aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
Diffstat (limited to 'id')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java2
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java35
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java5
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java7
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java6
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java14
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java15
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java15
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java24
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java30
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java8
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java30
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java11
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java16
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java11
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java8
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java4
-rw-r--r--id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java6
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java4
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java6
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java13
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java23
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java23
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java27
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java2
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java4
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java23
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java11
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java26
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java12
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/IeIDASAttribute.java4
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrDateOfBirth.java4
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrFamilyName.java14
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrGivenName.java12
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java39
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrNaturalPersonalIdentifier.java14
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeLegalPersonIdentifier.java46
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java14
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java16
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/validator/eIDASResponseValidator.java3
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java6
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java6
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java27
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RedirectToMandateSelectionTask.java4
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java14
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java6
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java2
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateUtils.java9
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandatesCredentialProvider.java19
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java13
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java16
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java8
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java49
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java8
-rw-r--r--id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java25
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java10
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java15
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java21
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java21
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java6
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java60
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java57
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java23
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java6
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java28
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java4
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java7
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java6
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java14
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java79
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/utils/FederatedAuthCredentialProvider.java19
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java19
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java14
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java18
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java29
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java51
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java59
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java4
-rw-r--r--id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java4
-rw-r--r--id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java2
81 files changed, 723 insertions, 654 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index d3d7a9456..1274a0407 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -73,6 +73,8 @@ public class SSOManager implements ISSOManager {
private static final int INTERFEDERATIONCOOKIEMAXAGE = 5 * 60;// sec
public static final String DATAID_INTERFEDERATIOIDP_URL = "INTERFEDERATIOIDP_URL";
+ public static final String DATAID_INTERFEDERATIOIDP_RESPONSE = "INTERFEDERATIOIDP_RESPONSE";
+ public static final String DATAID_INTERFEDERATIOIDP_ENTITYID = "INTERFEDERATIOIDP_ENTITYID";
@Autowired private IAuthenticationSessionStoreage authenticatedSessionStore;
@Autowired private AuthConfiguration authConfig;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java
index 9160ef453..ac3828750 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/MandateNaturalPersonBPKAttributeBuilder.java
@@ -105,7 +105,7 @@ public class MandateNaturalPersonBPKAttributeBuilder implements IPVPAttributeBui
return g.buildEmptyAttribute(MANDATE_NAT_PER_BPK_FRIENDLY_NAME, MANDATE_NAT_PER_BPK_NAME);
}
- protected Pair<String, String> internalBPKGenerator(IOAAuthParameters oaParam, IAuthData authData) throws NoMandateDataAttributeException, BuildException, ConfigurationException {
+ protected Pair<String, String> internalBPKGenerator(ISPConfiguration oaParam, IAuthData authData) throws NoMandateDataAttributeException, BuildException, ConfigurationException {
//get PVP attribute directly, if exists
Pair<String, String> calcResult = null;
if (authData instanceof IMOAAuthData) {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index d76e72aa4..2b2a8cab6 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -25,10 +25,8 @@ import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
-import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
@@ -58,6 +56,7 @@ import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
@@ -72,6 +71,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.StringUtils;
@@ -93,7 +93,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
@Autowired private MOAReversionLogger revisionsLogger;
@Autowired private AuthConfiguration authConfig;
-
+
/**
* Constructor for AuthenticationServer.
*/
@@ -145,9 +145,9 @@ public class AuthenticationServer extends BaseAuthenticationServer {
}
//load OnlineApplication configuration
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[]{pendingReq.getOAURL()});
+ throw new AuthenticationException("auth.00", new Object[]{pendingReq.getSPEntityId()});
//load Template
String templateURL = pendingReq.getGenericData(
@@ -200,7 +200,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
//build DataURL for BKU request
String dataURL = new DataURLBuilder().buildDataURL(
- pendingReq.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, pendingReq.getRequestID());
+ pendingReq.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, pendingReq.getPendingRequestId());
//removed in MOAID 2.0
String pushInfobox = "";
@@ -295,7 +295,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
// builds a <VerifyXMLSignatureRequest> for a call of MOA-SP
Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
.build(identityLink, authConfig
- .getMoaSpIdentityLinkTrustProfileID(pendingReq.getOnlineApplicationConfiguration().isUseIDLTestTrustStore()));
+ .getMoaSpIdentityLinkTrustProfileID(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).isUseIDLTestTrustStore()));
// invokes the call
Element domVerifyXMLSignatureResponse = SignatureVerificationInvoker.getInstance()
@@ -304,7 +304,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
IVerifiyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
domVerifyXMLSignatureResponse).parseData();
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
// validates the <VerifyXMLSignatureResponse>
VerifyXMLSignatureResponseValidator.getInstance().validate(
@@ -319,8 +319,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
//Removed in MOA-ID 2.0
//verifyInfoboxes(session, infoboxReadResponseParameters, false);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_IDL_VALIDATED);
return "found!";
}
@@ -398,7 +397,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
throw new AuthenticationException("auth.10", new Object[]{
GET_MIS_SESSIONID, PARAM_SESSIONID});
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
try {
// sets the extended SAML attributes for OID (Organwalter)
setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam
@@ -435,7 +434,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
IAuthenticationSession session, IRequest pendingReq) throws ConfigurationException,
BuildException, ValidateException {
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
// builds the AUTH-block
String authBlock = buildAuthenticationBlock(session, oaParam, pendingReq);
@@ -448,7 +447,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
transformsInfos);
SpecificTraceLogger.trace("Req. Authblock: " + createXMLSignatureRequest);
- SpecificTraceLogger.trace("OA config: " + pendingReq.getOnlineApplicationConfiguration().toString());
+ SpecificTraceLogger.trace("OA config: " + pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).toString());
SpecificTraceLogger.trace("saml1RequestedTarget: " + pendingReq.getGenericData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class));
SpecificTraceLogger.trace("saml1RequestedFriendlyName: " + pendingReq.getGenericData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class));
@@ -514,8 +513,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
xmlReadInfoboxResponse);
X509Certificate cert = p.parseCertificate();
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_CERTIFICATE_VALIDATED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_CERTIFICATE_VALIDATED);
return cert;
@@ -966,7 +964,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
// builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
List<String> vtids = authConfig.getMoaSpAuthBlockVerifyTransformsInfoIDs();
- String tpid = authConfig.getMoaSpAuthBlockTrustProfileID(pendingReq.getOnlineApplicationConfiguration().isUseAuthBlockTestTestStore());
+ String tpid = authConfig.getMoaSpAuthBlockTrustProfileID(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).isUseAuthBlockTestTestStore());
Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp,
vtids, tpid);
// debug output
@@ -996,7 +994,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
}
}
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
// validates the <VerifyXMLSignatureResponse>
VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp,
@@ -1037,8 +1035,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
//set QAA Level four in case of card authentifcation
session.setQAALevel(PVPConstants.STORK_QAA_1_4);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_AUTHBLOCK_VALIDATED);
revisionsLogger.logPersonalInformationEvent(pendingReq, session.getIdentityLink()
);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index 1c5fe0c5b..bbd90fdaa 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -47,13 +47,13 @@ import javax.xml.transform.stream.StreamResult;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
@@ -69,8 +69,7 @@ import at.gv.egovernment.moa.util.StringUtils;
* Builder for the authentication block <code>&lt;saml:Assertion&gt;</code>
* to be included in a <code>&lt;CreateXMLSignatureResponse&gt;</code>.
*
- * @author Paul Ivancsics
- * @version $Id$
+ * @author Paul Ivancsics
*/
public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertionBuilder implements Constants {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
index 8c3147af2..e4063903d 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
@@ -50,9 +50,9 @@ import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -156,9 +156,10 @@ public class GetIdentityLinkFormBuilder extends Builder {
String dataURL,
String certInfoXMLRequest,
String certInfoDataURL,
- String pushInfobox, IOAAuthParameters oaParam,
+ String pushInfobox,
+ IOAAuthParameters oaParam,
String appletheigth,
- String appletwidth,
+ String appletwidth,
String contextURL)
throws BuildException
{
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
index c6faad2bb..5bf0bc422 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
@@ -3,9 +3,9 @@ package at.gv.egovernment.moa.id.auth.modules.internal;
import org.apache.commons.lang3.StringUtils;
-import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
/**
* Module descriptor
@@ -16,7 +16,7 @@ public class DefaultCitizenCardAuthModuleImpl implements AuthModule {
public int getPriority() {
return 0;
}
-
+
@Override
public String selectProcess(ExecutionContext context) {
//select process if BKU is selected and it is no STORK authentication
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
index 3e2ebdc3c..f53dfae45 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
@@ -10,15 +10,15 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.BooleanUtils;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilderCertificate;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -50,10 +50,9 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {
throws TaskExecutionException {
Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate.");
- try {
+ try {
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
-
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
boolean useMandate = moasession.isMandateUsed();
boolean identityLinkAvailable = BooleanUtils.isTrue((Boolean) executionContext.get("identityLinkAvailable"));
if (!identityLinkAvailable && useMandate) {
@@ -66,7 +65,7 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {
// build dataurl (to the VerifyCertificateSerlvet)
String dataurl = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), REQ_VERIFY_CERTIFICATE,
- pendingReq.getRequestID());
+ pendingReq.getPendingRequestId());
CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, infoboxReadRequest,
AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl);
@@ -77,9 +76,6 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {
} catch (IOException e) {
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
- } catch (MOADatabaseException e1) {
- throw new TaskExecutionException(pendingReq, e1.getMessage(), e1);
-
} finally {
}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
index fbb900cf6..af8f780ec 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
@@ -10,14 +10,15 @@ import org.springframework.stereotype.Component;
import com.google.common.net.MediaType;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.StringUtils;
@@ -61,20 +62,18 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
- try {
+ try {
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
-
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+
//normal MOA-ID authentication
Logger.debug("Starting normal MOA-ID authentication");
String getIdentityLinkForm = authServer.startAuthentication(moasession, req, pendingReq);
if (BooleanUtils.isTrue((Boolean) executionContext.get("useMandate")))
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATES_REQUESTED);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_URL, moasession.getBkuURL());
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATES_REQUESTED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_URL, moasession.getBkuURL());
if (!StringUtils.isEmpty(getIdentityLinkForm)) {
byte[] content = getIdentityLinkForm.getBytes("UTF-8");
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
index 1f20ee389..ec1de6155 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
@@ -18,10 +18,12 @@ import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import org.w3c.dom.Element;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
@@ -31,7 +33,6 @@ import at.gv.egovernment.moa.id.client.SZRGWClientException;
import at.gv.egovernment.moa.id.client.utils.SZRGWClientUtils;
import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -72,7 +73,7 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
- Logger.debug("POST GetForeignIDServlet");
+ Logger.debug("POST GetForeignIDServlet");
Map<String, String> parameters;
@@ -94,8 +95,7 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
Logger.debug(xmlCreateXMLSignatureResponse);
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
-
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse)
.parseResponseDsig();
@@ -122,8 +122,7 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
throw new MOAIDException("auth.14", null);
}
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_CONNECTED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_CONNECTED);
// make SZR request to the identity link
CreateIdentityLinkResponse response = SZRGWClientUtils.getIdentityLink(pendingReq, signature);
@@ -143,10 +142,10 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
authServer.getForeignAuthenticationData(moasession);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED);
//store pending request
+ pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
index a56c8f6ac..d81afee7b 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
@@ -15,16 +15,19 @@ import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import org.xml.sax.SAXException;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.data.MISMandate;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
import at.gv.egovernment.moa.logging.Logger;
@@ -58,28 +61,29 @@ import iaik.pki.PKIException;
public class GetMISSessionIDTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
+ @Autowired private AuthConfiguration moaAuthConfig;
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
-
+
Logger.debug("POST GetMISSessionIDServlet");
try {
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
//get MIS sessionID
String misSessionID = moasession.getMISSessionID();
//get mandates from MIS
- ConnectionParameterInterface connectionParameters = authConfig
- .getOnlineMandatesConnectionParameter(pendingReq.getOnlineApplicationConfiguration());
+ ConnectionParameterInterface connectionParameters = moaAuthConfig
+ .getOnlineMandatesConnectionParameter(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class));
SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(
- authConfig,
+ moaAuthConfig,
connectionParameters);
List<MISMandate> list = MISSimpleClient.sendGetMandatesRequest(
- connectionParameters.getUrl(), misSessionID, sslFactory, authConfig);
+ connectionParameters.getUrl(), misSessionID, sslFactory, moaAuthConfig);
//check if mandates received
if (list == null || list.size() == 0) {
@@ -87,8 +91,7 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
throw new AuthenticationException("auth.15", null);
}
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_RECEIVED);
// for now: list contains only one element
@@ -114,9 +117,10 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
moasession.setMISMandate(mandate);
//log mandate specific set of events
- revisionsLogger.logMandateEventSet(pendingReq, mandate);
+ //revisionsLogger.logMandateEventSet(pendingReq, mandate);
//store pending request with new MOASession data information
+ pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
index ceaf4ca38..b170d9e89 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
@@ -30,17 +30,19 @@ import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.FileUtils;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -53,11 +55,12 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
@Autowired StartAuthentificationParameterParser authInitialisationParser;
+ @Autowired private AuthConfiguration moaAuthConfig;
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
- @Override
+ @Override
public void execute(ExecutionContext executionContext,
HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
@@ -81,10 +84,10 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
}
protected void internalInitializeWithoutPersist(ExecutionContext executionContext,
- HttpServletRequest request, HttpServletResponse response) throws WrongParametersException, MOAIDException, MOADatabaseException {
+ HttpServletRequest request, HttpServletResponse response) throws EAAFException {
Logger.info("BKU is selected -> Start BKU communication ...");
- defaultTaskInitialization(request, executionContext);
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
boolean isLegacyRequest = false;
Object isLegacyRequestObj = executionContext.get("isLegacyRequest");
@@ -109,14 +112,13 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
}
//load OA Config
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
if (oaParam == null)
- throw new AuthenticationException("auth.00", new Object[] { pendingReq.getOAURL() });
+ throw new AuthenticationException("auth.00", new Object[] { pendingReq.getSPEntityId() });
else {
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUTYPE_SELECTED, bkuid);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKUTYPE_SELECTED, bkuid);
//get Target from config or from request in case of SAML 1
String target = null;
@@ -128,7 +130,7 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
String bkuURL = oaParam.getBKUURL(bkuid);
if (MiscUtil.isEmpty(bkuURL)) {
Logger.info("No OA specific BKU defined. Use BKU from default configuration");
- bkuURL = authConfig.getDefaultBKUURL(bkuid);
+ bkuURL = moaAuthConfig.getDefaultBKUURL(bkuid);
}
//search for OA specific template
@@ -139,13 +141,13 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
templateURL = oaTemplateURLList.get(0);
} else {
- templateURL = authConfig.getSLRequestTemplates(bkuid);
+ templateURL = moaAuthConfig.getSLRequestTemplates(bkuid);
}
//make url absolut if it is a local url
if (MiscUtil.isNotEmpty(templateURL))
templateURL = FileUtils.makeAbsoluteURL(templateURL,
- authConfig.getRootConfigFileDir());
+ moaAuthConfig.getRootConfigFileDir());
if (oaParam.isOnlyMandateAllowed())
useMandate = "true";
@@ -156,7 +158,7 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
//parse all OA parameters i
authInitialisationParser.parse( moasession,
target,
- pendingReq.getOAURL(),
+ pendingReq.getSPEntityId(),
bkuURL,
templateURL,
useMandate,
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
index 2fac58e44..d1d0ef086 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
@@ -7,11 +7,12 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -40,7 +41,7 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
- @Override
+ @Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
// note: code taken from at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet
@@ -49,13 +50,14 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
try {
//initialize task
- defaultTaskInitialization(req, executionContext);
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
//build authBlock
String createXMLSignatureRequest = authServer
.getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq);
//store pending request with new MOASession data information
+ pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
//write response
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
index 805b1b8f1..4db814246 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
@@ -30,18 +30,21 @@ import javax.net.ssl.SSLSocketFactory;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.w3c.dom.Element;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MISSimpleClientException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
@@ -55,7 +58,9 @@ import at.gv.egovernment.moa.util.DOMUtils;
@Component("PrepareGetMISMandateTask")
public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
- /* (non-Javadoc)
+ @Autowired private AuthConfiguration moaAuthConfig;
+
+ /* (non-Javadoc)
* @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@Override
@@ -66,11 +71,11 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
//mandate Mode
try {
//perform default task initialization
- defaultTaskInitialization(request, executionContext);
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
ConnectionParameterInterface connectionParameters =
- authConfig.getOnlineMandatesConnectionParameter(pendingReq.getOnlineApplicationConfiguration());
- SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(authConfig, connectionParameters);
+ moaAuthConfig.getOnlineMandatesConnectionParameter(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class));
+ SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(moaAuthConfig, connectionParameters);
// get identitity link as byte[]
Element elem = moasession.getIdentityLink().getSamlAssertion();
@@ -83,9 +88,9 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
String redirectURL = new DataURLBuilder().buildDataURL(
pendingReq.getAuthURL(),
GET_MIS_SESSIONID,
- pendingReq.getRequestID());
+ pendingReq.getPendingRequestId());
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
List<String> profiles = oaParam.getMandateProfiles();
if (profiles == null) {
@@ -101,8 +106,7 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
//TODO: check in case of SSO!!!
