aboutsummaryrefslogtreecommitdiff
path: root/id
diff options
context:
space:
mode:
Diffstat (limited to 'id')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java256
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java28
2 files changed, 156 insertions, 128 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
index 5a054b142..11e9cb860 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
@@ -3,15 +3,13 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.config;
import java.io.File;
import java.io.FileInputStream;
import java.util.ArrayList;
-import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.Set;
-import javax.xml.namespace.QName;
-
-import org.opensaml.saml2.common.Extensions;
+import org.apache.commons.io.FileUtils;
+import org.apache.commons.io.filefilter.DirectoryFileFilter;
import org.opensaml.saml2.metadata.Company;
import org.opensaml.saml2.metadata.ContactPerson;
import org.opensaml.saml2.metadata.ContactPersonTypeEnumeration;
@@ -24,15 +22,6 @@ import org.opensaml.saml2.metadata.OrganizationName;
import org.opensaml.saml2.metadata.OrganizationURL;
import org.opensaml.saml2.metadata.SurName;
import org.opensaml.saml2.metadata.TelephoneNumber;
-import org.opensaml.xml.Namespace;
-import org.opensaml.xml.NamespaceManager;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSBooleanValue;
-import org.opensaml.xml.util.AttributeMap;
-import org.opensaml.xml.util.IDIndex;
-import org.opensaml.xml.validation.ValidationException;
-import org.opensaml.xml.validation.Validator;
-import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.protocols.pvp2x.utils.Digester;
@@ -41,227 +30,254 @@ import at.gv.egovernment.moa.logging.Logger;
public class PVPConfiguration {
private static PVPConfiguration instance;
-
+
public static PVPConfiguration getInstance() {
- if(instance == null) {
+ if (instance == null) {
instance = new PVPConfiguration();
}
return instance;
}
-
+
public static final String PVP_CONFIG_FILE = "pvp2config.properties";
public static final String IDP_JAVAKEYSTORE = "idp.ks.file";
public static final String IDP_KEYALIAS = "idp.ks.alias";
public static final String IDP_KS_PASS = "idp.ks.kspassword";
public static final String IDP_KEY_PASS = "idp.ks.keypassword";
-
+
public static final String IDP_ISSUER_NAME = "idp.issuer.name";
-
- public static final String METADATA_FILE = "md.file";
-
+
+ public static final String METADATA_FILE = "md.dir";
+ public static final String METADATA_EXTENSION = "md.ext";
+
public static final String IDP_ENTITY = "idp.entityid";
public static final String IDP_ORG_NAME = "idp.org.name";
public static final String IDP_ORG_DISPNAME = "idp.org.dispname";
public static final String IDP_ORG_URL = "idp.org.url";
-
+
public static final String IDP_POST_SSO_SERVICE = "idp.sso.post";
public static final String IDP_REDIRECT_SSO_SERVICE = "idp.sso.redirect";
public static final String IDP_SOAP_RESOLVE_SERVICE = "idp.resolve.soap";
-
-
+
public static final String IDP_TRUST_STORE = "idp.truststore";
public static final String SP_TARGET_PREFIX = "sp.target.";
-
+
public static final String IDP_CONTACT_PREFIX = "idp.contact";
public static final String IDP_CONTACT_LIST = "idp.contact_list";
-
+
public static final String IDP_CONTACT_SURNAME = "surname";
public static final String IDP_CONTACT_GIVENNAME = "givenname";
public static final String IDP_CONTACT_MAIL = "mail";
public static final String IDP_CONTACT_TYPE = "type";
