aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
Diffstat (limited to 'id/server')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java570
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/CPEPS.java120
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java1253
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConnectionParameter.java154
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java464
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAParameter.java186
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/STORKConfig.java112
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureCreationParameter.java134
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureVerificationParameter.java57
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameter.java433
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameters.java181
11 files changed, 0 insertions, 3664 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
deleted file mode 100644
index 887a7e40f..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ /dev/null
@@ -1,570 +0,0 @@
-///*******************************************************************************
-// * Copyright 2014 Federal Chancellery Austria
-// * MOA-ID has been developed in a cooperation between BRZ, the Federal
-// * Chancellery Austria - ICT staff unit, and Graz University of Technology.
-// *
-// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
-// * the European Commission - subsequent versions of the EUPL (the "Licence");
-// * You may not use this work except in compliance with the Licence.
-// * You may obtain a copy of the Licence at:
-// * http://www.osor.eu/eupl/
-// *
-// * Unless required by applicable law or agreed to in writing, software
-// * distributed under the Licence is distributed on an "AS IS" basis,
-// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// * See the Licence for the specific language governing permissions and
-// * limitations under the Licence.
-// *
-// * This product combines work with different licenses. See the "NOTICE" text
-// * file for details on the various modules and licenses.
-// * The "NOTICE" text file is part of the distribution. Any derivative works
-// * that you distribute must include a readable copy of the "NOTICE" text file.
-// *******************************************************************************/
-//package at.gv.egovernment.moa.id.config.legacy;
-//
-//import java.io.BufferedInputStream;
-//import java.io.File;
-//import java.io.FileInputStream;
-//import java.io.IOException;
-//import java.io.InputStream;
-//import java.math.BigInteger;
-//import java.net.URI;
-//import java.nio.file.Path;
-//import java.util.ArrayList;
-//import java.util.Arrays;
-//import java.util.Collections;
-//import java.util.List;
-//import java.util.Map;
-//import java.util.Properties;
-//import java.util.Set;
-//
-//import org.w3c.dom.Element;
-//
-//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.Contact;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.OAuth;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.Organization;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.SSO;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock;
-//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink;
-//import at.gv.egovernment.moa.id.config.ConfigurationException;
-//import at.gv.egovernment.moa.id.config.ConfigurationProvider;
-//
-//import at.gv.egovernment.moa.id.data.IssuerAndSerial;
-//import at.gv.egovernment.moa.logging.Logger;
-//import at.gv.egovernment.moa.util.Base64Utils;
-//import at.gv.egovernment.moa.util.DOMUtils;
-//import at.gv.egovernment.moa.util.FileUtils;
-//import at.gv.egovernment.moa.util.MiscUtil;
-//
-//public class BuildFromLegacyConfig {
-//
-// private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID";
-//
-// private static final String SEARCHBKUTEMPLATE_LOCAL = "https://127.0.0.1:3496/";
-// private static final String SEARCHBKUTEMPLATE_HANDY = "https://www.handy-signatur.at";
-// private static final String SEARCHBKUTEMPLATE_ONLINE = "bkuonline/http-security-layer-request";
-//
-// public static final String AUTH_SESSION_TIMEOUT_PROPERTY =
-// "AuthenticationSession.TimeOut";
-// /**
-// * The name of the generic configuration property giving the authentication data time out.
-// */
-// public static final String AUTH_DATA_TIMEOUT_PROPERTY =
-// "AuthenticationData.TimeOut";
-//
-//
-// public static MOAIDConfiguration build(File fileName, String rootConfigFileDir, MOAIDConfiguration oldconfig) throws ConfigurationException {
-// InputStream stream = null;
-// Element configElem;
-// ConfigurationBuilder builder;
-//
-// Logger.info("Load Legacy-Configuration from file=" + fileName);
-//
-// try {
-// // load the main config file
-// stream = new BufferedInputStream(new FileInputStream(fileName));
-// configElem = DOMUtils.parseXmlValidating(stream);
-//
-// } catch (Throwable t) {
-// throw new ConfigurationException("config.03", null, t);
-// }
-//
-// finally {
-// try {
-// if (stream != null) {
-// stream.close();
-// }
-// } catch (IOException e) {
-//
-// }
-// }
-//
-// try {
-// String oldbkuonline = "";
-// String oldbkulocal = "";
-// String oldbkuhandy = "";
-//
-// // build the internal datastructures
-// builder = new ConfigurationBuilder(configElem, rootConfigFileDir);
-//
-//
-// MOAIDConfiguration moaIDConfig = new MOAIDConfiguration();
-//
-// AuthComponentGeneral generalAuth = new AuthComponentGeneral();
-// moaIDConfig.setAuthComponentGeneral(generalAuth);
-//
-//
-// //not supported by MOA-ID 2.0
-// //ConnectionParameter bKUConnectionParameter = builder.buildAuthBKUConnectionParameter();
-// //bKUSelectable = (bKUConnectionParameter!=null);
-// //bKUSelectionType = builder.buildAuthBKUSelectionType();
-//
-//
-// //Load generic Config
-// Map<String, String> genericConfiguration = builder.buildGenericConfiguration();
-// GeneralConfiguration authGeneral = new GeneralConfiguration();
-//
-// if (genericConfiguration.containsKey(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING))
-// authGeneral.setTrustManagerRevocationChecking(
-// Boolean.valueOf((String)genericConfiguration.get(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING)));
-// else
-// authGeneral.setTrustManagerRevocationChecking(true);
-//
-// if (genericConfiguration.containsKey(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY))
-// authGeneral.setCertStoreDirectory(
-// (String)genericConfiguration.get(ConfigurationProvider.DIRECTORY_CERTSTORE_PARAMETER_PROPERTY));
-// else
-// authGeneral.setTrustManagerRevocationChecking(true);
-//
-//
-// //Load Assertion and Session timeouts
-// TimeOuts timeOuts = new TimeOuts();
-// if (genericConfiguration.containsKey(AUTH_DATA_TIMEOUT_PROPERTY))
-// timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_DATA_TIMEOUT_PROPERTY))));
-// else
-// timeOuts.setAssertion(BigInteger.valueOf(2*60)); //default 2min
-//
-// if (genericConfiguration.containsKey(AUTH_SESSION_TIMEOUT_PROPERTY))
-// timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_SESSION_TIMEOUT_PROPERTY))));
-// else
-// timeOuts.setAssertion(BigInteger.valueOf(30*60)); //default 30min
-//
-// timeOuts.setMOASessionUpdated(BigInteger.valueOf(15*60)); //default 15min
-// authGeneral.setTimeOuts(timeOuts);
-// generalAuth.setGeneralConfiguration(authGeneral);
-//
-// Protocols auth_protocols = new Protocols();
-// generalAuth.setProtocols(auth_protocols);
-//
-// LegacyAllowed prot_legacy = new LegacyAllowed();
-// auth_protocols.setLegacyAllowed(prot_legacy);
-// final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x");
-// prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED);
-//
-// //set SAML1 config
-// SAML1 saml1 = new SAML1();
-// saml1.setIsActive(true);
-// if (genericConfiguration.containsKey(GENERIC_CONFIG_PARAM_SOURCEID))
-// saml1.setSourceID((String)genericConfiguration.get(GENERIC_CONFIG_PARAM_SOURCEID));
-// auth_protocols.setSAML1(saml1);
-//
-// //set OAuth config
-// OAuth oauth = new OAuth();
-// oauth.setIsActive(true);
-// auth_protocols.setOAuth(oauth);
-//
-// //set PVP2.1 config
-// PVP2 prot_pvp2 = new PVP2();
-// auth_protocols.setPVP2(prot_pvp2);
-// prot_pvp2.setPublicURLPrefix("https://....");
-// prot_pvp2.setIssuerName("MOA-ID 2.x IDP");
-//
-// Organization pvp2_org = new Organization();
-// prot_pvp2.setOrganization(pvp2_org);
-// pvp2_org.setDisplayName("OrganisationDisplayName");
-// pvp2_org.setName("OrganisatioName");
-// pvp2_org.setURL("http://testorganisation.at");
-//
-// List<Contact> pvp2_contacts = new ArrayList<Contact>();
-// prot_pvp2.setContact(pvp2_contacts);
-//
-// Contact pvp2_contact = new Contact();
-// pvp2_contact.setCompany("OrganisationDisplayName");
-// pvp2_contact.setGivenName("Max");
-//
-//
-// List<String> mails = new ArrayList<String>();
-// pvp2_contact.setMail(mails);
-// mails.add("max@muster.mann");
-//
-// List<String> phones = new ArrayList<String>();
-// pvp2_contact.setPhone(phones);
-// phones.add("01 5555 5555");
-//
-// pvp2_contact.setSurName("Mustermann");
-// pvp2_contact.setType("technical");
-// pvp2_contacts.add(pvp2_contact);
-//
-// //SSO
-// SSO auth_sso = new SSO();
-// generalAuth.setSSO(auth_sso);
-// auth_sso.setTarget("");
-// auth_sso.setFriendlyName("");
-//
-//
-// //set SecurityLayer Transformations
-// String[] transformsInfoFileNames = builder.buildTransformsInfoFileNames(builder.getConfigElem(), ConfigurationBuilder.AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH);
-// String[] transformsInfos = builder.loadTransformsInfos(transformsInfoFileNames);
-//
-// List<TransformsInfoType> auth_transformInfos = new ArrayList<TransformsInfoType>();
-// if (transformsInfos != null && transformsInfos.length > 0) {
-// for (int i=0; i<transformsInfos.length; i++) {
-//
-// TransformsInfoType transforminfotype = new TransformsInfoType();
-//
-// if (transformsInfoFileNames[i] != null &&
-// transformsInfos[i] != null) {
-// String fileURL = FileUtils.makeAbsoluteURL(transformsInfoFileNames[i], rootConfigFileDir);
-// Path fileName_ = new File(new URI(fileURL)).toPath().getFileName();
-// transforminfotype.setFilename(fileName_.toString());
-//
-// transforminfotype.setTransformation(Base64Utils.encode(transformsInfos[i].getBytes("UTF-8")).getBytes("UTF-8"));
-// auth_transformInfos.add(transforminfotype);
-//
-// } else
-// Logger.warn("AuthBlock Transformation " + transformsInfoFileNames[i]
-// + "not found.");
-// }
-//
-// }
-//
-// SecurityLayer auth_securityLayer = new SecurityLayer();
-// auth_securityLayer.setTransformsInfo(auth_transformInfos);
-// generalAuth.setSecurityLayer(auth_securityLayer);
-//
-//
-// //set MOASP configuration
-// MOASP auth_moaSP = new MOASP();
-// generalAuth.setMOASP(auth_moaSP);
-//
-// //set MOASP connection
-// ConnectionParameter moaSpConnectionParameter = builder.buildMoaSpConnectionParameter();
-// if (moaSpConnectionParameter != null) {
-// ConnectionParameterClientAuthType auth_moaSP_connection =
-// parseConnectionParameterClientAuth(moaSpConnectionParameter);
-// auth_moaSP.setConnectionParameter(auth_moaSP_connection);
-// }
-//
-// //set VerifyIdentityLink
-// String moaSpIdentityLinkTrustProfileID = builder.getMoaSpIdentityLinkTrustProfileID();
-// VerifyIdentityLink auth_moaSP_verifyIdentityLink = new VerifyIdentityLink();
-// auth_moaSP_verifyIdentityLink.setTrustProfileID(moaSpIdentityLinkTrustProfileID);
-// auth_moaSP.setVerifyIdentityLink(auth_moaSP_verifyIdentityLink);
-//
-// //set VerifyAuthBlock
-// String moaSpAuthBlockTrustProfileID = builder.getMoaSpAuthBlockTrustProfileID();
-// VerifyAuthBlock auth_moaSP_verifyAuthBlock = new VerifyAuthBlock();
-// auth_moaSP_verifyAuthBlock.setTrustProfileID(moaSpAuthBlockTrustProfileID);
-// String[] moaSpAuthBlockVerifyTransformsInfoIDs = builder.buildMoaSpAuthBlockVerifyTransformsInfoIDs();
-// List<String> transformlist = new ArrayList<String>();
-// Collections.addAll(transformlist, moaSpAuthBlockVerifyTransformsInfoIDs);
-// auth_moaSP_verifyAuthBlock.setVerifyTransformsInfoProfileID(transformlist);
-// auth_moaSP.setVerifyAuthBlock(auth_moaSP_verifyAuthBlock);
-//
-//
-// //set IdentityLinkSigners
-// IdentityLinkSigners auth_idsigners = new IdentityLinkSigners();
-// generalAuth.setIdentityLinkSigners(auth_idsigners);
-// List<String> identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
-// auth_idsigners.setX509SubjectName(identityLinkX509SubjectNames);
-//
-//
-// //not supported by MOA-ID 2.0
-// VerifyInfoboxParameters defaultVerifyInfoboxParameters = null;
-//// Node defaultVerifyInfoboxParamtersElem = XPathUtils.selectSingleNode(configElem, ConfigurationBuilder.AUTH_VERIFY_INFOBOXES_XPATH);
-//// if (defaultVerifyInfoboxParamtersElem != null) {
-//// defaultVerifyInfoboxParameters =
-//// builder.buildVerifyInfoboxParameters((Element)defaultVerifyInfoboxParamtersElem, null, moaSpIdentityLinkTrustProfileID);
-//// }
-//
-//
-// //Set ForeignIdentities
-// ForeignIdentities auth_foreign = new ForeignIdentities();
-// generalAuth.setForeignIdentities(auth_foreign);
-//
-// //set Connection parameters
-// ConnectionParameter foreignIDConnectionParameter = builder.buildForeignIDConnectionParameter();
-// ConnectionParameterClientAuthType auth_foreign_connection =
-// parseConnectionParameterClientAuth(foreignIDConnectionParameter);
-// auth_foreign.setConnectionParameter(auth_foreign_connection);
-//
-// //set OnlineMandates config
-// ConnectionParameter onlineMandatesConnectionParameter = builder.buildOnlineMandatesConnectionParameter();
-// if (onlineMandatesConnectionParameter != null) {
-// OnlineMandates auth_mandates = new OnlineMandates();
-// generalAuth.setOnlineMandates(auth_mandates);
-// auth_mandates.setConnectionParameter(
-// parseConnectionParameterClientAuth(onlineMandatesConnectionParameter));
-// }
-//
-//
-// //TODO: add auth template configuration!!!
