diff options
Diffstat (limited to 'id')
5 files changed, 256 insertions, 331 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 59482c4a8..ae3ec9a9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -44,13 +44,15 @@ import java.security.cert.CertificateException;  import java.util.ArrayList;  import java.util.Date;  import java.util.List; +import java.util.Map; +import org.apache.commons.collections4.map.HashedMap; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; +import at.gv.egovernment.moa.id.auth.exception.SessionDataStorageException;  import at.gv.egovernment.moa.id.data.MISMandate;  import at.gv.egovernment.moa.logging.Logger;  import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.MiscUtil;  /**   * Session data to be stored between <code>AuthenticationServer</code> API calls. @@ -215,129 +217,28 @@ public class AuthenticationSession implements Serializable {  	 * accept. The infobox identifiers are comma separated.  	 */  	private String pushInfobox; -	 -	/** -	 * The STORK AuthRequest to be sent to the C-PEPS -	 */ -	private STORKAuthnRequest storkAuthnRequest; -	 -	private String storkAuthnResponse; -	 +		  	// private AuthenticationData authData;  	// protocol selection  	private String action;  	private String modul; +	private String processInstanceId; +	  	private boolean authenticated;  	private boolean authenticatedUsed = false;  	private boolean ssoRequested = false; -	 +		  	private String QAALevel = null; -	 -//	private OAuth20SessionObject oAuth20SessionObject; -	 -	// /** -	// * Indicates if target from configuration is used or not -	// */ -	// private boolean useTargetFromConfig; -	 -	// /** -	// * Authentication data for the assertion -	// */ -	// private AuthenticationData assertionAuthData; -	// -	// /** -	// * Persondata for the assertion -	// */ -	// private String assertionPrPerson; -	// -	// /** -	// * Authblock for the assertion -	// */ -	// private String assertionAuthBlock; -	// -	// /** -	// * Identitylink assertion for the (MOA) assertion -	// */ -	// private String assertionIlAssertion; -	// -	// /** -	// * Signer certificate (base64 encoded) for the assertion -	// */ -	// private String assertionSignerCertificateBase64; -	// -	// /** -	// * bussiness service for the assertion -	// */ -	// boolean assertionBusinessService; -	// -	// /** -	// * timestamp logging when authentication session has been created -	// */ -	// private Date timestampStart; -	// private CreateXMLSignatureResponse XMLCreateSignatureResponse; -	 +		  	private VerifyXMLSignatureResponse XMLVerifySignatureResponse;  	private boolean isForeigner; - -	private IPersonalAttributeList storkAttributes; +	private Map<String, Object> genericSessionDataStorate = new HashedMap<String, Object>(); -	//Temporary store SignRequest for local processing -	private String signedDoc; -	//Temporary store SAMLResponse for processing after user signed signedDoc locally -	private String SAMLResponse; -	// -	private StringBuffer returnURL; -	private IPersonalAttributeList authnResponseGetPersonalAttributeList; -	private String authnContextClassRef; -	// private String requestedProtocolURL = null; -	 -	private String processInstanceId; -	 -	public String getAuthnContextClassRef() { -		return authnContextClassRef; -	} - -	public void setAuthnContextClassRef(String authnContextClassRef) { -		this.authnContextClassRef = authnContextClassRef; -	} - -	public IPersonalAttributeList getAuthnResponseGetPersonalAttributeList() { -		return authnResponseGetPersonalAttributeList; -	} - -	public void setAuthnResponseGetPersonalAttributeList(IPersonalAttributeList authnResponseGetPersonalAttributeList) { -		this.authnResponseGetPersonalAttributeList = authnResponseGetPersonalAttributeList; -	} - -	public String getSAMLResponse() { -		return SAMLResponse; -	} - -	public void setSAMLResponse(String samlResponse) { -		SAMLResponse = samlResponse; -	} - -	public StringBuffer getReturnURL() { -		return returnURL; -	} - -	public void setReturnURL(StringBuffer returnURL) { -		this.returnURL = returnURL; -	} - -	public String getSignedDoc() { -		return signedDoc; -	} - -	public void setSignedDoc(String signedDoc) { -		this.signedDoc = signedDoc; -	} -  	public String getModul() {  		return modul;  	} @@ -353,15 +254,7 @@ public class AuthenticationSession implements Serializable {  	public void setAction(String action) {  		this.action = action;  	} -	 -	// public AuthenticationData getAuthData() { -	// return authData; -	// } -	// -	// public void setAuthData(AuthenticationData authData) { -	// this.authData = authData; -	// } -	 +		  	public boolean isAuthenticatedUsed() {  		return authenticatedUsed;  	} @@ -378,14 +271,6 @@ public class AuthenticationSession implements Serializable {  		this.authenticated = authenticated;  	} -	// public String getRequestedProtocolURL() { -	// return requestedProtocolURL; -	// } -	// -	// public void setRequestedProtocolURL(String requestedProtocolURL) { -	// this.requestedProtocolURL = requestedProtocolURL; -	// } -	  	/**  	 * Constructor for AuthenticationSession.  	 *  @@ -395,8 +280,7 @@ public class AuthenticationSession implements Serializable {  	public AuthenticationSession(String id, Date created) {  		sessionID = id;  		sessionCreated = created; -		// setTimestampStart(); -//		infoboxValidators = new ArrayList(); +		  	}  	public X509Certificate getSignerCertificate() { @@ -760,98 +644,7 @@ public class AuthenticationSession implements Serializable {  	public void setIssueInstant(String issueInstant) {  		this.issueInstant = issueInstant;  	} -	 -//	/** -//	 * Returns the iterator to the stored infobox validators. -//	 *  -//	 * @return Iterator -//	 */ -//	public Iterator getInfoboxValidatorIterator() { -//		if (infoboxValidators == null) return null; -//		return infoboxValidators.iterator(); -//	} -	 -	// /** -	// * Adds an infobox validator class to the stored infobox validators. -	// * -	// * @param infoboxIdentifier -	// * the identifier of the infobox the validator belongs to -	// * @param infoboxFriendlyName -	// * the friendly name of the infobox -	// * @param infoboxValidator -	// * the infobox validator to add -	// */ -	// public Iterator addInfoboxValidator(String infoboxIdentifier, -	// String infoboxFriendlyName, InfoboxValidator infoboxValidator) { -	// if (infoboxValidators == null) -	// infoboxValidators = new ArrayList(); -	// Vector v = new Vector(3); -	// v.add(infoboxIdentifier); -	// v.add(infoboxFriendlyName); -	// v.add(infoboxValidator); -	// infoboxValidators.add(v); -	// return infoboxValidators.iterator(); -	// } -	 -//	/** -//	 * Tests for pending input events of the infobox validators. -//	 *  -//	 * @return true if a validator has a form to show -//	 */ -//	public boolean isValidatorInputPending() { -//		boolean result = false; -//		Iterator iter = getInfoboxValidatorIterator(); -//		if (iter != null) { -//			while (!result && iter.hasNext()) { -//				Vector infoboxValidatorVector = (Vector) iter.next(); -//				InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector.get(2); -//				if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) result = true; -//			} -//		} -//		return result; -//	} -	 -	// /** -	// * Returns the first pending infobox validator. -	// * -	// * @return the infobox validator class -	// */ -	// public InfoboxValidator getFirstPendingValidator() { -	// Iterator iter = getInfoboxValidatorIterator(); -	// if (iter != null) { -	// while (iter.hasNext()) { -	// Vector infoboxValidatorVector = (Vector) iter.next(); -	// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector -	// .get(2); -	// String form = infoboxvalidator.getForm(); -	// if (!ParepUtils.isEmpty(form)) -	// return infoboxvalidator; -	// } -	// } -	// return null; -	// } -	 -	// /** -	// * Returns the input form of the first pending infobox validator input -	// * processor. -	// * -	// * @return the form to show -	// */ -	// public String getFirstValidatorInputForm() { -	// Iterator iter = getInfoboxValidatorIterator(); -	// if (iter != null) { -	// while (iter.hasNext()) { -	// Vector infoboxValidatorVector = (Vector) iter.next(); -	// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector -	// .get(2); -	// String form = infoboxvalidator.getForm(); -	// if (!ParepUtils.isEmpty(form)) -	// return form; -	// } -	// } -	// return null; -	// } -	 +		  	/**  	 * Returns domain identifier (the register and number in the register parameter).  	 * <code>null</code> in the case of not a business service. @@ -954,26 +747,7 @@ public class AuthenticationSession implements Serializable {  	public void setMandateReferenceValue(String mandateReferenceValue) {  		this.mandateReferenceValue = mandateReferenceValue;  	} -	 -	/** -	 * Gets the STORK SAML AuthnRequest -	 *  -	 * @return STORK SAML AuthnRequest -	 */ -	public STORKAuthnRequest getStorkAuthnRequest() { -		return storkAuthnRequest; -	} -	 -	/** -	 * Sets the STORK SAML AuthnRequest -	 *  -	 * @param storkAuthnRequest -	 *            STORK SAML AuthnRequest -	 */ -	public void setStorkAuthnRequest(STORKAuthnRequest storkAuthnRequest) { -		this.storkAuthnRequest = storkAuthnRequest; -	} -	 +		  	public String getCcc() {  		return ccc;  	} @@ -1054,24 +828,8 @@ public class AuthenticationSession implements Serializable {  	}  	/** -	 * Memorizes the stork attribute list. -	 * -	 * @param personalAttributeList the new stork attributes -	 */ -	public void setStorkAttributes(IPersonalAttributeList personalAttributeList) { -		this.storkAttributes = personalAttributeList; -	} -	 -	/** -	 * Recalls the stork attribute list. -	 * -	 * @return the stork attributes -	 */ -	public IPersonalAttributeList getStorkAttributes() { -		return this.storkAttributes; -	} - -	/** +	 * eIDAS QAA level +	 *   	 * @return the qAALevel  	 */  	public String getQAALevel() { @@ -1079,6 +837,8 @@ public class AuthenticationSession implements Serializable {  	}  	/** +	 * set QAA level in eIDAS form +	 *   	 * @param qAALevel the qAALevel to set  	 */  	public void setQAALevel(String qAALevel) { @@ -1086,20 +846,6 @@ public class AuthenticationSession implements Serializable {  	}  	/** -	 * @return the storkAuthnResponse -	 */ -	public String getStorkAuthnResponse() { -		return storkAuthnResponse; -	} - -	/** -	 * @param storkAuthnResponse the storkAuthnResponse to set -	 */ -	public void setStorkAuthnResponse(String storkAuthnResponse) { -		this.storkAuthnResponse = storkAuthnResponse; -	} - -	/**  	 * @return the sessionCreated  	 */  	public Date getSessionCreated() { @@ -1121,5 +867,89 @@ public class AuthenticationSession implements Serializable {  	public void setProcessInstanceId(String processInstanceId) {  		this.processInstanceId = processInstanceId;  	} + +	public Map<String, Object> getGenericSessionDataStorage() { +		return genericSessionDataStorate; +	} +	 +	/** +	 * Returns a generic session-data object with is stored with a specific identifier  +	 *  +	 * @param key The specific identifier of the session-data object +	 * @return The session-data object or null if no data is found with this key +	 */ +	public Object getGenericDataFromSession(String key) { +		if (MiscUtil.isNotEmpty(key)) { +			return genericSessionDataStorate.get(key); +			 +		}  +		 +		Logger.warn("Can not load generic session-data with key='null'"); +		return null; +				 +	} +	 +	/** +	 * Returns a generic session-data object with is stored with a specific identifier  +	 *  +	 * @param key The specific identifier of the session-data object +	 * @param clazz The class type which is stored with this key +	 * @return The session-data object or null if no data is found with this key +	 */ +	public <T> T getGenericDataFromSession(String key, final Class<T> clazz) { +		if (MiscUtil.isNotEmpty(key)) { +			Object data =  genericSessionDataStorate.get(key); +			 +			if (data == null) +				return null; +			 +			try { +				@SuppressWarnings("unchecked") +				T test = (T) data; +				return test; +				 +			} catch (Exception e) { +				Logger.warn("Generic authentication-data object can not be casted to requsted type", e); +				return null; +				 +			} +			 +		}  +		 +		Logger.warn("Can not load generic session-data with key='null'"); +		return null; +				 +	} +	 +	/** +	 * Store a generic data-object to session with a specific identifier +	 *  +	 * @param key Identifier for this data-object +	 * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface +	 * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage +	 */ +	public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { +		if (MiscUtil.isEmpty(key)) { +			Logger.warn("Generic session-data can not be stored with a 'null' key"); +			throw new SessionDataStorageException("Generic session-data can not be stored with a 'null' key", null); +			 +		} +		 +		if (object != null) { +			if (!Serializable.class.isInstance(object)) { +				Logger.warn("Generic session-data can only store objects which implements the 'Seralizable' interface"); +				throw new SessionDataStorageException("Generic session-data can only store objects which implements the 'Seralizable' interface", null); +				 +			}						 +		} +		 +		if (genericSessionDataStorate.containsKey(key)) +			Logger.debug("Overwrite generic session-data with key:" + key); +		else +			Logger.trace("Add generic session-data with key:" + key + " to session."); +		 +		genericSessionDataStorate.put(key, object); +	} +	  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java new file mode 100644 index 000000000..f67f41dd3 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java @@ -0,0 +1,38 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.data; + +/** + * @author tlenz + * + */ +public class AuthenticationSessionStorageConstants { + +	public static final String PREFIX_STORK = "stork_";  +	public static final String PREFIX_eIDAS = "eIDAS_"; +	 +	public static final String STORK_ATTRIBUTELIST = PREFIX_STORK + "attributelist"; +	public static final String STORK_REQUEST = PREFIX_STORK + "request"; +	public static final String STORK_RESPONSE = PREFIX_STORK + "response"; +	public static final String STORK_CCC = PREFIX_STORK + "ccc"; +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/SessionDataStorageException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/SessionDataStorageException.java new file mode 100644 index 000000000..203be784e --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/SessionDataStorageException.java @@ -0,0 +1,45 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.exception; + +/** + * @author tlenz + * + */ +public class SessionDataStorageException extends MOAIDException { + +	/** +	 *  +	 */ +	private static final long serialVersionUID = 5743057708136365929L; + +	/** +	 * @param messageId +	 * @param parameters +	 */ +	public SessionDataStorageException(String messageId, Object[] parameters) { +		super(messageId, parameters); +		 +	} + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java index e2892e70a..a5dfe7524 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java @@ -29,13 +29,13 @@ import java.text.SimpleDateFormat;  import java.util.ArrayList;  import java.util.Date;  import java.util.List; +import java.util.Map; +import org.apache.commons.collections4.map.HashedMap;  import org.w3c.dom.Element; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -  import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.SessionDataStorageException;  import at.gv.egovernment.moa.logging.Logger;  import at.gv.egovernment.moa.util.DOMUtils;  import at.gv.egovernment.moa.util.DateTimeUtils; @@ -122,9 +122,8 @@ public class AuthenticationData  implements IAuthData, Serializable {  	  * STORK attributes from response  	  */  	  private String ccc = null; -	  private IPersonalAttributeList storkAttributes = null; -	  private String storkAuthnResponse; -	  private STORKAuthnRequest storkRequest = null; +	   +	  private Map<String, Object> genericDataStorate = new HashedMap<String, Object>();  	  private byte[] signerCertificate = null; @@ -397,23 +396,6 @@ public class AuthenticationData  implements IAuthData, Serializable {  		this.identityLink = identityLink;  	} - -	/** -	 * @return the