diff options
Diffstat (limited to 'id')
18 files changed, 388 insertions, 396 deletions
| diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml index ed809aee9..3a84ca37d 100644 --- a/id/server/auth/pom.xml +++ b/id/server/auth/pom.xml @@ -147,10 +147,10 @@          </dependency> -->   <!--         Adding stork module dependency automatically adds stork capabilities.  --> -		<dependency> +<!-- 		<dependency>  			<groupId>MOA.id.server.modules</groupId>  			<artifactId>moa-id-module-stork</artifactId> -		</dependency> +		</dependency> -->  		<!-- Adding monitoring module dependency automatically adds monitoring capabilities. -->  		<dependency> diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index ee697926b..3aa5d9869 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -33,7 +33,7 @@  			<version>6.1.1</version>
  			<scope>test</scope>
  		</dependency>
 -	<dependency>
 +<!-- 	<dependency>
  		<groupId>eu.stork</groupId>
  		<artifactId>oasis-dss-api</artifactId>
  		<version>1.0.0-RELEASE</version>
 @@ -43,7 +43,7 @@  				<artifactId>commons-io</artifactId>
  			</exclusion>
  		</exclusions>
 -	</dependency>
 +	</dependency> -->
      <dependency>
      	<groupId>at.gv.egiz.components</groupId>
 @@ -90,11 +90,11 @@              <artifactId>Commons</artifactId>
              <version>1.4.0</version>
          </dependency> -->
 -        <dependency>
 +<!--         <dependency>
              <groupId>eu.stork</groupId>
              <artifactId>SamlEngine</artifactId>
              <version>1.5.1</version>
 -        </dependency>
 +        </dependency> -->
  		<dependency>
  			<groupId>MOA</groupId>
 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 998fa495f..b79b99a65 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -32,7 +32,9 @@ import java.security.PrivateKey;  import java.util.ArrayList;  import java.util.Arrays;  import java.util.Date; +import java.util.Iterator;  import java.util.List; +import java.util.Map.Entry;  import java.util.regex.Matcher;  import java.util.regex.Pattern; @@ -62,6 +64,7 @@ import at.gv.e_government.reference.namespace.persondata._20020228_.PersonNameTy  import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType;  import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;  import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;  import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;  import at.gv.egovernment.moa.id.auth.data.IdentityLink;  import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; @@ -69,6 +72,7 @@ import at.gv.egovernment.moa.id.auth.exception.BuildException;  import at.gv.egovernment.moa.id.auth.exception.DynamicOABuildException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;  import at.gv.egovernment.moa.id.auth.exception.ParseException; +import at.gv.egovernment.moa.id.auth.exception.SessionDataStorageException;  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;  import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;  import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; @@ -788,16 +792,24 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants {  		//set STORK attributes  		if (extractor.containsAttribute(PVPConstants.EID_STORK_TOKEN_NAME)) {				 -			authData.setStorkAuthnResponse(extractor.getSingleAttributeValue(PVPConstants.EID_STORK_TOKEN_NAME));				 -			authData.setForeigner(true); +			try { +				authData.setGenericData(AuthenticationSessionStorageConstants.STORK_RESPONSE,  +						extractor.getSingleAttributeValue(PVPConstants.EID_STORK_TOKEN_NAME)); +				authData.setForeigner(true); +				 +			} catch (SessionDataStorageException e) { +				Logger.warn("STORK Response can not stored into generic authData.", e); +				 +			}				 -		} -	 -		if (!extractor.getSTORKAttributes().isEmpty()) { -			authData.setStorkAttributes(extractor.getSTORKAttributes()); -			authData.setForeigner(true);  		} +	 +//		if (!extractor.getSTORKAttributes().isEmpty()) { +//			authData.setStorkAttributes(extractor.getSTORKAttributes()); +//			authData.setForeigner(true); +//			 +//		}  		authData.setSsoSession(true);  		authData.setInterfederatedSSOSession(true); @@ -887,10 +899,22 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants {  		authData.setBkuURL(session.getBkuURL()); -		authData.setStorkAttributes(session.getStorkAttributes()); -		authData.setStorkAuthnResponse(session.getStorkAuthnResponse()); -		authData.setStorkRequest(session.getStorkAuthnRequest()); -		 +		//copy all generic authentication information to authData +		if (session.getGenericSessionDataStorage() != null &&   +				!session.getGenericSessionDataStorage().isEmpty()) { +			Iterator<Entry<String, Object>> copyInterator = session.getGenericSessionDataStorage().entrySet().iterator(); +			while (copyInterator.hasNext()) { +				Entry<String, Object> element = copyInterator.next(); +				try { +					authData.setGenericData(element.getKey(), element.getValue()); +					 +				} catch (SessionDataStorageException e) { +					Logger.warn("Can not add generic authData with key:" + element.getKey(), e); +					 +				}				 +			}									 +		} +								  		authData.setSignerCertificate(session.getEncodedSignerCertificate());  		authData.setAuthBlock(session.getAuthBlock()); @@ -921,9 +945,12 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants {  			}  			if (MiscUtil.isEmpty(authData.getCcc())) { -				if (authData.getStorkAuthnRequest() != null) { -					authData.setCcc(authData.getStorkAuthnRequest().getCitizenCountryCode()); -					Logger.info("Can not extract country from certificate -> Use country from STORK request."); +				String storkCCC = authData.getGenericData( +						AuthenticationSessionStorageConstants.STORK_CCC, String.class); +				 +				if (MiscUtil.isNotEmpty(storkCCC)) { +					authData.setCcc(storkCCC); +					Logger.info("Can not extract country from certificate -> Use country:" + storkCCC + " from STORK request.");  				} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 59482c4a8..ae3ec9a9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -44,13 +44,15 @@ import java.security.cert.CertificateException;  import java.util.ArrayList;  import java.util.Date;  import java.util.List; +import java.util.Map; +import org.apache.commons.collections4.map.HashedMap; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; +import at.gv.egovernment.moa.id.auth.exception.SessionDataStorageException;  import at.gv.egovernment.moa.id.data.MISMandate;  import at.gv.egovernment.moa.logging.Logger;  import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.MiscUtil;  /**   * Session data to be stored between <code>AuthenticationServer</code> API calls. @@ -215,129 +217,28 @@ public class AuthenticationSession implements Serializable {  	 * accept. The infobox identifiers are comma separated.  	 */  	private String pushInfobox; -	 -	/** -	 * The STORK AuthRequest to be sent to the C-PEPS -	 */ -	private STORKAuthnRequest storkAuthnRequest; -	 -	private String storkAuthnResponse; -	 +		  	// private AuthenticationData authData;  	// protocol selection  	private String action;  	private String modul; +	private String processInstanceId; +	  	private boolean authenticated;  	private boolean authenticatedUsed = false;  	private boolean ssoRequested = false; -	 +		  	private String QAALevel = null; -	 -//	private OAuth20SessionObject oAuth20SessionObject; -	 -	// /** -	// * Indicates if target from configuration is used or not -	// */ -	// private boolean useTargetFromConfig; -	 -	// /** -	// * Authentication data for the assertion -	// */ -	// private AuthenticationData assertionAuthData; -	// -	// /** -	// * Persondata for the assertion -	// */ -	// private String assertionPrPerson; -	// -	// /** -	// * Authblock for the assertion -	// */ -	// private String assertionAuthBlock; -	// -	// /** -	// * Identitylink assertion for the (MOA) assertion -	// */ -	// private String assertionIlAssertion; -	// -	// /** -	// * Signer certificate (base64 encoded) for the assertion -	// */ -	// private String assertionSignerCertificateBase64; -	// -	// /** -	// * bussiness service for the assertion -	// */ -	// boolean assertionBusinessService; -	// -	// /** -	// * timestamp logging when authentication session has been created -	// */ -	// private Date timestampStart; -	// private CreateXMLSignatureResponse XMLCreateSignatureResponse; -	 +		  	private VerifyXMLSignatureResponse XMLVerifySignatureResponse;  	private boolean isForeigner; - -	private IPersonalAttributeList storkAttributes; +	private Map<String, Object> genericSessionDataStorate = new HashedMap<String, Object>(); -	//Temporary store SignRequest for local processing -	private String signedDoc; -	//Temporary store SAMLResponse for processing after user signed signedDoc locally -	private String SAMLResponse; -	// -	private StringBuffer returnURL; -	private IPersonalAttributeList authnResponseGetPersonalAttributeList; -	private String authnContextClassRef; -	// private String requestedProtocolURL = null; -	 -	private String processInstanceId; -	 -	public String getAuthnContextClassRef() { -		return authnContextClassRef; -	} - -	public void setAuthnContextClassRef(String authnContextClassRef) { -		this.authnContextClassRef = authnContextClassRef; -	} - -	public IPersonalAttributeList getAuthnResponseGetPersonalAttributeList() { -		return authnResponseGetPersonalAttributeList; -	} - -	public void setAuthnResponseGetPersonalAttributeList(IPersonalAttributeList authnResponseGetPersonalAttributeList) { -		this.authnResponseGetPersonalAttributeList = authnResponseGetPersonalAttributeList; -	} - -	public String getSAMLResponse() { -		return SAMLResponse; -	} - -	public void setSAMLResponse(String samlResponse) { -		SAMLResponse = samlResponse; -	} - -	public StringBuffer getReturnURL() { -		return returnURL; -	} - -	public void setReturnURL(StringBuffer returnURL) { -		this.returnURL = returnURL; -	} - -	public String getSignedDoc() { -		return signedDoc; -	} - -	public void setSignedDoc(String signedDoc) { -		this.signedDoc = signedDoc; -	} -  	public String getModul() {  		return modul;  	} @@ -353,15 +254,7 @@ public class AuthenticationSession implements Serializable {  	public void setAction(String action) {  		this.action = action;  	} -	 -	// public AuthenticationData getAuthData() { -	// return authData; -	// } -	// -	// public void setAuthData(AuthenticationData authData) { -	// this.authData = authData; -	// } -	 +		  	public boolean isAuthenticatedUsed() {  		return authenticatedUsed;  	} @@ -378,14 +271,6 @@ public class AuthenticationSession implements Serializable {  		this.authenticated = authenticated;  	} -	// public String getRequestedProtocolURL() { -	// return requestedProtocolURL; -	// } -	// -	// public void setRequestedProtocolURL(String requestedProtocolURL) { -	// this.requestedProtocolURL = requestedProtocolURL; -	// } -	  	/**  	 * Constructor for AuthenticationSession.  	 *  @@ -395,8 +280,7 @@ public class AuthenticationSession implements Serializable {  	public AuthenticationSession(String id, Date created) {  		sessionID = id;  		sessionCreated = created; -		// setTimestampStart(); -//		infoboxValidators = new ArrayList(); +		  	}  	public X509Certificate getSignerCertificate() { @@ -760,98 +644,7 @@ public class AuthenticationSession implements Serializable {  	public void setIssueInstant(String issueInstant) {  		this.issueInstant = issueInstant;  	} -	 -//	/** -//	 * Returns the iterator to the stored infobox validators. -//	 *  -//	 * @return Iterator -//	 */ -//	public Iterator getInfoboxValidatorIterator() { -//		if (infoboxValidators == null) return null; -//		return infoboxValidators.iterator(); -//	} -	 -	// /** -	// * Adds an infobox validator class to the stored infobox validators. -	// * -	// * @param infoboxIdentifier -	// * the identifier of the infobox the validator belongs to -	// * @param infoboxFriendlyName -	// * the friendly name of the infobox -	// * @param infoboxValidator -	// * the infobox validator to add -	// */ -	// public Iterator addInfoboxValidator(String infoboxIdentifier, -	// String infoboxFriendlyName, InfoboxValidator infoboxValidator) { -	// if (infoboxValidators == null) -	// infoboxValidators = new ArrayList(); -	// Vector v = new Vector(3); -	// v.add(infoboxIdentifier); -	// v.add(infoboxFriendlyName); -	// v.add(infoboxValidator); -	// infoboxValidators.add(v); -	// return infoboxValidators.iterator(); -	// } -	 -//	/** -//	 * Tests for pending input events of the infobox validators. -//	 *  -//	 * @return true if a validator has a form to show -//	 */ -//	public boolean isValidatorInputPending() { -//		boolean result = false; -//		Iterator iter = getInfoboxValidatorIterator(); -//		if (iter != null) { -//			while (!result && iter.hasNext()) { -//				Vector infoboxValidatorVector = (Vector) iter.next(); -//				InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector.get(2); -//				if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) result = true; -//			} -//		} -//		return result; -//	} -	 -	// /** -	// * Returns the first pending infobox validator. -	// * -	// * @return the infobox validator class -	// */ -	// public InfoboxValidator getFirstPendingValidator() { -	// Iterator iter = getInfoboxValidatorIterator(); -	// if (iter != null) { -	// while (iter.hasNext()) { -	// Vector infoboxValidatorVector = (Vector) iter.next(); -	// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector -	// .get(2); -	// String form = infoboxvalidator.getForm(); -	// if (!ParepUtils.isEmpty(form)) -	// return infoboxvalidator; -	// } -	// } -	// return null; -	// } -	 -	// /** -	// * Returns the input form of the first pending infobox validator input -	// * processor. -	// * -	// * @return the form to show -	// */ -	// public String getFirstValidatorInputForm() { -	// Iterator iter = getInfoboxValidatorIterator(); -	// if (iter != null) { -	// while (iter.hasNext()) { -	// Vector infoboxValidatorVector = (Vector) iter.next(); -	// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector -	// .get(2); -	// String form = infoboxvalidator.getForm(); -	// if (!ParepUtils.isEmpty(form)) -	// return form; -	// } -	// } -	// return null; -	// } -	 +		  	/**  	 * Returns domain identifier (the register and number in the register parameter).  	 * <code>null</code> in the case of not a business service. @@ -954,26 +747,7 @@ public class AuthenticationSession implements Serializable {  	public void setMandateReferenceValue(String mandateReferenceValue) {  		this.mandateReferenceValue = mandateReferenceValue;  	} -	 -	/** -	 * Gets the STORK SAML AuthnRequest -	 *  -	 * @return STORK SAML AuthnRequest -	 */ -	public STORKAuthnRequest getStorkAuthnRequest() { -		return storkAuthnRequest; -	} -	 -	/** -	 * Sets the STORK SAML AuthnRequest -	 *  -	 * @param storkAuthnRequest -	 *            STORK SAML AuthnRequest -	 */ -	public void setStorkAuthnRequest(STORKAuthnRequest storkAuthnRequest) { -		this.storkAuthnRequest = storkAuthnRequest; -	} -	 +		  	public String getCcc() {  		return ccc;  	} @@ -1054,24 +828,8 @@ public class AuthenticationSession implements Serializable {  	}  	/** -	 * Memorizes the stork attribute list. -	 * -	 * @param personalAttributeList the new stork attributes -	 */ -	public void setStorkAttributes(IPersonalAttributeList personalAttributeList) { -		this.storkAttributes = personalAttributeList; -	} -	 -	/** -	 * Recalls the stork attribute list. -	 * -	 * @return the stork attributes -	 */ -	public IPersonalAttributeList getStorkAttributes() { -		return this.storkAttributes; -	} - -	/** +	 * eIDAS QAA level +	 *   	 * @return the qAALevel  	 */  	public String getQAALevel() { @@ -1079,6 +837,8 @@ public class AuthenticationSession implements Serializable {  	}  	/** +	 * set QAA level in eIDAS form +	 *   	 * @param qAALevel the qAALevel to set  	 */  	public void setQAALevel(String qAALevel) { @@ -1086,20 +846,6 @@ public class AuthenticationSession