String targetType = oaParam.getAreaSpecificTargetIdentifier();
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue);
MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(
connectionParameters.getUrl(),
@@ -115,7 +119,7 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
targetType,
authBlock,
sslFactory,
- authConfig);
+ moaAuthConfig);
if (misSessionID == null) {
Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
@@ -127,10 +131,10 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
moasession.setMISSessionID(misSessionID.getSessiondId());
//store pending request with new MOASession data information
+ pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT);
response.setStatus(302);
response.addHeader("Location", redirectMISGUI);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
index c16eec30c..3b70c55e9 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
@@ -13,13 +13,14 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -55,7 +56,7 @@ import at.gv.egovernment.moa.logging.Logger;
* Code taken from {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet}.
* @see #execute(ExecutionContext, HttpServletRequest, HttpServletResponse)
*
- */
+ */
@Component("VerifyAuthenticationBlockTask")
public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
@@ -86,15 +87,15 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
//verify authBlock
authServer.verifyAuthenticationBlock(pendingReq, moasession, createXMLSignatureResponse);
//store pending request with new MOASession data information
+ pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
index e7a66b5a9..5b207d33e 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
@@ -13,14 +13,15 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.spss.util.CertificateUtils;
@@ -56,7 +57,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
- @Override
+ @Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
@@ -76,10 +77,9 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
try {
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
//read certificate from response
X509Certificate cert = authServer.getCertificate(pendingReq, parameters);
@@ -98,6 +98,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
authServer.getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq);
//store pending request with new MOASession data information
+ pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, pendingReq, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
@@ -113,8 +114,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
}
// Foreign Identities Modus
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_FOUND);
String createXMLSignatureRequest = authServer.createXMLSignatureRequestForeignID(pendingReq, cert);
@@ -123,7 +123,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
new DataURLBuilder().buildDataURL(
pendingReq.getAuthURL(),
REQ_GET_FOREIGN_ID,
- pendingReq.getRequestID());
+ pendingReq.getPendingRequestId());
CitizenCardServletUtils.writeCreateXMLSignatureRequest(resp, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
index b9fed684c..99eba56c1 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
@@ -10,13 +10,14 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
/**
@@ -48,7 +49,7 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
@Autowired @Qualifier("CitizenCardAuthenticationServer") private AuthenticationServer authServer;
- @Override
+ @Override
public void execute(ExecutionContext executionContext, HttpServletRequest req, HttpServletResponse resp)
throws TaskExecutionException {
@@ -65,15 +66,15 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
try {
//execute default task initialization
- defaultTaskInitialization(req, executionContext);
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(),
- pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
//verify identityLink
boolean identityLinkAvailable = authServer.verifyIdentityLink(pendingReq, moasession, parameters) != null;
//store pending request with new MOASession data information
+ pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
//set 'identityLink exists' flag to context
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index 21de37603..44c3992d0 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -56,7 +56,6 @@ import javax.xml.bind.DatatypeConverter;
import org.jaxen.SimpleNamespaceContext;
import org.w3c.dom.Element;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder;
import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
@@ -65,6 +64,7 @@ import at.gv.egovernment.moa.id.auth.data.SAMLAttribute;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.ValidateException;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
@@ -138,7 +138,7 @@ public class CreateXMLSignatureResponseValidator {
public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, IAuthenticationSession session, IRequest pendingReq)
throws ValidateException, BuildException, ConfigurationException {
// A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier
- IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
String oaURL = oaParam.getPublicURLPrefix();
IIdentityLink identityLink = session.getIdentityLink();
@@ -663,11 +663,11 @@ public class CreateXMLSignatureResponseValidator {
} catch (Exception e) {
SpecificTraceLogger.trace("Validate AuthBlock with SSO");
SpecificTraceLogger.trace("Signed AuthBlock: " + session.getAuthBlock());
- SpecificTraceLogger.trace("OA config: " + pendingReq.getOnlineApplicationConfiguration().toString());
+ SpecificTraceLogger.trace("OA config: " + pendingReq.getServiceProviderConfiguration().toString());
throw e;
}
-
+
}
public void validateSigningDateTime( CreateXMLSignatureResponse csresp) throws ValidateException {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
index f9a432a9f..17a3fe7ab 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
@@ -54,10 +54,10 @@ import java.util.Iterator;
import java.util.List;
import java.util.Set;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.exception.ValidateException;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
@@ -113,7 +113,7 @@ public class VerifyXMLSignatureResponseValidator {
public void validate(IVerifiyXMLSignatureResponse verifyXMLSignatureResponse,
List<String> identityLinkSignersSubjectDNNames,
String whatToCheck,
- IOAAuthParameters oaParam)
+ IOAAuthParameters oaParam)
throws ValidateException, ConfigurationException {
if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0)
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java
index 3eb1114ea..01e349d0f 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/util/CitizenCardServletUtils.java
@@ -70,7 +70,7 @@ import at.gv.egovernment.moa.logging.Logger;
*/
public class CitizenCardServletUtils extends ServletUtils{
- /**
+ /**
* Writes out whether the CreateXMLSignatureRequest or a Redirect for form input processing
* depending on the requests starting text.
*
@@ -89,7 +89,7 @@ public class CitizenCardServletUtils extends ServletUtils{
if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) {
resp.setStatus(307);
String dataURL = new DataURLBuilder().buildDataURL(
- pendingReq.getAuthURL(), MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK, pendingReq.getRequestID());
+ pendingReq.getAuthURL(), MOAIDAuthConstants.REQ_VERIFY_AUTH_BLOCK, pendingReq.getPendingRequestId());
resp.addHeader("Location", dataURL);
//TODO test impact of explicit setting charset with older versions of BKUs (HotSign)
@@ -101,7 +101,7 @@ public class CitizenCardServletUtils extends ServletUtils{
Logger.debug("Finished POST " + servletName);
} else {
- String redirectURL = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), servletGoal, pendingReq.getRequestID());
+ String redirectURL = new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), servletGoal, pendingReq.getPendingRequestId());
resp.setContentType("text/html");
resp.setStatus(302);
resp.addHeader("Location", redirectURL);
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java
index 78793d3fc..d743b57e3 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/config/MOAeIDASSAMLEngineConfigurationImpl.java
@@ -131,7 +131,7 @@ public class MOAeIDASSAMLEngineConfigurationImpl extends
private Properties loadConfigurationFromExternalFile(String key) throws ConfigurationException {
String configFile =
- AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfiguration(key);
+ AuthConfigurationProviderFactory.getInstance().getBasicConfiguration(key);
if (MiscUtil.isEmpty(configFile)) {
Logger.warn("No eIDAS SAML-engine configuration key: "
+ key + " found in MOA-ID properties configuration file.");
@@ -150,7 +150,7 @@ public class MOAeIDASSAMLEngineConfigurationImpl extends
Properties inputProps = loadConfigurationFromExternalFile(configKey);
String configFile =
- AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfiguration(configKey);
+ AuthConfigurationProviderFactory.getInstance().getBasicConfiguration(configKey);
PropsParameter outputProps = new PropsParameter();
outputProps.setFileName(configFile);
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java
index 90dbb7342..ec042949a 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java
@@ -24,8 +24,8 @@ package at.gv.egovernment.moa.id.auth.modules.eidas;
import org.apache.commons.lang3.StringUtils;
-import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AuthModule;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
/**
* @author tlenz
@@ -37,7 +37,7 @@ public class eIDASAuthenticationModulImpl implements AuthModule {
@Override
public int getPriority() {
- return priority;
+ return priority;
}
/**
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
index a2ec47a45..94cd04ca7 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
@@ -28,6 +28,7 @@ import at.gv.egovernment.moa.id.auth.IDestroyableObject;
import at.gv.egovernment.moa.id.auth.IGarbageCollectorProcessing;
import at.gv.egovernment.moa.id.auth.IPostStartupInitializable;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IMOARefreshableMetadataProvider;
import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.SimpleMOAMetadataProvider;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MOASPMetadataSignatureFilter;
@@ -71,11 +72,17 @@ public class MOAeIDASChainingMetadataProvider extends SimpleMOAMetadataProvider
*/
@Override
public void executeAfterStartup() {
- initializeEidasMetadataFromFileSystem();
+ try {
+ initializeEidasMetadataFromFileSystem();
+
+ } catch (ConfigurationException e) {
+ Logger.error("Post start-up initialization of eIDAS Metadata-Provider FAILED.", e);
+
+ }
}
- protected void initializeEidasMetadataFromFileSystem() {
+ protected void initializeEidasMetadataFromFileSystem() throws ConfigurationException {
Map<String, String> metadataToLoad = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONIG_PROPS_EIDAS_METADATA_URLS_LIST_PREFIX);
if (!metadataToLoad.isEmpty()) {
Logger.info("Load static configurated eIDAS metadata ... ");
@@ -229,7 +236,7 @@ public class MOAeIDASChainingMetadataProvider extends SimpleMOAMetadataProvider
//add Metadata filters
MetadataFilterChain filter = new MetadataFilterChain();
filter.addFilter(new MOASPMetadataSignatureFilter(
- authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_METADATA_VALIDATION_TRUSTSTORE)));
+ authConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_METADATA_VALIDATION_TRUSTSTORE)));
return createNewMoaMetadataProvider(metadataURL, filter,
"eIDAS metadata-provider",
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
index 4045e1ad6..45033562f 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
@@ -24,27 +24,31 @@ package at.gv.egovernment.moa.id.auth.modules.eidas.tasks;
import java.io.InputStream;
import java.text.SimpleDateFormat;
+import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.joda.time.DateTime;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASAttributeException;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.IdentityLinkReSigner;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.DOMUtils;
@@ -58,18 +62,18 @@ import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
@Component("CreateIdentityLinkTask")
public class CreateIdentityLinkTask extends AbstractAuthServletTask {
+ @Autowired private AuthConfiguration moaAuthConfig;
+
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
+ */
@Override
public void execute(ExecutionContext executionContext,
HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
- try{
- defaultTaskInitialization(request, executionContext);
-
+ try{
//get eIDAS attributes from MOA-Session
- ImmutableAttributeMap eIDASAttributes = moasession.getGenericDataFromSession(
+ ImmutableAttributeMap eIDASAttributes = pendingReq.getGenericData(
AuthenticationSessionStorageConstants.eIDAS_ATTRIBUTELIST,
ImmutableAttributeMap.class);
@@ -138,7 +142,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
//resign IDL
IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance();
- Element resignedilAssertion = identitylinkresigner.resignIdentityLink(identityLink.getSamlAssertion(), authConfig.getStorkFakeIdLResigningKey());
+ Element resignedilAssertion = identitylinkresigner.resignIdentityLink(identityLink.getSamlAssertion(), moaAuthConfig.getStorkFakeIdLResigningKey());
identityLink = new IdentityLinkAssertionParser(resignedilAssertion).parseIdentityLink();
} else {
@@ -156,10 +160,13 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
throw new MOAIDException("stork.10", null);
}
- revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_IDL_RECEIVED);
+ revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_IDL_RECEIVED);
+ AuthenticationSession moasession = new AuthenticationSession("1234", new Date());
moasession.setForeigner(true);
moasession.setIdentityLink(identityLink);
moasession.setBkuURL("Not applicable (eIDASAuthentication)");
+ pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
+
//store MOA-session to database
requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java
index 4ad5194a9..a87d971d8 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/GenerateAuthnRequestTask.java
@@ -44,8 +44,8 @@ import org.springframework.util.StringUtils;
import com.google.common.net.MediaType;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
@@ -56,10 +56,11 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetada
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.CPEPS;
import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -87,14 +88,14 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
- @Override
+ @Override
public void execute(ExecutionContext executionContext,
HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
try{
//get service-provider configuration
- IOAAuthParameters oaConfig = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaConfig = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
// get target and validate citizen countryCode
String citizenCountryCode = (String) executionContext.get(MOAIDAuthConstants.PARAM_CCC);
@@ -104,7 +105,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
throw new AuthenticationException("eIDAS.03", new Object[] { "" });
}
- CPEPS cpeps = authConfig.getStorkConfig().getCPEPSWithFullName(citizenCountryCode);
+ CPEPS cpeps = ((AuthConfiguration)authConfig).getStorkConfig().getCPEPSWithFullName(citizenCountryCode);
if(null == cpeps) {
Logger.error("PEPS unknown for country: " + citizenCountryCode);
throw new AuthenticationException("eIDAS.04", new Object[] {citizenCountryCode});
@@ -161,7 +162,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
}
//TODO: switch to entityID
- revisionsLogger.logEvent(oaConfig, pendingReq,
+ revisionsLogger.logEvent(pendingReq,
MOAIDEventConstants.AUTHPROCESS_PEPS_SELECTED,
metadataUrl);
@@ -181,7 +182,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
} else {
boolean globallyMandatory = false;
- for (StorkAttribute currentGlobalAttribute : authConfig.getStorkConfig().getStorkAttributes())
+ for (StorkAttribute currentGlobalAttribute : ((AuthConfiguration)authConfig).getStorkConfig().getStorkAttributes())
if (current.getName().equals(currentGlobalAttribute.getName())) {
globallyMandatory = BooleanUtils.isTrue(currentGlobalAttribute.getMandatory());
break;
@@ -195,7 +196,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
//request
if (reqAttrList.isEmpty()) {
- Logger.info("No attributes requested by OA:" + pendingReq.getOnlineApplicationConfiguration().getPublicURLPrefix()
+ Logger.info("No attributes requested by OA:" + pendingReq.getServiceProviderConfiguration().getUniqueIdentifier()
+ " --> Request attr:" + Constants.eIDAS_ATTR_PERSONALIDENTIFIER + " by default");
AttributeDefinition<?> newAttribute = SAMLEngineUtils.getMapOfAllAvailableAttributes().get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
Builder<?> attrBuilder = AttributeDefinition.builder(newAttribute).required(true);
@@ -235,7 +236,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
//set service provider (eIDAS node) countryCode
authnRequestBuilder.serviceProviderCountryCode(
- authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE, "AT"));
+ authConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE, "AT"));
//set citizen country code for foreign uses
authnRequestBuilder.citizenCountryCode(cpeps.getCountryCode());
@@ -302,7 +303,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
String actionType = "SAMLRequest";
context.put(actionType, SAMLRequest);
- context.put("RelayState", pendingReq.getRequestID());
+ context.put("RelayState", pendingReq.getPendingRequestId());
context.put("action", authnReqEndpoint.getLocation());
Logger.debug("Using SingleSignOnService url as action: " + authnReqEndpoint.getLocation());
@@ -323,7 +324,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
response.setContentLength(content.length);
response.getOutputStream().write(content);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq,
+ revisionsLogger.logEvent(pendingReq,
MOAIDEventConstants.AUTHPROCESS_PEPS_REQUESTED,
authnRequest.getRequest().getId());
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
index 5f6f01f01..55416e92b 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
@@ -7,6 +7,7 @@ import org.opensaml.saml2.core.StatusCode;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
@@ -16,9 +17,9 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetada
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASResponseNotSuccessException;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
+import at.gv.egovernment.moa.id.commons.api.data.AuthProzessDataConstants;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.eidas.validator.eIDASResponseValidator;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.logging.Logger;
