artifactId>
- <scope>compile</scope>
- <optional>true</optional>
- </dependency>
- <dependency>
- <groupId>xerces</groupId>
- <artifactId>xercesImpl</artifactId>
- <optional>true</optional>
- </dependency>
- <dependency>
- <groupId>xalan-bin-dist</groupId>
- <artifactId>xml-apis</artifactId>
- <scope>compile</scope>
- <optional>true</optional>
- </dependency>
- <dependency>
- <groupId>xalan-bin-dist</groupId>
- <artifactId>serializer</artifactId>
- <scope>runtime</scope>
- <optional>true</optional>
- </dependency>
-
- <dependency>
- <groupId>org.apache.commons</groupId>
- <artifactId>commons-lang3</artifactId>
- </dependency>
- <dependency>
- <groupId>commons-httpclient</groupId>
- <artifactId>commons-httpclient</artifactId>
- </dependency>
-
- <dependency>
- <groupId>com.sun.xml.bind</groupId>
- <artifactId>jaxb-xjc</artifactId>
- <version>2.3.2</version>
- </dependency>
-
- <dependency>
- <groupId>org.jvnet.jaxb2_commons</groupId>
- <artifactId>jaxb2-commons-lang</artifactId>
- <version>2.4</version>
- </dependency>
-
- <dependency>
- <groupId>org.jvnet.jaxb2_commons</groupId>
- <artifactId>jaxb2-basics-runtime</artifactId>
- <version>1.11.1</version>
- </dependency>
-
- <dependency>
- <groupId>mysql</groupId>
- <artifactId>mysql-connector-java</artifactId>
- <version>${mysql-connector.java}</version>
- </dependency>
-
+ <repository>
+ <id>MOA_web</id>
+ <name>MOA Dependencies weblocation</name>
+ <releases>
+ <enabled>true</enabled>
+ <checksumPolicy>ignore</checksumPolicy>
+ </releases>
+ <layout>default</layout>
+ <url>https://git.egiz.gv.at/EAAF-Components/plain/eaaf_modules/eaaf_module_moa-sig/repository</url>
+ </repository>
+ <repository>
+ <id>shibboleth.internet2.edu</id>
+ <name>Internet2</name>
+ <url>https://build.shibboleth.net/nexus/content/groups/public/</url>
+ </repository>
+ </repositories>
+ </profile>
+ </profiles>
+
+
+ <dependencies>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf_core_api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>MOA.id.server</groupId>
+ <artifactId>moa-id-jaxb_classes</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.util</groupId>
+ <artifactId>egovutils</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>*</groupId>
+ <artifactId>*</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <dependency>
+ <groupId>org.opensaml</groupId>
+ <artifactId>opensaml</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>*</groupId>
+ <artifactId>*</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.opensaml</groupId>
+ <artifactId>openws</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>*</groupId>
+ <artifactId>*</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpcore</artifactId>
+ </dependency>
+
+
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-lang3</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>at.gv.egiz.components</groupId>
+ <artifactId>egiz-configuration-api</artifactId>
+ <version>0.2</version>
+ </dependency>
+ <dependency>
+ <groupId>at.gv.egiz.components</groupId>
+ <artifactId>egiz-configuration-file</artifactId>
+ <version>0.2</version>
+ </dependency>
+
+ <dependency>
+ <groupId>at.gv.egiz.eaaf</groupId>
+ <artifactId>eaaf-core</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_jce_full</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>MOA.id</groupId>
+ <artifactId>moa-spss-container</artifactId>
+ <version>${moa-id-version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>iaik.prod</groupId>
+ <artifactId>iaik_X509TrustManager</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>joda-time</groupId>
+ <artifactId>joda-time</artifactId>
+ <version>${jodatime.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jcl-over-slf4j</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jul-to-slf4j</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
+ </dependency>
+ <!-- <dependency> <groupId>log4j</groupId> <artifactId>log4j</artifactId>
+ </dependency> -->
+ <!-- <dependency> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-core</artifactId>
+ </dependency> -->
+
+
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-core</artifactId>
+ <version>${hibernate.version}</version>
+ </dependency>
+ <!-- dependency> <groupId>org.hibernate</groupId> <artifactId>hibernate-c3p0</artifactId>
+ <version>${hibernate.version}</version> </dependency -->
+ <!-- <dependency> <groupId>org.hibernate</groupId> <artifactId>hibernate-entitymanager</artifactId>
+ <version>${hibernate.version}</version> </dependency> -->