-//
-//
-// if (oldconfig != null) {
-// if (oldconfig.getDefaultBKUs() != null) {
-// oldbkuhandy = oldconfig.getDefaultBKUs().getHandyBKU();
-// oldbkulocal = oldconfig.getDefaultBKUs().getLocalBKU();
-// oldbkuonline = oldconfig.getDefaultBKUs().getOnlineBKU();
-// }
-// } else {
-// List<String> trustbkus = builder.getTrustedBKUs();
-// for (String trustbku : trustbkus) {
-// if (MiscUtil.isEmpty(oldbkuonline) && trustbku.endsWith(SEARCHBKUTEMPLATE_ONLINE))
-// oldbkuonline = trustbku;
-//
-// if (MiscUtil.isEmpty(oldbkuhandy) && trustbku.startsWith(SEARCHBKUTEMPLATE_HANDY))
-// oldbkuhandy = trustbku;
-//
-// if (MiscUtil.isEmpty(oldbkulocal) && trustbku.startsWith(SEARCHBKUTEMPLATE_LOCAL))
-// oldbkulocal = trustbku;
-// }
-//
-// }
-//
-//
-// //set OnlineApplications
-// OAAuthParameter[] onlineApplicationAuthParameters = builder.buildOnlineApplicationAuthParameters(defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID);
-//
-// ArrayList<OnlineApplication> moa_oas = new ArrayList<OnlineApplication>();
-// moaIDConfig.setOnlineApplication(moa_oas);
-//
-// for (OAAuthParameter oa : onlineApplicationAuthParameters) {
-// OnlineApplication moa_oa = new OnlineApplication();
-//
-// //set general OA configuration
-// moa_oa.setCalculateHPI(false); //TODO: Bernd fragen warum das nicht direkt über den Bereichsidentifyer definert wird
-// moa_oa.setFriendlyName(oa.getFriendlyName());
-// moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier()));
-// moa_oa.setPublicURLPrefix(oa.getPublicURLPrefix());
-// moa_oa.setTarget(oa.getTarget());
-// moa_oa.setTargetFriendlyName(oa.getTargetFriendlyName());
-// moa_oa.setType(oa.getOaType());
-// moa_oa.setIsActive(true);
-//
-//
-// AuthComponentOA oa_auth = new AuthComponentOA();
-// moa_oa.setAuthComponentOA(oa_auth);
-//
-// //SLLayer Version / useIframe
-//// oa_auth.setSlVersion(oa.getSlVersion());
-//// oa_auth.setUseIFrame(false);
-//// oa_auth.setUseUTC(oa.getUseUTC());
-//
-// //BKUURLs
-// BKUURLS bkuurls = new BKUURLS();
-// bkuurls.setOnlineBKU(oldbkuonline);
-// bkuurls.setHandyBKU(oldbkuhandy);
-// bkuurls.setLocalBKU(oldbkulocal);
-// oa_auth.setBKUURLS(bkuurls);
-//
-// //IdentificationNumber
-// IdentificationNumber idnumber = new IdentificationNumber();
-// idnumber.setValue(oa.getIdentityLinkDomainIdentifier());
-// idnumber.setType(oa.getIdentityLinkDomainIdentifierType());
-// oa_auth.setIdentificationNumber(idnumber);
-//
-// //set Templates
-// TemplatesType templates = new TemplatesType();
-// oa_auth.setTemplates(templates);
-// templates.setAditionalAuthBlockText("");
-// TemplateType template = new TemplateType();
-// template.setURL(oa.getTemplateURL());
-// ArrayList<TemplateType> template_list = new ArrayList<TemplateType>();
-// template_list.add(template);
-// templates.setTemplate(template_list);
-//
-//
-// //TransformsInfo not supported by MOAID 2.0
-// String[] transforminfos = oa.getTransformsInfos();
-// for (String e1 : transforminfos) {
-// if (MiscUtil.isNotEmpty(e1)) {
-// Logger.warn("OA specific transformation for OA " + oa.getPublicURLPrefix()
-// + " are not supported. USE AdditionalAuthBlock text!");
-// }
-// }
-//
-// //VerifyInfoBoxes not supported by MOAID 2.0
-//
-// //set Mandates
-// Mandates oa_mandates = new Mandates();
-// oa_auth.setMandates(oa_mandates);
-// List<MandatesProfileNameItem> profileList = new ArrayList<MandatesProfileNameItem>();
-//
-// String oldProfiles = oa.getMandateProfiles();
-// if (MiscUtil.isNotEmpty(oldProfiles)) {
-// String[] oldprofileList = oldProfiles.split(",");
-// for (int i=0; i<oldprofileList.length; i++) {
-// MandatesProfileNameItem item = new MandatesProfileNameItem();
-// item.setItem(oldprofileList[i].trim());
-// profileList.add(item);
-// }
-// oa_mandates.setProfileNameItems(profileList );
-// }
-//
-// //STORK
-// //TODO: OA specific STORK config is deactivated in MOA 1.5.2
-//
-// //SSO
-// OASSO oa_sso = new OASSO();
-// oa_auth.setOASSO(oa_sso);
-// oa_sso.setUseSSO(true);
-// oa_sso.setSingleLogOutURL("");
-// oa_sso.setAuthDataFrame(true);
-//
-// //OA_SAML1
-// OASAML1 oa_saml1 = new OASAML1();
-// oa_auth.setOASAML1(oa_saml1);
-// oa_saml1.setConditionLength(BigInteger.valueOf(oa.getConditionLength()));
-// oa_saml1.setProvideAUTHBlock(oa.getProvideAuthBlock());
-// oa_saml1.setProvideCertificate(oa.getProvideCertifcate());
-// oa_saml1.setProvideFullMandatorData(oa.getProvideFullMandatorData());
-// oa_saml1.setProvideIdentityLink(oa.getProvideIdentityLink());
-// oa_saml1.setProvideStammzahl(oa.getProvideStammzahl());
-// oa_saml1.setUseCondition(oa.getUseCondition());
-// oa_saml1.setIsActive(true);
-// oa_saml1.setProvideAllErrors(false);
-//
-// //OA_PVP2
-// OAPVP2 oa_pvp2 = new OAPVP2();
-// oa_auth.setOAPVP2(oa_pvp2);
-//
-// moa_oas.add(moa_oa);
-// //ConfigurationDBUtils.save(moa_oa);
-// }
-//
-// //removed from MOAID 2.0 config
-// //identityLinkX509SubjectNames = builder.getIdentityLink_X509SubjectNames();
-//
-//
-// //set chaining modes
-// ChainingModes moa_chainingModes = new ChainingModes();
-// moaIDConfig.setChainingModes(moa_chainingModes);
-//
-//
-//
-// String defaultmode = builder.getDefaultChainingMode();
-// ChainingModeType type;
-// if (defaultmode.equals(iaik.pki.pathvalidation.ChainingModes.CHAIN_MODE))
-// type = ChainingModeType.CHAINING;
-// else
-// type = ChainingModeType.PKIX;
-//
-//
-// moa_chainingModes.setSystemDefaultMode(type);
-//
-// Map<IssuerAndSerial, String> chainingModes = builder.buildChainingModes();
-// List<TrustAnchor> chaining_anchor = new ArrayList<TrustAnchor>();
-// Set<IssuerAndSerial> chaining_anchor_map = chainingModes.keySet();
-// for (IssuerAndSerial e1 : chaining_anchor_map) {
-// TrustAnchor trustanchor = new TrustAnchor();
-//
-// ChainingModeType type1 = ChainingModeType.fromValue(chainingModes.get(e1));
-// trustanchor.setMode(type1);
-//
-// trustanchor.setX509IssuerName(e1.getIssuerDN());
-// trustanchor.setX509SerialNumber(e1.getSerial());
-// chaining_anchor.add(trustanchor);
-// }
-// moa_chainingModes.setTrustAnchor(chaining_anchor);
-//
-//
-// //set trustedCACertificate path
-// moaIDConfig.setTrustedCACertificates(builder.getTrustedCACertificates());
-//
-//
-// //Not required in MOAID 2.0 config (DefaultBKUs & SLRequestTemplates)
-// //trustedBKUs = builder.getTrustedBKUs();
-// //trustedTemplateURLs = builder.getTrustedTemplateURLs();
-//
-//
-// //set DefaultBKUs
-// DefaultBKUs moa_defaultbkus = new DefaultBKUs();
-// moaIDConfig.setDefaultBKUs(moa_defaultbkus);
-// moa_defaultbkus.setOnlineBKU(oldbkuonline);
-// moa_defaultbkus.setHandyBKU(oldbkuhandy);
-// moa_defaultbkus.setLocalBKU(oldbkulocal);
-//
-//
-// //set SLRequest Templates
-// SLRequestTemplates moa_slrequesttemp = new SLRequestTemplates();
-// moaIDConfig.setSLRequestTemplates(moa_slrequesttemp);
-// moa_slrequesttemp.setOnlineBKU("http://localhost:8080/moa-id-auth/template_onlineBKU.html");
-// moa_slrequesttemp.setHandyBKU("http://localhost:8080/moa-id-auth/template_handyBKU.html");
-// moa_slrequesttemp.setLocalBKU("http://127.0.0.1:8080/moa-id-auth/template_localBKU.html");
-//
-// return moaIDConfig;
-//
-// } catch (Throwable t) {
-// throw new ConfigurationException("config.02", null, t);
-// }
-// }
-//
-// private static ConnectionParameterClientAuthType parseConnectionParameterClientAuth(
-// ConnectionParameter old) {
-// ConnectionParameterClientAuthType auth_moaSP_connection = new ConnectionParameterClientAuthType();
-// auth_moaSP_connection.setURL(old.getUrl());
-//
-// //TODO: remove from Database config!!!!!
-//// auth_moaSP_connection.setAcceptedServerCertificates(old.getAcceptedServerCertificates());
-//// ClientKeyStore auth_moaSP_connection_keyStore = new ClientKeyStore();
-//// auth_moaSP_connection_keyStore.setValue(old.getClientKeyStore());
-//// auth_moaSP_connection_keyStore.setPassword(old.getClientKeyStorePassword());
-//// auth_moaSP_connection.setClientKeyStore(auth_moaSP_connection_keyStore);
-// return auth_moaSP_connection;
-// }
-//
-// private static Properties getGeneralPVP2ProperiesConfig(Properties props) {
-// Properties configProp = new Properties();
-// for (Object key : props.keySet()) {
-// String propPrefix = "protocols.pvp2.";
-// if (key.toString().startsWith(propPrefix)) {
-// String propertyName = key.toString().substring(propPrefix.length());
-// configProp.put(propertyName, props.get(key.toString()));
-// }
-// }
-// return configProp;
-// }
-//}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/CPEPS.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/CPEPS.java
deleted file mode 100644
index 1d9f738be..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/CPEPS.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/**
- *
- */
-package at.gv.egovernment.moa.id.config.legacy;
-
-import java.net.URL;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.opensaml.saml2.metadata.RequestedAttribute;
-
-/**
- * Encpasulates C-PEPS information according MOA configuration
- *
- * @author bzwattendorfer
- *
- */
-public class CPEPS {
-
- /** Country Code of C-PEPS */
- private String countryCode;
-
- /** URL of C-PEPS */
- private URL pepsURL;
-
- /** Specific attributes to be requested for this C-PEPS */
- private List<RequestedAttribute> countrySpecificRequestedAttributes = new ArrayList<RequestedAttribute>();
-
- /**
- * Constructs a C-PEPS
- * @param countryCode ISO Country Code of C-PEPS
- * @param pepsURL URL of C-PEPS
- */
- public CPEPS(String countryCode, URL pepsURL) {
- super();
- this.countryCode = countryCode;
- this.pepsURL = pepsURL;
- }
-
- /**
- * Gets the country code of this C-PEPS
- * @return ISO country code
- */
- public String getCountryCode() {
- return countryCode;
- }
-
- /**
- * Sets the country code of this C-PEPS
- * @param countryCode ISO country code
- */
- public void setCountryCode(String countryCode) {
- this.countryCode = countryCode;
- }
-
- /**
- * Gets the URL of this C-PEPS
- * @return C-PEPS URL
- */
- public URL getPepsURL() {
- return pepsURL;
- }
-
- /**
- * Sets the C-PEPS URL
- * @param pepsURL C-PEPS URL
- */
- public void setPepsURL(URL pepsURL) {
- this.pepsURL = pepsURL;
- }
-
- /**
- * Gets the country specific attributes of this C-PEPS
- * @return List of country specific attributes
- */
- public List<RequestedAttribute> getCountrySpecificRequestedAttributes() {
- return countrySpecificRequestedAttributes;
- }
-
- /**
- * Sets the country specific attributes
- * @param countrySpecificRequestedAttributes List of country specific requested attributes
- */
- public void setCountrySpecificRequestedAttributes(
- List<RequestedAttribute> countrySpecificRequestedAttributes) {
- this.countrySpecificRequestedAttributes = countrySpecificRequestedAttributes;
- }
-
- /**
- * Adds a Requested attribute to the country specific attribute List
- * @param countrySpecificRequestedAttribute Additional country specific requested attribute to add
- */
- public void addCountrySpecificRequestedAttribute(RequestedAttribute countrySpecificRequestedAttribute) {
- this.countrySpecificRequestedAttributes.add(countrySpecificRequestedAttribute);
- }
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
deleted file mode 100644
index 6ad45d8c9..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConfigurationBuilder.java
+++ /dev/null
@@ -1,1253 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.config.legacy;
-
-import iaik.pki.pathvalidation.ChainingModes;
-import iaik.utils.RFC2253NameParser;
-import iaik.utils.RFC2253NameParserException;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.Hashtable;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Vector;
-
-import org.w3c.dom.Attr;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-import org.w3c.dom.traversal.NodeIterator;
-
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.data.Schema;
-import at.gv.egovernment.moa.id.auth.data.SchemaImpl;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.legacy.OAAuthParameter;
-import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameter;
-import at.gv.egovernment.moa.id.config.legacy.VerifyInfoboxParameters;
-import at.gv.egovernment.moa.id.config.legacy.SignatureCreationParameter;
-import at.gv.egovernment.moa.id.data.IssuerAndSerial;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.BoolUtils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.FileUtils;
-import at.gv.egovernment.moa.util.StringUtils;
-import at.gv.egovernment.moa.util.XPathException;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * A class that builds configuration data from a DOM based representation.
