From 56ed4518d7978c064af5f240494bf587136c93b0 Mon Sep 17 00:00:00 2001 From: rudolf Date: Mon, 15 Mar 2004 16:07:52 +0000 Subject: RSCH git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@99 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../moa/id/auth/AuthenticationServer.java | 19 ++- .../AuthenticationDataAssertionBuilder.java | 7 +- .../moa/id/auth/builder/BPKBuilder.java | 50 ++++++ .../builder/CreateXMLSignatureRequestBuilder.java | 11 +- .../moa/id/auth/builder/PersonDataBuilder.java | 13 +- .../moa/id/auth/builder/VPKBuilder.java | 52 ------ .../egovernment/moa/id/auth/data/IdentityLink.java | 27 ++- .../auth/parser/IdentityLinkAssertionParser.java | 13 +- .../moa/id/auth/servlet/AuthServlet.java | 10 +- .../moa/id/auth/servlet/ConfigurationServlet.java | 37 ++-- .../VerifyXMLSignatureResponseValidator.java | 2 +- .../moa/id/config/ConfigurationBuilder.java | 4 +- .../moa/id/config/auth/OAAuthParameter.java | 40 ++++- .../config/proxy/ProxyConfigurationProvider.java | 2 - .../moa/id/data/AuthenticationData.java | 40 +++-- .../moa/id/iaik/config/PKIConfigurationImpl.java | 1 + .../moa/id/proxy/DefaultConnectionBuilder.java | 2 +- .../id/proxy/DefaultLoginParameterResolver.java | 31 ++-- .../moa/id/proxy/LoginParameterResolver.java | 28 +-- .../moa/id/proxy/NotAllowedException.java | 39 +++++ .../moa/id/proxy/OldXMLLoginParameterResolver.java | 16 +- .../moa/id/proxy/XMLLoginParameterResolver.java | 12 +- .../parser/AuthenticationDataAssertionParser.java | 17 +- .../moa/id/proxy/servlet/ConfigurationServlet.java | 35 ++-- .../moa/id/proxy/servlet/ProxyServlet.java | 189 +++++++++++++-------- .../moa/id/util/HTTPRequestJSPForwarder.java | 76 +++++++++ .../at/gv/egovernment/moa/id/util/SSLUtils.java | 2 +- .../src/test/abnahme/A/Test300VerifyAuthBlock.java | 10 +- .../abnahme/P/Test100LoginParameterResolver.java | 8 +- .../builder/CreateXMLSignatureBuilderTest.java | 2 +- .../auth/MOAIDAuthConfigurationProviderTest.java | 6 +- .../proxy/MOAIDProxyConfigurationProviderTest.java | 4 +- .../id/proxy/parser/SAMLResponseParserTest.java | 2 +- 33 files changed, 532 insertions(+), 275 deletions(-) create mode 100644 id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java delete mode 100644 id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java create mode 100644 id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java create mode 100644 id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java (limited to 'id.server/src') diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index bc3e075be..9cb473d4f 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -28,7 +28,7 @@ import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; import at.gv.egovernment.moa.id.auth.builder.SelectBKUFormBuilder; -import at.gv.egovernment.moa.id.auth.builder.VPKBuilder; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; @@ -379,8 +379,13 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setAuthBlock(authBlock); // builds the String[] transformInfos = authConf.getTransformsInfos(); + + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + String createXMLSignatureRequest = - new CreateXMLSignatureRequestBuilder().build(authBlock, transformInfos); + new CreateXMLSignatureRequestBuilder().build(authBlock, oaParam.getKeyBoxIdentifier(), transformInfos); return createXMLSignatureRequest; } /** @@ -502,12 +507,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { authData.setAssertionID(Random.nextRandom()); authData.setIssuer(session.getAuthURL()); authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance())); - String vpkBase64 = - new VPKBuilder().buildVPK( + String bpkBase64 = + new BPKBuilder().buildBPK( identityLink.getIdentificationValue(), - identityLink.getDateOfBirth(), session.getTarget()); - authData.setVPK(vpkBase64); + authData.setIdentificationType(identityLink.getIdentificationType()); + authData.setPBK(bpkBase64); authData.setGivenName(identityLink.getGivenName()); authData.setFamilyName(identityLink.getFamilyName()); authData.setDateOfBirth(identityLink.getDateOfBirth()); @@ -517,7 +522,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( session.getPublicOAURLPrefix()); - String prPerson = new