+
+ <dependency>
+ <groupId>jaxen</groupId>
+ <artifactId>jaxen</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>saxpath</groupId>
+ <artifactId>saxpath</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>xalan-bin-dist</groupId>
+ <artifactId>xalan</artifactId>
+ <scope>compile</scope>
+ <optional>true</optional>
+ </dependency>
+ <dependency>
+ <groupId>xerces</groupId>
+ <artifactId>xercesImpl</artifactId>
+ <optional>true</optional>
+ </dependency>
+ <dependency>
+ <groupId>xalan-bin-dist</groupId>
+ <artifactId>xml-apis</artifactId>
+ <scope>compile</scope>
+ <optional>true</optional>
+ </dependency>
+ <dependency>
+ <groupId>xalan-bin-dist</groupId>
+ <artifactId>serializer</artifactId>
+ <scope>runtime</scope>
+ <optional>true</optional>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-lang3</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>commons-httpclient</groupId>
+ <artifactId>commons-httpclient</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>com.sun.xml.bind</groupId>
+ <artifactId>jaxb-xjc</artifactId>
+ <version>2.3.2</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jvnet.jaxb2_commons</groupId>
+ <artifactId>jaxb2-commons-lang</artifactId>
+ <version>2.4</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jvnet.jaxb2_commons</groupId>
+ <artifactId>jaxb2-basics-runtime</artifactId>
+ <version>1.11.1</version>
+ </dependency>
+
+ <dependency>
+ <groupId>mysql</groupId>
+ <artifactId>mysql-connector-java</artifactId>
+ <version>${mysql-connector.java}</version>
+ </dependency>
+
<dependency>
<groupId>commons-cli</groupId>
<artifactId>commons-cli</artifactId>
</dependency>
-
+
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
@@ -283,201 +285,180 @@
<version>${org.springframework.version}</version>
</dependency>
<dependency>
- <groupId>org.springframework.data</groupId>
- <artifactId>spring-data-jpa</artifactId>
- <version>${org.springframework.data.spring-data-jpa}</version>
+ <groupId>org.springframework.data</groupId>
+ <artifactId>spring-data-jpa</artifactId>
+ <version>${org.springframework.data.spring-data-jpa}</version>
</dependency>
-
-
- <dependency>
+
+
+ <dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
<dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-annotations</artifactId>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-annotations</artifactId>
</dependency>
-
+
<dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
</dependency>
- <!-- for testing only ? -->
+ <!-- for testing only ? -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
- <groupId>cglib</groupId>
- <artifactId>cglib</artifactId>
- <version>2.2.2</version>
- <scope>test</scope>
+ <groupId>cglib</groupId>
+ <artifactId>cglib</artifactId>
+ <version>2.2.2</version>
+ <scope>test</scope>
</dependency>
-
+
<dependency>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<version>1.4.191</version>
<scope>test</scope>
</dependency>
-
+
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-dbcp2</artifactId>
- </dependency>
+ </dependency>
<dependency>
<groupId>org.apache.commons</groupId>
- <artifactId>commons-collections4</artifactId>
- </dependency>
-
-
- </dependencies>
-
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <version>3.6.1</version>
- <configuration>
- <source>1.7</source>
- <target>1.7</target>
- <encoding>UTF-8</encoding>
- </configuration>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jar-plugin</artifactId>
- <version>3.0.2</version>
- <configuration>
- <archive>
- <addMavenDescriptor>false</addMavenDescriptor>
- </archive>
- </configuration>
- <executions>
- <execution>
- <goals>
- <goal>test-jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
-
-<!-- CLI for 2.x to 3.x migragtion -->
-<!-- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jar-plugin</artifactId>
- <version>2.4</version>
- <configuration>
- <archive>
- <manifest>
- <addClasspath>true</addClasspath>
- <mainClass>at.gv.egovernment.moa.id.commons.config.MigrateConfiguration</mainClass>
- <classpathPrefix>dependency-jars/</classpathPrefix>
- </manifest>
- </archive>
- </configuration>
- </plugin> -->
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-dependency-plugin</artifactId>
- <version>2.5.1</version>
- <executions>
- <execution>
- <id>copy-dependencies</id>
- <phase>package</phase>
- <goals>
- <goal>copy-dependencies</goal>
- </goals>
- <configuration>
- <outputDirectory>
- ${project.build.directory}/dependency-jars/