- *
- * @author Patrick Peck
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class ConfigurationBuilder {
-
- //
- // XPath namespace prefix shortcuts
- //
- /** an XPATH-Expression */
- protected static final String CONF = Constants.MOA_ID_CONFIG_PREFIX + ":";
- /** an XPATH-Expression */
- protected static final String DSIG = Constants.DSIG_PREFIX + ":";
-
- /** an XPATH-Expression */
- protected static final String STORK = Constants.STORK_PREFIX + ":";
-
- /** an XPATH-Expression */
- protected static final String STORKP= Constants.STORKP_PREFIX + ":";
-
- //
- // chaining mode constants appearing in the configuration file
- //
- /** an XPATH-Expression */
- protected static final String CM_CHAINING = "chaining";
- /** an XPATH-Expression */
- protected static final String CM_PKIX = "pkix";
- /** an XPATH-Expression */
- protected static final String DEFAULT_ENCODING = "UTF-8";
-
- //
- // XPath expressions to select certain parts of the configuration
- //
- /** an XPATH-Expression */
- protected static final String ROOT = "/" + CONF + "MOA-IDConfiguration/";
-
- /** an XPATH-Expression */
- protected static final String AUTH_BKU_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "BKUSelection";
- /** an XPATH-Expression */
- protected static final String AUTH_BKUSELECT_TEMPLATE_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "BKUSelectionTemplate/@URL";
- /** an XPATH-Expression */
- protected static final String AUTH_TEMPLATE_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "Template/@URL";
- /** an XPATH-Expression */
- public static final String AUTH_TEMPLATE_ONLINEMANDATES_BKU_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU";
-
-
- //protected static final String AUTH_MANDATE_TEMPLATE_XPATH =
-// ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "MandateTemplate/@URL";
- /** an XPATH-Expression */
- protected static final String INPUT_PROCESSOR_TEMPLATE_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "Templates/" + CONF + "InputProcessorSignTemplate/@URL";
- /** an XPATH-Expression */
- public static final String AUTH_SECLAYER_TRANSFORMS_INFO_FILENAME_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "SecurityLayer/" + CONF + "TransformsInfo/@filename";
- /** an XPATH-Expression */
- protected static final String AUTH_MOA_SP_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP";
- /** an XPATH-Expression */
- protected static final String AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyIdentityLink/" + CONF + "TrustProfileID";
- /** an XPATH-Expression */
- protected static final String AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "TrustProfileID";
- /** an XPATH-Expression */
- protected static final String AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "MOA-SP/" + CONF + "VerifyAuthBlock/" + CONF + "VerifyTransformsInfoProfileID";
-
- /** an XPATH-Expression */
- protected static final String AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "IdentityLinkSigners/" + CONF + "X509SubjectName";
-
- /** an XPATH-Expression */
- public static final String AUTH_VERIFY_INFOBOXES_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "VerifyInfoboxes";
-
- /** an XPATH-Expression */
- public static final String AUTH_FOREIGN_IDENTITIES_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities";
-
- /** an XPATH-Expression */
- public static final String AUTH_ONLINEMANDATES_XPATH =
- ROOT + CONF + "AuthComponent/" + CONF + "OnlineMandates";
-
-
-
- /** an XPATH-Expression */
- protected static final String OA_XPATH = ROOT + CONF + "OnlineApplication";
- /** an XPATH-Expression */
- protected static final String OA_LOGIN_XPATH = ROOT + CONF + "OnlineApplication/@loginURL";
- /** an XPATH-Expression */
- protected static final String OA_AUTH_COMPONENT_XPATH = CONF + "AuthComponent";
- /** an XPATH-Expression */
- protected static final String OA_AUTH_COMPONENT_IDENT_NUMBER_XPATH = CONF + "IdentificationNumber";
- /** an XPATH-Expression */
- protected static final String OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH =
- CONF + "Templates/" + CONF + "BKUSelectionTemplate/@URL";
- /** an XPATH-Expression */
- protected static final String OA_AUTH_COMPONENT_TEMPLATE_XPATH =
- CONF + "Templates/" + CONF + "Template/@URL";
- /** an XPATH-Expression */
- public static final String OA_AUTH_COMPONENT_TEMPLATE_ONLINEMANDATES_BKU_XPATH =
- CONF + "Templates/" + CONF + "OnlineMandates/" + CONF + "BKU";
- //protected static final String OA_AUTH_COMPONENT_MANDATE_TEMPLATE_XPATH =
- //CONF + "Templates/" + CONF + "MandateTemplate/@URL";
- /** an XPATH-Expression */
- protected static final String OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH = CONF + "TransformsInfo/@filename";
- /** an XPATH-Expression */
- protected static final String OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH = CONF + "VerifyInfoboxes";
- /** an XPATH-Expression */
- protected static final String OA_AUTH_COMPONENT_MANDATES_PROFILES_XPATH = CONF + "Mandates" + "/" + CONF + "Profiles";
- /** an XPATH-Expression */
- protected static final String CONNECTION_PARAMETER_URL_XPATH =
- CONF + "ConnectionParameter/@URL";
- /** an XPATH-Expression */
- protected static final String CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH =
- CONF + "ConnectionParameter/" + CONF + "AcceptedServerCertificates";
- /** an XPATH-Expression */
- protected static final String CONNECTION_PARAMETERN_KEYSTORE_XPATH =
- CONF + "ConnectionParameter/" + CONF + "ClientKeyStore";
- /** an XPATH-Expression */
- protected static final String CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH =
- CONNECTION_PARAMETERN_KEYSTORE_XPATH + "/@password";
- /** an XPATH-Expression */
- protected static final String GENERIC_CONFIGURATION_XPATH =
- ROOT + CONF + "GenericConfiguration";
-
- /** an XPATH-Expression */
- protected static final String TRUSTED_BKUS =
- ROOT + CONF + "TrustedBKUs/" + CONF + "BKUURL";
-
- protected static final String TRUSTED_TEMPLATEURLS =
- ROOT + CONF + "TrustedTemplateURLs/" + CONF + "TemplateURL";
-
-
- /** an XPATH-Expression */
- protected static final String CHAINING_MODES_XPATH =
- ROOT + CONF + "ChainingModes";
- /** an XPATH-Expression */
- protected static final String CHAINING_MODES_DEFAULT_XPATH =
- CHAINING_MODES_XPATH + "/@systemDefaultMode";
- /** an XPATH-Expression */
- protected static final String TRUST_ANCHOR_XPATH =
- ROOT + CONF + "ChainingModes/" + CONF + "TrustAnchor";
- /** an XPATH-Expression */
- protected static final String ISSUER_XPATH = DSIG + "X509IssuerName";
- /** an XPATH-Expression */
- protected static final String SERIAL_XPATH = DSIG + "X509SerialNumber";
- /** an XPATH-Expression */
- protected static final String TRUSTED_CA_CERTIFICATES_XPATH =
- ROOT + CONF + "TrustedCACertificates";
-
- /** an XPATH-Expression */
- protected static final String VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH = CONF + "DefaultTrustProfile";
- /** an XPATH-Expression */
- protected static final String VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH = CONF + "TrustProfileID";
- /** an XPATH-Expression */
- protected static final String VERIFY_INFOBOXES_INFOBOX_XPATH = CONF + "Infobox";
-
-
- /** STORK Config XPATH-Expression */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS =
- ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities/" + CONF + "STORK/" + CONF + "C-PEPS";
-
- /** STORK Config AttributeName */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_COUNTRY_CODE = "countryCode";
-
- /** STORK Config AttributeName */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_URL = "URL";
-
- /** STORK Config XPATH-Expression */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_CREATION_PARAMETER =
- ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities/" + CONF + "STORK/" + CONF + "SAMLSigningParameter/" +
- CONF + "SignatureCreationParameter" ;
-
- /** STORK Config XPATH-Expression */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_CPEPS_REQUESTED_ATTRIBUTES =
- STORK + "RequestedAttribute";
-
- /** STORK Config XPATH-Expression */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_VERIFICATION_PARAMETER =
- ROOT + CONF + "AuthComponent/" + CONF + "ForeignIdentities/" + CONF + "STORK/" + CONF + "SAMLSigningParameter/" +
- CONF + "SignatureVerificationParameter";
-
- /** STORK Config XPATH-Expression */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE =
- CONF + "KeyStore";
-
- /** STORK Config XPATH-Expression */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME =
- CONF + "KeyName";
-
- /** STORK Config XPATH-Expression */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE_PASSWORD =
- CONF + "KeyStore/@password";
-
- /** STORK Config XPATH-Expression */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME_PASSWORD =
- CONF + "KeyName/@password";
-
- /** STORK Config XPATH-Expression */
- public static final String AUTH_FOREIGN_IDENTITIES_STORK_TRUSTPROFILE_ID =
- CONF + "TrustProfileID";
-
- /** STORK Config XPATH-Expression */
- public static final String OA_AUTH_COMPONENT_STORK_QAA =
- CONF + "STORK/" + STORK + "QualityAuthenticationAssuranceLevel";
-
- /** STORK Config XPATH-Expression */
- public static final String OA_AUTH_COMPONENT_STORK_REQUESTED_ATTRIBUTE =
- CONF + "STORK/" + STORKP + "RequestedAttributes/" + STORK + "RequestedAttribute";
-
- /**
- * main configuration file directory name used to configure MOA-ID
- */
- protected String rootConfigFileDir_;
-
- /** The root element of the MOA-ID configuration */
- protected Element configElem_;
-
- /**
- * Creates a new <code>MOAConfigurationProvider</code>.
- *
- * @param configElem The root element of the MOA-ID configuration.
- */
- public ConfigurationBuilder(Element configElem, String rootConfigDir) {
- configElem_ = configElem;
- rootConfigFileDir_ = rootConfigDir;
- }
-
- /**
- * Returns the root element of the MOA-ID configuration.
- *
- * @return The root element of the MOA-ID configuration.
- */
- public Element getConfigElem() {
- return configElem_;
- }
-
- /**
- * Build a ConnectionParameter object containing all information
- * of the moa-sp element in the authentication component
- * @return ConnectionParameter of the authentication component moa-sp element
- */
- public ConnectionParameter buildAuthBKUConnectionParameter() {
-
- Element authBKU = (Element) XPathUtils.selectSingleNode(configElem_, AUTH_BKU_XPATH);
- if (authBKU==null) return null;
- return buildConnectionParameter(authBKU);
- }
-
- /**
- * Build a ConnectionParameter containing all information
- * of the foreignid element in the authentication component
- * @return ConnectionParameter of the authentication component foreignid element
- */
- public ConnectionParameter buildForeignIDConnectionParameter() {
- Element foreignid = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_FOREIGN_IDENTITIES_XPATH);
- if (foreignid==null) return null;
- return buildConnectionParameter(foreignid);
-
- }
-
- /**
- * Build a ConnectionParameter containing all information
- * of the OnlineMandates element in the authentication component
- * @return ConnectionParameter of the authentication component OnlineMandates element
- */
- public ConnectionParameter buildOnlineMandatesConnectionParameter() {
- Element onlinemandates = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_ONLINEMANDATES_XPATH);
- if (onlinemandates==null) return null;
- return buildConnectionParameter(onlinemandates);
-
- }
-
- /**
- * Method buildAuthBKUSelectionType.
- *
- * Build a string with the configuration value of BKUSelectionAlternative
- *
- * @return String
- */
- public String buildAuthBKUSelectionType() {
-
- Element authBKU = (Element) XPathUtils.selectSingleNode(configElem_, AUTH_BKU_XPATH);
- if (authBKU==null) return null;
- return (authBKU).getAttribute("BKUSelectionAlternative");
- }
-
- /**
- * Build a string array with all filenames leading
- * to the Transforms Information for the Security Layer
- * @param contextNode The node from which should be searched
- * @param xpathExpr The XPATH expression for the search
- * @return String[] of filenames to the Security Layer Transforms Information
- * or <code>null</code> if no transforms are included
- */
- public String[] buildTransformsInfoFileNames(Node contextNode, String xpathExpr) {
-
- List transformsInfoFileNames = new ArrayList();
-
- try {
- NodeIterator tiIter = XPathUtils.selectNodeIterator(contextNode, xpathExpr);
-
- Attr tiElem;
- while ((tiElem = (Attr) tiIter.nextNode()) != null) {
- String tiFileName = tiElem.getNodeValue();
- transformsInfoFileNames.add(tiFileName);
- }
-
- String[] result = new String[transformsInfoFileNames.size()];
- transformsInfoFileNames.toArray(result);
-
- return result;
- } catch (XPathException xpe) {
- return new String[0];
- }
- }
-
-
- /**
- * Loads the <code>transformsInfos</code> from files.