@@ -36,7 +37,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response) throws TaskExecutionException {
- try{
+ try{
//get SAML Response
String base64SamlToken = request.getParameter("SAMLResponse");
if (MiscUtil.isEmpty(base64SamlToken)) {
@@ -46,7 +47,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
}
//get MOASession
- defaultTaskInitialization(request, executionContext);
+ //defaultTaskInitialization(request, executionContext);
//decode SAML response
byte[] decSamlToken = EidasStringUtil.decodeBytesFromBase64(base64SamlToken);
@@ -79,7 +80,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
// **********************************************************
// ******* MOA-ID specific response validation **********
// **********************************************************
- String spCountry = authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE, "AT");
+ String spCountry = authConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE, "AT");
eIDASResponseValidator.validateResponse(pendingReq, samlResp, spCountry);
@@ -90,23 +91,23 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
//update MOA-Session data with received information
Logger.debug("Store eIDAS response information into MOA-session.");
- moasession.setQAALevel(samlResp.getLevelOfAssurance());
-
- moasession.setGenericDataToSession(
+ pendingReq.setGenericDataToSession(AuthProzessDataConstants.VALUE_QAALEVEL, samlResp.getLevelOfAssurance());
+
+ pendingReq.setGenericDataToSession(
AuthenticationSessionStorageConstants.eIDAS_ATTRIBUTELIST,
samlResp.getAttributes());
- moasession.setGenericDataToSession(
+ pendingReq.setGenericDataToSession(
AuthenticationSessionStorageConstants.eIDAS_RESPONSE,
decSamlToken);
//set issuer nation as PVP attribute into MOASession
- moasession.setGenericDataToSession(PVPConstants.EID_ISSUING_NATION_NAME, samlResp.getCountry());
+ pendingReq.setGenericDataToSession(PVPConstants.EID_ISSUING_NATION_NAME, samlResp.getCountry());
//store MOA-session to database
requestStoreage.storePendingRequest(pendingReq);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq,
+ revisionsLogger.logEvent(pendingReq,
MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED,
samlResp.getId());
@@ -116,20 +117,20 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
}catch (EIDASSAMLEngineException e) {
Logger.warn("eIDAS Response validation FAILED.", e);
Logger.debug("eIDAS response was: " + request.getParameter("SAMLResponse"));
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq,
+ revisionsLogger.logEvent(pendingReq,
MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED_ERROR);
throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.",
new EIDASEngineException("eIDAS.09", new Object[]{e.getMessage()}, e));
} catch (MOADatabaseException e) {
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq,
+ revisionsLogger.logEvent(pendingReq,
MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED_ERROR);
throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.",
new MOAIDException("init.04", new Object[]{""}, e));
} catch (Exception e) {
Logger.warn("eIDAS Response processing FAILED.", e);
- revisionsLogger.logEvent(pendingReq.getOnlineApplicationConfiguration(), pendingReq,
+ revisionsLogger.logEvent(pendingReq,
MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED_ERROR);
throw new TaskExecutionException(pendingReq, e.getMessage(),
new MOAIDException("eIDAS.10", new Object[]{e.getMessage()}, e));
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java
index 02a5df098..8e840e2c1 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SAMLEngineUtils.java
@@ -82,7 +82,7 @@ public class SAMLEngineUtils {
//load additional eIDAS attribute definitions
String additionalAttributeConfigFile =
- AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfiguration(
+ AuthConfigurationProviderFactory.getInstance().getBasicConfiguration(
Constants.CONIG_PROPS_EIDAS_SAMLENGINE_ATTIONAL_ATTRIBUTE_DEFINITIONS);
AttributeRegistry addAttrDefinitions = AttributeRegistries.empty();
if (MiscUtil.isNotEmpty(additionalAttributeConfigFile)) {
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java
index d43fa1622..e3b58d259 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/SimpleEidasAttributeGenerator.java
@@ -22,7 +22,7 @@
*/
package at.gv.egovernment.moa.id.auth.modules.eidas.utils;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
/**
* @author tlenz
@@ -37,7 +37,7 @@ public class SimpleEidasAttributeGenerator implements IAttributeGenerator<String
public String buildStringAttribute(String friendlyName, String name, String value) {
return value;
- }
+ }
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator#buildIntegerAttribute(java.lang.String, java.lang.String, int)
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java
index 37eca73e5..8add8e206 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java
@@ -30,14 +30,15 @@ import java.util.ServiceLoader;
import com.google.common.collect.ImmutableSet;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
import at.gv.egovernment.moa.id.data.Pair;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import eu.eidas.auth.commons.attribute.AttributeDefinition;
@@ -52,7 +53,7 @@ import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException;
*/
public class eIDASAttributeBuilder extends PVPAttributeBuilder {
private static IAttributeGenerator<String> generator = new SimpleEidasAttributeGenerator();
-
+
private static List<String> listOfSupportedeIDASAttributes;
private static ServiceLoader<IeIDASAttribute> eIDASAttributLoader =
ServiceLoader.load(IeIDASAttribute.class);
@@ -99,7 +100,7 @@ public class eIDASAttributeBuilder extends PVPAttributeBuilder {
* @param authData Authentication data that contains user information for attribute generation
* @return eIDAS attribute response {@link Pair} or null if the attribute generation FAILES
*/
- public static Pair<AttributeDefinition<?>,ImmutableSet<AttributeValue<?>>> buildAttribute(AttributeDefinition<?> attr, IOAAuthParameters onlineApplicationConfiguration,
+ public static Pair<AttributeDefinition<?>,ImmutableSet<AttributeValue<?>>> buildAttribute(AttributeDefinition<?> attr, ISPConfiguration onlineApplicationConfiguration,
IAuthData authData) {
String attrName = attr.getNameUri().toString();
@@ -110,11 +111,15 @@ public class eIDASAttributeBuilder extends PVPAttributeBuilder {
if (attrBuilder != null) {
try {
String attrValue = attrBuilder.build(onlineApplicationConfiguration, authData, generator);
+ boolean isMandatesUsed = false;
+ if (authData instanceof IMOAAuthData)
+ isMandatesUsed = ((IMOAAuthData)authData).isUseMandate();
+
if (MiscUtil.isNotEmpty(attrValue)) {
//set uniqueIdentifier attribute, because eIDAS SAMLEngine use this flag to select the
// Subject->NameID value from this attribute
Builder<?> eIDASAttrBuilder = AttributeDefinition.builder(attr);
- eIDASAttrBuilder.uniqueIdentifier(evaluateUniqueID(attrName, authData.isUseMandate()));
+ eIDASAttrBuilder.uniqueIdentifier(evaluateUniqueID(attrName, isMandatesUsed));
AttributeDefinition<?> returnAttr = eIDASAttrBuilder.build();
//unmarshal attribute value into eIDAS attribute
@@ -135,7 +140,7 @@ public class eIDASAttributeBuilder extends PVPAttributeBuilder {
}
- } catch (AttributeException e) {
+ } catch (AttributeBuilderException e) {
Logger.debug("Attribute can not generate requested attribute:" + attr.getNameUri().toString() + " Reason:" + e.getMessage());
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
index 7d25af05a..a9a3ef01f 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASData.java
@@ -1,8 +1,5 @@
package at.gv.egovernment.moa.id.protocols.eidas;
-import java.util.Collection;
-
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
@@ -30,13 +27,7 @@ public class EIDASData extends RequestImpl {
private String remoteIPAddress;
private String remoteRelayState;
-
- @Override
- public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
- // TODO Auto-generated method stub
- return null;
- }
-
+
/**
* Gets the eidas requested attributes.
*
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
index 8ed9e1f2e..ce5f4dc6b 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
@@ -45,8 +45,9 @@ import org.springframework.web.bind.annotation.RequestMethod;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
-import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
@@ -59,7 +60,6 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASException;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -81,9 +81,11 @@ import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
*
* @author tlenz
*/
-@Controller
+@Controller
public class EIDASProtocol extends AbstractAuthProtocolModulController implements IModulInfo {
+ public static final String eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE = "eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE";
+
public static final String NAME = EIDASProtocol.class.getName();
public static final String PATH = "eidas";
@@ -109,11 +111,11 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
//eIDAS metadata end-point
@RequestMapping(value = "/eidas/metadata", method = {RequestMethod.GET})
- public void eIDASMetadataRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException {
+ public void eIDASMetadataRequest(HttpServletRequest req, HttpServletResponse resp) throws EAAFException {
//create pendingRequest object
EIDASData pendingReq = applicationContext.getBean(EIDASData.class);
- pendingReq.initialize(req);
+ pendingReq.initialize(req, authConfig);
pendingReq.setModule(NAME);
pendingReq.setNeedAuthentication(false);
pendingReq.setAuthenticated(false);
@@ -138,11 +140,11 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
//PVP2.x IDP POST-Binding end-point
@RequestMapping(value = "/eidas/ColleagueRequest", method = {RequestMethod.POST})
- public void PVPIDPPostRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException {
+ public void PVPIDPPostRequest(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
//create pending-request object
EIDASData pendingReq = applicationContext.getBean(EIDASData.class);
- pendingReq.initialize(req);
+ pendingReq.initialize(req, authConfig);
pendingReq.setModule(NAME);
revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier());
@@ -192,7 +194,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
ProtocolEngineI engine = SAMLEngineUtils.createSAMLEngine(eIDASMetadataProvider);
String cititzenCountryCode =
- authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE,
+ authConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE,
MOAIDAuthConstants.COUNTRYCODE_AUSTRIA);
@@ -222,7 +224,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
}
//check eIDAS node configuration
- IOAAuthParameters oaConfig = authConfig.getOnlineApplicationParameter(samlReq.getIssuer());
+ ISPConfiguration oaConfig = authConfig.getServiceProviderConfiguration(samlReq.getIssuer());
if (oaConfig == null)
throw new EIDASAuthnRequestProcessingException("eIDAS.08", new Object[]{samlReq.getIssuer()});
@@ -347,7 +349,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
pendingReq.setRemoteRelayState(relayState);
//store level of assurance
- pendingReq.setGenericDataToSession(RequestImpl.eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE,
+ pendingReq.setGenericDataToSession(eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE,
eIDASSamlReq.getEidasLevelOfAssurance().stringValue());
//set flag if transiend identifier is requested
@@ -364,7 +366,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
pendingReq.setEidasRequest(eIDASSamlReq);
// - memorize OA url
- pendingReq.setOAURL(samlReq.getIssuer());
+ pendingReq.setSPEntityId(samlReq.getIssuer());
// - memorize OA config
pendingReq.setOnlineApplicationConfiguration(oaConfig);
@@ -487,7 +489,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
private boolean iseIDASTargetAValidOrganisation(String reqCC, String bPKTargetArea) {
if (MiscUtil.isNotEmpty(reqCC)) {
List<String> allowedOrganisations = KeyValueUtils.getListOfCSVValues(
- authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROPS_EIDAS_BPK_TARGET_PREFIX + reqCC.toLowerCase()));
+ authConfig.getBasicConfiguration(Constants.CONFIG_PROPS_EIDAS_BPK_TARGET_PREFIX + reqCC.toLowerCase()));
if (allowedOrganisations.contains(bPKTargetArea)) {
Logger.debug(bPKTargetArea + " is a valid OrganisationIdentifier for request-country: "+ reqCC);
return true;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
index 5df905d31..bbd132a3b 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
@@ -28,10 +28,10 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Service;
-import at.gv.egiz.eaaf.core.api.IAction;
import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egiz.eaaf.core.api.data.SLOInformationInterface;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider;
import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
@@ -56,7 +56,7 @@ import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
*/
@Service("EidasMetaDataRequest")
public class EidasMetaDataRequest implements IAction {
-
+
@Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider;
@Autowired(required=true) AuthConfiguration authConfig;
@@ -136,7 +136,7 @@ public class EidasMetaDataRequest implements IAction {
metadataConfigBuilder.authnRequestsSigned(true);
metadataConfigBuilder.wantAssertionsSigned(true);
metadataConfigBuilder.assuranceLevel(
- authConfig.getBasicMOAIDConfiguration(
+ authConfig.getBasicConfiguration(
Constants.CONIG_PROPS_EIDAS_NODE_LoA,
MOAIDAuthConstants.eIDAS_LOA_HIGH));
@@ -172,7 +172,7 @@ public class EidasMetaDataRequest implements IAction {
if (pvpOrganisation != null) {
eu.eidas.auth.engine.metadata.OrganizationData.Builder organizationConfig = OrganizationData.builder();
organizationConfig.url(pvpOrganisation.getURLs().get(0).getURL().getLocalString());
- organizationConfig.name(authConfig.getBasicMOAIDConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRY, "Austria"));
+ organizationConfig.name(authConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRY, "Austria"));
//TODO: add display name and maybe update name
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/IeIDASAttribute.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/IeIDASAttribute.java
index 15060fb52..84b68f91a 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/IeIDASAttribute.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/IeIDASAttribute.java
@@ -22,12 +22,12 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
/**
* @author tlenz
*
*/
-public interface IeIDASAttribute extends IAttributeBuilder{
+public interface IeIDASAttribute extends IAttributeBuilder{
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrDateOfBirth.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrDateOfBirth.java
index 64e5ae770..1f00af765 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrDateOfBirth.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrDateOfBirth.java
@@ -22,14 +22,14 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.BirthdateAttributeBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.BirthdateAttributeBuilder;
/**
* @author tlenz
*
*/
public class eIDASAttrDateOfBirth extends BirthdateAttributeBuilder implements IeIDASAttribute {
-
+
@Override
public String getName() {
return eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.DATE_OF_BIRTH.getNameUri().toString();
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrFamilyName.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrFamilyName.java
index 6fde4696a..50b270765 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrFamilyName.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrFamilyName.java
@@ -22,10 +22,10 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
/**
* @author tlenz
@@ -36,7 +36,7 @@ public class eIDASAttrFamilyName implements IeIDASAttribute{
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder#getName()
*/
- @Override
+ @Override
public String getName() {
return eu.eidas.auth.engine.core.eidas.spec.NaturalPersonSpec.Definitions.CURRENT_FAMILY_NAME.getNameUri().toString();
}
@@ -45,8 +45,8 @@ public class eIDASAttrFamilyName implements IeIDASAttribute{
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder#build(at.gv.egovernment.moa.id.commons.api.IOAAuthParameters, at.gv.egovernment.moa.id.data.IAuthData, at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator)
*/
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
- throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
return g.buildStringAttribute(null, getName(), authData.getFamilyName());
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrGivenName.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrGivenName.java
index 812e9f83a..3b83a9793 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrGivenName.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrGivenName.java
@@ -22,10 +22,10 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
/**
* @author tlenz
@@ -45,8 +45,8 @@ public class eIDASAttrGivenName implements IeIDASAttribute{
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder#build(at.gv.egovernment.moa.id.commons.api.IOAAuthParameters, at.gv.egovernment.moa.id.data.IAuthData, at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator)
*/
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
- throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
return g.buildStringAttribute(null, getName(), authData.getGivenName());
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java
index 028be9096..7f18c21cb 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrLegalPersonIdentifier.java
@@ -22,11 +22,12 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -38,24 +39,26 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class eIDASAttrLegalPersonIdentifier extends MandateLegalPersonSourcePinAttributeBuilder implements IeIDASAttribute {
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
- if(authData.isUseMandate()) {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+
+ if (authData instanceof IMOAAuthData) {
+ if(((IMOAAuthData)authData).isUseMandate()) {
- //extract eIDAS unique Id prefix from naturalPerson bPK identifier
- if (MiscUtil.isEmpty(authData.getBPKType())
+ //extract eIDAS unique Id prefix from naturalPerson bPK identifier
+ if (MiscUtil.isEmpty(authData.getBPKType())
|| !authData.getBPKType().startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
- Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
- throw new AttributeException("Suspect bPKType for eIDAS identifier generation");
+ Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
+ throw new AttributeBuilderException("Suspect bPKType for eIDAS identifier generation");