- </outputDirectory>
- </configuration>
- </execution>
- </executions>
- </plugin>
-
-<!-- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jar-plugin</artifactId>
- <configuration>
- <archive>
- <addMavenDescriptor>false</addMavenDescriptor>
- </archive>
- </configuration>
- <executions>
- <execution>
- <goals>
- <goal>test-jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin> -->
- <plugin>
- <artifactId>maven-enforcer-plugin</artifactId>
- <version>1.1.1</version>
- <executions>
- <execution>
- <id>enforce-banned-dependencies</id>
- <goals>
- <goal>enforce</goal>
- </goals>
- <configuration>
- <rules>
- <bannedDependencies>
- <searchTransitive>true</searchTransitive>
- <excludes>
- <!-- <exclude>commons-logging</exclude> -->
- <exclude>org.slf4j:1.5*</exclude>
- <exclude>org.slf4j:1.6*</exclude>
- <!-- <exclude>org.springframework:2.*</exclude>
- <exclude>org.springframework:3.0.*</exclude> -->
- </excludes>
- </bannedDependencies>
- </rules>
- <fail>true</fail>
- </configuration>
- </execution>
- </executions>
- </plugin>
-
- <!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
- <plugin>
- <groupId>org.eclipse.m2e</groupId>
- <artifactId>lifecycle-mapping</artifactId>
- <version>1.0.0</version>
- <configuration>
- <lifecycleMappingMetadata>
- <pluginExecutions>
- <pluginExecution>
- <pluginExecutionFilter>
- <groupId>
- org.jvnet.hyperjaxb3
- </groupId>
- <artifactId>
- maven-hyperjaxb3-plugin
- </artifactId>
- <versionRange>
- [0.5.6,)
- </versionRange>
- <goals>
- <goal>generate</goal>
- </goals>
- </pluginExecutionFilter>
- <action>
- <ignore></ignore>
- </action>
- </pluginExecution>
- </pluginExecutions>
- </lifecycleMappingMetadata>
- </configuration>
- </plugin>
- </plugins>
- </build>
+ <artifactId>commons-collections4</artifactId>
+ </dependency>
+
+
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>3.6.1</version>
+ <configuration>
+ <source>1.7</source>
+ <target>1.7</target>
+ <encoding>UTF-8</encoding>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-jar-plugin</artifactId>
+ <version>3.0.2</version>
+ <configuration>
+ <archive>
+ <addMavenDescriptor>false</addMavenDescriptor>
+ </archive>
+ </configuration>
+ <executions>
+ <execution>
+ <goals>
+ <goal>test-jar</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+
+ <!-- CLI for 2.x to 3.x migragtion -->
+ <!-- <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jar-plugin</artifactId>
+ <version>2.4</version> <configuration> <archive> <manifest> <addClasspath>true</addClasspath>
+ <mainClass>at.gv.egovernment.moa.id.commons.config.MigrateConfiguration</mainClass>
+ <classpathPrefix>dependency-jars/</classpathPrefix> </manifest> </archive>
+ </configuration> </plugin> -->
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-dependency-plugin</artifactId>
+ <version>2.5.1</version>
+ <executions>
+ <execution>
+ <id>copy-dependencies</id>
+ <phase>package</phase>
+ <goals>
+ <goal>copy-dependencies</goal>
+ </goals>
+ <configuration>
+ <outputDirectory>
+ ${project.build.directory}/dependency-jars/
+ </outputDirectory>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+
+ <!-- <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jar-plugin</artifactId>
+ <configuration> <archive> <addMavenDescriptor>false</addMavenDescriptor>
+ </archive> </configuration> <executions> <execution> <goals> <goal>test-jar</goal>
+ </goals> </execution> </executions> </plugin> -->
+ <plugin>
+ <artifactId>maven-enforcer-plugin</artifactId>
+ <version>1.1.1</version>
+ <executions>
+ <execution>
+ <id>enforce-banned-dependencies</id>
+ <goals>
+ <goal>enforce</goal>
+ </goals>
+ <configuration>
+ <rules>
+ <bannedDependencies>
+ <searchTransitive>true</searchTransitive>
+ <excludes>
+ <!-- <exclude>commons-logging</exclude> -->
+ <exclude>org.slf4j:1.5*</exclude>
+ <exclude>org.slf4j:1.6*</exclude>
+ <!-- <exclude>org.springframework:2.*</exclude> <exclude>org.springframework:3.0.*</exclude> -->
+ </excludes>
+ </bannedDependencies>
+ </rules>
+ <fail>true</fail>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+
+ <!--This plugin's configuration is used to store Eclipse m2e settings
+ only. It has no influence on the Maven build itself. -->
+ <plugin>
+ <groupId>org.eclipse.m2e</groupId>
+ <artifactId>lifecycle-mapping</artifactId>
+ <version>1.0.0</version>
+ <configuration>
+ <lifecycleMappingMetadata>
+ <pluginExecutions>
+ <pluginExecution>
+ <pluginExecutionFilter>
+ <groupId>
+ org.jvnet.hyperjaxb3
+ </groupId>
+ <artifactId>