storkAttributes -	 */ -	public IPersonalAttributeList getStorkAttributes() { -		return storkAttributes; -	} - - -	/** -	 * @param storkAttributes the storkAttributes to set -	 */ -	public void setStorkAttributes(IPersonalAttributeList storkAttributes) { -		this.storkAttributes = storkAttributes; -	} - -  	/**  	 * @return the signerCertificate  	 */ @@ -539,35 +521,6 @@ public class AuthenticationData  implements IAuthData, Serializable {  	}  	/** -	 * @param storkRequest the storkRequest to set -	 */ -	public void setStorkRequest(STORKAuthnRequest storkRequest) { -		this.storkRequest = storkRequest; -	} - -	/* (non-Javadoc) -	 * @see at.gv.egovernment.moa.id.data.IAuthData#getStorkAuthnRequest() -	 */ -	@Override -	public STORKAuthnRequest getStorkAuthnRequest() { -		return this.storkRequest; -	} - -	/** -	 * @return the storkAuthnResponse -	 */ -	public String getStorkAuthnResponse() { -		return storkAuthnResponse; -	} - -	/** -	 * @param storkAuthnResponse the storkAuthnResponse to set -	 */ -	public void setStorkAuthnResponse(String storkAuthnResponse) { -		this.storkAuthnResponse = storkAuthnResponse; -	} - -	/**  	 * @return the mandateReferenceValue  	 */  	public String getMandateReferenceValue() { @@ -743,5 +696,68 @@ public class AuthenticationData  implements IAuthData, Serializable {  	public void setIsBusinessService(boolean flag) {  		this.businessService = flag; -	}	 +	} +	 +	/** +	 * Returns a generic data-object with is stored with a specific identifier  +	 *  +	 * @param key The specific identifier of the data object +	 * @param clazz The class type which is stored with this key +	 * @return The data object or null if no data is found with this key +	 */ +	public <T> T getGenericData(String key, final Class<T> clazz) { +		if (MiscUtil.isNotEmpty(key)) { +			Object data = genericDataStorate.get(key);			 +			 +			if (data == null) +				return null; +			 +			try { +				@SuppressWarnings("unchecked") +				T test = (T) data; +				return test; +				 +			} catch (Exception e) { +				Logger.warn("Generic authentication-data object can not be casted to requsted type", e); +				return null; +				 +			} +			 +		}  +		 +		Logger.warn("Can not load generic session-data with key='null'"); +		return null; +				 +	} +	 +	/** +	 * Store a generic data-object to session with a specific identifier +	 *  +	 * @param key Identifier for this data-object +	 * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface +	 * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage +	 */ +	public void setGenericData(String key, Object object) throws SessionDataStorageException { +		if (MiscUtil.isEmpty(key)) { +			Logger.warn("Generic session-data can not be stored with a 'null' key"); +			throw new SessionDataStorageException("Generic data can not be stored with a 'null' key", null); +			 +		} +		 +		if (object != null) { +			if (!Serializable.class.isInstance(object)) { +				Logger.warn("Generic data can only store objects which implements the 'Seralizable' interface"); +				throw new SessionDataStorageException("Generic data can only store objects which implements the 'Seralizable' interface", null); +				 +			}						 +		} +		 +		if (genericDataStorate.containsKey(key)) +			Logger.debug("Overwrite generic data with key:" + key); +		else +			Logger.trace("Add generic data with key:" + key + " to session."); +		 +		genericDataStorate.put(key, object); +	} +	  } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java index 09b0d7971..915242787 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java @@ -27,9 +27,6 @@ import java.util.List;  import org.w3c.dom.Element; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -  import at.gv.egovernment.moa.id.auth.data.IdentityLink;  /** @@ -89,8 +86,7 @@ public interface IAuthData {  	 boolean isForeigner();  	 String getCcc(); -	 STORKAuthnRequest getStorkAuthnRequest(); -	 String getStorkAuthnResponse(); -	 IPersonalAttributeList getStorkAttributes(); +	  +	 public <T> T getGenericData(String key, final Class<T> clazz);  } | 