implements Serializable {  	}  	/** -	 * @return the storkAuthnResponse -	 */ -	public String getStorkAuthnResponse() { -		return storkAuthnResponse; -	} - -	/** -	 * @param storkAuthnResponse the storkAuthnResponse to set -	 */ -	public void setStorkAuthnResponse(String storkAuthnResponse) { -		this.storkAuthnResponse = storkAuthnResponse; -	} - -	/**  	 * @return the sessionCreated  	 */  	public Date getSessionCreated() { @@ -1121,5 +867,89 @@ public class AuthenticationSession implements Serializable {  	public void setProcessInstanceId(String processInstanceId) {  		this.processInstanceId = processInstanceId;  	} + +	public Map<String, Object> getGenericSessionDataStorage() { +		return genericSessionDataStorate; +	} +	 +	/** +	 * Returns a generic session-data object with is stored with a specific identifier  +	 *  +	 * @param key The specific identifier of the session-data object +	 * @return The session-data object or null if no data is found with this key +	 */ +	public Object getGenericDataFromSession(String key) { +		if (MiscUtil.isNotEmpty(key)) { +			return genericSessionDataStorate.get(key); +			 +		}  +		 +		Logger.warn("Can not load generic session-data with key='null'"); +		return null; +				 +	} +	 +	/** +	 * Returns a generic session-data object with is stored with a specific identifier  +	 *  +	 * @param key The specific identifier of the session-data object +	 * @param clazz The class type which is stored with this key +	 * @return The session-data object or null if no data is found with this key +	 */ +	public <T> T getGenericDataFromSession(String key, final Class<T> clazz) { +		if (MiscUtil.isNotEmpty(key)) { +			Object data =  genericSessionDataStorate.get(key); +			 +			if (data == null) +				return null; +			 +			try { +				@SuppressWarnings("unchecked") +				T test = (T) data; +				return test; +				 +			} catch (Exception e) { +				Logger.warn("Generic authentication-data object can not be casted to requsted type", e); +				return null; +				 +			} +			 +		}  +		 +		Logger.warn("Can not load generic session-data with key='null'"); +		return null; +				 +	} +	 +	/** +	 * Store a generic data-object to session with a specific identifier +	 *  +	 * @param key Identifier for this data-object +	 * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface +	 * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage +	 */ +	public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { +		if (MiscUtil.isEmpty(key)) { +			Logger.warn("Generic session-data can not be stored with a 'null' key"); +			throw new SessionDataStorageException("Generic session-data can not be stored with a 'null' key", null); +			 +		} +		 +		if (object != null) { +			if (!Serializable.class.isInstance(object)) { +				Logger.warn("Generic session-data can only store objects which implements the 'Seralizable' interface"); +				throw new SessionDataStorageException("Generic session-data can only store objects which implements the 'Seralizable' interface", null); +				 +			}						 +		} +		 +		if (genericSessionDataStorate.containsKey(key)) +			Logger.debug("Overwrite generic session-data with key:" + key); +		else +			Logger.trace("Add generic session-data with key:" + key + " to session."); +		 +		genericSessionDataStorate.put(key, object); +	} +	  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java new file mode 100644 index 000000000..f67f41dd3 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java @@ -0,0 +1,38 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.data; + +/** + * @author tlenz + * + */ +public class AuthenticationSessionStorageConstants { + +	public static final String PREFIX_STORK = "stork_";  +	public static final String PREFIX_eIDAS = "eIDAS_"; +	 +	public static final String STORK_ATTRIBUTELIST = PREFIX_STORK + "attributelist"; +	public static final String STORK_REQUEST = PREFIX_STORK + "request"; +	public static final String STORK_RESPONSE = PREFIX_STORK + "response"; +	public static final String STORK_CCC = PREFIX_STORK + "ccc"; +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/SessionDataStorageException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/SessionDataStorageException.java new file mode 100644 index 000000000..203be784e --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/SessionDataStorageException.java @@ -0,0 +1,45 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.exception; + +/** + * @author tlenz + * + */ +public class SessionDataStorageException extends MOAIDException { + +	/** +	 *  +	 */ +	private static final long serialVersionUID = 5743057708136365929L; + +	/** +	 * @param messageId +	 * @param parameters +	 */ +	public SessionDataStorageException(String messageId, Object[] parameters) { +		super(messageId, parameters); +		 +	} + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java index e2892e70a..a5dfe7524 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java @@ -29,13 +29,13 @@ import java.text.SimpleDateFormat;  import java.util.ArrayList;  import java.util.Date;  import java.util.List; +import java.util.Map; +import org.apache.commons.collections4.map.HashedMap;  import org.w3c.dom.Element; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -  import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.SessionDataStorageException;  