From dd45e938564249a5e6897bd92dd29808d8990868 Mon Sep 17 00:00:00 2001 From: rudolf Date: Fri, 24 Oct 2003 08:34:56 +0000 Subject: MOA-ID version 1.1 (initial) git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@19 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../builder/VerifyXMLSignatureRequestBuilder.java | 203 +++++++++++++++++++++ 1 file changed, 203 insertions(+) create mode 100644 id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java (limited to 'id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java') diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java new file mode 100644 index 000000000..863162fd9 --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java @@ -0,0 +1,203 @@ +package at.gv.egovernment.moa.id.auth.builder; + +import java.io.ByteArrayInputStream; +import java.io.InputStream; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.*; +import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.XPathUtils; + +/** + * Builder for the <VerifyXMLSignatureRequestBuilder> structure + * used for sending the DSIG-Signature of the Security Layer card for validating to MOA-SP. + * + * @author Stefan Knirsch + * @version $Id$ + */ +public class VerifyXMLSignatureRequestBuilder { + /** The MOA-Prefix */ + private static final String MOA = Constants.MOA_PREFIX + ":"; + /** the request as string */ + private String request; + /** the request as DOM-Element */ + private Element reqElem; + + /** + * Constructor for VerifyXMLSignatureRequestBuilder. + */ + public VerifyXMLSignatureRequestBuilder() {} + /** + * Builds a <VerifyXMLSignatureRequest> + * from an IdentityLink with a known trustProfileID which + * has to exist in MOA-SP + * @param idl - The IdentityLink + * @param trustProfileID - a preconfigured TrustProfile at MOA-SP + * @return Element - The complete request as Dom-Element + * @throws ParseException + */ + public Element build(IdentityLink idl, String trustProfileID) throws ParseException + { //samlAssertionObject + request = + "" + + "" + + " " + + " " + + " " + + " " + + " //dsig:Signature" + + " " + + " " // True bei CreateXMLSig Überprüfung + +" " + " " + // Profile ID für create (alle auslesen aus IDCOnfig VerifyAuthBlock) + +" " + " " + + // Testweise ReturnReferenceInputData = False + + +" " + + " " + + trustProfileID + + "" + + ""; + + try { + InputStream s = new ByteArrayInputStream(request.getBytes("UTF-8")); + reqElem = DOMUtils.parseXmlValidating(s); + + String CONTENT_XPATH = + "//" + + MOA + + "VerifyXMLSignatureRequest/" + + MOA + + "VerifySignatureInfo/" + + MOA + + "VerifySignatureEnvironment/" + + MOA + + "XMLContent"; + + Element insertTo = + (Element) XPathUtils.selectSingleNode(reqElem, CONTENT_XPATH); + insertTo.appendChild( + insertTo.getOwnerDocument().importNode(idl.getSamlAssertion(), true)); + + String SIGN_MANI_CHECK_PARAMS_XPATH = + "//" + + MOA + + "VerifyXMLSignatureRequest/" + + MOA + + "SignatureManifestCheckParams"; + insertTo = + (Element) XPathUtils.selectSingleNode( + reqElem, + SIGN_MANI_CHECK_PARAMS_XPATH); + insertTo.removeChild( + (Element) XPathUtils.selectSingleNode( + reqElem, + SIGN_MANI_CHECK_PARAMS_XPATH + "/" + MOA + "ReferenceInfo")); + Element[] dsigTransforms = idl.getDsigReferenceTransforms(); + for (int i = 0; i < 1; i++) //dsigTransforms.length; i++) + { + Element refInfo = + insertTo.getOwnerDocument().createElementNS( + Constants.MOA_NS_URI, + "ReferenceInfo"); + insertTo.appendChild(refInfo); + Element verifyTransformsInfoProfile = + insertTo.getOwnerDocument().createElementNS( + Constants.MOA_NS_URI, + "VerifyTransformsInfoProfile"); + refInfo.appendChild(verifyTransformsInfoProfile); + verifyTransformsInfoProfile.appendChild( + insertTo.getOwnerDocument().importNode(dsigTransforms[i], true)); + } + } + catch (Throwable t) { + throw new ParseException( //"VerifyXMLSignatureRequest (IdentityLink)"); + "builder.00", + new Object[] { "VerifyXMLSignatureRequest (IdentityLink)" }, + t); + } + + return reqElem; + } + + /** + * Builds a <VerifyXMLSignatureRequest> + * from an IdentityLink with a known trustProfileID which + * has to exist in MOA-SP + * @param idl - The IdentityLink + * @param trustProfileID - a preconfigured TrustProfile at MOA-SP + * @return Element - The complete request as Dom-Element + * @throws ParseException + */ + public Element build( + CreateXMLSignatureResponse csr, + String[] verifyTransformsInfoProfileID, + String trustProfileID) + throws ParseException { //samlAssertionObject + request = + "" + + "" + + " " + + " " + + " " + + " " + + " //dsig:Signature" + + " " + + " " + + " "; + + for (int i = 0; i < verifyTransformsInfoProfileID.length; i++) { + request += " " + + verifyTransformsInfoProfileID[i] + + ""; + // Profile ID für create (auslesen aus IDCOnfig VerifyAuthBlock ODER per String übergeben....) + + } + + request += " " + + " " + // Testweise ReturnReferenceInputData = False + +" " + + " " + + trustProfileID + + "" + + ""; + + try { + // Build a DOM-Tree of the obove String + InputStream s = new ByteArrayInputStream(request.getBytes("UTF-8")); + reqElem = DOMUtils.parseXmlValidating(s); + //Insert the SAML-Assertion-Object + String CONTENT_XPATH = + "//" + + MOA + + "VerifyXMLSignatureRequest/" + + MOA + + "VerifySignatureInfo/" + + MOA + + "VerifySignatureEnvironment/" + + MOA + + "XMLContent"; + + Element insertTo = + (Element) XPathUtils.selectSingleNode(reqElem, CONTENT_XPATH); + insertTo.appendChild( + insertTo.getOwnerDocument().importNode(csr.getSamlAssertion(), true)); + + } + catch (Throwable t) { + throw new ParseException( + "builder.00", + new Object[] { "VerifyXMLSignatureRequest" }, + t); + } + + return reqElem; + } + +} -- cgit v1.2.3