diff options
Diffstat (limited to 'id/server')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java | 757 | 
1 files changed, 671 insertions, 86 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java index 4f2284d3d..77a9f032c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java @@ -1,216 +1,801 @@  package at.gv.egovernment.moa.id.config.auth; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.math.BigInteger; +import java.util.ArrayList;  import java.util.List;  import java.util.Properties;  import org.springframework.beans.factory.annotation.Autowired; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; +import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; +import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; +import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; +import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; +import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.Organization;  import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; +import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1; +import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; +import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;  import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink;  import at.gv.egovernment.moa.id.config.ConfigurationException;  import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.ConfigurationUtils;  import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; +import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; +import at.gv.egovernment.moa.id.config.ConnectionParameterMandate;  import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed;  import at.gv.egovernment.moa.id.config.stork.STORKConfig; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; -import com.datentechnik.moa.id.conf.persistence.ConfigurationImpl; -import com.fasterxml.jackson.annotation.JsonProperty; +import com.datentechnik.moa.id.conf.persistence.Configuration; +/** + * A class providing access to the Auth Part of the MOA-ID configuration data. + */  public class NewAuthConfigurationProvider extends ConfigurationProvider implements AuthConfiguration {  	@Autowired -	private ConfigurationImpl configuration; +	private Configuration configuration; -	@JsonProperty("getGeneralPVP2ProperiesConfig") +	private final Properties properties = new Properties(); + +	public NewAuthConfigurationProvider(String fileName) throws ConfigurationException { +		File propertiesFile = new File(fileName); +		rootConfigFileDir = propertiesFile.getParent(); + +		try (FileInputStream in = new FileInputStream(propertiesFile);) { +			properties.load(in); +		} catch (FileNotFoundException e) { +			throw new ConfigurationException("config.03", null, e); +		} catch (IOException e) { +			throw new ConfigurationException("config.03", null, e); +		} +	} + +	private Properties getProperties() { +		return properties; +	} + +	/** +	 * Returns the general pvp2 properties config. NOTE: may be empty but never {@code null}. +	 * @return the general pvp2 properties config. +	 */  	public Properties getGeneralPVP2ProperiesConfig() { -		return configuration.get("getGeneralPVP2ProperiesConfig", Properties.class); +		return this.getGeneralProperiesConfig("protocols.pvp2.");  	} -	@JsonProperty("getGeneralOAuth20ProperiesConfig") +	/** +	 * Returns the general oauth20 properties config. NOTE: may be empty but never {@code null}. +	 * @return the general oauth20 properties config. +	 */  	public Properties getGeneralOAuth20ProperiesConfig() { -		return configuration.get("getGeneralOAuth20ProperiesConfig", Properties.class); +		return this.getGeneralProperiesConfig("protocols.oauth20.");  	} -	@JsonProperty("getAllowedProtocols") +	/** +	 * Returns the allowed protocols. NOTE: may return {@code null}. +	 *  +	 * @return the allowed protocols or {@code null}. +	 */  	public ProtocolAllowed getAllowedProtocols() { -		return configuration.get("getAllowedProtocols", ProtocolAllowed.class); + +		AuthComponentGeneral authComponentGeneral; +		