import at.gv.egovernment.moa.logging.Logger;  import at.gv.egovernment.moa.util.DOMUtils;  import at.gv.egovernment.moa.util.DateTimeUtils; @@ -122,9 +122,8 @@ public class AuthenticationData  implements IAuthData, Serializable {  	  * STORK attributes from response  	  */  	  private String ccc = null; -	  private IPersonalAttributeList storkAttributes = null; -	  private String storkAuthnResponse; -	  private STORKAuthnRequest storkRequest = null; +	   +	  private Map<String, Object> genericDataStorate = new HashedMap<String, Object>();  	  private byte[] signerCertificate = null; @@ -397,23 +396,6 @@ public class AuthenticationData  implements IAuthData, Serializable {  		this.identityLink = identityLink;  	} - -	/** -	 * @return the storkAttributes -	 */ -	public IPersonalAttributeList getStorkAttributes() { -		return storkAttributes; -	} - - -	/** -	 * @param storkAttributes the storkAttributes to set -	 */ -	public void setStorkAttributes(IPersonalAttributeList storkAttributes) { -		this.storkAttributes = storkAttributes; -	} - -  	/**  	 * @return the signerCertificate  	 */ @@ -539,35 +521,6 @@ public class AuthenticationData  implements IAuthData, Serializable {  	}  	/** -	 * @param storkRequest the storkRequest to set -	 */ -	public void setStorkRequest(STORKAuthnRequest storkRequest) { -		this.storkRequest = storkRequest; -	} - -	/* (non-Javadoc) -	 * @see at.gv.egovernment.moa.id.data.IAuthData#getStorkAuthnRequest() -	 */ -	@Override -	public STORKAuthnRequest getStorkAuthnRequest() { -		return this.storkRequest; -	} - -	/** -	 * @return the storkAuthnResponse -	 */ -	public String getStorkAuthnResponse() { -		return storkAuthnResponse; -	} - -	/** -	 * @param storkAuthnResponse the storkAuthnResponse to set -	 */ -	public void setStorkAuthnResponse(String storkAuthnResponse) { -		this.storkAuthnResponse = storkAuthnResponse; -	} - -	/**  	 * @return the mandateReferenceValue  	 */  	public String getMandateReferenceValue() { @@ -743,5 +696,68 @@ public class AuthenticationData  implements IAuthData, Serializable {  	public void setIsBusinessService(boolean flag) {  		this.businessService = flag; -	}	 +	} +	 +	/** +	 * Returns a generic data-object with is stored with a specific identifier  +	 *  +	 * @param key The specific identifier of the data object +	 * @param clazz The class type which is stored with this key +	 * @return The data object or null if no data is found with this key +	 */ +	public <T> T getGenericData(String key, final Class<T> clazz) { +		if (MiscUtil.isNotEmpty(key)) { +			Object data = genericDataStorate.get(key);			 +			 +			if (data == null) +				return null; +			 +			try { +				@SuppressWarnings("unchecked") +				T test = (T) data; +				return test; +				 +			} catch (Exception e) { +				Logger.warn("Generic authentication-data object can not be casted to requsted type", e); +				return null; +				 +			} +			 +		}  +		 +		Logger.warn("Can not load generic session-data with key='null'"); +		return null; +				 +	} +	 +	/** +	 * Store a generic data-object to session with a specific identifier +	 *  +	 * @param key Identifier for this data-object +	 * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface +	 * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage +	 */ +	public void setGenericData(String key, Object object) throws SessionDataStorageException { +		if (MiscUtil.isEmpty(key)) { +			Logger.warn("Generic session-data can not be stored with a 'null' key"); +			throw new SessionDataStorageException("Generic data can not be stored with a 'null' key", null); +			 +		} +		 +		if (object != null) { +			if (!Serializable.class.isInstance(object)) { +				Logger.warn("Generic data can only store objects which implements the 'Seralizable' interface"); +				throw new SessionDataStorageException("Generic data can only store objects which implements the 'Seralizable' interface", null); +				 +			}						 +		} +		 +		if (genericDataStorate.containsKey(key)) +			Logger.debug("Overwrite generic data with key:" + key); +		else +			Logger.trace("Add generic data with key:" + key + " to session."); +		 +		genericDataStorate.put(key, object); +	} +	  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java index 09b0d7971..915242787 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java @@ -27,9 +27,6 @@ import java.util.List;  import org.w3c.dom.Element; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -  import at.gv.egovernment.moa.id.auth.data.IdentityLink;  /** @@ -89,8 +86,7 @@ public interface IAuthData {  	 boolean isForeigner();  	 String getCcc(); -	 STORKAuthnRequest getStorkAuthnRequest(); -	 String getStorkAuthnResponse(); -	 IPersonalAttributeList getStorkAttributes(); +	  +	 public <T> T getGenericData(String key, final Class<T> clazz);  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java index 84b791708..43a0458cb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EIDSTORKTOKEN.java @@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes;  import java.io.IOException; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;  import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;  import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;  import at.gv.egovernment.moa.id.data.IAuthData; @@ -47,7 +48,8 @@ public class EIDSTORKTOKEN