public static final String IDP_CONTACT_COMPANY = "company";
public static final String IDP_CONTACT_PHONE = "phone";
-
-
+
Properties props = new Properties();
-
+
private PVPConfiguration() {
try {
- String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
+ String fileName = System
+ .getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
String pathName = (new File(fileName)).getParent();
String configFile = pathName + "/" + PVP_CONFIG_FILE;
-
+
Logger.info("PVP Config file " + configFile);
FileInputStream is = new FileInputStream(configFile);
props.load(is);
is.close();
- } catch(Exception e) {
+ } catch (Exception e) {
e.printStackTrace();
}
}
-
+
public String getIDPSSOPostService() {
return props.getProperty(IDP_POST_SSO_SERVICE);
}
-
+
public String getIDPSSORedirectService() {
return props.getProperty(IDP_REDIRECT_SSO_SERVICE);
}
-
+
public String getIDPResolveSOAPService() {
return props.getProperty(IDP_SOAP_RESOLVE_SERVICE);
}
-
+
public String getIDPKeyStoreFilename() {
return props.getProperty(IDP_JAVAKEYSTORE);
}
-
+
public String getIDPKeyStorePassword() {
return props.getProperty(IDP_KS_PASS);
}
-
+
public String getIDPKeyAlias() {
return props.getProperty(IDP_KEYALIAS);
}
-
+
public String getIDPKeyPassword() {
return props.getProperty(IDP_KEY_PASS);
}
-
+
public String getIDPIssuerName() {
return props.getProperty(IDP_ISSUER_NAME);
}
-
- public String getMetadataFile() {
- return props.getProperty(METADATA_FILE);
+
+ public List<String> getMetadataFiles() {
+ String filter = props.getProperty(METADATA_EXTENSION);
+
+ if (filter == null) {
+ filter = ".mdxml";
+ }
+
+ List<String> files = new ArrayList<String>();
+
+ File[] faFiles = new File(props.getProperty(METADATA_FILE)).listFiles();
+ for (File file : faFiles) {
+ if (!file.isDirectory()) {
+ if (file.getName().endsWith(filter)) {
+ files.add(file.getAbsolutePath());
+ }
+ }
+ }
+
+ return files;
}
-
+
public String getTargetForSP(String sp) {
String spHash = Digester.toSHA1(sp.getBytes());
Logger.info("SHA hash for sp: " + sp + " => " + spHash);
return props.getProperty(SP_TARGET_PREFIX + spHash);
}
-
+
public String getTrustEntityCertificate(String entityID) {
String path = props.getProperty(IDP_TRUST_STORE);
- if(path == null) {
+ if (path == null) {
return null;
}
-
- if(!path.endsWith("/")) {
+
+ if (!path.endsWith("/")) {
path = path + "/";
}
-
+
String entityIDHash = Digester.toSHA1(entityID.getBytes());
-
+
return path + entityIDHash;
}
-
+
public List<ContactPerson> getIDPContacts() {
List<ContactPerson> list = new ArrayList<ContactPerson>();
-
+
String contactList = props.getProperty(IDP_CONTACT_LIST);
-
- if(contactList != null) {
-
+
+ if (contactList != null) {
+
String[] contact_keys = contactList.split(",");
-
- for(int i = 0; i < contact_keys.length; i++) {
-
+
+ for (int i = 0; i < contact_keys.length; i++) {
+
String key = contact_keys[i];
-
- ContactPerson person = SAML2Utils.createSAMLObject(ContactPerson.class);
-
- String type = props.getProperty(IDP_CONTACT_PREFIX +
- "." + key + "." + IDP_CONTACT_TYPE);
-
- if(type == null) {
- Logger.error("IDP Contact with key " + key + " has no type defined!");
+
+ ContactPerson person = SAML2Utils
+ .createSAMLObject(ContactPerson.class);
+
+ String type = props.getProperty(IDP_CONTACT_PREFIX + "." + key
+ + "." + IDP_CONTACT_TYPE);
+
+ if (type == null) {
+ Logger.error("IDP Contact with key " + key
+ + " has no type defined!");