- * @throws Exception on any exception thrown
- */
- public String[] loadTransformsInfos(String[] transformsInfoFileNames) throws Exception {
-
- String[] transformsInfos;
-
- transformsInfos = new String[transformsInfoFileNames.length];
- for (int i = 0; i < transformsInfoFileNames.length; i++) {
-
- String fileURL = transformsInfoFileNames[i];
- try {
- // if fileURL is relative to rootConfigFileDir make it absolute
- fileURL = FileUtils.makeAbsoluteURL(fileURL, rootConfigFileDir_);
-
- String transformsInfo = FileUtils.readURL(fileURL, DEFAULT_ENCODING);
- transformsInfos[i] = transformsInfo;
-
- } catch (IOException e) {
- Logger.info("Transformation with URL " + fileURL + " can not be loaded");
- }
- }
-
- return transformsInfos;
- }
-
- /**
- * Build a ConnectionParameter bean containing all information
- * of the authentication component moa-sp element
- * @return ConnectionParameter of the authentication component moa-sp element
- */
- public ConnectionParameter buildMoaSpConnectionParameter() {
-
- Element connectionParameter = (Element) XPathUtils.selectSingleNode(configElem_, AUTH_MOA_SP_XPATH);
- if (connectionParameter==null) return null;
- return buildConnectionParameter(connectionParameter);
- }
-
- /**
- * Return a string with a url-reference to the VerifyIdentityLink trust
- * profile id within the moa-sp part of the authentication component
- * @return String with a url-reference to the VerifyIdentityLink trust profile ID
- */
- public String getMoaSpIdentityLinkTrustProfileID() {
- return XPathUtils.getElementValue(
- configElem_,
- AUTH_MOA_SP_VERIFY_IDENTITY_TRUST_ID_XPATH,
- "");
- }
- /**
- * Return a string representation of an URL pointing to trusted CA Certificates
- * @return String representation of an URL pointing to trusted CA Certificates
- */
- public String getTrustedCACertificates() {
- return XPathUtils.getElementValue(
- configElem_,
- TRUSTED_CA_CERTIFICATES_XPATH,null);
- }
-
- /**
- * Return a string with a url-reference to the VerifyAuthBlock trust
- * profile id within the moa-sp part of the authentication component
- * @return String with a url-reference to the VerifyAuthBlock trust profile ID
- */
- public String getMoaSpAuthBlockTrustProfileID() {
- return XPathUtils.getElementValue(
- configElem_,
- AUTH_MOA_SP_VERIFY_AUTH_TRUST_ID_XPATH,
- "");
- }
- /**
- * Build a string array with references to all verify transform info
- * IDs within the moa-sp part of the authentication component
- * @return A string array containing all urls to the
- * verify transform info IDs
- */
- public String[] buildMoaSpAuthBlockVerifyTransformsInfoIDs() {
-
- List verifyTransformsInfoIDs = new ArrayList();
- NodeIterator vtIter =
- XPathUtils.selectNodeIterator(
- configElem_,
- AUTH_MOA_SP_VERIFY_AUTH_VERIFY_ID_XPATH);
- Element vtElem;
-
- while ((vtElem = (Element) vtIter.nextNode()) != null) {
-
- String vtInfoIDs = DOMUtils.getText(vtElem);
- verifyTransformsInfoIDs.add(vtInfoIDs);
- }
- String[] result = new String[verifyTransformsInfoIDs.size()];
- verifyTransformsInfoIDs.toArray(result);
-
- return result;
- }
-
- public List getTrustedBKUs() {
-
- List trustedBKUs = new ArrayList();
-
- NodeIterator bkuIter = XPathUtils.selectNodeIterator(configElem_, TRUSTED_BKUS);
-
- Element vtElem;
-
- while ((vtElem = (Element) bkuIter.nextNode()) != null) {
- String bkuURL = DOMUtils.getText(vtElem);
- trustedBKUs.add(bkuURL);
- }
-
- return trustedBKUs;
-
- }
-
-public List getTrustedTemplateURLs() {
-
- List trustedTemplateURLs = new ArrayList();
-
- NodeIterator bkuIter = XPathUtils.selectNodeIterator(configElem_, TRUSTED_TEMPLATEURLS);
-
- Element vtElem;
-
- while ((vtElem = (Element) bkuIter.nextNode()) != null) {
- String bkuURL = DOMUtils.getText(vtElem);
- trustedTemplateURLs.add(bkuURL);
- }
-
- return trustedTemplateURLs;
-
- }
-
- /**
- * Returns a list containing all X509 Subject Names
- * of the Identity Link Signers
- * @return a list containing the configured identity-link signer X509 subject names
- */
- public List getIdentityLink_X509SubjectNames() {
-
- Vector x509SubjectNameList = new Vector();
- NodeIterator x509Iter =
- XPathUtils.selectNodeIterator(
- configElem_,
- AUTH_IDENTITY_LINK_X509SUBJECTNAME_XPATH);
- Element x509Elem;
-
- while ((x509Elem = (Element) x509Iter.nextNode()) != null) {
- String vtInfoIDs = DOMUtils.getText(x509Elem);
- x509SubjectNameList.add(vtInfoIDs);
- }
-
- // now add the default identity link signers
- String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID;
- for (int i=0; i<identityLinkSignersWithoutOID.length; i++) {
- String identityLinkSigner = identityLinkSignersWithoutOID[i];
- if (!x509SubjectNameList.contains(identityLinkSigner)) {
- x509SubjectNameList.add(identityLinkSigner);
- }
- }
-
- return x509SubjectNameList;
- }
-
- /**
- * Build an array of the OnlineApplication Parameters containing information
- * about the authentication component
- *
- * @param defaultVerifyInfoboxParameters Default parameters for verifying additional
- * infoboxes. Maybe <code>null</code>.
- * @param moaSpIdentityLinkTrustProfileID The ID of the trust profile used for validating
- * the identity link signer certificate. Needed for
- * checking if this ID is not used for validating other
- * infoboxes.
- *
- * @return An OAProxyParameter array containing beans
- * with all relevant information for the authentication component of the online
- * application
- */
- public OAAuthParameter[] buildOnlineApplicationAuthParameters(
- VerifyInfoboxParameters defaultVerifyInfoboxParameters, String moaSpIdentityLinkTrustProfileID)
- throws ConfigurationException
- {
-
- String bkuSelectionTemplateURL =
- XPathUtils.getAttributeValue(configElem_, AUTH_BKUSELECT_TEMPLATE_XPATH, null);
- String templateURL =
- XPathUtils.getAttributeValue(configElem_, AUTH_TEMPLATE_XPATH, null);
- String inputProcessorSignTemplateURL =
- XPathUtils.getAttributeValue(configElem_, INPUT_PROCESSOR_TEMPLATE_XPATH, null);
-
-
- List OA_set = new ArrayList();
- NodeList OAIter = XPathUtils.selectNodeList(configElem_, OA_XPATH);
-
- for (int i = 0; i < OAIter.getLength(); i++) {
- Element oAElem = (Element) OAIter.item(i);
- Element authComponent =
- (Element) XPathUtils.selectSingleNode(oAElem, OA_AUTH_COMPONENT_XPATH);
-
- OAAuthParameter oap = new OAAuthParameter();
- String publicURLPrefix = oAElem.getAttribute("publicURLPrefix");
- oap.setPublicURLPrefix(publicURLPrefix);
- oap.setKeyBoxIdentier(oAElem.getAttribute("keyBoxIdentifier"));
- oap.setFriendlyName(oAElem.getAttribute("friendlyName"));
- String targetConfig = oAElem.getAttribute("target");
- String targetFriendlyNameConfig = oAElem.getAttribute("targetFriendlyName");
-
- // get the type of the online application
- String oaType = oAElem.getAttribute("type");
- oap.setOaType(oaType);
- String slVersion = "1.1";
- if ("businessService".equalsIgnoreCase(oaType)) {
- if (authComponent==null) {
- Logger.error("Missing \"AuthComponent\" for OA of type \"businessService\"");
- throw new ConfigurationException("config.02", null);
- }
- Element identificationNumberElem =
- (Element) XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_IDENT_NUMBER_XPATH);
- if (identificationNumberElem==null) {
- Logger.error("Missing \"IdentificationNumber\" for OA of type \"businessService\"");
- throw new ConfigurationException("config.02", null);
- }
- Element identificationNumberChild = DOMUtils.getElementFromNodeList(identificationNumberElem.getChildNodes());
- if (identificationNumberChild == null) {
- Logger.error("Missing \"IdentificationNumber\" for OA of type \"businessService\"");
- throw new ConfigurationException("config.02", null);
- }
-
- if (!StringUtils.isEmpty(targetConfig)) {
- Logger.error("Target attribute can not be set for OA of type \"businessService\"");
- throw new ConfigurationException("config.02", null);
- }
- if (!StringUtils.isEmpty(targetFriendlyNameConfig)) {
- Logger.error("Target friendly name attribute can not be set for OA of type \"businessService\"");
- throw new ConfigurationException("config.02", null);
- }
-
-
- if ("false".equalsIgnoreCase(oAElem.getAttribute("calculateHPI"))) {
- oap.setIdentityLinkDomainIdentifier(buildIdentityLinkDomainIdentifier(identificationNumberChild));
- //BZ.., setting type of IdLinkDomainIdentifier
- oap.setIdentityLinkDomainIdentifierType(identificationNumberChild.getLocalName());
- //..BZ
- } else {
- // If we have business service and want to dealt with GDA, the security layer can be advised to calulate
- // the Health Professional Identifier HPI instead of the wbPK
- Logger.info("OA uses HPI for Identification");
- oap.setIdentityLinkDomainIdentifier(Constants.URN_PREFIX_HPI);
- }
-
- // if OA type is "businessSErvice" set slVersion to 1.2 and ignore parameter in config file
- Logger.info("OA type is \"businessService\"; setting Security Layer version to 1.2");
- slVersion = "1.2";
-
- } else {
-
- if (StringUtils.isEmpty(targetConfig) && !StringUtils.isEmpty(targetFriendlyNameConfig)) {
- Logger.error("Target friendly name attribute can not be set alone for OA of type \"businessService\"");
- throw new ConfigurationException("config.02", null);
- }
- oap.setTarget(targetConfig);
- oap.setTargetFriendlyName(targetFriendlyNameConfig);
-
- if (authComponent!=null) {
- slVersion = authComponent.getAttribute("slVersion");
- }
-
-
- }
- oap.setSlVersion(slVersion);
- //Check if there is an Auth-Block to read from configuration
-
- if (authComponent!=null)
- {
- oap.setProvideStammzahl(BoolUtils.valueOf(authComponent.getAttribute("provideStammzahl")));
- oap.setProvideAuthBlock(BoolUtils.valueOf(authComponent.getAttribute("provideAUTHBlock")));
- oap.setProvideIdentityLink(BoolUtils.valueOf(authComponent.getAttribute("provideIdentityLink")));
- oap.setProvideCertificate(BoolUtils.valueOf(authComponent.getAttribute("provideCertificate")));
- oap.setProvideFullMandatorData(BoolUtils.valueOf(authComponent.getAttribute("provideFullMandatorData")));
- oap.setUseUTC(BoolUtils.valueOf(authComponent.getAttribute("useUTC")));
- oap.setUseCondition(BoolUtils.valueOf(authComponent.getAttribute("useCondition")));
- oap.setConditionLength(buildConditionLength(authComponent.getAttribute("conditionLength")));
- oap.setBkuSelectionTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_BKUSELECT_TEMPLATE_XPATH, bkuSelectionTemplateURL));
- oap.setTemplateURL(buildTemplateURL(authComponent, OA_AUTH_COMPONENT_TEMPLATE_XPATH, templateURL));
-
-// System.out.println(publicURLPrefix);
-// System.out.println("useCondition: " + oap.getUseCondition());
-// System.out.println("conditionLength: " + oap.getConditionLength());
-
- oap.setInputProcessorSignTemplateURL(buildTemplateURL(authComponent, INPUT_PROCESSOR_TEMPLATE_XPATH, inputProcessorSignTemplateURL));
- // load OA specific transforms if present
- String[] transformsInfoFileNames = buildTransformsInfoFileNames(authComponent, OA_AUTH_COMPONENT_TRANSFORMS_INFO_FILENAME_XPATH);
- try {
- oap.setTransformsInfos(loadTransformsInfos(transformsInfoFileNames));
- } catch (Exception ex) {
- Logger.error("Error loading transforms specified for OA \"" + publicURLPrefix + "\"; using default transforms.");
- }
- Node verifyInfoboxParamtersNode = XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_VERIFY_INFOBOXES_XPATH);
- oap.setVerifyInfoboxParameters(buildVerifyInfoboxParameters(
- verifyInfoboxParamtersNode, defaultVerifyInfoboxParameters, moaSpIdentityLinkTrustProfileID));
-
- Node mandateProfilesNode = XPathUtils.selectSingleNode(authComponent, OA_AUTH_COMPONENT_MANDATES_PROFILES_XPATH);
- if (mandateProfilesNode != null) {
- if ("businessService".equalsIgnoreCase(oaType)) {
- Logger.error("No Online Mandate Modus for OA of type \"businessService\" allowed.");
- throw new ConfigurationException("config.02", null);
- }
- else {
- String profiles = DOMUtils.getText(mandateProfilesNode);
- oap.setMandateProfiles(profiles);
- }
- }
-
- //add STORK Configuration specific to OA (RequestedAttributes, QAALevel)
- //QualityAuthenticationAssuranceLevel qaaLevel = buildOaSTORKQAALevel(authComponent);
- //if (qaaLevel != null) {
- // oap.setQaaLevel(qaaLevel);
- // Logger.debug("Using non-MOA-default STORK QAALevel for this OA " + "(" + oap.getPublicURLPrefix() + "): " + qaaLevel.getValue());
- //}
-
- //RequestedAttributes additionalRequestedAttributes = buildOaSTORKRequestedAttributes(authComponent);
- //
- //if(!additionalRequestedAttributes.getRequestedAttributes().isEmpty()) {
- // //we have additional STORK attributes to request for this OA
- // Logger.debug("Using non-MOA-default STORK RequestedAttributes for this OA " + "(" + oap.getPublicURLPrefix() + "): ");
- // for (RequestedAttribute addReqAttr : additionalRequestedAttributes.getRequestedAttributes()) {
- // if (!SAMLUtil.containsAttribute(oap.getRequestedAttributes().getRequestedAttributes(),addReqAttr.getName())) {
- /// addReqAttr.detach();
- // oap.getRequestedAttributes().getRequestedAttributes().add(addReqAttr);
- // Logger.debug("Requesting additional attribute: " + addReqAttr.getName() + ", isRequired: " + addReqAttr.isRequired());
- // }
- // }
-
- //} else {
- // //do nothing, only request default attributes
- //}
-
-
- }
- OA_set.add(oap);
- }
- OAAuthParameter[] result =
- new OAAuthParameter[OA_set.size()];
- OA_set.toArray(result);
-
- return result;
-
- }
-
- /**
- * Returns the condition length as int
- * @param length the condition length as int
- * @return
- */
- private int buildConditionLength(String length) {
-
- if (StringUtils.isEmpty(length))
- return -1;
- else
- return new Integer(length).intValue();
- }
-
- /**
- * Builds the URL for a BKUSelectionTemplate or a Template. The method selects
- * the uri string from the MOA ID configuration file via the given xpath expression
- * and returns either this string or the default value.
- *
- * @param oaAuthComponent The AuthComponent element to get the template from.
- * @param xpathExpr The xpath expression for selecting the template uri.
- * @param defaultURL The default template url.
- * @return The template url. This may either the via xpath selected uri
- * or, if no template is specified within the online appliacation,
- * the default url. Both may be <code>null</code>.