implements IPVPAttributeBuilder  {  			throw new UnavailableAttributeException(EID_STORK_TOKEN_NAME);  		} else { -			String storkResponse = authData.getStorkAuthnResponse(); +			String storkResponse = authData.getGenericData( +					AuthenticationSessionStorageConstants.STORK_RESPONSE, String.class);  			if ( MiscUtil.isEmpty(storkResponse) ) {  				throw new UnavailableAttributeException(EID_STORK_TOKEN_NAME); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java index 26b3bfbd1..9c294245f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java @@ -38,9 +38,6 @@ import org.opensaml.saml2.core.StatusResponseType;  import org.opensaml.saml2.core.Subject;  import org.opensaml.xml.XMLObject; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -  import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;  import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;  import at.gv.egovernment.moa.logging.Logger; @@ -50,7 +47,7 @@ public class AssertionAttributeExtractor {  	private Assertion assertion = null;  	private Map<String, List<String>> attributs = new HashMap<String, List<String>>(); -	private PersonalAttributeList storkAttributes = new PersonalAttributeList(); +	//private PersonalAttributeList storkAttributes = new PersonalAttributeList();  	private final List<String> minimalAttributeNameList = Arrays.asList(  			PVPConstants.PRINCIPAL_NAME_NAME,  @@ -77,9 +74,9 @@ public class AssertionAttributeExtractor {  						for (XMLObject el : attr.getAttributeValues())  							storkAttrValues.add(el.getDOM().getTextContent()); -						PersonalAttribute storkAttr = new PersonalAttribute(attr.getName(),  -								false, storkAttrValues , "Available"); -						storkAttributes.put(attr.getName(), storkAttr ); +//						PersonalAttribute storkAttr = new PersonalAttribute(attr.getName(),  +//								false, storkAttrValues , "Available"); +//						storkAttributes.put(attr.getName(), storkAttr );  					} else {  						List<String> attrList = new ArrayList<String>(); @@ -155,9 +152,9 @@ public class AssertionAttributeExtractor {  	} -	public PersonalAttributeList getSTORKAttributes() { -		return storkAttributes; -	} +//	public PersonalAttributeList getSTORKAttributes() { +//		return storkAttributes; +//	}  	public String getNameID() throws AssertionAttributeExtractorExeption {		 diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index b94348856..5bdf51e7d 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -27,7 +27,10 @@ import java.util.List;  import javax.servlet.http.HttpServletRequest;  import javax.servlet.http.HttpServletResponse; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +  import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;  import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; @@ -71,8 +74,11 @@ public class GetArtifactAction implements IAction {  			SAML1AuthenticationServer saml1server = SAML1AuthenticationServer.getInstace();  			// add other stork attributes to MOA assertion if available -			if(null != authData.getStorkAttributes()) { -				List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = SAML1AuthenticationServer.addAdditionalSTORKAttributes(authData.getStorkAttributes()); +			IPersonalAttributeList storkAttributes = authData.getGenericData( +					AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST,  +					IPersonalAttributeList.class); +			if(null != storkAttributes) { +				List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = SAML1AuthenticationServer.addAdditionalSTORKAttributes(storkAttributes);  				authData.getExtendedSAMLAttributesOA().addAll(moaExtendedSAMLAttibutes);  				Logger.info("MOA assertion assembled and SAML Artifact generated.");  			} diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java index 939390847..ee4961d5e 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java @@ -21,6 +21,7 @@ import org.apache.commons.io.IOUtils;  import org.xml.sax.SAXException;
  import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
  import at.gv.egovernment.moa.id.auth.data.IdentityLink;
  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
  import at.gv.egovernment.moa.id.auth.exception.BKUException;
 @@ -113,7 +114,9 @@ public abstract class AbstractPepsConnectorWithLocalSigningTask extends Abstract  		moaSession.setIdentityLink(identityLink);
  		Logger.debug("Adding addtional STORK attributes to MOA session");
 -		moaSession.setStorkAttributes(personalAttributeList);
 +		moaSession.setGenericDataToSession(
 +				AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
 +				personalAttributeList);
  		// We don't have BKUURL, setting from null to "Not applicable"
  		moaSession.setBkuURL("Not applicable (STORK Authentication)");
 diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java index e19947313..7c178d97e 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java @@ -47,6 +47,7 @@ import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;  import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
  import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
  import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
  import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 @@ -268,7 +269,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {  			//attributeList.add(newAttribute);
  			//store SignRequest for later...