break;
}
-
+
ContactPersonTypeEnumeration enumType = null;
-
- if(type.equals(ContactPersonTypeEnumeration.ADMINISTRATIVE.toString())) {
+
+ if (type.equals(ContactPersonTypeEnumeration.ADMINISTRATIVE
+ .toString())) {
enumType = ContactPersonTypeEnumeration.ADMINISTRATIVE;
- } else if(type.equals(ContactPersonTypeEnumeration.BILLING.toString())){
+ } else if (type.equals(ContactPersonTypeEnumeration.BILLING
+ .toString())) {
enumType = ContactPersonTypeEnumeration.BILLING;
- } else if(type.equals(ContactPersonTypeEnumeration.OTHER.toString())){
+ } else if (type.equals(ContactPersonTypeEnumeration.OTHER
+ .toString())) {
enumType = ContactPersonTypeEnumeration.OTHER;
- }else if(type.equals(ContactPersonTypeEnumeration.SUPPORT.toString())){
+ } else if (type.equals(ContactPersonTypeEnumeration.SUPPORT
+ .toString())) {
enumType = ContactPersonTypeEnumeration.SUPPORT;
- }else if(type.equals(ContactPersonTypeEnumeration.TECHNICAL.toString())){
+ } else if (type.equals(ContactPersonTypeEnumeration.TECHNICAL
+ .toString())) {
enumType = ContactPersonTypeEnumeration.TECHNICAL;
}
-
- if(enumType == null) {
- Logger.error("IDP Contact with key " + key + " has invalid type defined: " +
- type);
+
+ if (enumType == null) {
+ Logger.error("IDP Contact with key " + key
+ + " has invalid type defined: " + type);
break;
}
-
+
person.setType(enumType);
-
- String givenName = props.getProperty(IDP_CONTACT_PREFIX +
- "." + key + "." + IDP_CONTACT_GIVENNAME);
-
- if(givenName != null) {
- GivenName name = SAML2Utils.createSAMLObject(GivenName.class);
+
+ String givenName = props.getProperty(IDP_CONTACT_PREFIX + "."
+ + key + "." + IDP_CONTACT_GIVENNAME);
+
+ if (givenName != null) {
+ GivenName name = SAML2Utils
+ .createSAMLObject(GivenName.class);
name.setName(givenName);
person.setGivenName(name);
}
-
- String company = props.getProperty(IDP_CONTACT_PREFIX +
- "." + key + "." + IDP_CONTACT_COMPANY);
-
- if(company != null) {
+
+ String company = props.getProperty(IDP_CONTACT_PREFIX + "."
+ + key + "." + IDP_CONTACT_COMPANY);
+
+ if (company != null) {
Company comp = SAML2Utils.createSAMLObject(Company.class);
comp.setName(company);
person.setCompany(comp);
}
-
- String surname = props.getProperty(IDP_CONTACT_PREFIX +
- "." + key + "." + IDP_CONTACT_SURNAME);
-
- if(surname != null) {
+
+ String surname = props.getProperty(IDP_CONTACT_PREFIX + "."
+ + key + "." + IDP_CONTACT_SURNAME);
+
+ if (surname != null) {
SurName name = SAML2Utils.createSAMLObject(SurName.class);
name.setName(surname);
person.setSurName(name);
}
-
+
Set<Object> keySet = props.keySet();
Iterator<Object> keyIt = keySet.iterator();
-
- while(keyIt.hasNext()) {
-
+
+ while (keyIt.hasNext()) {
+
String currentKey = keyIt.next().toString();
-
- if(currentKey.startsWith(IDP_CONTACT_PREFIX +
- "." + key + "." + IDP_CONTACT_PHONE)) {
+
+ if (currentKey.startsWith(IDP_CONTACT_PREFIX + "." + key
+ + "." + IDP_CONTACT_PHONE)) {
String phone = props.getProperty(currentKey);
-
- if(phone != null) {
- TelephoneNumber telePhone = SAML2Utils.createSAMLObject(TelephoneNumber.class);
+
+ if (phone != null) {
+ TelephoneNumber telePhone = SAML2Utils
+ .createSAMLObject(TelephoneNumber.class);
telePhone.setNumber(phone);
person.getTelephoneNumbers().add(telePhone);
}
- } else if(currentKey.startsWith(IDP_CONTACT_PREFIX +
- "." + key + "." + IDP_CONTACT_MAIL)) {
+ } else if (currentKey.startsWith(IDP_CONTACT_PREFIX + "."