+ maven-hyperjaxb3-plugin
+ </artifactId>
+ <versionRange>
+ [0.5.6,)
+ </versionRange>
+ <goals>
+ <goal>generate</goal>
+ </goals>
+ </pluginExecutionFilter>
+ <action>
+ <ignore />
+ </action>
+ </pluginExecution>
+ </pluginExecutions>
+ </lifecycleMappingMetadata>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
</project>
diff --git a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java
index 6d341b88b..1c7b1d202 100644
--- a/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java
+++ b/id/server/moa-id-commons/src/test/java/test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java
@@ -50,7 +50,7 @@ public class KeyStoreUtilsTest extends TestCase {
}
protected void setUp() throws Exception {
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
+ //Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
new File(tmpDir).mkdirs();
}
protected void tearDown() throws Exception {
diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml
index b09e9df55..85857cd59 100644
--- a/id/server/moa-id-frontend-resources/pom.xml
+++ b/id/server/moa-id-frontend-resources/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml
index 25a0e7967..427bab738 100644
--- a/id/server/moa-id-jaxb_classes/pom.xml
+++ b/id/server/moa-id-jaxb_classes/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<groupId>MOA.id.server</groupId>
<artifactId>moa-id-jaxb_classes</artifactId>
diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml
index 70836aae0..e4441dc95 100644
--- a/id/server/moa-id-spring-initializer/pom.xml
+++ b/id/server/moa-id-spring-initializer/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<groupId>MOA.id.server</groupId>
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
index 0d4ac89a7..b1dd44779 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-modul-citizencard_authentication</artifactId>
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index a1036fcd3..b826597e9 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
<name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index fe47e5704..9764a8ee6 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-module-EID_connector</artifactId>
<name>moa-id-module-E-ID_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java
index 091feb7fc..1478a6f45 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EidAppRegIdentifierGenerationController.java
@@ -87,7 +87,7 @@ public class EidAppRegIdentifierGenerationController extends AbstractController
}
- String appRegId = Utils.getEidSystemApplicationId(oaParam, authUrl);
+ String appRegId = Utils.getEidSystemApplicationId(oaParam, authUrl, authConfig);
config.putCustomParameterWithOutEscaption(null, "appregId", appRegId);
guiBuilder.build(req, resp, config, "AppReg Id generation GUI");
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java
index 177103051..124377845 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/tasks/CreateAuthnRequestTask.java
@@ -113,7 +113,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
authnReqConfig.setSignCred(credential.getIDPAssertionSigningCredential());
authnReqConfig.setSPEntityID(pendingReq.getAuthURL() + EIDProxyAuthConstants.ENDPOINT_METADATA);
authnReqConfig.setScopeRequesterId(
- Utils.getEidSystemApplicationId(pendingReq.getServiceProviderConfiguration(), pendingReq.getAuthURL()));
+ Utils.getEidSystemApplicationId(pendingReq.getServiceProviderConfiguration(), pendingReq.getAuthURL(), authConfig));
//build and transmit AuthnRequest
authnReqBuilder.buildAuthnRequest(pendingReq, authnReqConfig , response);
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java
index 0de1a9df2..f58ca4743 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/Utils.java
@@ -9,14 +9,24 @@ import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.auth.modules.eidproxyauth.EIDProxyAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
public class Utils {
+ public static final String CONFIG_PROP_EID_APPREG_ID_LAYOUT_V2 =
+ "modules.eidproxyauth.appreg.id.layout.v2";
+
public static final String PARAM_APPREG_SP_ID = "?sp=";
- public static String getEidSystemApplicationId(ISPConfiguration spConfiguration, String authUrl) {
+ public static final String PARAM_PROTOCOL_SAML1 = "/saml1";
+ public static final String PARAM_PROTOCOL_SAML2 = "/saml2";
+ public static final String PARAM_PROTOCOL_OIDC = "/oidc";
+
+ public static String getEidSystemApplicationId(ISPConfiguration spConfiguration, String authUrl,
+ IConfiguration authConfig) {