 -			moasession.setSignedDoc(signedDoc);
 +			moasession.setGenericDataToSession("STORK_signDoc", signedDoc);
  			acsURL = issuerValue + AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN;
  			// TODO[branch]: STORK AuthReq acsURL "/PEPSConnectorWithLocalSigning"
 @@ -343,7 +344,9 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask {  		Logger.debug("STORK AuthnRequest successfully internally validated.");
  		//send
 -		moasession.setStorkAuthnRequest(authnRequest);
 +		moasession.setGenericDataToSession(
 +				AuthenticationSessionStorageConstants.STORK_REQUEST, 
 +				authnRequest);
  		// do PEPS-conform logging for easier evaluation
  		try {
 diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java index 7b9fa3f12..f872241ae 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleLocalSignResponseTask.java @@ -22,6 +22,7 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;  import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
  import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
  import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
  import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
 @@ -142,7 +143,10 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec  			moaSession.setXMLVerifySignatureResponse(tmp);
  			executionContext.put("identityLinkAvailable", false);
  			try {
 -				IPersonalAttributeList personalAttributeList = moaSession.getAuthnResponseGetPersonalAttributeList();
 +				IPersonalAttributeList personalAttributeList = 
 +						moaSession.getGenericDataFromSession(
 +								AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
 +								IPersonalAttributeList.class);
  				// Add SignResponse TODO Add signature (extracted from signResponse)?
  				List<String> values = new ArrayList<String>();
  				values.add(signResponseString);
 @@ -151,7 +155,8 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec  				PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values, "Available");
  				personalAttributeList.add(signedDocAttribute);
 -				String authnContextClassRef = moaSession.getAuthnContextClassRef();
 +				String authnContextClassRef = moaSession.getGenericDataFromSession(
 +						"STORK_authContextClass", String.class);
  				SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef, citizenSignature);
  				executionContext.put("identityLinkAvailable", true);
  			} catch (STORKException e) {
 @@ -187,8 +192,9 @@ public class PepsConnectorHandleLocalSignResponseTask extends AbstractPepsConnec  			}
  			Logger.debug("Add full STORK AuthnResponse to MOA session");
 -			moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));// TODO ask Florian/Thomas
 -																					// authnResponse?
 +			moaSession.setGenericDataToSession(
 +					AuthenticationSessionStorageConstants.STORK_RESPONSE, 
 +					request.getParameter("SAMLResponse"));
  			MOAReversionLogger.getInstance().logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_RECEIVED);
 diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java index 304e5f495..8240f6d00 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java @@ -2,18 +2,15 @@ package at.gv.egovernment.moa.id.auth.modules.stork.tasks;  import iaik.x509.X509Certificate;
 -import java.io.IOException;
  import java.io.StringWriter;
  import java.util.ArrayList;
  import java.util.Collection;
 -import java.util.List;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  import javax.xml.transform.Source;
  import javax.xml.transform.stream.StreamSource;
 -import org.apache.commons.codec.binary.Base64;
  import org.apache.commons.io.IOUtils;
  import org.apache.commons.lang.StringEscapeUtils;
  import org.apache.velocity.Template;
 @@ -24,6 +21,7 @@ import org.opensaml.saml2.core.StatusCode;  import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
  import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
  import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
  import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
 @@ -204,7 +202,10 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep  			Logger.debug("MOA session is still valid");
 -			STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();
 +			STORKAuthnRequest storkAuthnRequest = 
 +					moaSession.getGenericDataFromSession(
 +							AuthenticationSessionStorageConstants.STORK_REQUEST, 
 +							STORKAuthnRequest.class);
  			if (storkAuthnRequest == null) {
  				Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
 @@ -263,11 +264,15 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep  				} else {
  					// store SAMLResponse
 -					moaSession.setSAMLResponse(request.getParameter("SAMLResponse"));
 +					moaSession.setGenericDataToSession(
 +							AuthenticationSessionStorageConstants.STORK_RESPONSE, 
 +							request.getParameter("SAMLResponse"));
  					// store authnResponse
  					// moaSession.setAuthnResponse(authnResponse);//not serializable
 -					moaSession.setAuthnResponseGetPersonalAttributeList(attributeList);
 +					moaSession.setGenericDataToSession(
 +							AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
 +							attributeList);
  					String authnContextClassRef = null;
  					try {
 @@ -277,12 +282,12 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep  						Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level");
  					}
 -					moaSession.setAuthnContextClassRef(authnContextClassRef);
 -					moaSession.setReturnURL(request.getRequestURL());
 +					moaSession.setGenericDataToSession("STORK_authContextClass", authnContextClassRef);
 +					moaSession.setGenericDataToSession("STORK_returnURL", request.getRequestURL());
  					// load signedDoc
 -					String signRequest = moaSession.getSignedDoc();
 -
 +					String signRequest = moaSession.getGenericDataFromSession("STORK_signDoc", String.class);
 +					
  					// session is implicit stored in changeSessionID!!!!
  					String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
 @@ -380,9 +385,11 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep  			}
  			Logger.debug("Add full STORK AuthnResponse to MOA session");
 -			moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));// TODO ask Florian/Thomas
 -																					// authnResponse?
 -
 +			moaSession.setGenericDataToSession(
 +					AuthenticationSessionStorageConstants.STORK_RESPONSE, 
 +					request.getParameter("SAMLResponse"));
 +			
 +			
  			// session is implicit stored in changeSessionID!!!!