- */
- protected String buildTemplateURL(Element oaAuthComponent, String xpathExpr, String defaultURL) {
- String templateURL = XPathUtils.getAttributeValue(oaAuthComponent, xpathExpr, defaultURL);
- if (templateURL != null) {
- templateURL = FileUtils.makeAbsoluteURL(templateURL, rootConfigFileDir_);
- }
- return templateURL;
- }
-
-
-
-
-
-
- /**
- * Method buildConnectionParameter: internal Method for creating a
- * ConnectionParameter object with all data found in the incoming element
- * @param root This Element contains the ConnectionParameter
- * @return ConnectionParameter
- */
- protected ConnectionParameter buildConnectionParameter(Element root)
- {
- ConnectionParameter result = new ConnectionParameter();
- result.setAcceptedServerCertificates(
- XPathUtils.getElementValue(root,CONNECTION_PARAMETER_ACCEPTED_CERTS_XPATH,null));
-
- result.setAcceptedServerCertificates(FileUtils.makeAbsoluteURL(
- result.getAcceptedServerCertificates(), rootConfigFileDir_));
-
- result.setUrl(
- XPathUtils.getAttributeValue(root, CONNECTION_PARAMETER_URL_XPATH, ""));
- result.setClientKeyStore(
- XPathUtils.getElementValue(root,CONNECTION_PARAMETERN_KEYSTORE_XPATH,null));
-
- result.setClientKeyStore(FileUtils.makeAbsoluteURL(
- result.getClientKeyStore(), rootConfigFileDir_));
-
- result.setClientKeyStorePassword(
- XPathUtils.getAttributeValue(root,CONNECTION_PARAMETER_KEYSTORE_PASS_XPATH,""));
-
- if ((result.getAcceptedServerCertificates()==null)
- && (result.getUrl()=="")
- && (result.getClientKeyStore()==null)
- && (result.getClientKeyStorePassword()==""))
- return null;
-
- return result;
- }
-
-
- /**
- * Build the mapping of generic configuration properties.
- *
- * @return a {@link Map} of generic configuration properties (a name to value
- * mapping) from the configuration.
- */
- public Map buildGenericConfiguration() {
-
- Map genericConfiguration = new HashMap();
- NodeIterator gcIter =
- XPathUtils.selectNodeIterator(
- configElem_,
- GENERIC_CONFIGURATION_XPATH);
- Element gcElem;
-
- while ((gcElem = (Element) gcIter.nextNode()) != null) {
- String gcName = gcElem.getAttribute("name");
- String gcValue = gcElem.getAttribute("value");
-
- genericConfiguration.put(gcName, gcValue);
- }
-
- return genericConfiguration;
- }
-
-
- /**
- * Returns the default chaining mode from the configuration.
- *
- * @return The default chaining mode.
- */
- public String getDefaultChainingMode() {
- String defaultChaining =
- XPathUtils.getAttributeValue(
- configElem_,
- CHAINING_MODES_DEFAULT_XPATH,
- CM_CHAINING);
-
- return translateChainingMode(defaultChaining);
-
- }
- /**
- * Build the chaining modes for all configured trust anchors.
- *
- * @return The mapping from trust anchors to chaining modes.
- */
- public Map buildChainingModes() {
- Map chainingModes = new HashMap();
- NodeIterator trustIter =
- XPathUtils.selectNodeIterator(configElem_, TRUST_ANCHOR_XPATH);
- Element trustAnchorElem;
-
- while ((trustAnchorElem = (Element) trustIter.nextNode()) != null) {
- IssuerAndSerial issuerAndSerial = buildIssuerAndSerial(trustAnchorElem);
- String mode = trustAnchorElem.getAttribute("mode");
-
- if (issuerAndSerial != null) {
- chainingModes.put(issuerAndSerial, translateChainingMode(mode));
- }
- }
-
- return chainingModes;
- }
-
- /**
- * Build an <code>IssuerAndSerial</code> from the DOM representation.
- *
- * @param root The root element (being of type <code>dsig:
- * X509IssuerSerialType</code>.
- * @return The issuer and serial number contained in the <code>root</code>
- * element or <code>null</code> if could not be built for any reason.
- */
- protected IssuerAndSerial buildIssuerAndSerial(Element root) {
- String issuer = XPathUtils.getElementValue(root, ISSUER_XPATH, null);
- String serial = XPathUtils.getElementValue(root, SERIAL_XPATH, null);
-
- if (issuer != null && serial != null) {
- try {
- RFC2253NameParser nameParser = new RFC2253NameParser(issuer);
- Principal issuerDN = nameParser.parse();
-
- return new IssuerAndSerial(issuerDN, new BigInteger(serial));
- } catch (RFC2253NameParserException e) {
- warn("config.09", new Object[] { issuer, serial }, e);
- return null;
- } catch (NumberFormatException e) {
- warn("config.09", new Object[] { issuer, serial }, e);
- return null;
- }
- }
- return null;
- }
-
- /**
- * Translate the chaining mode from the configuration file to one used in the
- * IAIK MOA API.
- *
- * @param chainingMode The chaining mode from the configuration.
- * @return The chaining mode as provided by the <code>ChainingModes</code>
- * interface.
- * @see iaik.pki.pathvalidation.ChainingModes
- */
- protected String translateChainingMode(String chainingMode) {
- if (chainingMode.equals(CM_CHAINING)) {
- return ChainingModes.CHAIN_MODE;
- } else if (chainingMode.equals(CM_PKIX)) {
- return ChainingModes.PKIX_MODE;
- } else {
- return ChainingModes.CHAIN_MODE;
- }
- }
-
- /**
- * Builds the IdentityLinkDomainIdentifier as needed for providing it to the
- * SecurityLayer for computation of the wbPK.
- * <p>e.g.:<br>
- * input element:
- * <br>
- * <code>&lt;pr:Firmenbuchnummer Identifier="FN"&gt;000468 i&lt;/pr:Firmenbuchnummer&gt;</code>
- * <p>
- * return value: <code>urn:publicid:gv.at+wbpk+FN468i</code>
- *
- * @param number The element holding the identification number of the business
- * company.
- * @return The domain identifier
- */
- protected String buildIdentityLinkDomainIdentifier(Element number) {
- if (number == null) {
- return null;
- }
- String identificationNumber = number.getFirstChild().getNodeValue();
- String identifier = number.getAttribute("Identifier");
- // remove all blanks
- identificationNumber = StringUtils.removeBlanks(identificationNumber);
- if (number.getLocalName().equals("Firmenbuchnummer") || identifier.equalsIgnoreCase("fn") || identifier.equalsIgnoreCase("xfn")) {
- // delete zeros from the beginning of the number
- identificationNumber = StringUtils.deleteLeadingZeros(identificationNumber);
- // remove hyphens
- identificationNumber = StringUtils.removeToken(identificationNumber, "-");
- }
- StringBuffer identityLinkDomainIdentifier = new StringBuffer(Constants.URN_PREFIX_WBPK);
- identityLinkDomainIdentifier.append("+");
- if (!identificationNumber.startsWith(identifier)) {
- identityLinkDomainIdentifier.append(identifier);
- }
- identityLinkDomainIdentifier.append("+");
- identityLinkDomainIdentifier.append(identificationNumber);
- return identityLinkDomainIdentifier.toString();
- }
-
- /**
- * Builds the parameters for verifying additional infoboxes (additional to the
- * IdentityLink infobox).
- *
- * @param verifyInfoboxesElem The <code>VerifyInfoboxes</code> element from the
- * config file. This maybe the global element or the
- * elment from an Online application.
- * @param defaultVerifyInfoboxParameters Default parameters to be used, if no
- * <code>VerifyInfoboxes</code> element is present.
- * This only applies to parameters
- * of an specific online application and is set to
- * <code>null</code> when building the global parameters.
- * @param moaSpIdentityLinkTrustProfileID The ID of the trust profile used for validating
- * the identity link signer certificate. Needed for
- * checking if this ID is not used for validating other
- * infoboxes.
- *
- * @return A {@link at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters VerifyInfoboxParameters}
- * object needed for verifying additional infoboxes.
- *
- * @throws ConfigurationException If the trust profile for validating the identity link
- * signer certificate is used for validating another infobox.
- */
- public VerifyInfoboxParameters buildVerifyInfoboxParameters(
- Node verifyInfoboxesElem,
- VerifyInfoboxParameters defaultVerifyInfoboxParameters,
- String moaSpIdentityLinkTrustProfileID)
- throws ConfigurationException
- {
-
- if ((verifyInfoboxesElem == null) && (defaultVerifyInfoboxParameters == null)) {
- return null;
- }
- Vector identifiers = new Vector();
- List defaultIdentifiers = null;
- Map defaultInfoboxParameters = null;
- if (defaultVerifyInfoboxParameters != null) {
- defaultIdentifiers = defaultVerifyInfoboxParameters.getIdentifiers();
- defaultInfoboxParameters = defaultVerifyInfoboxParameters.getInfoboxParameters();
- }
- Hashtable infoboxParameters = new Hashtable();
- if (verifyInfoboxesElem != null) {
- // get the DefaultTrustProfileID
- String defaultTrustProfileID = null;
- Node defaultTrustProfileNode =
- XPathUtils.selectSingleNode(verifyInfoboxesElem, VERIFY_INFOBOXES_DEFAULT_TRUST_PROFILE_XPATH);
- if (defaultTrustProfileNode != null) {
- Node trustProfileIDNode =
- XPathUtils.selectSingleNode(defaultTrustProfileNode, VERIFY_INFOBOXES_TRUST_PROFILE_ID_XPATH);
- defaultTrustProfileID = trustProfileIDNode.getFirstChild().getNodeValue();
- if (defaultTrustProfileID.equals(moaSpIdentityLinkTrustProfileID)) {
- throw new ConfigurationException("config.15", new Object[] {moaSpIdentityLinkTrustProfileID});
- }
- }
- // get the Infoboxes
- NodeList infoboxes =
- XPathUtils.selectNodeList(verifyInfoboxesElem, VERIFY_INFOBOXES_INFOBOX_XPATH);
- for (int i=0; i<infoboxes.getLength(); i++) {
- Element infoBoxElem = (Element)infoboxes.item(i);
- // get the identifier of the infobox
- String identifier = infoBoxElem.getAttribute("Identifier");
- identifiers.add(identifier);
- VerifyInfoboxParameter verifyInfoboxParameter = new VerifyInfoboxParameter(identifier);
- verifyInfoboxParameter.setFriendlyName(identifier);
- // get the attributes
- // (1) required: override global value in any case
- verifyInfoboxParameter.setRequired(BoolUtils.valueOf(
- infoBoxElem.getAttribute("required")));
- // (2) provideStammzahl: override global value in any case
- verifyInfoboxParameter.setProvideStammzahl(BoolUtils.valueOf(
- infoBoxElem.getAttribute("provideStammzahl")));
- // (3) proviedIdentityLink: override global value in any case
- verifyInfoboxParameter.setProvideIdentityLink(BoolUtils.valueOf(
- infoBoxElem.getAttribute("provideIdentityLink")));
- // set default trustprofileID
- if (defaultTrustProfileID != null) {
- verifyInfoboxParameter.setTrustProfileID(defaultTrustProfileID);
- }
- // get the parameter elements
- boolean localValidatorClass = false;
- boolean localFriendlyName = false;
- List params = DOMUtils.getChildElements(infoBoxElem);
- Iterator it = params.iterator();
- while (it.hasNext()) {
- Element paramElem = (Element)it.next();
- String paramName = paramElem.getLocalName();
- if (paramName.equals("FriendlyName")) {
- verifyInfoboxParameter.setFriendlyName(paramElem.getFirstChild().getNodeValue());
- localFriendlyName = true;
- } else if (paramName.equals("TrustProfileID")) {
- String trustProfileID = paramElem.getFirstChild().getNodeValue();
- if (trustProfileID != null) {
- if (trustProfileID.equals(moaSpIdentityLinkTrustProfileID)) {
- throw new ConfigurationException("config.15", new Object[] {moaSpIdentityLinkTrustProfileID});
- }
- verifyInfoboxParameter.setTrustProfileID(trustProfileID);
- }
- } else if (paramName.equals("ValidatorClass")) {
- String validatorClassName = paramElem.getFirstChild().getNodeValue();
- if (validatorClassName != null) {
- verifyInfoboxParameter.setValidatorClassName(validatorClassName);
- localValidatorClass = true;
- }
- } else if (paramName.equals("SchemaLocations")) {
- List schemaElems = DOMUtils.getChildElements(paramElem);
- List schemaLocations = new Vector(schemaElems.size());
- Iterator schemaIterator = schemaElems.iterator();
- while (schemaIterator.hasNext()) {
- Element schemaElem = (Element)schemaIterator.next();
- String namespace = schemaElem.getAttribute("namespace");
- String schemaLocation = schemaElem.getAttribute("schemaLocation");
- // avoid adding the same schema twice
- Iterator schemaLocationIterator = schemaLocations.iterator();
- boolean add = true;
- while (schemaLocationIterator.hasNext()) {
- String existingNamespace = ((Schema)schemaLocationIterator.next()).getNamespace();
- if (namespace.equals(existingNamespace)) {
- Logger.warn("Multiple schemas specified for namespace \"" + namespace +
- "\"; only using the first one.");
- add = false;
- break;
- }
- }
- if (add) {
- schemaLocations.add(new SchemaImpl(namespace, schemaLocation));
- }
- }
- verifyInfoboxParameter.setSchemaLocations(schemaLocations);
- } else if (paramName.equals("ApplicationSpecificParameters")) {
- verifyInfoboxParameter.setApplicationSpecificParams(paramElem);
- } else if (paramName.equals("ParepSpecificParameters")) {
- verifyInfoboxParameter.appendParepSpecificParams(paramElem);
- }
- }
- // use default values for those parameters not yet set by local configuration
- if (defaultInfoboxParameters != null) {
- Object defaultVerifyIP = defaultInfoboxParameters.get(identifier);
- if (defaultVerifyIP != null) {
- VerifyInfoboxParameter defaultVerifyInfoboxParameter =
- (VerifyInfoboxParameter)defaultVerifyIP;
- // if no friendly is set, use default
- if (!localFriendlyName) {
- verifyInfoboxParameter.setFriendlyName(
- defaultVerifyInfoboxParameter.getFriendlyName());
- }
- // if no TrustProfileID is set, use default, if available
- if (verifyInfoboxParameter.getTrustProfileID() == null) {
- verifyInfoboxParameter.setTrustProfileID(
- defaultVerifyInfoboxParameter.getTrustProfileID());
- }
- // if no local validator class is set, use default
- if (!localValidatorClass) {
- verifyInfoboxParameter.setValidatorClassName(
- defaultVerifyInfoboxParameter.getValidatorClassName());
- }
- // if no schema locations set, use default
- if (verifyInfoboxParameter.getSchemaLocations() == null) {
- verifyInfoboxParameter.setSchemaLocations(
- defaultVerifyInfoboxParameter.getSchemaLocations());
- }
- // if no application specific parameters set, use default
- if (verifyInfoboxParameter.getApplicationSpecificParams() == null) {
- verifyInfoboxParameter.setApplicationSpecificParams(
- defaultVerifyInfoboxParameter.getApplicationSpecificParams());
- }
- }
- }
- infoboxParameters.put(identifier, verifyInfoboxParameter);
- }
- // add the infobox identifiers not present within the local configuration to the
- // identifier list
- if (defaultIdentifiers != null) {
- Iterator identifierIterator = defaultIdentifiers.iterator();
- while (identifierIterator.hasNext()) {
- String defaultIdentifier = (String)identifierIterator.next();
- if (!identifiers.contains(defaultIdentifier)) {
- identifiers.add(defaultIdentifier);
- }
- }
- }
- return new VerifyInfoboxParameters(identifiers, infoboxParameters);
- } else {
- return new VerifyInfoboxParameters(defaultIdentifiers, infoboxParameters);
- }
- }
-
- /**
- * Creates a SignatureCreationParameter object from the MOA-ID configuration
- * This configuration object contains KeyStore and Key data for signature creation (STORK SAML Signature Creation).