- }
-
- //add eIDAS eID prefix to legal person identifier
- String prefix = authData.getBPKType().substring(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS.length() + 1);
- String legalPersonID = prefix.replaceAll("\\+", "/") + "/" + getLegalPersonIdentifierFromMandate(authData);
- return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME,
- MANDATE_LEG_PER_SOURCE_PIN_NAME, legalPersonID);
+ }
+ //add eIDAS eID prefix to legal person identifier
+ String prefix = authData.getBPKType().substring(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS.length() + 1);
+ String legalPersonID = prefix.replaceAll("\\+", "/") + "/" + getLegalPersonIdentifierFromMandate(((IMOAAuthData)authData));
+ return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME,
+ MANDATE_LEG_PER_SOURCE_PIN_NAME, legalPersonID);
+ }
}
return null;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrNaturalPersonalIdentifier.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrNaturalPersonalIdentifier.java
index f36f9298c..14b1d06b6 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrNaturalPersonalIdentifier.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrNaturalPersonalIdentifier.java
@@ -24,14 +24,14 @@ package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
import java.security.MessageDigest;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.eIDASAttributeProcessingUtils;
import at.gv.egovernment.moa.id.data.Trible;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
import at.gv.egovernment.moa.id.protocols.eidas.EIDASData;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -54,8 +54,8 @@ public class eIDASAttrNaturalPersonalIdentifier implements IeIDASAttribute{
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder#build(at.gv.egovernment.moa.id.commons.api.IOAAuthParameters, at.gv.egovernment.moa.id.data.IAuthData, at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator)
*/
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
- throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
String personalID = authData.getBPK();
//generate eIDAS conform 'PersonalIdentifier' attribute
@@ -64,7 +64,7 @@ public class eIDASAttrNaturalPersonalIdentifier implements IeIDASAttribute{
if (MiscUtil.isEmpty(authData.getBPKType())
|| !authData.getBPKType().startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
- throw new AttributeException("Suspect bPKType for eIDAS identifier generation");
+ throw new AttributeBuilderException("Suspect bPKType for eIDAS identifier generation");
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeLegalPersonIdentifier.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeLegalPersonIdentifier.java
index 692896842..6c65872e4 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeLegalPersonIdentifier.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeLegalPersonIdentifier.java
@@ -22,11 +22,12 @@
*/
package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateLegalPersonSourcePinAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -37,24 +38,27 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class eIDASAttrRepresentativeLegalPersonIdentifier extends MandateLegalPersonSourcePinAttributeBuilder implements IeIDASAttribute {
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData,
- IAttributeGenerator<ATT> g) throws AttributeException {
- if(authData.isUseMandate()) {
-
- //extract eIDAS unique Id prefix from naturalPerson bPK identifier
- if (MiscUtil.isEmpty(authData.getBPKType())
- || !authData.getBPKType().startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
- Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
- throw new AttributeException("Suspect bPKType for eIDAS identifier generation");
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+
+ if (authData instanceof IMOAAuthData) {
+ if(((IMOAAuthData)authData).isUseMandate()) {
+
+ //extract eIDAS unique Id prefix from naturalPerson bPK identifier
+ if (MiscUtil.isEmpty(authData.getBPKType())
+ || !authData.getBPKType().startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
+ Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
+ throw new AttributeBuilderException("Suspect bPKType for eIDAS identifier generation");
+
+ }
+
+ //add eIDAS eID prefix to legal person identifier
+ String prefix = authData.getBPKType().substring(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS.length() + 1);
+ String legalPersonID = prefix.replaceAll("\\+", "/") + "/" + getLegalPersonIdentifierFromMandate(((IMOAAuthData)authData));
+ return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME,
+ MANDATE_LEG_PER_SOURCE_PIN_NAME, legalPersonID);
- }
-
- //add eIDAS eID prefix to legal person identifier
- String prefix = authData.getBPKType().substring(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS.length() + 1);
- String legalPersonID = prefix.replaceAll("\\+", "/") + "/" + getLegalPersonIdentifierFromMandate(authData);
- return g.buildStringAttribute(MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME,
- MANDATE_LEG_PER_SOURCE_PIN_NAME, legalPersonID);
-
+ }
}
return null;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java
index 98915a562..6c3bfc569 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/attributes/builder/eIDASAttrRepresentativeNaturalPersonalIdentifier.java
@@ -24,16 +24,16 @@ package at.gv.egovernment.moa.id.protocols.eidas.attributes.builder;
import java.security.MessageDigest;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.eIDASAttributeProcessingUtils;
import at.gv.egovernment.moa.id.data.Pair;
import at.gv.egovernment.moa.id.data.Trible;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator;
import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateNaturalPersonBPKAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.eidas.EIDASData;
-import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -56,8 +56,8 @@ public class eIDASAttrRepresentativeNaturalPersonalIdentifier extends MandateNat
* @see at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeBuilder#build(at.gv.egovernment.moa.id.commons.api.IOAAuthParameters, at.gv.egovernment.moa.id.data.IAuthData, at.gv.egovernment.moa.id.protocols.builder.attributes.IAttributeGenerator)
*/
@Override
- public <ATT> ATT build(IOAAuthParameters oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
- throws AttributeException {
+ public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData, IAttributeGenerator<ATT> g)
+ throws AttributeBuilderException {
try {
Pair<String, String> calcResult = internalBPKGenerator(oaParam, authData);
@@ -71,7 +71,7 @@ public class eIDASAttrRepresentativeNaturalPersonalIdentifier extends MandateNat
if (MiscUtil.isEmpty(type)
|| !type.startsWith(at.gv.egovernment.moa.util.Constants.URN_PREFIX_EIDAS)) {
Logger.error("BPKType is empty or does not start with eIDAS bPKType prefix! bPKType:" + authData.getBPKType());
- throw new AttributeException("Suspect bPKType for eIDAS identifier generation");
+ throw new AttributeBuilderException("Suspect bPKType for eIDAS identifier generation");
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
index 509d4b71a..82d0facd4 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/eIDASAuthenticationRequest.java
@@ -36,10 +36,10 @@ import org.springframework.stereotype.Service;
import com.google.common.collect.ImmutableSet;
-import at.gv.egiz.eaaf.core.api.IAction;
import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egiz.eaaf.core.api.data.SLOInformationInterface;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
@@ -47,6 +47,7 @@ import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetada
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.eIDASAttributeBuilder;
import at.gv.egovernment.moa.id.commons.MOAIDConstants;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
import at.gv.egovernment.moa.id.data.Pair;
import at.gv.egovernment.moa.id.data.SLOInformationImpl;
import at.gv.egovernment.moa.logging.Logger;
@@ -71,7 +72,7 @@ import eu.eidas.auth.engine.xml.opensaml.SAMLEngineUtils;
*/
@Service("eIDASAuthenticationRequest")
-public class eIDASAuthenticationRequest implements IAction {
+public class eIDASAuthenticationRequest implements IAction {
@Autowired protected IRevisionLogger revisionsLogger;
@Autowired(required=true) MOAeIDASChainingMetadataProvider eIDASMetadataProvider;
@@ -93,7 +94,8 @@ public class eIDASAuthenticationRequest implements IAction {
ImmutableAttributeMap reqAttributeList = (ImmutableAttributeMap) eidasRequest.getEidasRequestedAttributes();
//add mandate attr. to requested attributes of eMandates are used an no mandate attr. are requested
- if (authData.isUseMandate()) {
+ if (authData instanceof IMOAAuthData
+ && ((IMOAAuthData)authData).isUseMandate()) {
Logger.trace("eMandates are used. Starting eIDAS requsted attr. update process ....");
Builder reqAttrWithMandates = ImmutableAttributeMap.builder(reqAttributeList);
@@ -154,7 +156,7 @@ public class eIDASAuthenticationRequest implements IAction {
//add attributes
responseBuilder.attributes(eIDASAttrbutMap);
- //set success statuscode
+ //set success statuscode
responseBuilder.statusCode(StatusCode.SUCCESS_URI);
//build response
@@ -246,7 +248,7 @@ public class eIDASAuthenticationRequest implements IAction {
private void buildAndAddAttribute(ImmutableAttributeMap.Builder attrMapBuilder, AttributeDefinition<?> attr, IRequest req, IAuthData authData) throws MOAIDException {
Pair<AttributeDefinition<?>, ImmutableSet<AttributeValue<?>>> eIDASAttr = eIDASAttributeBuilder.buildAttribute(
- attr, req.getOnlineApplicationConfiguration(), authData);
+ attr, req.getServiceProviderConfiguration(), authData);
if(eIDASAttr == null) {
if (attr.isRequired()) {
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/validator/eIDASResponseValidator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/validator/eIDASResponseValidator.java
index 48b438b09..24d24db2c 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/validator/eIDASResponseValidator.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/validator/eIDASResponseValidator.java
@@ -26,6 +26,7 @@ import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
import at.gv.egovernment.moa.id.auth.modules.eidas.utils.eIDASAttributeProcessingUtils;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.data.Trible;
import at.gv.egovernment.moa.logging.Logger;
@@ -46,7 +47,7 @@ public class eIDASResponseValidator {
* validate received LoA against minimum required LoA |
*_____________________________________________________|
*/
- LevelOfAssurance reqLoA = LevelOfAssurance.fromString(pendingReq.getOnlineApplicationConfiguration().getQaaLevel());
+ LevelOfAssurance reqLoA = LevelOfAssurance.fromString(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).getQaaLevel());
LevelOfAssurance respLoA = LevelOfAssurance.fromString(samlResp.getLevelOfAssurance());
if (respLoA.numericValue() < reqLoA.numericValue()) {
Logger.error("eIDAS Response LevelOfAssurance is lower than the required! "
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java
index f14ffb111..0d460f293 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java
@@ -25,10 +25,10 @@ package at.gv.egovernment.moa.id.auth.modules.elgamandates;
import org.springframework.beans.factory.annotation.Autowired;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.util.MiscUtil;
/**
@@ -40,14 +40,14 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class ELGAMandatesAuthModuleImpl extends DefaultCitizenCardAuthModuleImpl {
@Autowired private AuthConfiguration authConfig;
-
+
private int priority = 0;
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
*/
@Override
- public int getPriority() {
+ public int getPriority() {
return priority;
}
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java
index 7a8c0c9e0..5c1f8e7bb 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java
@@ -28,6 +28,7 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
@@ -35,7 +36,6 @@ import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConsta
import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateUtils;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -50,7 +50,7 @@ public class EvaluateMandateServiceTask extends AbstractAuthServletTask {
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
- @Override
+ @Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
try {
@@ -68,7 +68,7 @@ public class EvaluateMandateServiceTask extends AbstractAuthServletTask {
if (useELGA) {
//validate service-provider again
if (!ELGAMandateUtils.checkServiceProviderAgainstELGAModulConfigration(authConfig, pendingReq)) {
- Logger.info("Service-Provider: " + pendingReq.getOnlineApplicationConfiguration().getPublicURLPrefix()
+ Logger.info("Service-Provider: " + pendingReq.getServiceProviderConfiguration().getUniqueIdentifier()
+ " does not fulfill requirements to use ELGA-MandateService.");
throw new MOAIDException("service.10", new Object[]{
ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING,
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java
index 015a40507..12f2bde60 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java
@@ -37,6 +37,7 @@ import org.opensaml.xml.security.SecurityException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
@@ -45,7 +46,6 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateServiceMetadataProvider;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandatesCredentialProvider;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IDecoder;
@@ -78,7 +78,7 @@ public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask {
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
- @Override
+ @Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
InboundMessage msg = null;
@@ -113,7 +113,8 @@ public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask {
if (MiscUtil.isEmpty(msg.getEntityID())) {
throw new InvalidProtocolRequestException("sp.pvp2.04",
- new Object[] {ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING});
+ new Object[] {ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING},
+ "No service-provider with EntityId: " + msg.getEntityID() + " in configuration");
}
@@ -144,12 +145,6 @@ public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask {
}
-
-
- //load MOASession object
- defaultTaskInitialization(request, executionContext);
-
-
/**
* Mandate Reference-Value is generated from ELGA MandateServie -->
* MOA-ID generated reference value is not equal to reference-value from ELGA MandateService
@@ -169,7 +164,7 @@ public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask {
Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
for (String el : includedAttrNames) {
- moasession.setGenericDataToSession(el, extractor.getSingleAttributeValue(el));
+ pendingReq.setGenericDataToSession(el, extractor.getSingleAttributeValue(el));
Logger.debug("Add PVP-attribute " + el + " into MOASession");
}
@@ -186,11 +181,13 @@ public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask {
extractor.getSingleAttributeValue(PVPConstants.MANDATE_TYPE_NAME));
revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_TYPE,
MOAReversionLogger.NAT_PERSON);
- revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_HASH,
- revisionsLogger.buildPersonInformationHash(
- extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME),
- extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME),
- extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME)));
+
+ //TODO!!!!
+// revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.PERSONAL_INFORMATION_MANDATE_MANDATOR_HASH,
+// revisionsLogger.buildPersonInformationHash(
+// extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_GIVEN_NAME_NAME),
+// extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_FAMILY_NAME_NAME),
+// extractor.getSingleAttributeValue(PVPConstants.MANDATE_NAT_PER_BIRTHDATE_NAME)));
Logger.info("Receive a valid assertion from ELGA mandate-service " + msg.getEntityID());
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RedirectToMandateSelectionTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RedirectToMandateSelectionTask.java
index 6eff5e574..625623f4a 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RedirectToMandateSelectionTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RedirectToMandateSelectionTask.java
@@ -29,12 +29,12 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateUtils;
import at.gv.egovernment.moa.id.auth.servlet.GeneralProcessEngineSignalController;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
/**
@@ -45,7 +45,7 @@ import at.gv.egovernment.moa.logging.Logger;
public class RedirectToMandateSelectionTask extends AbstractAuthServletTask {
@Autowired IGUIFormBuilder guiBuilder;
-
+
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
index abe23f0a4..70dc87df9 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
@@ -35,11 +35,13 @@ import org.opensaml.xml.security.SecurityException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.config.ELGAMandatesRequestBuilderConfiguration;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.exceptions.ELGAMetadataException;
@@ -49,7 +51,6 @@ import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.data.Pair;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAuthnRequestBuilder;
import at.gv.egovernment.moa.logging.Logger;
@@ -67,7 +68,7 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
@Autowired ELGAMandatesCredentialProvider credential;
@Autowired AuthConfiguration authConfig;
@Autowired ELGAMandateServiceMetadataProvider metadataService;
-
+
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@@ -76,7 +77,7 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
throws TaskExecutionException {
try{
// get IDP entityID from Online Application configuration
- String elgaMandateServiceEntityID = pendingReq.getOnlineApplicationConfiguration().getConfigurationValue(ELGAMandatesAuthConstants.CONFIG_PROPS_ENTITYID);
+ String elgaMandateServiceEntityID = pendingReq.getServiceProviderConfiguration().getConfigurationValue(ELGAMandatesAuthConstants.CONFIG_PROPS_ENTITYID);
// use first ELGA Mandate-Service from general MOA-ID configuration, of no OA specific exists
if (MiscUtil.isEmpty(elgaMandateServiceEntityID)) {
@@ -100,7 +101,7 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
}
//load metadata with metadataURL, as backup
- String metadataURL = authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_METADATAURL);
+ String metadataURL = authConfig.getBasicConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_METADATAURL);
if (MiscUtil.isNotEmpty(metadataURL)) {
Logger.warn("Use not recommended metadata-provider initialization!"