try { +			authComponentGeneral = getAuthComponentGeneral(); +		} catch (ConfigurationException e) { +			return null; +		} +		ProtocolAllowed allowedProtcols = new ProtocolAllowed(); +		Protocols protocols = authComponentGeneral.getProtocols(); +		if (protocols != null) { +			allowedProtcols = new ProtocolAllowed(); + +			if (protocols.getSAML1() != null) { +				allowedProtcols.setSAML1Active(protocols.getSAML1().isIsActive()); +			} + +			if (protocols.getOAuth() != null) { +				allowedProtcols.setOAUTHActive(protocols.getOAuth().isIsActive()); +			} + +			if (protocols.getPVP2() != null) { +				allowedProtcols.setPVP21Active(protocols.getPVP2().isIsActive()); +			} +			return allowedProtcols; +		} else { +			Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); +			return null; +		}  	} -	@JsonProperty("getGeneralPVP2DBConfig") +	/** +	 * Returns the general PVP2 configuration. NOTE: may return {@code null}. +	 *  +	 * @return the general PVP2 configuration or {@code null}. +	 */  	public PVP2 getGeneralPVP2DBConfig() { -		return configuration.get("getGeneralPVP2DBConfig", PVP2.class); + +		AuthComponentGeneral authComponentGeneral; +		try { +			authComponentGeneral = getAuthComponentGeneral(); +		} catch (ConfigurationException e) { +			return null; +		} +		Protocols protocols = authComponentGeneral.getProtocols(); +		PVP2 result = null; +		if (protocols != null) { +			PVP2 pvp2 = protocols.getPVP2(); +			if (pvp2 != null) { +				result = new PVP2(); +				result.setIssuerName(pvp2.getIssuerName()); +				result.setPublicURLPrefix(pvp2.getPublicURLPrefix()); + +				if (pvp2.getOrganization() != null) { +					Organization org = new Organization(); +					result.setOrganization(org); +					org.setDisplayName(pvp2.getOrganization().getDisplayName()); +					org.setName(pvp2.getOrganization().getName()); +					org.setURL(pvp2.getOrganization().getURL()); +				} + +				if (pvp2.getContact() != null) { +					List<Contact> cont = new ArrayList<Contact>(); +					result.setContact(cont); +					for (Contact e : pvp2.getContact()) { +						Contact c = new Contact(); +						c.setCompany(e.getCompany()); +						c.setGivenName(e.getGivenName()); +						c.getMail().addAll(e.getMail()); +						c.getPhone().addAll(e.getPhone()); +						c.setSurName(e.getSurName()); +						c.setType(e.getType()); +						cont.add(c); +					} +				} +			} + +		} else { +			Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); +		} +		return result;  	} -	@JsonProperty("getTimeOuts") +	/** +	 * Returns the configured timeouts, or a default timeout. +	 *  +	 * @return the configured timeout, or the default (never {@code null}). +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. +	 */  	public TimeOuts getTimeOuts() throws ConfigurationException { -		return configuration.get("getTimeOuts", TimeOuts.class); + +		TimeOuts timeouts = new TimeOuts(); + +		// set default timeouts +		timeouts.setAssertion(new BigInteger("300")); +		timeouts.setMOASessionCreated(new BigInteger("2700")); +		timeouts.setMOASessionUpdated(new BigInteger("1200")); + +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +		// search timeouts in config +		GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); +		if (generalConfiguration != null) { +			if (generalConfiguration.getTimeOuts() != null) { +				if (generalConfiguration.getTimeOuts().getAssertion() != null) { +					timeouts.setAssertion(generalConfiguration.getTimeOuts().getAssertion()); +				} + +				if (generalConfiguration.getTimeOuts().getMOASessionCreated() != null) { +					timeouts.setMOASessionCreated(generalConfiguration.getTimeOuts().getMOASessionCreated()); +				} + +				if (generalConfiguration.getTimeOuts().getMOASessionUpdated() != null) { +					timeouts.setMOASessionUpdated(generalConfiguration.getTimeOuts().getMOASessionUpdated()); +				} + +			} else { +				Logger.info("No TimeOuts defined. Use default values"); +			} +		} +		return timeouts;  	} -	@JsonProperty("getAlternativeSourceID") +	/** +	 * Returns an alternative