- *
- * @return KeyStore and Key data for signature creation (STORK SAML Signature Creation)
- */
- public SignatureCreationParameter buildSTORKSignatureCreationParameter() {
-
- Logger.debug("Loading STORK signature creation parameters.");
-
- Element signatureCreationParameterElement = (Element)XPathUtils.selectSingleNode(configElem_, AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_CREATION_PARAMETER);
- if (signatureCreationParameterElement == null) {
- Logger.debug("No STORK signature parameters found, " + AUTH_FOREIGN_IDENTITIES_STORK_SIGNATURE_CREATION_PARAMETER + "is missing.");
- return null;
- }
-
- SignatureCreationParameter signatureCreationParameter = new SignatureCreationParameter();
-
- Element keyStoreElement = (Element)XPathUtils.selectSingleNode(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE);
- if (keyStoreElement==null) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE + "is missing.");
- return null;
- }
-
- Element keyNameElement = (Element)XPathUtils.selectSingleNode(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME);
- if (keyNameElement==null) {
- Logger.error(AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME + "is missing.");
- return null;
- }
-
- String keyStorePath = DOMUtils.getText(keyStoreElement);
- if (StringUtils.isEmpty(keyStorePath)) {
- Logger.error("No KeyStorePath for STORK SAML Signing Certificate provided!");
- return null;
- }
- signatureCreationParameter.setKeyStorePath(FileUtils.makeAbsoluteURL(keyStorePath, rootConfigFileDir_));
- Logger.trace("Found KeyStorePath for STORK SAML Signing Certificate: " + keyStorePath);
-
- String keyStorePassword = XPathUtils.getAttributeValue(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE_PASSWORD, "");
- signatureCreationParameter.setKeyStorePassword(keyStorePassword);
-
- String keyName = DOMUtils.getText(keyNameElement);
- if (StringUtils.isEmpty(keyName)) {
- Logger.warn(AUTH_FOREIGN_IDENTITIES_STORK_KEYSTORE_PASSWORD + "is missing.");
- return null;
- }
- signatureCreationParameter.setKeyName(keyName);
- Logger.trace("Found KeyName for STORK SAML Signing Certificate: " + keyName);
-
- String keyPassword = XPathUtils.getAttributeValue(signatureCreationParameterElement, AUTH_FOREIGN_IDENTITIES_STORK_KEYNAME_PASSWORD, "");
- signatureCreationParameter.setKeyPassword(keyPassword);
-
- Logger.info("STORK signature creation parameters loaded.");
-
- return signatureCreationParameter;
-
- }
-
- /**
- * Method warn.
- * @param messageId to identify a country-specific message
- * @param parameters for the logger
- */
- //
- // various utility methods
- //
-
- protected static void warn(String messageId, Object[] parameters) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters));
- }
-
- /**
- * Method warn.
- * @param messageId to identify a country-specific message
- * @param args for the logger
- * @param t as throwabl
- */
- protected static void warn(String messageId, Object[] args, Throwable t) {
- Logger.warn(MOAIDMessageProvider.getInstance().getMessage(messageId, args), t);
- }
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConnectionParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConnectionParameter.java
deleted file mode 100644
index ab1cd6c2e..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/ConnectionParameter.java
+++ /dev/null
@@ -1,154 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.config.legacy;
-
-import at.gv.egovernment.moa.id.config.ConnectionParameterInterface;
-
-/**
- * This bean class is used to store data for various connectionParameter
- * within the MOA-ID configuration
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-public class ConnectionParameter implements ConnectionParameterInterface{
-
- /**
- * Server URL
- */
- private String url;
- /**
- * File URL for a directory containing PKCS#12 server SSL certificates.
- * From these certificates, a X509 trust store will be assembled for use
- * by a JSSE <code>TrustManager</code>.
- * This field will only be used in case of an HTTPS URL.
- */
- private String acceptedServerCertificates;
- /**
- * File URL of a X509 key store containing the private key to be used
- * for an HTTPS connection when the server requires client authentication.
- * This field will only be used in case of an HTTPS URL.
- */
- private String clientKeyStore;
- /**
- * Password protecting the client key store.
- */
- private String clientKeyStorePassword;
-
- /**
- * Checks whether the URL scheme is <code>"https"</code>.
- * @return true in case of an URL starting with <code>"https"</code>
- */
- public boolean isHTTPSURL() {
- return getUrl().indexOf("https") == 0;
- }
-
- /**
- * Returns the url.
- * @return String
- */
- public String getUrl() {
- return url;
- }
-
- /**
- * Returns the acceptedServerCertificates.
- * @return String
- */
- public String getAcceptedServerCertificates() {
- return acceptedServerCertificates;
- }
-
- /**
- * Sets the acceptedServerCertificates.
- * @param acceptedServerCertificates The acceptedServerCertificates to set
- */
- public void setAcceptedServerCertificates(String acceptedServerCertificates) {
- this.acceptedServerCertificates = acceptedServerCertificates;
- }
-
- /**
- * Sets the url.
- * @param url The url to set
- */
- public void setUrl(String url) {
- this.url = url;
- }
-
- /**
- * Returns the clientKeyStore.
- * @return String
- */
- public String getClientKeyStore() {
- return clientKeyStore;
- }
-
- /**
- * Returns the clientKeyStorePassword.
- * @return String
- */
- public String getClientKeyStorePassword() {
- return clientKeyStorePassword;
- }
-
- /**
- * Sets the clientKeyStore.
- * @param clientKeyStore The clientKeyStore to set
- */
- public void setClientKeyStore(String clientKeyStore) {
- this.clientKeyStore = clientKeyStore;
- }
-
- /**
- * Sets the clientKeyStorePassword.
- * @param clientKeyStorePassword The clientKeyStorePassword to set
- */
- public void setClientKeyStorePassword(String clientKeyStorePassword) {
- this.clientKeyStorePassword = clientKeyStorePassword;
- }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
deleted file mode 100644
index 6bdbd38d8..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAAuthParameter.java
+++ /dev/null
@@ -1,464 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.config.legacy;
-
-/**
- * Configuration parameters belonging to an online application,
- * to use with the MOA ID Auth component.
- *
- * @author Stefan Knirsch
- * @version $Id$
- */
-/**
- *
- *
- * @author Harald Bratko
- */
-public class OAAuthParameter extends OAParameter {
- /**
- * Sercurity Layer version
- */
- private String slVersion;
- /**
- * true, if the Security Layer version is version 1.2, otherwise false
- */
- private boolean slVersion12;
- /**
- * identityLinkDomainIdentifier
- * (e.g <code>urn:publicid:gv.at+wbpk+FN468i</code> for a "Firmenbuchnummer")
- * <br>
- * only used within a business application context for providing it to the
- * security layer as input for wbPK computation
- */
- private String identityLinkDomainIdentifier;
- /**
- * key box Identifier (e.g. CertifiedKeypair, SecureSignatureKeypair)
- */
- private String keyBoxIdentifier;
- /**
- * transformations for rendering in the secure viewer of the security layer
- * implementation; multiple transformation can be given for different mime types
- */
- private String[] transformsInfos;
- /**
- * determines whether "Stammzahl" is to be included in the authentication data
- */
- private boolean provideStammzahl;
- /**
- * determines whether AUTH block is to be included in the authentication data
- */
- private boolean provideAuthBlock;
- /**
- * determines whether identity link is to be included in the authentication data
- */
- private boolean provideIdentityLink;
- /**
- * determines whether the certificate is to be included in the authentication data
- */
- private boolean provideCertificate;
- /**
- * determines whether the full mandator data (i.e. the mandate) is to be included in the authentication data
- */
- private boolean provideFullMandatorData;
-
- /** determines wheter the IssueInstant of the SAML assertion is in UTC or not*/
- private boolean useUTC;
-
- /** determines wheter a saml:Condition is added to the SAML assertion or not */
- private boolean useCondition;
-
- /** determines the validity time of the SAML assertion (if useCondition is true) in seconds */
- private int conditionLength;
- /**
- * url to a template for web page "Auswahl der B&uuml;rgerkartenumgebung"
- */
- private String bkuSelectionTemplateURL;
- /**
- * template for web page "Anmeldung mit B&uuml;rgerkarte"
- */
- private String templateURL;
-
- /**
- * template for web page "Signatur der Anmeldedaten"
- */
- private String inputProcessorSignTemplateURL;
- /**
- * Parameters for verifying infoboxes.
- */
- private VerifyInfoboxParameters verifyInfoboxParameters;
-
- /**
- * Parameter for Mandate profiles
- */
- private String mandateProfiles;
-
- /**
- *
- * Type for authentication number (e.g. Firmenbuchnummer)
- */
- private String identityLinkDomainIdentifierType;
-
-/**
- * Returns <code>true</code> if the Security Layer version is version 1.2,
- * otherwise <code>false</code>.
- * @return <code>true</code> if the Security Layer version is version 1.2,
- * otherwise <code>false</code>
- */
- public boolean getSlVersion12() {
- return slVersion12;
- }
-
- /**
- * Returns the security layer version.
- * @return the security layer version.
- */
- public String getSlVersion() {
- return slVersion;
- }
-
- /**
- * Returns the identityLinkDomainIdentifier.
- * @return the identityLinkDomainIdentifier.
- */
- public String getIdentityLinkDomainIdentifier() {
- return identityLinkDomainIdentifier;
- }
-
- /**
- * Returns the transformsInfos.
- * @return the transformsInfos.
- */
- public String[] getTransformsInfos() {
- return transformsInfos;
- }
-
- /**
- * Returns the provideAuthBlock.
- * @return String
- */
- public boolean getProvideAuthBlock() {
- return provideAuthBlock;
- }
-
- /**
- * Returns the provideIdentityLink.
- * @return String
- */
- public boolean getProvideIdentityLink() {
- return provideIdentityLink;
- }
-
- /**
- * Returns the provideStammzahl.
- * @return String
- */
- public boolean getProvideStammzahl() {
- return provideStammzahl;
- }
-
- /**
- * Returns <code>true</code> if the certificate should be provided within the
- * authentication data, otherwise <code>false</code>.
- * @return <code>true</code> if the certificate should be provided,
- * otherwise <code>false</code>
- */
- public boolean getProvideCertifcate() {
- return provideCertificate;
- }
-
- /**
- * Returns <code>true</code> if the full mandator data should be provided within the
- * authentication data, otherwise <code>false</code>.
- * @return <code>true</code> if the full mandator data should be provided,
- * otherwise <code>false</code>
- */
- public boolean getProvideFullMandatorData() {
- return provideFullMandatorData;
- }
-
- /**
- * Returns <code>true</code> if the IssueInstant should be given in UTC, otherwise <code>false</code>.
- * @return <code>true</code> if the IssueInstant should be given in UTC, otherwise <code>false</code>.
- */
- public boolean getUseUTC() {
- return useUTC;
- }
-
- /**
- * Returns <code>true</code> if the SAML assertion should contain a saml:Condition, otherwise <code>false</code>.
- * @return <code>true</code> if the SAML assertion should contain a saml:Condition, otherwise <code>false</code>.
- */
- public boolean getUseCondition() {
- return useCondition;
- }
-
- /**
- * Returns the validity time of the SAML assertion (if useCondition is true) in seconds
- * @return the validity time of the SAML assertion (if useCondition is true) in seconds
- */
- public int getConditionLength() {
- return conditionLength;
- }
-
-
-/**
- * Returns the key box identifier.
- * @return String
- */
- public String getKeyBoxIdentifier() {
- return keyBoxIdentifier;
- }
-
- /**
- * Returns the BkuSelectionTemplate url.
- * @return The BkuSelectionTemplate url or <code>null</code> if no url for
- * a BkuSelectionTemplate is set.
- */
- public String getBkuSelectionTemplateURL() {
- return bkuSelectionTemplateURL;
- }
-
- /**
- * Returns the TemplateURL url.
- * @return The TemplateURL url or <code>null</code> if no url for
- * a Template is set.
- */
- public String getTemplateURL() {
- return templateURL;
- }
-
-
- /**
- * Returns the inputProcessorSignTemplateURL url.
- * @return The inputProcessorSignTemplateURL url or <code>null</code> if no url for
- * a input processor sign template is set.
- */
- public String getInputProcessorSignTemplateURL() {
- return inputProcessorSignTemplateURL;
- }
-
- /**
- * Returns the parameters for verifying additional infoboxes.
- *
- * @return The parameters for verifying additional infoboxes.
- * Maybe <code>null</code>.
- */
- public VerifyInfoboxParameters getVerifyInfoboxParameters() {
- return verifyInfoboxParameters;
- }
-
- /**
- * Sets the security layer version.
- * Also sets <code>slVersion12</code> ({@link #getSlVersion12()})
- * to <code>true</code> if the Security Layer version is 1.2.