+ + key + "." + IDP_CONTACT_MAIL)) {
String mail = props.getProperty(currentKey);
-
- if(mail != null) {
- EmailAddress mailAddress = SAML2Utils.createSAMLObject(EmailAddress.class);
+
+ if (mail != null) {
+ EmailAddress mailAddress = SAML2Utils
+ .createSAMLObject(EmailAddress.class);
mailAddress.setAddress(mail);
person.getEmailAddresses().add(mailAddress);
}
}
}
list.add(person);
- }
+ }
}
return list;
}
-
+
public Organization getIDPOrganisation() {
Organization org = SAML2Utils.createSAMLObject(Organization.class);
@@ -269,22 +285,22 @@ public class PVPConfiguration {
String org_dispname = props.getProperty(IDP_ORG_DISPNAME);
String org_url = props.getProperty(IDP_ORG_URL);
- if(org_name == null || org_dispname == null || org_url == null) {
+ if (org_name == null || org_dispname == null || org_url == null) {
return null;
}
-
- OrganizationDisplayName dispName = SAML2Utils.createSAMLObject(
- OrganizationDisplayName.class);
+
+ OrganizationDisplayName dispName = SAML2Utils
+ .createSAMLObject(OrganizationDisplayName.class);
dispName.setName(new LocalizedString(org_dispname, "de"));
org.getDisplayNames().add(dispName);
-
- OrganizationName name = SAML2Utils.createSAMLObject(
- OrganizationName.class);
+
+ OrganizationName name = SAML2Utils
+ .createSAMLObject(OrganizationName.class);
name.setName(new LocalizedString(org_name, "de"));
org.getOrganizationNames().add(name);
-
- OrganizationURL url = SAML2Utils.createSAMLObject(
- OrganizationURL.class);
+
+ OrganizationURL url = SAML2Utils
+ .createSAMLObject(OrganizationURL.class);
url.setURL(new LocalizedString(org_url, "de"));
org.getURLs().add(url);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index 71de16a97..b38b862ef 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -1,6 +1,7 @@
package at.gv.egovernment.moa.id.protocols.pvp2x.metadata;
import java.io.File;
+import java.util.Iterator;
import java.util.List;
import javax.xml.namespace.QName;
@@ -8,6 +9,7 @@ import javax.xml.namespace.QName;
import org.opensaml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.RoleDescriptor;
+import org.opensaml.saml2.metadata.provider.ChainingMetadataProvider;
import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
import org.opensaml.saml2.metadata.provider.MetadataFilter;
import org.opensaml.saml2.metadata.provider.MetadataProvider;
@@ -17,20 +19,30 @@ import org.opensaml.xml.parse.BasicParserPool;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.MetadataSignatureFilter;
+import at.gv.egovernment.moa.logging.Logger;
public class MOAMetadataProvider implements MetadataProvider {
MetadataProvider internalProvider;
public MOAMetadataProvider() throws MetadataProviderException {
- FilesystemMetadataProvider fsProvider = new FilesystemMetadataProvider(
- new File(PVPConfiguration.getInstance().getMetadataFile()));
- fsProvider.setParserPool(new BasicParserPool());
- internalProvider = fsProvider;
- internalProvider.setRequireValidMetadata(true);
- MetadataFilter filter = new MetadataSignatureFilter();
- internalProvider.setMetadataFilter(filter);
- fsProvider.initialize();
+ ChainingMetadataProvider chainProvider = new ChainingMetadataProvider();
+ Logger.info("Loading metadata");
+ List<String> files = PVPConfiguration.getInstance().getMetadataFiles();
+ Iterator<String> fileIt = files.iterator();
+ while (fileIt.hasNext()) {
+ String file = fileIt.next();
+ Logger.info("Loading metadata file: " + file);
+ FilesystemMetadataProvider fsProvider = new FilesystemMetadataProvider(
+ new File(file));
+ fsProvider.setParserPool(new BasicParserPool());
+ fsProvider.setRequireValidMetadata(true);
+ MetadataFilter filter = new MetadataSignatureFilter();
+ fsProvider.setMetadataFilter(filter);
+ chainProvider.addMetadataProvider(fsProvider);
+ fsProvider.initialize();
+ }
+ internalProvider = chainProvider;
}
public boolean requireValidMetadata() {