  			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
 diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index b505605ab..8322d1a02 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -2,7 +2,6 @@ package at.gv.egovernment.moa.id.auth.modules.stork.tasks;  import iaik.x509.X509Certificate;
 -import java.io.IOException;
  import java.io.InputStream;
  import java.io.StringWriter;
  import java.net.URL;
 @@ -11,7 +10,6 @@ import java.util.ArrayList;  import java.util.Arrays;
  import java.util.Date;
  import java.util.List;
 -import java.util.Properties;
  import javax.activation.DataSource;
  import javax.servlet.http.HttpServletRequest;
 @@ -39,6 +37,7 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;  import at.gv.egovernment.moa.id.auth.BaseAuthenticationServer;
  import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
  import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
  import at.gv.egovernment.moa.id.auth.data.IdentityLink;
  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
  import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 @@ -243,7 +242,10 @@ public class PepsConnectorTask extends AbstractAuthServletTask {  			Logger.debug("MOA session is still valid");
 -			STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest();
 +			STORKAuthnRequest storkAuthnRequest = 
 +					moaSession.getGenericDataFromSession(
 +							AuthenticationSessionStorageConstants.STORK_REQUEST, 
 +							STORKAuthnRequest.class);
  			if (storkAuthnRequest == null) {
  				Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
 @@ -575,10 +577,15 @@ public class PepsConnectorTask extends AbstractAuthServletTask {  			moaSession.setIdentityLink(identityLink);
  			Logger.debug("Adding addtional STORK attributes to MOA session");
 -			moaSession.setStorkAttributes(attributeList);
 -
 +			moaSession.setGenericDataToSession(
 +					AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST, 
 +					attributeList);
 +			
  			Logger.debug("Add full STORK AuthnResponse to MOA session");
 -			moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));
 +			moaSession.setGenericDataToSession(
 +					AuthenticationSessionStorageConstants.STORK_RESPONSE, 
 +					request.getParameter("SAMLResponse"));
 +
  			// We don't have BKUURL, setting from null to "Not applicable"
  			moaSession.setBkuURL("Not applicable (STORK Authentication)");
 diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java index 9a0598cf6..fb9172f6e 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/STORKAttributHelper.java @@ -24,8 +24,7 @@ package at.gv.egovernment.moa.id.protocols.builder.attributes;  import eu.stork.peps.auth.commons.IPersonalAttributeList;  import eu.stork.peps.auth.commons.PersonalAttribute; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.stork.STORKConstants; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;  import at.gv.egovernment.moa.id.data.IAuthData;  import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;  import at.gv.egovernment.moa.logging.Logger; @@ -43,7 +42,10 @@ public class STORKAttributHelper {  			throw new UnavailableAttributeException(attributName);  		} else { -			IPersonalAttributeList storkAttributes = authSession.getStorkAttributes(); +			IPersonalAttributeList storkAttributes =  +					authSession.getGenericData( +							AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST,  +							IPersonalAttributeList.class);  			if ( storkAttributes == null ) {  				throw new UnavailableAttributeException(attributName); diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 2c7e5b539..f9f38e2d5 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -23,6 +23,7 @@  package at.gv.egovernment.moa.id.protocols.stork2;  import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;  import at.gv.egovernment.moa.id.auth.exception.BuildException;  import at.gv.egovernment.moa.id.data.AuthenticationRole;  import at.gv.egovernment.moa.id.data.IAuthData; @@ -30,6 +31,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;  import at.gv.egovernment.moa.id.util.PVPtoSTORKMapper;  import at.gv.egovernment.moa.logging.Logger;  import at.gv.egovernment.moa.util.MiscUtil; +import eu.stork.peps.auth.commons.IPersonalAttributeList;  import eu.stork.peps.auth.commons.PersonalAttribute;  import eu.stork.peps.auth.commons.PersonalAttributeList;  import eu.stork.peps.complex.attributes.eu.stork.names.tc.stork._1_0.assertion.AttributeStatusType; @@ -83,12 +85,17 @@ public class MOAAttributeProvider {      public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) {          String storkAttribute = requestedAttribute.getName(); - +         +        IPersonalAttributeList storkAttributes =  +        		authData.getGenericData( +						AuthenticationSessionStorageConstants.STORK_ATTRIBUTELIST,  +						IPersonalAttributeList.class); +                  // TODO: check if authData gets populated with stork attributtes during previous steps; it seems it is not -        if (null != authData && null != authData.getStorkAttributes() && authData.getStorkAttributes().containsKey(requestedAttribute.getName())) { +        if (null != authData && null != storkAttributes && storkAttributes.containsKey(requestedAttribute.getName())) {              Logger.debug("Trying to get value for attribute directly from STORK2 response [" + storkAttribute + "]");              try { -                PersonalAttribute tmp = authData.getStorkAttributes().get(requestedAttribute.getName()); +                PersonalAttribute tmp = storkAttributes.get(requestedAttribute.getName());                  attributeList.add((PersonalAttribute) tmp.clone());              } catch(Exception e) {                  Logger.error("Could not retrieve attribute from STORK2 response: " + storkAttribute); | 