- * @param slVersion The security layer version to be used.
- */
- public void setSlVersion(String slVersion) {
- this.slVersion = slVersion;
- if ("1.2".equals(slVersion)) {
- this.slVersion12 = true;
- }
- }
- /**
- * Sets the IdentityLinkDomainIdentifier.
- * @param identityLinkDomainIdentifier The IdentityLinkDomainIdentifiern number of the online application.
- */
- public void setIdentityLinkDomainIdentifier(String identityLinkDomainIdentifier) {
- this.identityLinkDomainIdentifier = identityLinkDomainIdentifier;
- }
- /**
- * Sets the transformsInfos.
- * @param transformsInfos The transformsInfos to be used.
- */
- public void setTransformsInfos(String[] transformsInfos) {
- this.transformsInfos = transformsInfos;
- }
-
-
-/**
- * Sets the provideAuthBlock.
- * @param provideAuthBlock The provideAuthBlock to set
- */
- public void setProvideAuthBlock(boolean provideAuthBlock) {
- this.provideAuthBlock = provideAuthBlock;
- }
-
- /**
- * Sets the provideIdentityLink.
- * @param provideIdentityLink The provideIdentityLink to set
- */
- public void setProvideIdentityLink(boolean provideIdentityLink) {
- this.provideIdentityLink = provideIdentityLink;
- }
-
- /**
- * Sets the provideStammzahl.
- * @param provideStammzahl The provideStammzahl to set
- */
- public void setProvideStammzahl(boolean provideStammzahl) {
- this.provideStammzahl = provideStammzahl;
- }
-
- /**
- * Sets the provideCertificate variable.
- * @param provideCertificate The provideCertificate value to set
- */
- public void setProvideCertificate(boolean provideCertificate) {
- this.provideCertificate = provideCertificate;
- }
-
- /**
- * Sets the provideFullMandatorData variable.
- * @param provideFullMandatorData The provideFullMandatorData value to set
- */
- public void setProvideFullMandatorData(boolean provideFullMandatorData) {
- this.provideFullMandatorData = provideFullMandatorData;
- }
-
- /**
- * Sets the useUTC variable.
- * @param useUTC The useUTC value to set
- */
- public void setUseUTC(boolean useUTC) {
- this.useUTC = useUTC;
- }
-
- /**
- * Sets the useCondition variable
- * @param useCondition The useCondition value to set
- */
- public void setUseCondition(boolean useCondition) {
- this.useCondition = useCondition;
- }
-
- /**
- * Sets the conditionLength variable
- * @param conditionLength the conditionLength value to set
- */
- public void setConditionLength(int conditionLength) {
- this.conditionLength = conditionLength;
- }
-
-
- /**
- * Sets the key box identifier.
- * @param keyBoxIdentifier to set
- */
- public void setKeyBoxIdentier(String keyBoxIdentifier) {
- this.keyBoxIdentifier = keyBoxIdentifier;
- }
-
- /**
- * Sets the BkuSelectionTemplate url.
- * @param bkuSelectionTemplateURL The url string specifying the location
- * of a BkuSelectionTemplate.
- */
- public void setBkuSelectionTemplateURL(String bkuSelectionTemplateURL) {
- this.bkuSelectionTemplateURL = bkuSelectionTemplateURL;
- }
-
- /**
- * Sets the Template url.
- * @param templateURL The url string specifying the location
- * of a Template.
- */
- public void setTemplateURL(String templateURL) {
- this.templateURL = templateURL;
- }
-
- /**
- * Sets the input processor sign form template url.
- *
- * @param inputProcessorSignTemplateURL The url string specifying the
- * location of the input processor sign form
- */
- public void setInputProcessorSignTemplateURL(String inputProcessorSignTemplateURL) {
- this.inputProcessorSignTemplateURL = inputProcessorSignTemplateURL;
- }
-
- /**
- * Sets the parameters for verifying additonal (to the identitylink infobox) infoboxes.
- *
- * @param verifyInfoboxParameters The verifyInfoboxParameters to set.
- */
- public void setVerifyInfoboxParameters(VerifyInfoboxParameters verifyInfoboxParameters) {
- this.verifyInfoboxParameters = verifyInfoboxParameters;
- }
-
- /**
- * Gets the IdentityLinkDomainIdentifier (e.g. Firmenbuchnummer)
- * @return IdentityLinkDomainIdentifier (e.g. Firmenbuchnummer)
- */
- public String getIdentityLinkDomainIdentifierType() {
- return identityLinkDomainIdentifierType;
- }
-
- /**
- * Sets the IdentityLinkDomainIdentifier (e.g. Firmenbuchnummer)
- * @param identityLinkDomainIdentifierType The IdentityLinkDomainIdentifier to set (e.g. Firmenbuchnummer)
- */
- public void setIdentityLinkDomainIdentifierType(String identityLinkDomainIdentifierType) {
- this.identityLinkDomainIdentifierType = identityLinkDomainIdentifierType;
- }
-
- /**
- * Sets the Mandate/Profiles
- * @param profiles
- */
- public void setMandateProfiles(String profiles) {
- this.mandateProfiles = profiles;
- }
-
- /**
- * Returns the Mandates/Profiles
- * @return
- */
- public String getMandateProfiles() {
- return this.mandateProfiles;
- }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAParameter.java
deleted file mode 100644
index 2a4d68726..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/OAParameter.java
+++ /dev/null
@@ -1,186 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.config.legacy;
-
-/**
- * Configuration parameters belonging to an online application,
- * to be used within both, the MOA ID Auth and the
- * MOA ID PROXY component.
- *
- * @author Harald Bratko
- */
-public class OAParameter {
-
- /**
- * type of the online application (maybe "PublicService" or "BusinessService")
- */
- private String oaType;
-
- /**
- * specifies whether the online application is a business application or not
- * (<code>true</code> if value of {@link #oaType} is "businessService"
- */
- private boolean businessService;
-
- /**
- * public URL prefix of the online application
- */
- private String publicURLPrefix;
-
- /**
- * specifies a human readable name of the Online Application
- */
- private String friendlyName;
-
- /**
- * specified a specific target for the Online Application (overwrites the target in der request)
- */
- private String target;
- /**
- * specifies a friendly name for the target
- */
- private String targetFriendlyName;
-
- /**
- * Returns the type of the online application.
- * @return the type of the online application.
- */
- public String getOaType() {
- return oaType;
- }
-
- /**
- * Returns <code>true</code> is the OA is a businss application, otherwise
- * <code>false</code>.
- * @return <code>true</code> is the OA is a businss application, otherwise
- * <code>false</code>
- */
- public boolean getBusinessService() {
- return this.businessService;
- }
-
- /**
- * Returns the publicURLPrefix.
- * @return String
- */
- public String getPublicURLPrefix() {
- return publicURLPrefix;
- }
-
- /**
- *
- * Sets the type of the online application.
- * If the type is "businessService" the value of <code>businessService</code>
- * ({@link #getBusinessService()}) is also set to <code>true</code>
- * @param oaType The type of the online application.
- */
- public void setOaType(String oaType) {
- this.oaType = oaType;
- if ("businessService".equalsIgnoreCase(oaType)) {
- this.businessService = true;
- }
- }
-
- /**
- * Sets the publicURLPrefix.
- * @param publicURLPrefix The publicURLPrefix to set
- */
- public void setPublicURLPrefix(String publicURLPrefix) {
- this.publicURLPrefix = publicURLPrefix;
- }
-
-
- /**
- * Gets the friendly name of the OA
- * @return Friendly Name of the OA
- */
- public String getFriendlyName() {
- return friendlyName;
- }
-
- /**
- * Sets the friendly name of the OA
- * @param friendlyName
- */
- public void setFriendlyName(String friendlyName) {
- this.friendlyName = friendlyName;
- }
-
- /**
- * Gets the target of the OA
- * @return target of the OA
- */
- public String getTarget() {
- return target;
- }
-
- /**
- * Sets the target of the OA
- * @param target
- */
- public void setTarget(String target) {
- this.target = target;
- }
-
- /**
- * Gets the target friendly name of the OA
- * @return target Friendly Name of the OA
- */
- public String getTargetFriendlyName() {
- return targetFriendlyName;
- }
-
- /**
- * Sets the target friendly name of the OA
- * @param targetFriendlyName
- */
- public void setTargetFriendlyName(String targetFriendlyName) {
- this.targetFriendlyName = targetFriendlyName;
- }
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/STORKConfig.java
deleted file mode 100644
index 4666122d2..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/STORKConfig.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/**
- *
- */
-package at.gv.egovernment.moa.id.config.legacy;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import at.gv.egovernment.moa.util.StringUtils;
-
-/**
- * Encapsulates several STORK configuration parameters according MOA configuration
- *
- * @author bzwattendorfer
- *
- */
-public class STORKConfig {
-
- /** STORK SAML signature creation parameters */
- private SignatureCreationParameter signatureCreationParameter;
-
- /** STORK SAML signature verification parameters */
- private SignatureVerificationParameter signatureVerificationParameter;
-
- /** Map of supported C-PEPSs */
- private Map<String, CPEPS> cpepsMap = new HashMap<String, CPEPS>();
-
-
- /**
- * Constructs a STORK Config object
- * @param signatureCreationParameter STORK SAML Signature creation parameters
- * @param signatureVerificationParameter STORK SAML Signature verification parameters
- * @param cpepsMap Map of supported C-PEPS
- */
- public STORKConfig(SignatureCreationParameter signatureCreationParameter,
- SignatureVerificationParameter signatureVerificationParameter,
- Map<String, CPEPS> cpepsMap) {
- super();
- this.signatureCreationParameter = signatureCreationParameter;
- this.signatureVerificationParameter = signatureVerificationParameter;
- this.cpepsMap = cpepsMap;
- }
-
- public SignatureCreationParameter getSignatureCreationParameter() {
- return signatureCreationParameter;
- }
-
- public void setSignatureCreationParameter(
- SignatureCreationParameter signatureCreationParameter) {
- this.signatureCreationParameter = signatureCreationParameter;
- }
-
- public SignatureVerificationParameter getSignatureVerificationParameter() {
- return signatureVerificationParameter;
- }
-
- public void setSignatureVerificationParameter(
- SignatureVerificationParameter signatureVerificationParameter) {
- this.signatureVerificationParameter = signatureVerificationParameter;
- }
-
- public Map<String, CPEPS> getCpepsMap() {
- return cpepsMap;
- }
-
- public void setCpepsMap(Map<String, CPEPS> cpepsMap) {
- this.cpepsMap = cpepsMap;
- }
-
- public boolean isSTORKAuthentication(String ccc) {
-
- if (StringUtils.isEmpty(ccc) || this.cpepsMap.isEmpty())
- return false;
-
- if (this.cpepsMap.containsKey(ccc.toUpperCase()))
- return true;
- else
- return false;
-
- }
-
- public CPEPS getCPEPS(String ccc) {
- if (isSTORKAuthentication(ccc))
- return this.cpepsMap.get(ccc);
- else
- return null;
- }
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureCreationParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureCreationParameter.java
deleted file mode 100644
index 69d4889af..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureCreationParameter.java
+++ /dev/null
@@ -1,134 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-package at.gv.egovernment.moa.id.config.legacy;
-
-/**
- * Encapsulates signature creation parameters according MOA configuration
- *
- * @author bzwattendorfer
- *
- */
-public class SignatureCreationParameter {
-
- /** KeyStore Path */
- private String keyStorePath;
-
- /** KeyStore Password */
- private String keyStorePassword;
-
- /** Signing Key Name */
- private String keyName;
-
- /** Signing Key Password */
- private String keyPassword;
-
- /**
- * Gets the KeyStore Path
- * @return File Path to KeyStore
- */
- public String getKeyStorePath() {
- return keyStorePath;
- }
-
- /**
- * Sets the KeyStore Path
- * @param keyStorePath Path to KeyStore
- */
- public void setKeyStorePath(String keyStorePath) {
- this.keyStorePath = keyStorePath;
- }
-
- /**
- * Gets the KeyStore Password
- * @return Password to KeyStore
- */
- public String getKeyStorePassword() {
- return keyStorePassword;
- }
-
- /**
- * Sets the KeyStore Password
- * @param keyStorePassword Password to KeyStore
- */
- public void setKeyStorePassword(String keyStorePassword) {
- this.keyStorePassword = keyStorePassword;
- }
-
- /**
- * Gets the Signing Key Name
- * @return Siging Key Name
- */
- public String getKeyName() {
- return keyName;
- }
-
- /**
- * Sets the Signing Key Name
- * @param keyName Signing Key Name
- */
- public void setKeyName(String keyName) {
- this.keyName = keyName;
- }
-
- /**
- * Gets the Signing Key Password
- * @return Signing Key Password
- */
- public String getKeyPassword() {
- return keyPassword;
- }
-
- /**
- * Sets the Signing Key Password
- * @param keyPassword Signing Key Password
- */
- public void setKeyPassword(String keyPassword) {
- this.keyPassword = keyPassword;
- }
-
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureVerificationParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureVerificationParameter.java
deleted file mode 100644
index 9358d763f..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/SignatureVerificationParameter.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/**
- *
- */
-package at.gv.egovernment.moa.id.config.legacy;
-
-/**
- * Encapsulates Signature Verification data for STORK according MOA configuration
- *
- * @author bzwattendorfer
- *
- */
-public class SignatureVerificationParameter {
-
- /** ID of the MOA-SP TrustProfile to be used for STORK SAML signature verification */
- private String trustProfileID;
-
- /**
- * Gets the MOA-SP TrustProfileID
- * @return TrustProfileID of MOA-SP for STORK signature verification
- */
- public String getTrustProfileID() {
- return trustProfileID;
- }
-
- /**
- * Sets the MOA-SP TrustProfileID
- * @param trustProfileID TrustProfileID of MOA-SP for STORK signature verification
- */
- public void setTrustProfileID(String trustProfileID) {
- this.trustProfileID = trustProfileID;
- }
-
-
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameter.java
deleted file mode 100644
index 6f00a7b9c..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameter.java
+++ /dev/null
@@ -1,433 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.config.legacy;
-
-import java.io.IOException;
-import java.util.Iterator;
-import java.util.List;
-
-import javax.xml.transform.TransformerException;
-
-import org.apache.xpath.XPathAPI;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
-
-import at.gv.egovernment.moa.id.auth.data.Schema;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.StringUtils;
-
-/**
- * This class is a container for parameters that maybe needed for verifying an infobox.