+ " SAML2 'Well-Known-Location' is the preferred methode.");
@@ -113,7 +114,8 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
EntityDescriptor entityDesc = metadataService.getEntityDescriptor(elgaMandateServiceEntityID);
//load MOASession from database
- defaultTaskInitialization(request, executionContext);
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+
//setup AuthnRequestBuilder configuration
ELGAMandatesRequestBuilderConfiguration authnReqConfig = new ELGAMandatesRequestBuilderConfiguration();
@@ -125,7 +127,7 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
//set bPK of representative
String representativeBPK = null;
- String configTarget = authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_SUBJECTNAMEID_TARGET);
+ String configTarget = authConfig.getBasicConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_SUBJECTNAMEID_TARGET);
if (MiscUtil.isEmpty(configTarget)) {
Logger.warn("Connect ELGA Mandate-Service FAILED -> No bPK-Type for SubjectNameID found.");
throw new MOAIDException("service.10",
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java
index 978f9db9d..854f9d2bb 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java
@@ -30,6 +30,7 @@ import org.springframework.stereotype.Component;
import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfiguration;
import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.GUIBuildException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
@@ -39,7 +40,6 @@ import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateUtils
import at.gv.egovernment.moa.id.auth.servlet.GeneralProcessEngineSignalController;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
/**
@@ -51,7 +51,7 @@ public class SelectMandateServiceTask extends AbstractAuthServletTask {
@Autowired IGUIFormBuilder guiBuilder;
- /* (non-Javadoc)
+ /* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@Override
@@ -67,7 +67,7 @@ public class SelectMandateServiceTask extends AbstractAuthServletTask {
ELGAMandatesAuthConstants.TEMPLATE_MANDATE_SERVICE_SELECTION,
MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_ELGAMANDATESERVICESELECTION_URL,
GeneralProcessEngineSignalController.ENDPOINT_GENERIC,
- authConfig.getRootConfigFileDir());
+ authConfig.getConfigurationRootDirectory().toURL().toString());
guiBuilder.build(response, config, "Mandate-Service selection");
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java
index adc2a310b..07f618c10 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java
@@ -238,7 +238,7 @@ public class ELGAMandateServiceMetadataProvider extends SimpleMOAMetadataProvide
//Metadata provider seems not loaded --> Add new metadata provider
Logger.info("Initialize PVP MetadataProvider:" + metdataURL + " to connect ELGA Mandate-Service");
- String trustProfileID = authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_METADATA_TRUSTPROFILE);
+ String trustProfileID = authConfig.getBasicConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_METADATA_TRUSTPROFILE);
if (MiscUtil.isEmpty(trustProfileID)) {
Logger.error("Create ELGA Mandate-Service Client FAILED: No trustProfileID to verify PVP metadata." );
throw new MetadataProviderException("No trustProfileID to verify PVP metadata.");
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateUtils.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateUtils.java
index 90eb7b0fb..6fa9c5a77 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateUtils.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateUtils.java
@@ -25,9 +25,10 @@ package at.gv.egovernment.moa.id.auth.modules.elgamandates.utils;
import java.util.List;
import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
-import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
/**
* @author tlenz
@@ -39,11 +40,11 @@ public class ELGAMandateUtils {
*
* @return true, if ELGA mandateservice is allowed, otherwise false
*/
- public static boolean checkServiceProviderAgainstELGAModulConfigration(AuthConfiguration authConfig, IRequest pendingReq) {
+ public static boolean checkServiceProviderAgainstELGAModulConfigration(IConfiguration authConfig, IRequest pendingReq) {
String allowedMandateTypesCSV =
- authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_ALLOWED_MANDATE_TYPES);
+ authConfig.getBasicConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_ALLOWED_MANDATE_TYPES);
List<String> allowedMandateTypes = KeyValueUtils.getListOfCSVValues(allowedMandateTypesCSV);
- List<String> spMandateProfiles = pendingReq.getOnlineApplicationConfiguration().getMandateProfiles();
+ List<String> spMandateProfiles = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).getMandateProfiles();
boolean isELGAMandateServiceAllowed = false;
if (spMandateProfiles != null) {
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandatesCredentialProvider.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandatesCredentialProvider.java
index f5bcdb70b..c8fe55e51 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandatesCredentialProvider.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandatesCredentialProvider.java
@@ -27,6 +27,7 @@ import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider;
import at.gv.egovernment.moa.util.FileUtils;
@@ -43,9 +44,9 @@ public class ELGAMandatesCredentialProvider extends AbstractCredentialProvider {
* @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getKeyStoreFilePath()
*/
@Override
- public String getKeyStoreFilePath() {
+ public String getKeyStoreFilePath() throws ConfigurationException {
return FileUtils.makeAbsoluteURL(
- authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_KEYSTORE),
+ authConfig.getBasicConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_KEYSTORE),
authConfig.getRootConfigFileDir());
}
@@ -54,7 +55,7 @@ public class ELGAMandatesCredentialProvider extends AbstractCredentialProvider {
*/
@Override
public String getKeyStorePassword() {
- return authConfig.getBasicMOAIDConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_KEYSTOREPASSWORD).trim();
+ return authConfig.getBasicConfiguration(ELGAMandatesAuthConstants.CONFIG_PROPS_KEYSTOREPASSWORD).trim();
}
@@ -63,7 +64,7 @@ public class ELGAMandatesCredentialProvider extends AbstractCredentialProvider {
*/
@Override
public String getMetadataKeyAlias() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
ELGAMandatesAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS_PASSWORD).trim();
}
@@ -72,7 +73,7 @@ public class ELGAMandatesCredentialProvider extends AbstractCredentialProvider {
*/
@Override
public String getMetadataKeyPassword() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
ELGAMandatesAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD).trim();
}
@@ -81,7 +82,7 @@ public class ELGAMandatesCredentialProvider extends AbstractCredentialProvider {
*/
@Override
public String getSignatureKeyAlias() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
ELGAMandatesAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS_PASSWORD).trim();
}
@@ -90,7 +91,7 @@ public class ELGAMandatesCredentialProvider extends AbstractCredentialProvider {
*/
@Override
public String getSignatureKeyPassword() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
ELGAMandatesAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD).trim();
}
@@ -99,7 +100,7 @@ public class ELGAMandatesCredentialProvider extends AbstractCredentialProvider {
*/
@Override
public String getEncryptionKeyAlias() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
ELGAMandatesAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS_PASSWORD).trim();
}
@@ -108,7 +109,7 @@ public class ELGAMandatesCredentialProvider extends AbstractCredentialProvider {
*/
@Override
public String getEncryptionKeyPassword() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
ELGAMandatesAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD).trim();
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
index 46381fb3d..d97c8f7cf 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
@@ -42,7 +42,6 @@ import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDSectorForIDAttributeB
import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDSourcePIN;
import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDSourcePINType;
import at.gv.egovernment.moa.id.auth.stork.STORKConstants;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.data.Pair;
import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDAuthBlock;
import at.gv.egovernment.moa.id.protocols.builder.attributes.EIDCcsURL;
@@ -230,33 +229,33 @@ public final class OAuth20AttributeBuilder {
}
public static void addScopeOpenId(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData,
+ final ISPConfiguration oaParam, final IAuthData authData,
final OAuth20AuthRequest oAuthRequest) {
addAttibutes(buildersOpenId, jsonObject, oaParam, authData, oAuthRequest);
}
public static void addScopeProfile(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData) {
+ final ISPConfiguration oaParam, final IAuthData authData) {
addAttibutes(buildersProfile, jsonObject, oaParam, authData, null);
}
public static void addScopeEID(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData) {
+ final ISPConfiguration oaParam, final IAuthData authData) {
addAttibutes(buildersEID, jsonObject, oaParam, authData, null);
}
public static void addScopeEIDGov(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData) {
+ final ISPConfiguration oaParam, final IAuthData authData) {
addAttibutes(buildersEIDGov, jsonObject, oaParam, authData, null);
}
public static void addScopeMandate(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData) {
+ final ISPConfiguration oaParam, final IAuthData authData) {
addAttibutes(buildersMandate, jsonObject, oaParam, authData, null);
}
public static void addScopeSTORK(final JsonObject jsonObject,
- final IOAAuthParameters oaParam, final IAuthData authData) {
+ final ISPConfiguration oaParam, final IAuthData authData) {
addAttibutes(buildersSTORK, jsonObject, oaParam, authData, null);
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
index 0189bc97d..5d461afc8 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
@@ -33,11 +33,11 @@ import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
-import at.gv.egiz.eaaf.core.api.IAction;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egiz.eaaf.core.api.data.SLOInformationInterface;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
import at.gv.egiz.eaaf.core.impl.utils.Random;
@@ -67,7 +67,7 @@ class OAuth20AuthAction implements IAction {
IAuthData authData) throws MOAIDException {
OAuth20AuthRequest oAuthRequest = (OAuth20AuthRequest) req;
- String responseType = oAuthRequest.getResponseType();
+ String responseType = oAuthRequest.getResponseType();
revisionsLogger.logEvent(req, MOAIDEventConstants.AUTHPROTOCOL_OPENIDCONNECT_AUTHREQUEST);
@@ -111,7 +111,7 @@ class OAuth20AuthAction implements IAction {
//TODO: maybe add bPK / wbPK to SLO information
- SLOInformationInterface sloInformation = new SLOInformationImpl(req.getAuthURL(), req.getOnlineApplicationConfiguration().getPublicURLPrefix(), accessToken, null, null, req.requestedModule());
+ SLOInformationInterface sloInformation = new SLOInformationImpl(req.getAuthURL(), req.getServiceProviderConfiguration().getUniqueIdentifier(), accessToken, null, null, req.requestedModule());
return sloInformation;
}
@@ -156,9 +156,9 @@ class OAuth20AuthAction implements IAction {
private Pair<String, String> buildIdToken(String scope, OAuth20AuthRequest oAuthRequest, IAuthData authData)
throws MOAIDException, SignatureException {
- IOAAuthParameters oaParam = oAuthRequest.getOnlineApplicationConfiguration();
+ ISPConfiguration oaParam = oAuthRequest.getServiceProviderConfiguration();
- OAuthSigner signer = OAuth20SignatureUtil.loadSigner(authData.getIssuer());
+ OAuthSigner signer = OAuth20SignatureUtil.loadSigner(authData.getAuthenticationIssuer());
OAuthJsonToken token = new OAuthJsonToken(signer);
StringBuilder resultScopes = new StringBuilder();
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
index 1528cfb28..40701d91d 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
@@ -28,10 +28,10 @@ import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
-import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException;
@@ -180,7 +180,7 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest {
// check if client id and redirect uri are ok
try {
// OAOAUTH20 cannot be null at this point. check was done in base request
- IOAAuthParameters oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getSPEntityId());
+ ISPConfiguration oAuthConfig = authConfig.getServiceProviderConfiguration(this.getSPEntityId());
if (!this.getClientID().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))
@@ -192,7 +192,7 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest {
Logger.info("Dispatch OpenIDConnect AuthRequest: ClientID=" + this.clientID);
- } catch (ConfigurationException e) {
+ } catch (EAAFConfigurationException e) {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
}
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index ff802136f..e04d719d9 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -19,8 +19,8 @@ import com.google.gson.JsonObject;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
-import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
@@ -30,7 +30,6 @@ import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.util.ErrorResponseUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -49,7 +48,7 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
PVPConstants.BPK_NAME
});
- public String getName() {
+ public String getName() {
return NAME;
}
@@ -68,22 +67,22 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
//OpenID Connect auth request
@RequestMapping(value = "/oauth2/auth", method = {RequestMethod.POST, RequestMethod.GET})
- public void openIDConnectAuthRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException {
- if (!authConfig.getAllowedProtocols().isOAUTHActive()) {
- Logger.info("OpenID-Connect is deaktivated!");
- throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
-
- }
+ public void openIDConnectAuthRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException, InvalidProtocolRequestException {
+// if (!authConfig.getAllowedProtocols().isOAUTHActive()) {
+// Logger.info("OpenID-Connect is deaktivated!");
+// throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
+//
+// }
OAuth20AuthRequest pendingReq = applicationContext.getBean(OAuth20AuthRequest.class);
try {
- pendingReq.initialize(req);
+ pendingReq.initialize(req, authConfig);
pendingReq.setModule(OAuth20Protocol.NAME);
pendingReq.populateParameters(req);
- } catch (OAuth20Exception e) {
+ } catch (EAAFException e) {
Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
- throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters(), e);
+ throw new InvalidProtocolRequestException(e.getErrorId(), e.getParams(), e.getMessage(), e);
}
@@ -102,22 +101,22 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
//openID Connect tokken request
@RequestMapping(value = "/oauth2/token", method = {RequestMethod.POST, RequestMethod.GET})
- public void OpenIDConnectTokkenRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException {
- if (!authConfig.getAllowedProtocols().isOAUTHActive()) {
- Logger.info("OpenID-Connect is deaktivated!");
- throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
-
- }
+ public void OpenIDConnectTokkenRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException, InvalidProtocolRequestException {
+// if (!authConfig.getAllowedProtocols().isOAUTHActive()) {
+// Logger.info("OpenID-Connect is deaktivated!");
+// throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
+//
+// }
OAuth20TokenRequest pendingReq = applicationContext.getBean(OAuth20TokenRequest.class);
try {
- pendingReq.initialize(req);
+ pendingReq.initialize(req, authConfig);
pendingReq.setModule(OAuth20Protocol.NAME);
pendingReq.populateParameters(req);
- } catch (OAuth20Exception e) {
+ } catch (EAAFException e) {
Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
- throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters(), e);
+ throw new InvalidProtocolRequestException(e.getErrorId(), e.getParams(), e.getMessage(), e);
}
@@ -149,18 +148,16 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
String errorUri = protocolRequest.getAuthURL()
+"/" + OAuth20Constants.ERRORPAGE;
String moaError = null;
-
- ErrorResponseUtils errorUtils = ErrorResponseUtils.getInstance();
-
+
if (e instanceof OAuth20Exception) {
errorCode = ((OAuth20Exception) e).getErrorCode();
errorDescription = URLEncoder.encode(((OAuth20Exception) e).getMessageId() + ": " + e.getMessage(), "UTF-8");
- moaError = errorUtils.mapInternalErrorToExternalError(((OAuth20Exception) e).getMessageId());
+ moaError = statusMessager.mapInternalErrorToExternalError(((OAuth20Exception) e).getMessageId());
} else {
errorCode = OAuth20Constants.ERROR_SERVER_ERROR;
errorDescription = URLEncoder.encode(e.getMessage(), "UTF-8");
- moaError = errorUtils.getResponseErrorCode(e);
+ moaError = statusMessager.getResponseErrorCode(e);
}
String paramRedirect = null;
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java
index 239665801..f3dcbd295 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java
@@ -31,10 +31,10 @@ import org.springframework.stereotype.Service;
import com.google.gson.JsonObject;
-import at.gv.egiz.eaaf.core.api.IAction;
import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
-import at.gv.egiz.eaaf.core.api.data.SLOInformationInterface;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
@@ -55,7 +55,7 @@ class OAuth20TokenAction implements IAction {
public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp,
IAuthData authData) throws MOAIDException {
-
+
OAuth20SessionObject auth20SessionObject = null;
try {
OAuth20TokenRequest oAuthRequest = (OAuth20TokenRequest) req;
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
index cada39a3a..e14914512 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
@@ -22,19 +22,16 @@
*******************************************************************************/
package at.gv.egovernment.moa.id.protocols.oauth20.protocol;
-import java.util.Collection;
-
import javax.servlet.http.HttpServletRequest;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
@@ -141,7 +138,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest {
// check if client id and secret are ok
try {
// OAOAUTH20 cannot be null at this point. check was done in base request
- IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL());
+ ISPConfiguration oaParam = authConfig.getServiceProviderConfiguration(this.getSPEntityId());
if (!this.getClientID().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))) {