source ID. NOTE: may return {@code null}. +	 *  +	 * @return an alternative source ID or {@code null}. +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} +	 */  	public String getAlternativeSourceID() throws ConfigurationException { -		return configuration.get("getAlternativeSourceID", String.class); +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +		String alternativeSourceId = null; +		Protocols protocols = authComponentGeneral.getProtocols(); +		if (protocols != null) { +			SAML1 saml1 = protocols.getSAML1(); +			if (saml1 != null && MiscUtil.isNotEmpty(saml1.getSourceID())) { +				alternativeSourceId = saml1.getSourceID(); +			} +		} +		GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); +		if (generalConfiguration != null && MiscUtil.isEmpty(alternativeSourceId)) { +			alternativeSourceId = generalConfiguration.getAlternativeSourceID(); +		} +		return alternativeSourceId;  	} -	@JsonProperty("getLegacyAllowedProtocols") +	/** +	 * Returns a list of legacy allowed protocols. NOTE: may return an empty list but never {@code null}. +	 *  +	 * @return the list of protocols. +	 */  	public List<String> getLegacyAllowedProtocols() { -		return configuration.getList("getLegacyAllowedProtocols", String.class); + +		try { +			AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + +			if (authComponentGeneral.getProtocols() != null) { +				Protocols procols = authComponentGeneral.getProtocols(); +				if (procols.getLegacyAllowed() != null) { +					LegacyAllowed legacy = procols.getLegacyAllowed(); +					return legacy.getProtocolName(); +				} +			} + +			return new ArrayList<String>(); + +		} catch (NullPointerException e) { +			Logger.info("No protocols found with legacy allowed flag!"); +			return new ArrayList<String>(); +		} catch (ConfigurationException e) { +			return new ArrayList<String>(); +		} +  	} -	@JsonProperty("getOnlineApplicationParameter") +	/** +	 * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component. +	 *  +	 * @param oaURL URL requested for an online application +	 * @return an <code>OAAuthParameter</code>, or <code>null</code> if none is applicable +	 */  	public OAAuthParameter getOnlineApplicationParameter(String oaURL) { -		return configuration.get("getOnlineApplicationParameter", OAAuthParameter.class); + +		OnlineApplication oa = NewConfigurationDBRead.getActiveOnlineApplication(oaURL); +		if (oa == null) { +			Logger.warn("Online application with identifier " + oaURL + " is not found."); +			return null; +		} + +		return new OAAuthParameter(oa);  	} -	@JsonProperty("getMoaSpAuthBlockTrustProfileID") +	/** +	 * Returns a string with a url-reference to the VerifyAuthBlock trust profile id within the moa-sp part of the authentication component. +	 *  +	 * @return a string with a url-reference to the VerifyAuthBlock trust profile ID. +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. +	 */  	public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException { -		return configuration.get("getMoaSpAuthBlockTrustProfileID", String.class); +		return getVerifyAuthBlock().getTrustProfileID();  	} -	@JsonProperty("getMoaSpAuthBlockVerifyTransformsInfoIDs") +	/** +	 * Returns a list of strings with references to all verify transform info IDs within the moa-sp part of the authentication component. +	 *  +	 * @return a list of strings containing all urls to the verify transform info IDs. +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. +	 */  	public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { -		return configuration.getList("getMoaSpAuthBlockVerifyTransformsInfoIDs", String.class); +		return getVerifyAuthBlock().getVerifyTransformsInfoProfileID();  	} -	@JsonProperty("getMoaSpConnectionParameter") +	/** +	 * Returns a ConnectionParameter bean containing all information of the authentication component moa-sp element. +	 *  +	 * @return ConnectionParameter of the authentication component moa-sp element. +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. +	 */  	public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { -		return configuration.get("getMoaSpConnectionParameter", ConnectionParameter.class); +		ConnectionParameter result = null; +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +		MOASP moasp = authComponentGeneral.getMOASP(); +		if (moasp != null) { +			ConnectionParameterClientAuthType connectionParameter = moasp.getConnectionParameter(); +			if (connectionParameter != null) { +				result = new ConnectionParameterMOASP(moasp.