diff options
Diffstat (limited to 'id')
7 files changed, 219 insertions, 36 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java new file mode 100644 index 000000000..099a70470 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/PVPtoSTORKMapper.java @@ -0,0 +1,174 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.util; + +import java.io.IOException; +import java.util.Properties; + +import at.gv.egovernment.moa.id.data.AuthenticationRole; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class PVPtoSTORKMapper { + + private static final String PVP_SECCLASS_PREFIX = "http://www.ref.gv.at/ns/names/agiz/pvp/"; + private static final String STORK_QAA_PREFIX = "http://www.stork.gov.eu/1.0/"; + private static final String eIDAS_QAA_PREFIX = "http://eidas.europa.eu/"; + + private static final String MAPPING_RESOURCE = + "resources/properties/pvp-stork_mapping.properties"; + + private static final String MAPPING_SECCLASS_PREFIX = "secclass_"; + private static final String MAPPING_EIDAS_PREFIX = "eidas_"; + + private Properties mapping = null; + + private static PVPtoSTORKMapper instance = null; + + public static PVPtoSTORKMapper getInstance() { + if (instance == null) { + instance = new PVPtoSTORKMapper(); + } + + return instance; + } + + private PVPtoSTORKMapper() { + try { + mapping = new Properties(); + mapping.load(this.getClass().getClassLoader().getResourceAsStream(MAPPING_RESOURCE)); + Logger.debug("PVP -> STORK Role mapping initialisation finished."); + + } catch (IOException e) { + Logger.error("PVP -> STORK Role mapping initialisation FAILED." , e); + mapping = null; + + } + + + } + + /** + * Map STORK QAA level to eIDAS QAA level + * + * @param storkQAA STORK QAA level + * @return + */ + public String mapSTORKQAAToeIDASQAA(String storkQAA) { + if (mapping != null) { + String input = storkQAA.substring(STORK_QAA_PREFIX.length()); + String mappedQAA = mapping.getProperty(MAPPING_EIDAS_PREFIX + input); + if (MiscUtil.isNotEmpty(mappedQAA)) { + Logger.info("Map STORK-QAA " + storkQAA + " to eIDAS-QAA " + mappedQAA); + return mappedQAA; + + } + } + Logger.warn("No eIDAS-QAA mapping for STORK-QAA " + storkQAA +" !"); + return null; + + } + + /** + * Map eIDAS QAA-level to STORK QAA-level + * + * @param qaaLevel eIDAS QAA-level + * @return STORK QAA-level + */ + public String mapeIDASQAAToSTORKQAA(String qaaLevel) { + if (mapping != null) { + String input = qaaLevel.substring(eIDAS_QAA_PREFIX.length()); + String mappedQAA = mapping.getProperty(input); + if (MiscUtil.isNotEmpty(mappedQAA)) { + Logger.info("Map eIDAS-QAA " + qaaLevel + " to STORK-QAA " + mappedQAA); + return mappedQAA; + + } + } + Logger.warn("No eIDAS-QAA mapping for eIDAS-QAA " + qaaLevel +" !"); + return null; + } + + /**Map a STORK QAA level to PVP SecClass + * + * @param STORK-QAA level + * @return PVP SecClass pvpQAALevel + */ + public String mapToSecClass(String storkQAALevel) { + if (mapping != null) { + String input = storkQAALevel.substring(STORK_QAA_PREFIX.length()); + String mappedQAA = mapping.getProperty(MAPPING_SECCLASS_PREFIX + input); + if (MiscUtil.isNotEmpty(mappedQAA)) { + Logger.info("Map STORK-QAA " + storkQAALevel + " to PVP SecClass " + mappedQAA); + return mappedQAA; + + } + } + Logger.warn("No mapping for STORK-QAA " + storkQAALevel +" !"); + return null; + } + + /**Map a PVP SecClass to STORK QAA level + * + * @param PVP SecClass pvpQAALevel + * @return STORK-QAA level + */ + public String mapToQAALevel(String pvpQAALevel) { + if (mapping != null) { + String input = pvpQAALevel.substring(PVP_SECCLASS_PREFIX.length()); + String mappedQAA = mapping.getProperty(input); + if (MiscUtil.isNotEmpty(mappedQAA)) { + Logger.info("Map PVP SecClass " + pvpQAALevel + " to STORK-QAA " + mappedQAA); + return mappedQAA; + + } + } + Logger.warn("No mapping for PVP SecClass " + pvpQAALevel +" !"); + return null; + } + + /**Map a PVP Role attribute to STORK ECAuthenticationRole attribute values + * + * @param PVP Role attribute + * @return STORK ECAuthenticationRole attribute value + */ + public String map(AuthenticationRole el) { + if (mapping != null) { + //String ecRole = mapping.getProperty(el.getRawRoleString()); + String ecRole = mapping.getProperty(el.getRoleName()); + if (MiscUtil.isNotEmpty(ecRole)) { + //Logger.info("Map PVPRole " + el.getRawRoleString() + " to ECRole " + ecRole); + Logger.info("Map