throw new OAuth20AccessDeniedException();
@@ -154,7 +151,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest {
this.setOnlineApplicationConfiguration(oaParam);
}
- catch (ConfigurationException e) {
+ catch (EAAFConfigurationException e) {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
}
@@ -165,11 +162,11 @@ class OAuth20TokenRequest extends OAuth20BaseRequest {
this.allowedParameters.add(OAuth20Constants.PARAM_REDIRECT_URI);
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
- */
- @Override
- public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
- return null;
- }
+// /* (non-Javadoc)
+// * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
+// */
+// @Override
+// public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
+// return null;
+// }
}
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
index 1b49c3969..a2b58931e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
@@ -27,11 +27,11 @@ import javax.annotation.PostConstruct;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
-import at.gv.egiz.eaaf.core.impl.idp.auth.AuthenticationManager;
-import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
import at.gv.egovernment.moa.logging.Logger;
/**
@@ -46,8 +46,8 @@ public class SL20AuthenticationModulImpl implements AuthModule {
@Autowired(required=true) private AuthenticationManager authManager;
@Override
- public int getPriority() {
- return priority;
+ public int getPriority() {
+ return priority;
}
/**
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
index e0965c712..2766eab05 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
@@ -29,6 +29,7 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20SecurityEx
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoBuildException;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoParserException;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.utils.X509Utils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.FileUtils;
@@ -226,34 +227,34 @@ public class JsonSecurityUtils implements IJOSETools{
return null;
}
- private String getKeyStoreFilePath() {
+ private String getKeyStoreFilePath() throws ConfigurationException {
return FileUtils.makeAbsoluteURL(
- authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PATH),
+ authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PATH),
authConfig.getRootConfigFileDir());
}
private String getKeyStorePassword() {
- return authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PASSWORD).trim();
+ return authConfig.getBasicConfiguration(Constants.CONFIG_PROP_SECURITY_KEYSTORE_PASSWORD).trim();
}
private String getSigningKeyAlias() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_ALIAS).trim();
}
private String getSigningKeyPassword() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_SIGN_PASSWORD).trim();
}
private String getEncryptionKeyAlias() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS).trim();
}
private String getEncryptionKeyPassword() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
Constants.CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD).trim();
}
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index 85ec1e213..77ccb0720 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -22,7 +22,8 @@ import org.springframework.stereotype.Component;
import com.google.gson.JsonObject;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
@@ -38,7 +39,6 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONExtractorUti
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moaspss.logging.Logger;
@@ -47,8 +47,9 @@ import at.gv.egovernment.moaspss.logging.Logger;
public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
@Autowired(required=true) private IJOSETools joseTools;
+ @Autowired private AuthConfiguration moaAuthConfig;
- @Override
+ @Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
@@ -56,17 +57,17 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
try {
//get service-provider configuration
- IOAAuthParameters oaConfig = pendingReq.getOnlineApplicationConfiguration();
+ ISPConfiguration oaConfig = pendingReq.getServiceProviderConfiguration();
//get basic configuration parameters
- String vdaQualeIDUrl = authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID);
+ String vdaQualeIDUrl = authConfig.getBasicConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID);
if (MiscUtil.isEmpty(vdaQualeIDUrl)) {
Logger.error("NO VDA URL for qualified eID (" + Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID + ")");
throw new SL20Exception("sl20.03", new Object[]{"NO VDA URL for qualified eID"});
}
- String authBlockId = authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_AUTHBLOCK_ID);
+ String authBlockId = authConfig.getBasicConfiguration(Constants.CONFIG_PROP_VDA_AUTHBLOCK_ID);
if (MiscUtil.isEmpty(authBlockId)) {
Logger.error("NO AuthBlock Template identifier for qualified eID (" + Constants.CONFIG_PROP_VDA_AUTHBLOCK_ID + ")");
throw new SL20Exception("sl20.03", new Object[]{"NO AuthBlock Template identifier for qualified eID"});
@@ -75,11 +76,11 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
//build DataURL for qualified eID response
String dataURL = new DataURLBuilder().buildDataURL(
- pendingReq.getAuthURL(), Constants.HTTP_ENDPOINT_DATAURL, pendingReq.getRequestID());
+ pendingReq.getAuthURL(), Constants.HTTP_ENDPOINT_DATAURL, pendingReq.getPendingRequestId());
//build qualifiedeID command
Map<String, String> qualifiedeIDParams = new HashMap<String, String>();
- qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_SPUNIQUEID, oaConfig.getPublicURLPrefix());
+ qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_SPUNIQUEID, oaConfig.getUniqueIdentifier());
qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_SPFRIENDLYNAME, oaConfig.getFriendlyName());
//qualifiedeIDParams.put(SL20Constants.SL20_COMMAND_PARAM_EID_ATTRIBUTES_MANDATEREFVALUE, UUID.randomUUID().toString());
@@ -95,11 +96,11 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
//open http client
SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(
- authConfig,
+ moaAuthConfig,
vdaQualeIDUrl);
CloseableHttpClient httpClient = HttpClientWithProxySupport.getHttpClient(
sslFactory,
- authConfig.getBasicMOAIDConfigurationBoolean(AuthConfiguration.PROP_KEY_OVS_SSL_HOSTNAME_VALIDATION, true));
+ moaAuthConfig.getBasicMOAIDConfigurationBoolean(AuthConfiguration.PROP_KEY_OVS_SSL_HOSTNAME_VALIDATION, true));
//build post request
HttpPost httpReq = new HttpPost(new URIBuilder(vdaQualeIDUrl).build());
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
index 2ad19e088..325e1906d 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
@@ -13,7 +13,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.http.entity.ContentType;
-import org.jose4j.keys.X509Util;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@@ -22,12 +21,14 @@ import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.google.gson.JsonSyntaxException;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
-import at.gv.egiz.eaaf.core.impl.utils.DateTimeUtils;
import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20Exception;
@@ -38,14 +39,11 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONBuilderUtils;
import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONExtractorUtils;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
-import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moaspss.logging.Logger;
-import iaik.esi.sva.util.X509Utils;
-import iaik.utils.Util;
@Component("ReceiveQualeIDTask")
public class ReceiveQualeIDTask extends AbstractAuthServletTask {
@@ -55,7 +53,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
@Override
public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
throws TaskExecutionException {
-
+
Logger.debug("Receiving SL2.0 response process .... ");
try {
//get SL2.0 command or result from HTTP request
@@ -131,7 +129,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
//add into session
- defaultTaskInitialization(request, executionContext);
+ AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
moasession.setIdentityLink(new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(idlB64, false))).parseIdentityLink());
moasession.setBkuURL(ccsURL);
//TODO: from AuthBlock
@@ -143,13 +141,14 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
pendingReq.setAuthenticated(true);
//store pending request
+ pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
requestStoreage.storePendingRequest(pendingReq);
//create response
Map<String, String> reqParameters = new HashMap<String, String>();
- reqParameters.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, pendingReq.getRequestID());
+ reqParameters.put(EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID, pendingReq.getPendingRequestId());
JsonObject callReqParams = SL20JSONBuilderUtils.createCallCommandParameters(
- new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.FINALIZEPROTOCOL_ENDPOINT, null),
+ new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.ENDPOINT_FINALIZEPROTOCOL, null),
SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_METHOD_GET,
false,
reqParameters);
@@ -161,7 +160,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
//build second redirect command for IDP
JsonObject redirectTwoParams = SL20JSONBuilderUtils.createRedirectCommandParameters(
- new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.FINALIZEPROTOCOL_ENDPOINT, null),
+ new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.ENDPOINT_FINALIZEPROTOCOL, null),
redirectOneCommand, null, true);
JsonObject redirectTwoCommand = SL20JSONBuilderUtils.createCommand(SL20Constants.SL20_COMMAND_IDENTIFIER_REDIRECT, redirectTwoParams);
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
index f65694703..b9d08a20f 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
@@ -22,8 +22,8 @@
*/
package at.gv.egovernment.moa.id.auth.modules.ssotransfer;
-import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AuthModule;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
/**
* @author tlenz
@@ -49,7 +49,7 @@ public class SSOTransferAuthModuleImpl implements AuthModule{
this.priority = priority;
}
- /* (non-Javadoc)
+ /* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
*/
@Override
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
index 1a1d06479..5a17d6123 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
@@ -28,7 +28,6 @@ import java.util.List;
import org.w3c.dom.Element;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
@@ -36,13 +35,14 @@ import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.data.AuthenticationRole;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
import at.gv.egovernment.moa.logging.Logger;
/**
* @author tlenz
*
- */
-public class SSOTransferAuthenticationData implements IAuthData {
+ */
+public class SSOTransferAuthenticationData implements IMOAAuthData {
private IAuthenticationSession authSession = null;
boolean isIDPPrivateService = true;
@@ -55,21 +55,38 @@ public class SSOTransferAuthenticationData implements IAuthData {
}
-
/* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.data.IAuthData#getIssueInstant()
+ * @see at.gv.egovernment.moa.id.data.IAuthData#isBaseIDTransferRestrication()
*/
@Override
- public Date getIssueInstant() {
+ public boolean isBaseIDTransferRestrication() {
+ return this.isIDPPrivateService;
+ }
+
+
+ @Override
+ public Date getAuthenticationIssueInstant() {
// TODO Auto-generated method stub
return null;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.data.IAuthData#getIssuer()
- */
+
@Override
- public String getIssuer() {
+ public String getAuthenticationIssueInstantString() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+
+ @Override
+ public String getAuthenticationIssuer() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+
+ @Override
+ public String getCiticenCountryCode() {
// TODO Auto-generated method stub
return null;
}
@@ -328,15 +345,6 @@ public class SSOTransferAuthenticationData implements IAuthData {
}
/* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.data.IAuthData#getCcc()
- */
- @Override
- public String getCcc() {
- // TODO Auto-generated method stub
- return null;
- }
-
- /* (non-Javadoc)
* @see at.gv.egovernment.moa.id.data.IAuthData#getEIDASQAALevel()
*/
@Override
@@ -354,13 +362,17 @@ public class SSOTransferAuthenticationData implements IAuthData {
return this.authSession.getGenericDataFromSession(key, clazz);
}
+ @Override
+ public String getInterfederatedIDP() {
+ // TODO Auto-generated method stub
+ return null;
+ }
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.data.IAuthData#isBaseIDTransferRestrication()
- */
@Override
- public boolean isBaseIDTransferRestrication() {
- return this.isIDPPrivateService;
+ public boolean isInterfederatedSSOSession() {
+ // TODO Auto-generated method stub
+ return false;
}
+
}
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java
index 8656c1224..a866f3939 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferOnlineApplication.java
@@ -27,7 +27,7 @@ import java.util.Collection;
import java.util.List;
import java.util.Map;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.CPEPS;
import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute;
@@ -35,7 +35,7 @@ import at.gv.egovernment.moa.id.commons.api.data.StorkAttributeProviderPlugin;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
/**
- * @author tlenz
+ * @author tlenz
*
*/
public class SSOTransferOnlineApplication implements IOAAuthParameters {
@@ -391,37 +391,60 @@ public class SSOTransferOnlineApplication implements IOAAuthParameters {
}
/* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.commons.api.IOAAuthParameters#hasBaseIdInternalProcessingRestriction()
+ * @see at.gv.egovernment.moa.id.commons.api.IOAAuthParameters#getAreaSpecificTargetIdentifierFriendlyName()
*/
@Override
- public boolean hasBaseIdInternalProcessingRestriction() throws ConfigurationException {
- return false;
+ public String getAreaSpecificTargetIdentifierFriendlyName() throws ConfigurationException {
+ // TODO Auto-generated method stub
+ return null;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.commons.api.IOAAuthParameters#hasBaseIdTransferRestriction()
- */
@Override
- public boolean hasBaseIdTransferRestriction() throws ConfigurationException {
+ public boolean containsConfigurationKey(String arg0) {
+ // TODO Auto-generated method stub
return false;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.commons.api.IOAAuthParameters#getAreaSpecificTargetIdentifier()
- */
@Override
- public String getAreaSpecificTargetIdentifier() throws ConfigurationException {
+ public String getMinimumLevelOfAssurence() {
// TODO Auto-generated method stub
return null;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.commons.api.IOAAuthParameters#getAreaSpecificTargetIdentifierFriendlyName()
- */
@Override
- public String getAreaSpecificTargetIdentifierFriendlyName() throws ConfigurationException {
+ public List<String> getTargetsWithNoBaseIdInternalProcessingRestriction() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public List<String> getTargetsWithNoBaseIdTransferRestriction() {
// TODO Auto-generated method stub
return null;
}
+ @Override
+ public String getUniqueIdentifier() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getAreaSpecificTargetIdentifier() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public boolean hasBaseIdInternalProcessingRestriction() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
+ @Override
+ public boolean hasBaseIdTransferRestriction() {
+ // TODO Auto-generated method stub
+ return false;
+ }
+
}
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
index 055a49bd2..9f910d598 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
@@ -74,6 +74,7 @@ import com.google.gson.JsonParser;
import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder;
import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
@@ -87,6 +88,7 @@ import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -138,7 +140,7 @@ public class SSOTransferServlet{
* @throws IOException
*/
@RequestMapping(value = { "/TestTransferSSOSession"
- },
+ },
method = {RequestMethod.GET})
public void testTransferSSOSessionGUIWithoutAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
try {
@@ -267,6 +269,14 @@ public class SSOTransferServlet{
Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e);
resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage()));
+ } catch (ConfigurationException e) {
+ Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e);
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage()));
+
+ } catch (EAAFException e) {
+ Logger.warn("Device inpersonisation FAILED: " + e.getMessage(), e);
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage()));
+
}
} else {
@@ -367,6 +377,11 @@ public class SSOTransferServlet{
} catch (NoSuchPaddingException e) {
e.printStackTrace();
resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage()));
+
+ } catch (EAAFException e) {
+ e.printStackTrace();
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, StringEscapeUtils.escapeHtml(e.getMessage()));
+
}
@@ -405,10 +420,10 @@ public class SSOTransferServlet{
if (ssomanager.isValidSSOSession(ssoid, null)) {
//create first step of SSO Transfer GUI
- IAuthenticationSession authSession = authenticationSessionStorage.getInternalMOASessionWithSSOID(ssoid);
- if(authSession != null) {
+ String ssoSessionId = authenticationSessionStorage.getInternalSSOSessionWithSSOID(ssoid);
+ if(ssoSessionId != null) {
internalCreateQRCodeForTransfer(resp, authURL,
- authSession.getSessionID(),
+ ssoSessionId,
SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config);
return;
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
index 2b53a1e75..95590b51a 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
@@ -34,6 +34,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
@@ -45,7 +46,6 @@ import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.GUIUtils;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
@@ -61,7 +61,7 @@ public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask {
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
+ */
@Override
public void execute(ExecutionContext executionContext,
HttpServletRequest request, HttpServletResponse response)
@@ -86,7 +86,7 @@ public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask {
String nonce = Random.nextLongRandom();
GUIUtils.buildSSOTransferGUI(guiBuilder, response, authURL,
- pendingReq.getRequestID(), nonce, dhKeyIDP.getF());
+ pendingReq.getPendingRequestId(), nonce, dhKeyIDP.getF());
//store DH params and nonce to pending-request
SSOTransferContainer container = new SSOTransferContainer();
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
index 72ed9c7be..f1075f060 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