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); +			} +		} +		return result;  	} -	@JsonProperty("getForeignIDConnectionParameter") +	/** +	 * Returns the {@link ConnectionParameter} for the ForeignID. NOTE: may return {@code null}. +	 *  +	 * @return the connection parameter. +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. +	 */  	public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { -		return configuration.get("getForeignIDConnectionParameter", ConnectionParameter.class); + +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +		ForeignIdentities foreign = authComponentGeneral.getForeignIdentities(); +		if (foreign != null) { +			return new ConnectionParameterForeign(foreign.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); +		} else { +			Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to SZRGW Service found"); +			return null; +		}  	} -	@JsonProperty("getOnlineMandatesConnectionParameter") +	/** +	 * Returns the {@link ConnectionParameter} for the OnlineMandates. NOTE: may return {@code null}. +	 *  +	 * @return the connection parameter. +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} +	 */  	public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { -		return configuration.get("getOnlineMandatesConnectionParameter", ConnectionParameter.class); + +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +		OnlineMandates ovs = authComponentGeneral.getOnlineMandates(); +		if (ovs != null) { +			return new ConnectionParameterMandate(ovs.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); +		} +		return null;  	} -	@JsonProperty("getMoaSpIdentityLinkTrustProfileID") +	/** +	 * Returns a string with a url-reference to the VerifyIdentityLink trust profile id within the moa-sp part of the authentication component +	 *  +	 * @return String with a url-reference to the VerifyIdentityLink trust profile ID +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link VerifyIdentityLink}. +	 */  	public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException { -		return configuration.get("getMoaSpIdentityLinkTrustProfileID", String.class); + +		String result = null; +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +		MOASP moasp = authComponentGeneral.getMOASP(); +		if (moasp != null) { +			VerifyIdentityLink verifyIdentityLink = moasp.getVerifyIdentityLink(); +			if (verifyIdentityLink != null) { +				result = verifyIdentityLink.getTrustProfileID(); +			} else { +				Logger.warn("Error in MOA-ID Configuration. No Trustprofile for IdentityLink validation."); +				throw new ConfigurationException("config.02", null); +			} +		} +		return result;  	} -	@JsonProperty("getTransformsInfos") +	/** +	 * Returns a non-empty list of transform infos. NOTE: list is never {@code empty} or {@code null}. +	 *  +	 * @return a list of transform infos. +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link SecurityLayer}. +	 */  	public List<String> getTransformsInfos() throws ConfigurationException { -		return configuration.getList("getTransformsInfos", String.class); + +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +		SecurityLayer securityLayer = authComponentGeneral.getSecurityLayer(); +		if (securityLayer != null) { + +			List<String> result = ConfigurationUtils.getTransformInfos(securityLayer.getTransformsInfo()); + +			if (result == null || result.isEmpty()) { +				Logger.error("No Security-Layer Transformation found."); +				throw new ConfigurationException("config.05", new Object[] { "Security-Layer Transformation" }); +			} +			return result; + +		