PVPRole " + el.getRoleName() + " to ECRole " + ecRole); + return ecRole; + } + } + //Logger.warn("NO mapping for PVPRole "+ el.getRawRoleString() + " !"); + Logger.warn("NO mapping for PVPRole "+ el.getRoleName() + " !"); + return null; + } + +} diff --git a/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml b/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml index ba8c47304..d8565112b 100644 --- a/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml +++ b/id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml @@ -15,18 +15,10 @@ <task:annotation-driven executor="MOA-ID-Auth_TaskExecutor" scheduler="MOA-ID-Auth_Scheduler"/> <task:executor id="MOA-ID-Auth_TaskExecutor" pool-size="5"/> <task:scheduler id="MOA-ID-Auth_Scheduler" pool-size="10"/> - - <bean id="processEngine" class="at.gv.egovernment.moa.id.process.ProcessEngineImpl"> - <property name="transitionConditionExpressionEvaluator"> - <bean class="at.gv.egovernment.moa.id.process.springweb.SpringWebExpressionEvaluator" /> - </property> - </bean> - + <!-- import auth modules --> <import resource="classpath*:**/*.authmodule.beans.xml" /> - <bean id="moduleRegistration" class="at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration" factory-method="getInstance" /> - <context:component-scan base-package="at.gv.egovernment.moa.id.auth.servlet" /> <context:component-scan base-package="at.gv.egovernment.moa.id.protocols" /> @@ -42,17 +34,13 @@ <bean id="MOAID_SSOManager" class="at.gv.egovernment.moa.id.moduls.SSOManager"/> + <bean id="moaGUIConfigurationFactory" + class="at.gv.egovernment.moa.id.auth.frontend.MOAIDGuiBilderConfigurationFactory" /> <bean id="AuthenticationSessionStoreage" class="at.gv.egovernment.moa.id.storage.DBAuthenticationSessionStoreage"/> - - <bean id="RequestStorage" - class="at.gv.egovernment.moa.id.moduls.RequestStorage"/> - - <bean id="ProcessInstanceStoreage" - class="at.gv.egovernment.moa.id.process.dao.ProcessInstanceStoreDAOImpl"/> - + <bean id="MOAReversionLogger" class="at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger"/> @@ -80,11 +68,7 @@ <bean id="RestartAuthProzessManagement" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.RestartAuthProzessManagement" scope="prototype"/> - - <bean id="FinalizeAuthenticationTask" - class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.FinalizeAuthenticationTask" - scope="prototype"/> - + <bean id="GenerateSSOConsentEvaluatorFrameTask" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GenerateSSOConsentEvaluatorFrameTask" scope="prototype"/> diff --git a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml index 9c27ba581..b23948688 100644 --- a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml +++ b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml @@ -11,6 +11,8 @@ <context:property-placeholder location="${moa.id.configuration}"/> + <bean id="MOAIDMessageProvider" class="at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider" /> + <bean id="moaidauthconfig" class="at.gv.egovernment.moa.id.config.auth.PropertyBasedAuthConfigurationProvider"> <constructor-arg value="#{systemProperties['moa.id.configuration']}"/> </bean> diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml index 7d9db0ab7..2f4648de3 100644 --- a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml +++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml @@ -9,40 +9,40 @@ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> - <bean id="springElAwareExpressionEvaluator" class="at.gv.egovernment.moa.id.process.spring.SpringExpressionEvaluator" /> + <bean id="springElAwareExpressionEvaluator" class="at.gv.egiz.eaaf.core.impl.idp.process.spring.SpringExpressionEvaluator" /> - <bean id="processEngine" class="at.gv.egovernment.moa.id.process.ProcessEngineImpl"> + <bean id="processEngine" class="at.gv.egiz.eaaf.core.impl.idp.process.ProcessEngineImpl"> <property name="transitionConditionExpressionEvaluator" ref="springElAwareExpressionEvaluator" /> </bean> <bean id="TransactionStorage" - class="at.gv.egovernment.moa.id.process.spring.test.DummyTransactionStorage"/> + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.DummyTransactionStorage"/> <bean id="ProcessInstanceStoreage" - class="at.gv.egovernment.moa.id.process.dao.ProcessInstanceStoreDAOImpl"/> + class="at.gv.egiz.eaaf.core.impl.idp.process.dao.ProcessInstanceStoreDAOImpl"/> <bean