@@ -27,6 +27,7 @@ import java.io.IOException;
import java.io.PrintWriter;
import java.math.BigInteger;
import java.security.MessageDigest;
+import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.spec.DHPublicKeySpec;
@@ -44,17 +45,19 @@ import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferContainer;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.GUIUtils;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils;
+import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor;
import at.gv.egovernment.moa.logging.Logger;
@@ -72,7 +75,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
@Autowired SSOContainerUtils ssoTransferUtils;
@Autowired IGUIFormBuilder guiBuilder;
- /* (non-Javadoc)
+ /* (non-Javadoc)
* @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@Override
@@ -186,8 +189,10 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
Logger.debug("MobileDevice is valid. --> Starting session reconstruction ...");
//transfer SSO Assertion into MOA-Session
- ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, pendingReq.getMOASession(), attributeExtractor);
-
+ AuthenticationSession moaSession = new AuthenticationSession("1235", new Date());
+ ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moaSession, attributeExtractor);
+ pendingReq.setGenericDataToSession(moaSession.getKeyValueRepresentationFromAuthSession());
+
// store MOASession into database
requestStoreage.storePendingRequest(pendingReq);
@@ -244,15 +249,8 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
} else {
//session is valid --> load MOASession object
- try {
- defaultTaskInitialization(request, executionContext);
-
- } catch (MOAIDException | MOADatabaseException e1) {
- Logger.error("Database Error! MOASession is not stored!");
- throw new TaskExecutionException(pendingReq, "Load MOASession FAILED.", e1);
-
- }
-
+
+ IAuthenticationSession moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
DateTime moaSessionCreated = new DateTime(moasession.getSessionCreated().getTime());
if (moaSessionCreated.plusMinutes(1).isBeforeNow()) {
Logger.warn("No SSO session-container received. Stop authentication process after time-out.");
@@ -274,7 +272,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
}
GUIUtils.buildSSOTransferGUI(guiBuilder, response,
- authURL, pendingReq.getRequestID(), nonce, container.getDhParams().getF());
+ authURL, pendingReq.getPendingRequestId(), nonce, container.getDhParams().getF());
} catch (IOException | MOAIDException e) {
throw new TaskExecutionException(pendingReq, e.getMessage(), e);
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
index fac59ed4e..1a4a9b80b 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
@@ -30,11 +30,11 @@ import javax.servlet.http.HttpServletResponse;
import com.google.gson.JsonObject;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
import at.gv.egiz.eaaf.core.api.gui.IGUIFormBuilder;
import at.gv.egiz.eaaf.core.exceptions.GUIBuildException;
import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants;
-import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
@@ -71,7 +71,7 @@ public class GUIUtils {
try {
String containerURL = authURL
+ SSOTransferConstants.SERVLET_SSOTRANSFER_FROM_SMARTPHONE
- + "?" + MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID + "=" + requestID;
+ + "?" + EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID + "=" + requestID;
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
index 5c85fd8b0..189fcd2f6 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
@@ -97,9 +97,8 @@ import org.w3c.dom.NodeList;
import com.google.gson.JsonObject;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.data.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants;
@@ -108,11 +107,13 @@ import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferAuthent
import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferOnlineApplication;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
import at.gv.egovernment.moa.id.data.MISMandate;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder;
@@ -366,7 +367,7 @@ public class SSOContainerUtils {
String sessionIndex = SAML2Utils.getSecureIdentifier();
- IAuthData authData = new SSOTransferAuthenticationData(authConfig, authSession);
+ IMOAAuthData authData = new SSOTransferAuthenticationData(authConfig, authSession);
Assertion assertion = PVP2AssertionBuilder.buildGenericAssertion(
entityID,
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
index 6bf6652c8..4068d2d99 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
@@ -22,9 +22,9 @@
*/
package at.gv.egovernment.moa.id.auth.modules.federatedauth;
-import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
/**
* @author tlenz
@@ -39,7 +39,7 @@ public class FederatedAuthenticationModuleImpl implements AuthModule {
public int getPriority() {
// TODO Auto-generated method stub
return 0;
- }
+ }
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
index 4ae255d1d..717099a8d 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
@@ -35,16 +35,16 @@ import org.opensaml.xml.security.SecurityException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants;
import at.gv.egovernment.moa.id.auth.modules.federatedauth.config.FederatedAuthnRequestBuilderConfiguration;
import at.gv.egovernment.moa.id.auth.modules.federatedauth.utils.FederatedAuthCredentialProvider;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAuthnRequestBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnRequestBuildException;
@@ -59,7 +59,7 @@ import at.gv.egovernment.moa.util.MiscUtil;
*/
@Component("CreateFederatedAuthnRequestTask")
public class CreateAuthnRequestTask extends AbstractAuthServletTask {
-
+
@Autowired PVPAuthnRequestBuilder authnReqBuilder;
@Autowired FederatedAuthCredentialProvider credential;
@Autowired(required=true) MOAMetadataProvider metadataProvider;
@@ -72,7 +72,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
throws TaskExecutionException {
try{
// get IDP entityID
- String idpEntityID = pendingReq.getGenericData(RequestImpl.DATAID_INTERFEDERATIOIDP_URL, String.class);
+ String idpEntityID = pendingReq.getGenericData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class);
if (MiscUtil.isEmpty(idpEntityID)) {
Logger.info("Interfederation not possible -> not inderfederation IDP EntityID found!");
@@ -81,7 +81,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
}
//load IDP configuration from MOA-ID Configuration
- IOAAuthParameters idpConfig = authConfig.getOnlineApplicationParameter(idpEntityID);
+ IOAAuthParameters idpConfig = authConfig.getServiceProviderConfiguration(idpEntityID, IOAAuthParameters.class);
//validate IDP
if (!idpConfig.isInderfederationIDP() || !idpConfig.isInboundSSOInterfederationAllowed()) {
Logger.info("Requested interfederation IDP " + idpEntityID + " is not valid for interfederation.");
@@ -156,7 +156,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
}
private String evaluateRequiredQAALevel() {
- IOAAuthParameters sp = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters sp = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
//check if STORK protocol module is in ClassPath
Object storkRequst = null;
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
index 2fc1ec053..c20342a11 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
@@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.auth.modules.federatedauth.tasks;
import java.io.IOException;
import java.util.Arrays;
import java.util.Collection;
+import java.util.Collections;
import java.util.List;
import java.util.Set;
@@ -41,11 +42,12 @@ import org.opensaml.xml.security.SecurityException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
-import at.gv.egiz.eaaf.core.api.IOAAuthParameters;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
@@ -53,11 +55,10 @@ import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants;
import at.gv.egovernment.moa.id.auth.modules.federatedauth.utils.FederatedAuthCredentialProvider;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
import at.gv.egovernment.moa.id.moduls.SSOManager;
-import at.gv.egovernment.moa.id.process.api.ExecutionContext;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IDecoder;
@@ -65,9 +66,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder;
-import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption;
-import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AuthnResponseValidationException;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse;
@@ -89,7 +88,7 @@ import at.gv.egovernment.moa.util.MiscUtil;
public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
@Autowired private SAMLVerificationEngineSP samlVerificationEngine;
- @Autowired private FederatedAuthCredentialProvider credentialProvider;
+ @Autowired private FederatedAuthCredentialProvider credentialProvider;
@Autowired private SSOManager ssoManager;
@Autowired private AttributQueryBuilder attributQueryBuilder;
@Autowired private AuthenticationDataBuilder authDataBuilder;
@@ -133,7 +132,9 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
comperator);
if (MiscUtil.isEmpty(msg.getEntityID())) {
- throw new InvalidProtocolRequestException("sp.pvp2.04", new Object[] {FederatedAuthConstants.MODULE_NAME_FOR_LOGGING});
+ throw new InvalidProtocolRequestException("sp.pvp2.04",
+ new Object[] {FederatedAuthConstants.MODULE_NAME_FOR_LOGGING},
+ "NO configuration for SP entityID: " + msg.getEntityID());
}
@@ -150,8 +151,8 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
MOAResponse processedMsg = preProcessAuthResponse((MOAResponse) msg);
//load IDP and SP configuration
- IOAAuthParameters idpConfig = authConfig.getOnlineApplicationParameter(msg.getEntityID());
- IOAAuthParameters spConfig = pendingReq.getOnlineApplicationConfiguration();
+ IOAAuthParameters idpConfig = authConfig.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
+ IOAAuthParameters spConfig = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
//check if response Entity is valid
if (!idpConfig.isInderfederationIDP()) {
@@ -161,10 +162,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
msg.getEntityID()});
}
-
- //load MOASession from database
- defaultTaskInitialization(request, executionContext);
-
+
//initialize Attribute extractor
AssertionAttributeExtractor extractor =
new AssertionAttributeExtractor((Response) processedMsg.getResponse());
@@ -187,7 +185,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
//SP is real Service-Provider --> check attributes in response
// and start Attribute-Query if required
- getAuthDataFromInterfederation(extractor, pendingReq.getOnlineApplicationConfiguration(),
+ getAuthDataFromInterfederation(extractor, pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class),
idpConfig);
//store federatedIDP to MOASession
@@ -199,8 +197,8 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
}
//store valid assertion into pending-request
- pendingReq.setGenericDataToSession(RequestImpl.DATAID_INTERFEDERATIOIDP_RESPONSE, processedMsg);
- pendingReq.setGenericDataToSession(RequestImpl.DATAID_INTERFEDERATIOIDP_ENTITYID, processedMsg.getEntityID());
+ pendingReq.setGenericDataToSession(SSOManager.DATAID_INTERFEDERATIOIDP_RESPONSE, processedMsg);
+ pendingReq.setGenericDataToSession(SSOManager.DATAID_INTERFEDERATIOIDP_ENTITYID, processedMsg.getEntityID());
//store pending-request
requestStoreage.storePendingRequest(pendingReq);
@@ -225,13 +223,21 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
} catch (AssertionValidationExeption | AuthnResponseValidationException e) {
Logger.info("PVP response validation FAILED. Msg:" + e.getMessage());
if (msg != null) {
- IOAAuthParameters idpConfig = authConfig.getOnlineApplicationParameter(msg.getEntityID());
-
- //remove federated IDP from SSO session if exists
- ssoManager.removeInterfederatedSSOIDP(msg.getEntityID(), request);
+ IOAAuthParameters idpConfig = null;
+ try {
+ idpConfig = authConfig.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
+ //remove federated IDP from SSO session if exists
+ ssoManager.removeInterfederatedSSOIDP(msg.getEntityID(), request);
+
+ //select next step
+ handleAuthnResponseValidationProblem(executionContext, idpConfig, e);
+
+ } catch (EAAFConfigurationException e1) {
+ Logger.error("Can not handle error during an internal problem. ", e1);
+ throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.", e);
+
+ }
- //select next step
- handleAuthnResponseValidationProblem(executionContext, idpConfig, e);
} else
throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.", e);
@@ -256,22 +262,25 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
try {
Logger.debug("Service Provider is no federated IDP --> start Attribute validation or requesting ... ");
- Collection<String> requestedAttr = pendingReq.getRequestedAttributes(metadataProvider);
+
+ //TODO!!!!!
+ //Collection<String> requestedAttr = pendingReq.getRequestedAttributes(metadataProvider);
+ Collection<String> requestedAttr = Collections.emptyList();
//check if SAML2 Assertion contains a minimal set of attributes
//TODO: switch back to correct attribute query
if (!extractor.containsAllRequiredAttributes()
- && !extractor.containsAllRequiredAttributes(minimalIDLAttributeNamesList)) {
+ && !extractor.containsAllRequiredAttributes(minimalIDLAttributeNamesList) ) {
Logger.info("Received assertion does no contain a minimum set of attributes. Starting AttributeQuery process ...");
//build attributQuery request
List<Attribute> attributs =
attributQueryBuilder.buildSAML2AttributeList(spConfig, requestedAttr.iterator());
- //request IDP to get additional attributes
- extractor = authDataBuilder.getAuthDataFromAttributeQuery(attributs, extractor.getNameID(),
- idpConfig, pendingReq.getAuthURL() + FederatedAuthConstants.ENDPOINT_METADATA);
+// //request IDP to get additional attributes
+// extractor = authDataBuilder.getAuthDataFromAttributeQuery(attributs, extractor.getNameID(),
+// idpConfig, pendingReq.getAuthURL() + FederatedAuthConstants.ENDPOINT_METADATA);
} else {
Logger.info("Interfedation response include a minimal set of attributes with are required. Skip AttributQuery request step. ");
@@ -303,29 +312,23 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
}
}
- moasession.setGenericDataToSession(el, value);
+ pendingReq.setGenericDataToSession(el, value);
Logger.debug("Add PVP-attribute " + el + " into MOASession");
}
//set validTo from this federated IDP response
- moasession.setGenericDataToSession(
+ pendingReq.setGenericDataToSession(
AuthenticationSessionStorageConstants.FEDERATION_RESPONSE_VALIDE_TO,
extractor.getAssertionNotOnOrAfter());
- } catch (AttributQueryException e) {
- throw new BuildException("builder.06", null, e);
-
- } catch (SessionDataStorageException e) {
- throw new BuildException("builder.06", null, e);
-
} catch (AssertionValidationExeption e) {
throw new BuildException("builder.06", null, e);
- } catch (AssertionAttributeExtractorExeption e) {
+ } catch (MOAIDException e) {
throw new BuildException("builder.06", null, e);
- } catch (MOAIDException e) {
+ } catch (EAAFStorageException e) {
throw new BuildException("builder.06", null, e);
}
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/utils/FederatedAuthCredentialProvider.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/utils/FederatedAuthCredentialProvider.java
index aac253083..9ef02935b 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/utils/FederatedAuthCredentialProvider.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/utils/FederatedAuthCredentialProvider.java
@@ -27,6 +27,7 @@ import org.springframework.stereotype.Service;
import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider;
import at.gv.egovernment.moa.util.FileUtils;
@@ -43,9 +44,9 @@ public class FederatedAuthCredentialProvider extends AbstractCredentialProvider
* @see at.gv.egovernment.moa.id.protocols.pvp2x.signer.AbstractCredentialProvider#getKeyStoreFilePath()
*/
@Override
- public String getKeyStoreFilePath() {
+ public String getKeyStoreFilePath() throws ConfigurationException {
return FileUtils.makeAbsoluteURL(
- authConfig.getBasicMOAIDConfiguration(FederatedAuthConstants.CONFIG_PROPS_KEYSTORE),
+ authConfig.getBasicConfiguration(FederatedAuthConstants.CONFIG_PROPS_KEYSTORE),
authConfig.getRootConfigFileDir());
}
@@ -54,7 +55,7 @@ public class FederatedAuthCredentialProvider extends AbstractCredentialProvider
*/
@Override
public String getKeyStorePassword() {
- return authConfig.getBasicMOAIDConfiguration(FederatedAuthConstants.CONFIG_PROPS_KEYSTOREPASSWORD).trim();
+ return authConfig.getBasicConfiguration(FederatedAuthConstants.CONFIG_PROPS_KEYSTOREPASSWORD).trim();
}
@@ -63,7 +64,7 @@ public class FederatedAuthCredentialProvider extends AbstractCredentialProvider
*/
@Override
public String getMetadataKeyAlias() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
FederatedAuthConstants.CONFIG_PROPS_SIGN_METADATA_ALIAS_PASSWORD).trim();
}
@@ -72,7 +73,7 @@ public class FederatedAuthCredentialProvider extends AbstractCredentialProvider
*/
@Override
public String getMetadataKeyPassword() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
FederatedAuthConstants.CONFIG_PROPS_SIGN_METADATA_KEY_PASSWORD).trim();
}
@@ -81,7 +82,7 @@ public class FederatedAuthCredentialProvider extends AbstractCredentialProvider
*/
@Override
public String getSignatureKeyAlias() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
FederatedAuthConstants.CONFIG_PROPS_SIGN_SIGNING_ALIAS_PASSWORD).trim();
}
@@ -90,7 +91,7 @@ public class FederatedAuthCredentialProvider extends AbstractCredentialProvider
*/
@Override
public String getSignatureKeyPassword() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
FederatedAuthConstants.CONFIG_PROPS_SIGN_SIGNING_KEY_PASSWORD).trim();
}
@@ -99,7 +100,7 @@ public class FederatedAuthCredentialProvider extends AbstractCredentialProvider
*/
@Override
public String getEncryptionKeyAlias() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
FederatedAuthConstants.CONFIG_PROPS_ENCRYPTION_ALIAS_PASSWORD).trim();
}
@@ -108,7 +109,7 @@ public class FederatedAuthCredentialProvider extends AbstractCredentialProvider
*/
@Override
public String getEncryptionKeyPassword() {
- return authConfig.getBasicMOAIDConfiguration(
+ return authConfig.getBasicConfiguration(
FederatedAuthConstants.CONFIG_PROPS_ENCRYPTION_KEY_PASSWORD).trim();
}
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
index f6c8cb6e3..7ab222fa0 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
@@ -32,7 +32,6 @@ import java.util.List;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
@@ -41,7 +40,7 @@ import at.gv.egovernment.moa.util.StringUtils;
/**
* Builder for the authentication data <code>&lt;saml:Assertion&gt;</code>
- * to be provided by the MOA ID Auth component.