} else { +			Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration->SecurityLayer found"); +			throw new ConfigurationException("config.02", null); +		}  	} -	@JsonProperty("getIdentityLinkX509SubjectNames") +	/** +	 * Returns a list of IdentityLinkX509SubjectNames. NOTE: may return an empty list but never {@code null}. +	 *  +	 * @return the list of IdentityLinkX509SubjectNames. +	 *  +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} +	 */  	public List<String> getIdentityLinkX509SubjectNames() throws ConfigurationException { -		return configuration.getList("getIdentityLinkX509SubjectNames", String.class); + +		ArrayList<String> identityLinkX509SubjectNames = new ArrayList<String>(); + +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + +		IdentityLinkSigners idlsigners = authComponentGeneral.getIdentityLinkSigners(); +		if (idlsigners != null) { +			Logger.debug("Load own IdentityLinkX509SubjectNames"); +			identityLinkX509SubjectNames.addAll(new ArrayList<String>(idlsigners.getX509SubjectName())); +		} + +		String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; +		for (int i = 0; i < identityLinkSignersWithoutOID.length; i++) { +			String identityLinkSigner = identityLinkSignersWithoutOID[i]; +			if (!identityLinkX509SubjectNames.contains(identityLinkSigner)) { +				identityLinkX509SubjectNames.add(identityLinkSigner); +			} +		} + +		return identityLinkX509SubjectNames;  	} -	@JsonProperty("getSLRequestTemplates") +	/** +	 * Returns a list of default SLRequestTemplates. NOTE: may return an empty list but never {@code null}. +	 *  +	 * @return list of default SLRequestTemplates. +	 * @throws ConfigurationException is never thrown +	 */  	public List<String> getSLRequestTemplates() throws ConfigurationException { -		return configuration.getList("getSLRequestTemplates", String.class); + +		SLRequestTemplates templates = configuration.get(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, SLRequestTemplates.class); +		List<String> templatesList = new ArrayList<String>(); + +		if (templates != null) { +			templatesList.add(templates.getOnlineBKU()); +			templatesList.add(templates.getLocalBKU()); +			templatesList.add(templates.getHandyBKU()); +		} +		return templatesList;  	} -	@JsonProperty("getSLRequestTemplates") +	/** +	 * Returns the type's default SLRequestTemplate. NOTE: may return {@code null}. +	 *  +	 * @param type the type of BKU. +	 * @return the default SLRequestTemplate for the given type. +	 *  +	 * @throws ConfigurationException is never thrown +	 */  	public String getSLRequestTemplates(String type) throws ConfigurationException { -		return configuration.get("getSLRequestTemplates", String.class); + +		SLRequestTemplates templates = configuration.get(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, SLRequestTemplates.class); +		String slRequestTemplate = null; + +		if (templates != null) { +			switch (type) { +			case IOAAuthParameters.ONLINEBKU: +				slRequestTemplate = templates.getOnlineBKU(); +				break; +			case IOAAuthParameters.LOCALBKU: +				slRequestTemplate = templates.getLocalBKU(); +				break; +			case IOAAuthParameters.HANDYBKU: +				slRequestTemplate = templates.getHandyBKU(); +				break; +			default: +				Logger.warn("getSLRequestTemplates: BKU Type does not match: " + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " +						+ IOAAuthParameters.LOCALBKU); +			} +		} +		return slRequestTemplate;  	} -	@JsonProperty("getDefaultBKUURLs") +	/** +	 * Returns a list of default BKUURLs. NOTE: may return an empty list but never {@code null}. +	 *  +	 * @return list of default BKUURLs. +	 * @throws ConfigurationException is never thrown +	 */  	public List<String> getDefaultBKUURLs() throws ConfigurationException { -		return configuration.getList("getDefaultBKUURLs", String.class); + +		DefaultBKUs bkuurls = configuration.get(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, DefaultBKUs.class); +		List<String> bkuurlsList = new ArrayList<String>(); + +		if (bkuurls != null) { +			