id="HelloWorldTask" - class="at.gv.egovernment.moa.id.process.test.HelloWorldTask"/> + class="at.gv.egiz.eaaf.core.impl.idp.process.test.HelloWorldTask"/> <bean id="HalloWeltTask" - class="at.gv.egovernment.moa.id.process.test.HalloWeltTask"/> + class="at.gv.egiz.eaaf.core.impl.idp.process.test.HalloWeltTask"/> <bean id="SelectBKUTask" - class="at.gv.egovernment.moa.id.process.spring.test.task.SelectBKUTask"/> + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.SelectBKUTask"/> <bean id="CreateSAML1AssertionTask" - class="at.gv.egovernment.moa.id.process.spring.test.task.CreateSAML1AssertionTask"/> + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.CreateSAML1AssertionTask"/> <bean id="GetIdentityLinkTask" - class="at.gv.egovernment.moa.id.process.spring.test.task.GetIdentityLinkTask"/> + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.GetIdentityLinkTask"/> <bean id="SignAuthBlockTask" - class="at.gv.egovernment.moa.id.process.spring.test.task.SignAuthBlockTask"/> + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.SignAuthBlockTask"/> <bean id="ValidateIdentityLinkTask" - class="at.gv.egovernment.moa.id.process.spring.test.task.ValidateIdentityLinkTask"/> + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.ValidateIdentityLinkTask"/> <bean id="ValidateSignedAuthBlockTask" - class="at.gv.egovernment.moa.id.process.spring.test.task.ValidateSignedAuthBlockTask"/> + class="at.gv.egiz.eaaf.core.impl.idp.process.spring.test.task.ValidateSignedAuthBlockTask"/> </beans> diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java index bc1e2dcdb..2cb867cbc 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java @@ -48,6 +48,8 @@ package at.gv.egovernment.moa.id.commons.utils; import java.util.Locale; +import org.springframework.stereotype.Service; + import at.gv.egiz.eaaf.core.api.IStatusMessager; import at.gv.egiz.eaaf.core.exceptions.ProcessExecutionException; import at.gv.egovernment.moa.id.commons.api.exceptions.BKUException; @@ -57,7 +59,7 @@ import at.gv.egovernment.moa.util.Messages; import at.gv.egovernment.moa.util.MiscUtil; -//@Service("MOAIDMessageProvider") +@Service("MOAIDMessageProvider") public class MOAIDMessageProvider implements IStatusMessager { //internal messanges @@ -81,7 +83,7 @@ public class MOAIDMessageProvider implements IStatusMessager { } - private MOAIDMessageProvider() { + public MOAIDMessageProvider() { this.messages = new Messages(DEFAULT_MESSAGE_RESOURCES, DEFAULT_MESSAGE_LOCALES); this.externalError = new Messages(DEFAULT_EXTERNALERROR_RESOURCES, DEFAULT_EXTERNALERROR_LOCALES); @@ -136,7 +138,7 @@ public String getResponseErrorCode(Throwable throwable) { @Override public String mapInternalErrorToExternalError(String intErrorCode) { - String extErrorCode = messages.getMessage(intErrorCode, null); + String extErrorCode = externalError.getMessage(intErrorCode, null); if (MiscUtil.isEmpty(extErrorCode)) extErrorCode = IStatusMessager.CODES_EXTERNAL_ERROR_GENERIC; diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml index 342cedac8..4a960e359 100644 --- a/id/server/moa-id-frontend-resources/pom.xml +++ b/id/server/moa-id-frontend-resources/pom.xml @@ -106,6 +106,10 @@ <groupId>MOA.id.server</groupId> <artifactId>moa-id-commons</artifactId> </dependency> + <dependency> + <groupId>at.gv.egiz.eaaf</groupId> + <artifactId>eaaf-core</artifactId> + </dependency> <dependency> <groupId>org.springframework</groupId> diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/MOAIDGuiBilderConfigurationFactory.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/MOAIDGuiBilderConfigurationFactory.java new file mode 100644 index 000000000..98f7fccf5 --- /dev/null +++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/MOAIDGuiBilderConfigurationFactory.java @@ -0,0 +1,17 @@ +package at.gv.egovernment.moa.id.auth.frontend; + +import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfiguration; +import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfigurationFactory; +import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration; + +public class MOAIDGuiBilderConfigurationFactory implements IGUIBuilderConfigurationFactory { + + @Override + public IGUIBuilderConfiguration getDefaultErrorGUI(String authURL) { + return new DefaultGUIFormBuilderConfiguration(authURL, + DefaultGUIFormBuilderConfiguration.VIEW_ERRORMESSAGE, null); + + } + + +} |