+ * to be provided by the MOA ID Auth component.
*
* @author Paul Ivancsics
* @version $Id$
@@ -277,8 +276,8 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
if (!useCondition) {
assertion = MessageFormat.format(AUTH_DATA, new Object[] {
authData.getAssertionID(),
- authData.getIssuer(),
- authData.getIssueInstantString(),
+ authData.getAuthenticationIssuer(),
+ authData.getAuthenticationIssueInstantString(),
pkType,
pkValue,
StringUtils.removeXMLDeclaration(xmlAuthBlock),
@@ -302,8 +301,8 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
assertion = MessageFormat.format(AUTH_DATA_WITH_CONDITIONS, new Object[] {
authData.getAssertionID(),
- authData.getIssuer(),
- authData.getIssueInstantString(),
+ authData.getAuthenticationIssuer(),
+ authData.getAuthenticationIssueInstantString(),
notBefore,
notOnOrAfter,
pkType,
@@ -400,8 +399,8 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
if (!useCondition) {
assertion = MessageFormat.format(AUTH_DATA_MANDATE, new Object[] {
authData.getAssertionID(),
- authData.getIssuer(),
- authData.getIssueInstantString(),
+ authData.getAuthenticationIssuer(),
+ authData.getAuthenticationIssueInstantString(),
pkType,
pkValue,
StringUtils.removeXMLDeclaration(xmlAuthBlock),
@@ -426,8 +425,8 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
assertion = MessageFormat.format(AUTH_DATA_MANDATE_WITH_CONDITIONS, new Object[] {
authData.getAssertionID(),
- authData.getIssuer(),
- authData.getIssueInstantString(),
+ authData.getAuthenticationIssuer(),
+ authData.getAuthenticationIssueInstantString(),
notBefore,
notOnOrAfter,
pkType,
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 99d5d9063..3452da003 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -28,15 +28,15 @@ import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
-import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationImpl;
-import at.gv.egovernment.moa.id.data.SLOInformationInterface;
-import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.URLEncoder;
@@ -49,9 +49,9 @@ public class GetArtifactAction implements IAction {
public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq,
HttpServletResponse httpResp, IAuthData obj) throws AuthenticationException {
- String oaURL = (String) req.getOAURL();
+ String oaURL = (String) req.getSPEntityId();
- String sourceID = null;
+ String sourceID = null;
if (req instanceof SAML1RequestImpl) {
SAML1RequestImpl saml1req = (SAML1RequestImpl) req;
sourceID = saml1req.getSourceID();
@@ -68,7 +68,7 @@ public class GetArtifactAction implements IAction {
}
try {
- IOAAuthParameters oaParam = req.getOnlineApplicationConfiguration();
+ IOAAuthParameters oaParam = req.getServiceProviderConfiguration(IOAAuthParameters.class);
//TODO: add eIDAS to SAML1 protocol if it is really necessary
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
index 13df30862..85e2107c6 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
@@ -72,15 +72,14 @@ import org.xml.sax.SAXException;
import com.google.common.net.MediaType;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
+import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.builder.SAMLResponseBuilder;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
-import at.gv.egovernment.moa.id.auth.servlet.AbstractController;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.ErrorResponseUtils;
-import at.gv.egovernment.moa.id.util.HTTPUtils;
-import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
@@ -98,7 +97,7 @@ import at.gv.egovernment.moa.util.XPathUtils;
* since SAML1 is deprecated MOA-ID >= 2.0.0
*
* @author tlenz
- */
+ */
@Controller
public class GetAuthenticationDataService extends AbstractController implements Constants {
@@ -280,9 +279,7 @@ public class GetAuthenticationDataService extends AbstractController implements
try {
Throwable error = saml1AuthServer.getErrorResponse(samlArtifact);
statusCode = "samlp:Responder";
-
- ErrorResponseUtils errorUtils = ErrorResponseUtils.getInstance();
-
+
if (error instanceof MOAIDException) {
statusMessageCode = ((MOAIDException)error).getMessageId();
statusMessage = StringEscapeUtils.escapeXml(((MOAIDException)error).getMessage());
@@ -291,8 +288,9 @@ public class GetAuthenticationDataService extends AbstractController implements
statusMessage = StringEscapeUtils.escapeXml(error.getMessage());
}
- subStatusCode = errorUtils.getResponseErrorCode(error);
-
+ subStatusCode = statusMessager.getResponseErrorCode(error);
+
+
} catch (Exception e) {
//no authentication data for given SAML artifact
statusCode = "samlp:Requester";
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index bf4a55e46..1be3e3daa 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -43,6 +43,11 @@ import org.xml.sax.SAXException;
import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
@@ -57,17 +62,12 @@ import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.data.IAuthData;
+import at.gv.egovernment.moa.id.data.MOAAuthenticationData;
import at.gv.egovernment.moa.id.data.Pair;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.storage.ITransactionStorage;
-import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
import at.gv.egovernment.moa.util.Constants;
@@ -86,7 +86,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
@Autowired private ITransactionStorage authenticationDataStore;
- /**
+ /**
* time out in milliseconds used by {@link cleanup} for authentication data
* store
*/
@@ -103,8 +103,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
}
Throwable error = null;
try {
- error = authenticationDataStore
- .get(samlArtifact, Throwable.class);
+ error = authenticationDataStore.get(samlArtifact, Throwable.class);
if (error == null) {
Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
@@ -114,7 +113,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
authenticationDataStore.remove(samlArtifact);
- } catch (MOADatabaseException e) {
+ } catch (EAAFException e) {
Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
throw new AuthenticationException("1206", new Object[] { samlArtifact });
}
@@ -189,7 +188,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
}
- } catch (MOADatabaseException e) {
+ } catch (EAAFException e) {
Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
throw new AuthenticationException("1206", new Object[] { samlArtifact });
}
@@ -201,10 +200,10 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
}
public String BuildErrorAssertion(Throwable error, IRequest protocolRequest)
- throws BuildException, MOADatabaseException {
+ throws EAAFException {
String samlArtifact = new SAMLArtifactBuilder().build(
- protocolRequest.getOAURL(), protocolRequest.getRequestID(),
+ protocolRequest.getSPEntityId(), protocolRequest.getPendingRequestId(),
null);
authenticationDataStore.put(samlArtifact, error, authDataTimeOut);
@@ -428,7 +427,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
//authData.setSamlAssertion(samlAssertion);
String samlArtifact = new SAMLArtifactBuilder().build(
- authData.getIssuer(), Random.nextRandom(),
+ authData.getAuthenticationIssuer(), Random.nextRandom(),
sourceID);
storeAuthenticationData(samlArtifact, samlAssertion);
@@ -443,7 +442,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
}
- private String generateMandateDate(IOAAuthParameters oaParam, AuthenticationData authData
+ private String generateMandateDate(IOAAuthParameters oaParam, MOAAuthenticationData authData
) throws AuthenticationException, BuildException,
ParseException, ConfigurationException, ServiceException,
ValidateException {
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 8dfe10268..54b137ce1 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -37,8 +37,10 @@ import org.springframework.web.bind.annotation.RequestMethod;
import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
-import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
@@ -47,7 +49,6 @@ import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -60,7 +61,7 @@ import at.gv.egovernment.moa.util.URLEncoder;
* @deprecated
* @author tlenz
*
- */
+ */
@Controller
public class SAML1Protocol extends AbstractAuthProtocolModulController implements IModulInfo {
@@ -99,15 +100,15 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
@RequestMapping(value = "/StartAuthentication", method = {RequestMethod.POST, RequestMethod.GET})
- public void SAML1AuthnRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException {
- if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isSAML1Active()) {
- Logger.info("SAML1 is deaktivated!");
- throw new ProtocolNotActiveException("auth.22", new Object[] { "SAML 1" });
-
- }
+ public void SAML1AuthnRequest(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
+// if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isSAML1Active()) {
+// Logger.info("SAML1 is deaktivated!");
+// throw new ProtocolNotActiveException("auth.22", new Object[] { "SAML 1" });
+//
+// }
SAML1RequestImpl pendingReq = applicationContext.getBean(SAML1RequestImpl.class);
- pendingReq.initialize(req);
+ pendingReq.initialize(req, authConfig);
pendingReq.setModule(NAME);
revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier());
@@ -128,15 +129,15 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
public void preProcess(HttpServletRequest request,
- HttpServletResponse response, SAML1RequestImpl pendingRequest) throws MOAIDException {
+ HttpServletResponse response, SAML1RequestImpl pendingRequest) throws MOAIDException, InvalidProtocolRequestException, EAAFConfigurationException, EAAFStorageException {
try {
- String oaURL = (String) request.getParameter(PARAM_OA);
+ String oaURL = (String) request.getParameter(MOAIDAuthConstants.PARAM_OA);
//oaURL = StringEscapeUtils.escapeHtml(oaURL);
- String target = (String) request.getParameter(PARAM_TARGET);
+ String target = (String) request.getParameter(MOAIDAuthConstants.PARAM_TARGET);
target = StringEscapeUtils.escapeHtml(target);
- String sourceID = request.getParameter(PARAM_SOURCEID);
+ String sourceID = request.getParameter(MOAIDAuthConstants.PARAM_SOURCEID);
sourceID = StringEscapeUtils.escapeHtml(sourceID);
//the target parameter is used to define the OA in SAML1 standard
@@ -147,35 +148,35 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
if (MiscUtil.isEmpty(oaURL)) {
Logger.info("Receive SAML1 request with no OA parameter. Authentication STOPPED!");
- throw new WrongParametersException("StartAuthentication", PARAM_OA,
+ throw new WrongParametersException("StartAuthentication", MOAIDAuthConstants.PARAM_OA,
"auth.12");
}
if (!ParamValidatorUtils.isValidOA(oaURL))
- throw new WrongParametersException("StartAuthentication", PARAM_OA,
+ throw new WrongParametersException("StartAuthentication", MOAIDAuthConstants.PARAM_OA,
"auth.12");
- pendingRequest.setOAURL(oaURL);
+ pendingRequest.setSPEntityId(oaURL);
Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL);
if (!ParamValidatorUtils.isValidSourceID(sourceID))
- throw new WrongParametersException("StartAuthentication", PARAM_SOURCEID, "auth.12");
+ throw new WrongParametersException("StartAuthentication", MOAIDAuthConstants.PARAM_SOURCEID, "auth.12");
//load Target only from OA config
- IOAAuthParameters oaParam = authConfig.getOnlineApplicationParameter(oaURL);
+ IOAAuthParameters oaParam = authConfig.getServiceProviderConfiguration(oaURL, IOAAuthParameters.class);
if (oaParam == null)
throw new InvalidProtocolRequestException("auth.00",
- new Object[] { null });
+ new Object[] { null }, "No Online-Application configuration found");
SAML1ConfigurationParameters saml1 = oaParam.getSAML1Parameter();
if (saml1 == null || !(saml1.isIsActive() != null && saml1.isIsActive()) ) {
Logger.info("Online-Application " + oaURL + " can not use SAML1 for authentication.");
throw new InvalidProtocolRequestException("auth.00",
- new Object[] { null });
+ new Object[] { null }, "OA: " + oaURL + " can not used with SAML1");
}
pendingRequest.setOnlineApplicationConfiguration(oaParam);
@@ -213,7 +214,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
pendingRequest.setAction(GetArtifactAction.class.getName());
} catch (WrongParametersException e) {
- throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters());
+ throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters(), "SAML1 parameter validation FAILED");
} catch (InvalidProtocolRequestException e) {
throw e;
@@ -226,15 +227,15 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
HttpServletRequest request, HttpServletResponse response,
IRequest protocolRequest)
throws Throwable{
- if (!protocolRequest.getOnlineApplicationConfiguration().getSAML1Parameter().isProvideAllErrors())
+ if (!protocolRequest.getServiceProviderConfiguration(IOAAuthParameters.class).getSAML1Parameter().isProvideAllErrors())
return false;
else {
String samlArtifactBase64 = saml1AuthServer.BuildErrorAssertion(e, protocolRequest);
String url = protocolRequest.getAuthURL() + "/RedirectServlet";
- url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getOAURL(), "UTF-8"));
- url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
+ url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getSPEntityId(), "UTF-8"));
+ url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
url = response.encodeRedirectURL(url);
response.setContentType("text/html");
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
index 1d3525626..4d3e60dd7 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
@@ -22,18 +22,11 @@
*/
package at.gv.egovernment.moa.id.protocols.saml1;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
-import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
-import at.gv.egovernment.moa.id.moduls.RequestImpl;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
/**
* @author tlenz
@@ -45,7 +38,7 @@ public class SAML1RequestImpl extends RequestImpl {
private static final long serialVersionUID = -4961979968425683115L;
- private String sourceID = null;
+ private String sourceID = null;
private String target = null;
/**
@@ -78,29 +71,29 @@ public class SAML1RequestImpl extends RequestImpl {
this.target = target;
}
- /* (non-Javadoc)
- * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
- */
- @Override
- public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
-
- List<String> reqAttr = new ArrayList<String>();
- reqAttr.addAll(SAML1Protocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION);
-
- SAML1ConfigurationParameters saml1 = this.getOnlineApplicationConfiguration().getSAML1Parameter();
- if (saml1 != null) {
- if (saml1.isProvideAUTHBlock())
- reqAttr.add(PVPConstants.EID_AUTH_BLOCK_NAME);
-
- if (saml1.isProvideCertificate())
- reqAttr.add(PVPConstants.EID_SIGNER_CERTIFICATE_NAME);
-
- if (saml1.isProvideFullMandatorData())
- reqAttr.add(PVPConstants.MANDATE_FULL_MANDATE_NAME);
- }
-
- return reqAttr;
-
- }
+// /* (non-Javadoc)
+// * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
+// */
+// @Override
+// public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
+//
+// List<String> reqAttr = new ArrayList<String>();
+// reqAttr.addAll(SAML1Protocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION);
+//
+// SAML1ConfigurationParameters saml1 = this.getOnlineApplicationConfiguration().getSAML1Parameter();
+// if (saml1 != null) {
+// if (saml1.isProvideAUTHBlock())
+// reqAttr.add(PVPConstants.EID_AUTH_BLOCK_NAME);
+//
+// if (saml1.isProvideCertificate())
+// reqAttr.add(PVPConstants.EID_SIGNER_CERTIFICATE_NAME);
+//
+// if (saml1.isProvideFullMandatorData())
+// reqAttr.add(PVPConstants.MANDATE_FULL_MANDATE_NAME);
+// }
+//
+// return reqAttr;
+//
+// }
}
diff --git a/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
index 961c8d0b5..4591e456f 100644
--- a/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
+++ b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
@@ -46,9 +46,9 @@
package test.at.gv.egovernment.moa.id.auth.parser;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
-import at.gv.egovernment.moa.id.util.Random;
import test.at.gv.egovernment.moa.id.UnitTestCase;
/*
@@ -63,7 +63,7 @@ public class SAMLArtifactParserTest extends UnitTestCase {
public SAMLArtifactParserTest(String name) {
super(name);
}
-
+
public void testParseTypeCode() throws Exception {
String sessionID = Random.nextRandom();
String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null);
diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
index a616e80ad..3676ca7d7 100644
--- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
+++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
@@ -94,8 +94,8 @@ public class DatabaseTestModule implements TestModuleInterface{
private String testMOAAdvancedLoggingDatabase() {
try {
- statLogUtils.testConnection();
-
+ statLogUtils.internalTesting();
+
Logger.trace("Finish Test: AdvancedLoggingDataBase");
return null;
diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
index a56be1f46..e6dbcd89d 100644
--- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
+++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
@@ -68,7 +68,7 @@ public class IdentityLinkTestModule implements TestModuleInterface {
Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder()
.build(identityLink, config
.getMoaSpIdentityLinkTrustProfileID(false));
-
+
// invokes the call
Element domVerifyXMLSignatureResponse = SignatureVerificationInvoker.getInstance()
.verifyXMLSignature(domVerifyXMLSignatureRequest);