bkuurlsList.add(bkuurls.getOnlineBKU()); +			bkuurlsList.add(bkuurls.getLocalBKU()); +			bkuurlsList.add(bkuurls.getHandyBKU()); +		} +		return bkuurlsList;  	} -	@JsonProperty("getDefaultBKUURL") +	/** +	 * Returns the type's default BKUURL. NOTE: may return {@code null}. +	 *  +	 * @param type the type of BKU. +	 * @return the default BKUURL for the given type. +	 *  +	 * @throws ConfigurationException is never thrown +	 */  	public String getDefaultBKUURL(String type) throws ConfigurationException { -		// FIXME find a solution for this getter -		// String el = DefaultBKUURLs.get(type); -		// if (MiscUtil.isNotEmpty(el)) -		// return el; -		// else { -		// Logger.warn("getSLRequestTemplates: BKU Type does not match: " + -		// IOAAuthParameters.ONLINEBKU + " or " -		// + IOAAuthParameters.HANDYBKU + " or " + IOAAuthParameters.LOCALBKU); -		// return null; -		// } -		return null; +		DefaultBKUs bkuurls = configuration.get(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, DefaultBKUs.class); +		String defaultBKUUrl = null; + +		if (bkuurls != null) { +			switch (type) { +			case IOAAuthParameters.ONLINEBKU: +				defaultBKUUrl = bkuurls.getOnlineBKU(); +				break; +			case IOAAuthParameters.LOCALBKU: +				defaultBKUUrl = bkuurls.getLocalBKU(); +				break; +			case IOAAuthParameters.HANDYBKU: +				defaultBKUUrl = bkuurls.getHandyBKU(); +				break; +			default: +				Logger.warn("getDefaultBKUURL: BKU Type does not match: " + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " +						+ IOAAuthParameters.LOCALBKU); +			} +		} +		return defaultBKUUrl;  	} -	@JsonProperty("getSSOTagetIdentifier") +	/** +	 * Returns the SSOTagetIdentifier. NOTE: returns {@code null} if no SSOTargetIdentifier is set. +	 *  +	 * @return the SSOTagetIdentifier or {@code null} +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} +	 */  	public String getSSOTagetIdentifier() throws ConfigurationException { -		return configuration.get("getSSOTagetIdentifier", String.class); + +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + +		SSO sso = authComponentGeneral.getSSO(); +		if (sso != null) { +			return sso.getTarget(); +		} +		return null;  	} -	@JsonProperty("getSSOFriendlyName") +	/** +	 * Returns the SSOFriendlyName. NOTE: never returns {@code null}, if no SSOFriendlyName is set, a default String is returned. +	 *  +	 * @return the SSOFriendlyName or a default String +	 */  	public String getSSOFriendlyName() { -		return configuration.get("getSSOFriendlyName", String.class); + +		AuthComponentGeneral authComponentGeneral; +		String defaultValue = "Default MOA-ID friendly name for SSO"; +		try { +			authComponentGeneral = getAuthComponentGeneral(); +		} catch (ConfigurationException e) { +			return defaultValue; +		} + +		SSO sso = authComponentGeneral.getSSO(); +		if (sso != null) { +			if (MiscUtil.isEmpty(sso.getFriendlyName())) { +				return sso.getFriendlyName(); +			} +		} +		return defaultValue;  	} -	@JsonProperty("getSSOSpecialText") +	/** +	 * Returns the SSOSpecialText. NOTE: never returns {@code null}, if no SSOSpecialText is set, an empty String is returned. +	 *  +	 * @return the SSOSpecialText or an empty String +	 */  	public String getSSOSpecialText() { -		return configuration.get("getSSOSpecialText", String.class); + +		AuthComponentGeneral authComponentGeneral; +		try { +			authComponentGeneral = getAuthComponentGeneral(); +		} catch (ConfigurationException e) { +			return new String(); +		} + +		SSO sso = authComponentGeneral.getSSO(); +		if (sso != null) { +			String text = sso.getSpecialText(); +			return MiscUtil.isEmpty(text) ? new String() : text; +		} +		return new String();  	} -	@JsonProperty("getMOASessionEncryptionKey") +	/** +	 * Returns the MOASessionEncryptionKey NOTE: returns {@code null} if no MOASessionEncryptionKey is set. +	 *  +	 * @return the MOASessionEncryptionKey or {@code null} +	 */  	public String getMOASessionEncryptionKey() { -		return configuration.get("getMOASessionEncryptionKey", String.class); +		String prop = properties.getProperty("configuration.moasession.key"); +		return MiscUtil.isNotEmpty(prop) ? prop : null;  	} -	@JsonProperty("getMOAConfigurationEncryptionKey") +	/** +	 * Returns the MOAConfigurationEncryptionKey NOTE: returns {@code null} if no MOAConfigurationEncryptionKey is set. +	 *  +	 * @return the MOAConfigurationEncryptionKey or {@code null} +	 */  	public String getMOAConfigurationEncryptionKey() { -		return configuration.get("getMOAConfigurationEncryptionKey", String.class); +		String prop = properties.getProperty("configuration.moaconfig.key"); +		return MiscUtil.isNotEmpty(prop) ? prop : null;  	} -	@JsonProperty("isIdentityLinkResigning") +	/** +	 * @return {@code true} if IdentityLinkResigning is set, {@code false} otherwise. +	 */  	public boolean isIdentityLinkResigning() { -		return configuration.get("isIdentityLinkResigning", Boolean.class); +		String prop = properties.getProperty("configuration.resignidentitylink.active", "false"); +		return Boolean.valueOf(prop);  	} -	@JsonProperty("getIdentityLinkResigningKey") +	/** +	 * Returns the IdentityLinkResigningKey. NOTE: returns {@code null} if no IdentityLinkResigningKey is set. +	 *  +	 * @return the IdentityLinkResigningKey or {@code null} +	 */  	public String getIdentityLinkResigningKey() { -		return configuration.get("getIdentityLinkResigningKey", String.class); +		String prop = properties.getProperty("configuration.resignidentitylink.keygroup"); +		return MiscUtil.isNotEmpty(prop) ? prop : null;  	} -	@JsonProperty("isMonitoringActive") +	/** +	 * @return {@code true} if MonitoringActive is set, {@code false} otherwise. +	 */  	public boolean isMonitoringActive() { -		return configuration.get("isMonitoringActive", Boolean.class); +		String prop = properties.getProperty("configuration.monitoring.active", "false"); +		return Boolean.valueOf(prop);  	} -	@JsonProperty("getMonitoringTestIdentityLinkURL") +	/** +	 * Returns the MonitoringTestIdentityLinkURL. NOTE: returns {@code null} if no MonitoringTestIdentityLinkURL is set. +	 *  +	 * @return the MonitoringTestIdentityLinkURL or {@code null} +	 */  	public String getMonitoringTestIdentityLinkURL() { -		return configuration.get("getMonitoringTestIdentityLinkURL", String.class); +		String prop = properties.getProperty("configuration.monitoring.test.identitylink.url"); +		return MiscUtil.isNotEmpty(prop) ? prop : null;  	} -	@JsonProperty("getMonitoringMessageSuccess") +	/** +	 * Returns the MonitoringMessageSuccess. NOTE: returns {@code null} if no MonitoringMessageSuccess is set. +	 *  +	 * @return the MonitoringMessageSuccess or {@code null} +	 */  	public String getMonitoringMessageSuccess() { -		return configuration.get("getMonitoringMessageSuccess", String.class); +		String prop = properties.getProperty("configuration.monitoring.message.success"); +		return MiscUtil.isNotEmpty(prop) ? prop : null;  	} -	@JsonProperty("isAdvancedLoggingActive") +	/** +	 * @return {@code true} if AdvancedLoggingActive is set, {@code false} otherwise. +	 */  	public boolean isAdvancedLoggingActive() { -		return configuration.get("isAdvancedLoggingActive", Boolean.class); +		String prop = properties.getProperty("configuration.advancedlogging.active", "false"); +		return Boolean.valueOf(prop);  	} -	@JsonProperty("getPublicURLPrefix") +	/** +	 * Returns the PublicURLPrefix. NOTE: returns {@code null} if no PublicURLPrefix is set. +	 *  +	 * @return the PublicURLPrefix or {@code null} +	 */  	public String getPublicURLPrefix() { -		return configuration.get("getPublicURLPrefix", String.class); + +		AuthComponentGeneral authComponentGeneral; +		try { +			authComponentGeneral = getAuthComponentGeneral(); +		} catch (ConfigurationException e) { +			return null; +		} + +		String publicURLPreFix = null; +		GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); +		if (generalConfiguration != null && MiscUtil.isNotEmpty(generalConfiguration.getPublicURLPreFix())) { +			publicURLPreFix = generalConfiguration.getPublicURLPreFix(); +		} else { +			Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); +		} +		return publicURLPreFix;  	} -	@JsonProperty("isPVP2AssertionEncryptionActive") +	/** +	 * @return {@code true} if PVP2AssertionEncryptionActive is set, {@code false} otherwise. +	 */  	public boolean isPVP2AssertionEncryptionActive() { -		return configuration.get("isPVP2AssertionEncryptionActive", Boolean.class); +		String prop = this.getProperties().getProperty("protocols.pvp2.assertion.encryption.active", "true"); +		return Boolean.valueOf(prop);  	} -	@JsonProperty("isCertifiacteQCActive") +	/** +	 * @return {@code true} if CertifiacteQCActive is set, {@code false} otherwise. +	 */  	public boolean isCertifiacteQCActive() { -		return configuration.get("isCertifiacteQCActive", Boolean.class); +		String prop = this.getProperties().getProperty("configuration.validation.certificate.QC.ignore", "false"); +		return !Boolean.valueOf(prop);  	}  	/** -	 * Retruns the STORK Configuration +	 * Returns a STORK Configuration, NOTE: may return {@code null}.  	 *  -	 * @return STORK Configuration -	 * @throws ConfigurationException +	 * @return a new STORK Configuration or {@code null} +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}  	 */ -	@JsonProperty("getStorkConfig")  	public STORKConfig getStorkConfig() throws ConfigurationException { -		return configuration.get("getStorkConfig", STORKConfig.class); + +		STORKConfig result = null; +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +		ForeignIdentities foreign = authComponentGeneral.getForeignIdentities(); +		if (foreign == null) { +			Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); +		} else { +			result = new STORKConfig(foreign.getSTORK(), this.getProperties(), this.getRootConfigFileDir()); +		} +		return result; +	} + +	/** +	 * Small helper method. +	 *  +	 * @return the {@link AuthComponentGeneral} from the database +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} +	 */ +	private AuthComponentGeneral getAuthComponentGeneral() throws ConfigurationException { + +		AuthComponentGeneral authComponentGeneral = configuration.get(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, AuthComponentGeneral.class); +		if (authComponentGeneral == null) { +			Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration found"); +			throw new ConfigurationException("config.02", null); +		} +		return authComponentGeneral; +	} + +	/** +	 * Returns the {@link VerifyAuthBlock}. +	 *  +	 * @return the {@link VerifyAuthBlock}. +	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. +	 */ +	private VerifyAuthBlock getVerifyAuthBlock() throws ConfigurationException { + +		AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); +		MOASP moasp = authComponentGeneral.getMOASP(); +		if (moasp != null) { +			VerifyAuthBlock vab = moasp.getVerifyAuthBlock(); +			if (vab != null) { +				VerifyAuthBlock verifyIdl = new VerifyAuthBlock(); +				verifyIdl.setTrustProfileID(vab.getTrustProfileID()); +				verifyIdl.setVerifyTransformsInfoProfileID(new ArrayList<String>(vab.getVerifyTransformsInfoProfileID())); +				return verifyIdl; +			} else { +				Logger.warn("Error in MOA-ID Configuration. No Trustprofile for AuthBlock validation."); +				throw new ConfigurationException("config.02", null); +			} +		} else { +			Logger.warn("Error in MOA-ID Configuration. No MOASP configuration found"); +			throw new ConfigurationException("config.02", null); +		} +	} + +	/** +	 * Small helper method. NOTE: may return empty properties, but never {@code null}. +	 * @param propPrefix the prefix of the desired property. +	 * @return the {@link Properties} +	 */ +	private Properties getGeneralProperiesConfig(final String propPrefix) { + +		Properties configProp = new Properties(); +		for (Object key : this.getProperties().keySet()) { +			if (key.toString().startsWith(propPrefix)) { +				String propertyName = key.toString().substring(propPrefix.length()); +				configProp.put(propertyName, this.getProperties().get(key.toString())); +			} +		} +		return configProp;  	}  } | 