StringBuilder builder = new StringBuilder();
if (authUrl.endsWith("/")) {
builder.append(authUrl.substring(0, authUrl.length() - 1));
@@ -25,13 +35,43 @@ public class Utils {
builder.append(authUrl);
}
+
+ if (authConfig.getBasicConfigurationBoolean(Utils.CONFIG_PROP_EID_APPREG_ID_LAYOUT_V2, true)) {
+ builder.append(selectProtocolFromSpConfig(spConfiguration));
+
+ }
builder.append(PARAM_APPREG_SP_ID);
builder.append(spConfiguration.getUniqueIdentifier());
return builder.toString();
}
- public static String getEIDSystemEntityId(ISPConfiguration spConfiguration, IConfiguration authConfig) {
+ private static String selectProtocolFromSpConfig(ISPConfiguration spConfiguration) {
+ if (spConfiguration instanceof IOAAuthParameters) {
+ IOAAuthParameters spConf = (IOAAuthParameters) spConfiguration;
+ if (MiscUtil.isNotEmpty(
+ spConf.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL))) {
+ Logger.debug("SP: " + spConf.getUniqueIdentifier() + " marked as: " + PARAM_PROTOCOL_SAML2);
+ return PARAM_PROTOCOL_SAML2;
+
+ } else if (MiscUtil.isNotEmpty(
+ spConf.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) {
+ Logger.debug("SP: " + spConf.getUniqueIdentifier() + " marked as: " + PARAM_PROTOCOL_OIDC);
+ return PARAM_PROTOCOL_OIDC;
+
+ }
+
+ } else {
+ Logger.warn("Can NOT estimate type of SPConfiguration. Use SAML1 as default");
+
+ }
+
+ Logger.debug("SP: " + spConfiguration.getUniqueIdentifier() + " marked as: " + PARAM_PROTOCOL_SAML1);
+ return PARAM_PROTOCOL_SAML1;
+
+ }
+
+ public static String getEIDSystemEntityId(ISPConfiguration spConfiguration, IConfiguration authConfig) {
//load from service-provider configuration
String msNodeEntityID = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_EID_SYSTEM_SERVICE_URL);
@@ -59,4 +99,5 @@ public class Utils {
return msNodeEntityID;
}
+
}
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index 78d496fc8..e3cc3cb52 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
<description>BKA MobileAuth Test for SAML2 applications</description>
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index 598a3388b..45fd97508 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-module-eIDAS</artifactId>
<name>MOA-ID eIDAS Module</name>
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index b8a1531c8..46b645403 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-module-elga_mandate_service</artifactId>
<version>${moa-id-module-elga_mandate_client}</version>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index 0816f4e22..131ae455b 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-module-openID</artifactId>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 7b901603c..0dccba648 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-module-sl20_authentication</artifactId>
<name>moa-id-module-sl20_authentication</name>
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index e26bf0597..d0869994b 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-module-ssoTransfer</artifactId>
<name>MOA-ID_SSO_Transfer_modul</name>
diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
index e6ceccf3f..1148ab31c 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml
+++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-modules-federated_authentication</artifactId>
<description>PVP2 ServiceProvider implementation for federated authentication</description>
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index 2f9f51445..d2cd5686e 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -3,7 +3,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-module-saml1</artifactId>
diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml
index 927065f62..5b19d44c0 100644
--- a/id/server/modules/module-monitoring/pom.xml
+++ b/id/server/modules/module-monitoring/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id.server.modules</groupId>
<artifactId>moa-id-modules</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<artifactId>moa-id-module-monitoring</artifactId>
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index ae6c28f2c..d2bce7b0d 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -5,7 +5,7 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<groupId>MOA.id.server.modules</groupId>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index 61c8d9317..e9fb44b80 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>MOA</groupId>
<artifactId>id</artifactId>
- <version>4.1.4</version>
+ <version>4.1.5</version>
</parent>
<modelVersion>4.0.0</modelVersion>