- *
- * @author Harald Bratko
- */
-public class VerifyInfoboxParameter {
-
- /**
- * The default package name (first part) of a infobox validator class.
- */
- public static final String DEFAULT_PACKAGE_TRUNK = "at.gv.egovernment.moa.id.auth.validator.";
-
- /**
- * The identifier of the infobox to be verified. This identifier must exactly the
- * identifier of the infobox returned by BKU.
- */
- protected String identifier_;
-
- /**
- * The friendly name of the infobox.
- * This name is used within browser messages, thus it should be the german equivalent of
- * the {@link #identifier_ infobox identifier} (e.g. &quot;<code>Stellvertretungen</code>&quot;
- * for &quot;<code>Mandates</code>&quot; or &quot;<code>GDAToken</code>&quot; for
- * &quot;<code>EHSPToken</code>&quot;.
- * <br>If not specified within the config file the {@link #identifier_ infobox identifier}
- * will be used.
- */
- protected String friendlyName_;
-
- /**
- * The Id of the TrustProfile to be used for validating certificates.
- */
- protected String trustProfileID_;
-
- /**
- * The full name of the class to be used for verifying the infobox.
- */
- protected String validatorClassName_;
-
- /**
- * Schema location URIs that may be needed by the
- * validator to parse infobox tokens.
- * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema}
- * specifying the location of an XML schema.
- */
- protected List schemaLocations_;
-
- /**
- * Application specific parameters that may be needed for verifying an infobox.
- */
- protected Element applicationSpecificParams_;
-
- /**
- * Specifies if the infobox is be required to be returned by the BKU.
- */
- protected boolean required_;
-
- /**
- * Specifies whether the <code>Stammzahl</code> should be passed to the verifying
- * application or not.
- */
- protected boolean provideStammzahl_;
-
- /**
- * Specifies whether the <code>identity link</code> should be passed to the verifying
- * application or not.
- */
- protected boolean provideIdentityLink_;
-
- /**
- * Initializes this VerifiyInfoboxParamater with the given identifier and a default
- * validator class name.
- *
- * @param identifier The identifier of the infobox to be verified.
- */
- public VerifyInfoboxParameter(String identifier) {
- identifier_ = identifier;
- StringBuffer sb = new StringBuffer(DEFAULT_PACKAGE_TRUNK);
- sb.append(identifier.toLowerCase());
- sb.append(".");
- sb.append(identifier.substring(0, 1).toUpperCase());
- sb.append(identifier.substring(1));
- sb.append("Validator");
- validatorClassName_ = sb.toString();
- }
-
- /**
- * Returns application specific parameters.
- * Each child element of this element contains a verifying application specific parameter. {@link #applicationSpecificParams_}
- *
- * @see #applicationSpecificParams_
- *
- * @return Application specific parameters.
- */
- public Element getApplicationSpecificParams() {
- return applicationSpecificParams_;
- }
-
- /**
- * Sets the application specific parameters.
- *
- * @see #applicationSpecificParams_
- *
- * @param applicationSpecificParams The application specific parameters to set.
- */
- public void setApplicationSpecificParams(Element applicationSpecificParams) {
- applicationSpecificParams_ = applicationSpecificParams;
- }
-
- /**
- * Appends special application specific parameters for party representation.
- *
- * @param applicationSpecificParams The application specific parameters for party representation to set.
- */
- public void appendParepSpecificParams(Element applicationSpecificParams) {
- try {
- if (applicationSpecificParams_==null) {
- applicationSpecificParams_ = applicationSpecificParams.getOwnerDocument().createElement("ApplicationSpecificParameters");
- }
- Element nameSpaceNode = applicationSpecificParams.getOwnerDocument().createElement("NameSpaceNode");
- nameSpaceNode.setAttribute("xmlns:" + Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI);
- NodeList nodeList = XPathAPI.selectNodeList(applicationSpecificParams, "*", nameSpaceNode);
- if (null!=nodeList) {
- for (int i=0; i<nodeList.getLength(); i++) {
- applicationSpecificParams_.appendChild((Node) nodeList.item(i));
- }
- }
- } catch (TransformerException e) {
- //Do nothing
- }
- }
-
- /**
- * Returns the friendly name.
- *
- * @see #friendlyName_
- *
- * @return The friendly name.
- */
- public String getFriendlyName() {
- return friendlyName_;
- }
-
- /**
- * Sets the friendly name.
- *
- * @param friendlyName The friendly name to set.
- */
- public void setFriendlyName(String friendlyName) {
- friendlyName_ = friendlyName;
- }
-
- /**
- * Returns the infobox identifier.
- *
- * @see #identifier_
- *
- * @return The infobox identifier.
- */
- public String getIdentifier() {
- return identifier_;
- }
-
- /**
- * Sets the the infobox identifier.
- *
- * @see #identifier_
- *
- * @param identifier The infobox identifier to set.
- */
- public void setIdentifier(String identifier) {
- identifier_ = identifier;
- }
-
- /**
- * Specifies whether the identity link should be passed to the verifying application
- * or not.
- *
- * @return <code>True</code> if the identity link should be passed to the verifying
- * application, otherwise <code>false</code>.
- */
- public boolean getProvideIdentityLink() {
- return provideIdentityLink_;
- }
-
- /**
- * Sets the {@link #provideIdentityLink_} parameter.
- *
- * @param provideIdentityLink <code>True</code> if the identity link should be passed to
- * the verifying application, otherwise <code>false</code>.
- */
- public void setProvideIdentityLink(boolean provideIdentityLink) {
- provideIdentityLink_ = provideIdentityLink;
- }
-
- /**
- * Specifies whether the <code>Stammzahl</code> should be passed to the verifying
- * application or not.
- *
- * @return <code>True</code> if the <code>Stammzahl</code> should be passed to the
- * verifying application, otherwise <code>false</code>.
- */
- public boolean getProvideStammzahl() {
- return provideStammzahl_;
- }
-
- /**
- * Sets the {@link #provideStammzahl_} parameter.
- *
- * @param provideStammzahl <code>True</code> if the <code>Stammzahl</code> should be
- * passed to the verifying application, otherwise <code>false</code>.
- */
- public void setProvideStammzahl(boolean provideStammzahl) {
- provideStammzahl_ = provideStammzahl;
- }
-
- /**
- * Specifies whether the infobox is required or not.
- *
- * @return <code>True</code> if the infobox is required to be returned by the BKU,
- * otherwise <code>false</code>.
- */
- public boolean isRequired() {
- return required_;
- }
-
- /**
- * Sets the {@link #required_} parameter.
- *
- * @param required <code>True</code> if the infobox is required to be returned by the
- * BKU, otherwise <code>false</code>.
- */
- public void setRequired(boolean required) {
- required_ = required;
- }
-
- /**
- * Schema location URIs that may be needed by the
- * validator to parse infobox tokens.
- * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema}
- * specifying the location of an XML schema.
- *
- * @return A list of {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} objects
- * each of them specifying the location of an XML schema.
- */
- public List getSchemaLocations() {
- return schemaLocations_;
- }
-
- /**
- * Sets the schema locations.
- *
- * @see #schemaLocations_
- *
- * @param schemaLocations The schema location list to be set.
- */
- public void setSchemaLocations(List schemaLocations) {
- schemaLocations_ = schemaLocations;
- }
-
- /**
- * Returns the ID of the trust profile to be used for verifying certificates.
- *
- * @return The ID of the trust profile to be used for verifying certificates.
- * Maybe <code>null</code>.
- */
- public String getTrustProfileID() {
- return trustProfileID_;
- }
-
- /**
- * Sets the ID of the trust profile to be used for verifying certificates.
- *
- * @param trustProfileID The ID of the trust profile to be used for verifying certificates.
- */
- public void setTrustProfileID(String trustProfileID) {
- trustProfileID_ = trustProfileID;
- }
-
- /**
- * Returns the name of the class to be used for verifying this infobox.
- *
- * @return The name of the class to be used for verifying this infobox.
- */
- public String getValidatorClassName() {
- return validatorClassName_;
- }
-
- /**
- * Sets the name of the class to be used for verifying this infobox.
- *
- * @param validatorClassName The name of the class to be used for verifying this infobox.
- */
- public void setValidatorClassName(String validatorClassName) {
- validatorClassName_ = validatorClassName;
- }
-
- /**
- * Get a string representation of this object.
- * This method is for debugging purposes only.
- *
- * @return A string representation of this object.
- */
- public String toString() {
-
- StringBuffer buffer = new StringBuffer(1024);
-
- buffer.append(" <Infobox Identifier=\"");
- buffer.append(identifier_);
- buffer.append("\" required=\"");
- buffer.append(required_);
- buffer.append("\" provideStammzahl=\"");
- buffer.append(provideStammzahl_);
- buffer.append("\" provideIdentityLink=\"");
- buffer.append(provideIdentityLink_);
- buffer.append("\">");
- buffer.append("\n");
- if (friendlyName_ != null) {
- buffer.append(" <FriendlyName>");
- buffer.append(friendlyName_);
- buffer.append("</FriendlyName>");
- buffer.append("\n");
- }
- if (trustProfileID_ != null) {
- buffer.append(" <TrustProfileID>");
- buffer.append(trustProfileID_);
- buffer.append("</TrustProfileID>");
- buffer.append("\n");
- }
- if (validatorClassName_ != null) {
- buffer.append(" <ValidatorClass>");
- buffer.append(validatorClassName_);
- buffer.append("</ValidatorClass>");
- buffer.append("\n");
- }
- if (schemaLocations_ != null) {
- buffer.append(" <SchemaLocations>");
- buffer.append("\n");
- Iterator it = schemaLocations_.iterator();
- while (it.hasNext()) {
- buffer.append(" <Schema namespace=\"");
- Schema schema = (Schema)it.next();
- buffer.append(schema.getNamespace());
- buffer.append("\" schemaLocation=\"");
- buffer.append(schema.getSchemaLocation());
- buffer.append("\"/>\n");
- }
- buffer.append(" </SchemaLocations>");
- buffer.append("\n");
- }
- if (applicationSpecificParams_ != null) {
- try {
- String applicationSpecificParams = DOMUtils.serializeNode(applicationSpecificParams_);
- buffer.append(" ");
- buffer.append(StringUtils.removeXMLDeclaration(applicationSpecificParams));
- buffer.append("\n");
- } catch (TransformerException e) {
- // do nothing
- } catch (IOException e) {
- // do nothing
- }
- }
- buffer.append(" </Infobox>");
-
-
- return buffer.toString() ;
- }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameters.java
deleted file mode 100644
index b7a6b42be..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/VerifyInfoboxParameters.java
+++ /dev/null
@@ -1,181 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- ******************************************************************************/
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.config.legacy;
-
-import java.util.Hashtable;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-
-/**
- * This class contains the parameters for verifying all the infoboxes configured for an
- * online application.
- *
- * @author Harald Bratko
- */
-public class VerifyInfoboxParameters {
-
- /**
- * A map of {@link VerifyInfoboxParameter} objects.
- * Each of these objects contains parameters that maybe needed for validating an
- * infobox.
- */
- protected Map infoboxParameters_;
-
- /**
- * A list of the identifiers of the infoboxes supported by this
- * VerifyInfoboxParameters;
- */
- protected List identifiers_;
-
- /**
- * Holds the (comma separated) identifiers of those infoboxes MOA-IF is able to validate
- * in the context of the actual online application.
- * The string will be added as value of the <code>PushInfobox</code> parameter in the
- * HTML form used for reading the infoboxes from the BKU.
- */
- protected String pushInfobox_;
-
- /**
- * Initializes this VerifyInfoboxParameters with an empty {@link #infoboxParameters_}
- * map.
- */
- public VerifyInfoboxParameters() {
- infoboxParameters_ = new Hashtable();
- pushInfobox_ = "";
- }
-
- /**
- * Initializes this VerifyInfoboxParameters with the given
- * <code>infoboxParameters</code> map and builds the {@link #pushInfobox_} string
- * from the keys of the given map.
- */
- public VerifyInfoboxParameters(List identifiers, Map infoboxParameters) {
- identifiers_ = identifiers;
- infoboxParameters_ = infoboxParameters;
- // build the pushInfobox string
- if ((identifiers != null) && (!identifiers.isEmpty())) {
- StringBuffer identifiersSB = new StringBuffer();
- int identifiersNum = identifiers.size();
- int i = 1;
- Iterator it = identifiers.iterator();
- while (it.hasNext()) {
- identifiersSB.append((String)it.next());
- if (i != identifiersNum) {
- identifiersSB.append(",");
- }
- i++;
- }
- pushInfobox_ = identifiersSB.toString();
- } else {
- pushInfobox_ = "";
- }
- }
-
- /**
- * Returns the (comma separated) identifiers of the infoboxes configured for the actual
- * online application.
- *
- * @see #pushInfobox_
- *
- * @return The (comma separated) identifiers of the infoboxes configured for the actual
- * online application.
- */
- public String getPushInfobox() {
- return pushInfobox_;
- }
-
- /**
- * Sets the {@link #pushInfobox_} string.
- *
- * @param pushInfobox The pushInfobox string to be set.
- */
- public void setPushInfobox(String pushInfobox) {
- pushInfobox_ = pushInfobox;
- }
-
- /**
- * Returns map of {@link VerifyInfoboxParameter} objects.
- * Each of these objects contains parameters that maybe needed for validating an
- * infobox.
- *
- * @return The map of {@link VerifyInfoboxParameter} objects.
- */
- public Map getInfoboxParameters() {
- return infoboxParameters_;
- }
-
- /**
- * Sets the map of {@link VerifyInfoboxParameter} objects.
- *
- * @see #infoboxParameters_
- *
- * @param infoboxParameters The infoboxParameters to set.
- */
- public void setInfoboxParameters(Map infoboxParameters) {
- infoboxParameters_ = infoboxParameters;
- }
-
- /**
- * Returns the identifiers of the supported infoboxes.
- *
- * @return The identifiers.
- */
- public List getIdentifiers() {
- return identifiers_;
- }
-
- /**
- * Sets the identifiers.
- *
- * @param identifiers The identifiers to set.
- */
- public void setIdentifiers(List identifiers) {
- identifiers_ = identifiers;
- }
-
-}