PersonDataBuilder().build(identityLink, oaParam.getProvideZMRZahl()); + String prPerson = new PersonDataBuilder().build(identityLink, oaParam.getProvideStammzahl()); try { String ilAssertion = diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java index fd7cb1a9d..ed2c863d2 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java @@ -19,13 +19,14 @@ public class AuthenticationDataAssertionBuilder implements Constants { /** * XML template for the <saml:Assertion> to be built */ + //TODO MOA-ID check if NameQualifier NameQualifier urn:publicid:gv.at:cdid+ "is stable" in specification private static final String AUTH_DATA = "" + NL + "" + NL + " " + NL + " " + NL + - " {3}" + NL + + " {3}" + NL + " " + NL + " " + MOA_NS_URI + "cm" + NL + " {4}{5}" + NL + @@ -64,7 +65,7 @@ public class AuthenticationDataAssertionBuilder implements Constants { * @param xmlPersonData lt;pr:Person> element as a String * @param xmlAuthBlock authentication block to be included in a * lt;saml:SubjectConfirmationData> element; may include - * the "ZMR-Zahl" or not; may be empty + * the "Stammzahl" or not; may be empty * @param xmlIdentityLink the IdentityLink * @return the <saml:Assertion> * @throws BuildException if an error occurs during the build process @@ -89,7 +90,7 @@ public class AuthenticationDataAssertionBuilder implements Constants { authData.getAssertionID(), authData.getIssuer(), authData.getIssueInstant(), - authData.getVPK(), + authData.getPBK(), removeXMLDeclaration(xmlAuthBlock), removeXMLDeclaration(xmlIdentityLink), removeXMLDeclaration(xmlPersonData), diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java new file mode 100644 index 000000000..706d0a39a --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -0,0 +1,50 @@ +package at.gv.egovernment.moa.id.auth.builder; + +import java.security.MessageDigest; + +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.util.Base64Utils; + +/** + * Builder for the BPK, as defined in + * "Ableitung f¨r die bereichsspezifische Personenkennzeichnung" + * version 1.0.1 from "reference.e-government.gv.at". + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class BPKBuilder { + + /** + * Builds the BPK from given parameters. + * @param identificationValue Base64 encoded "Stammzahl" + * @param target "Verfahrensname"; will be transformed to lower case + * @return PBK in a BASE64 encoding + * @throws BuildException while building the BPK + */ + public String buildBPK(String identificationValue, String target) + throws BuildException { + + if (identificationValue == null || identificationValue.length() == 0 + || target == null || target.length() == 0) + throw new BuildException( + "builder.00", + new Object[] {"BPK", + "Unvollständige Parameterangaben: identificationValue=" + identificationValue + + ",target=" + target}); + String basisbegriff = identificationValue + "+" + target; + try { + MessageDigest md = MessageDigest.getInstance("SHA-1"); + byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); + String hashBase64 = Base64Utils.encode(hash); + return hashBase64; + } + catch (Exception ex) { + throw new BuildException( + "builder.00", + new Object[] {"BPK", ex.toString()}, + ex); + } + } + +} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java index f8c287cb6..961a40303 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java @@ -21,12 +21,10 @@ public class CreateXMLSignatureRequestBuilder implements Constants { private static final String CREATE_XML_SIGNATURE_REQUEST = "" + nl + "" + nl + - " SecureSignatureKeypair" + nl + - //TODO RS Lsg Switch SecureSignatureKeypair / CertifiedKeyPair - //" CertifiedKeypair" + nl + + " {1}" + nl + " " + nl + " " + nl + - "{1}" + + "{2}" + " " + nl + " " + nl + " " + nl + @@ -47,14 +45,15 @@ public class CreateXMLSignatureRequestBuilder implements Constants { * Builds the <CreateXMLSignatureRequest>. * * @param authBlock String representation of XML authentication block + * @param keyBoxIdentfier the key box identifier which will be used (e.g. CertifiedKeyPair) * @return String representation of <CreateXMLSignatureRequest> */ - public String build(String authBlock, String[] dsigTransformInfos) { + public String build(String authBlock, String keyBoxIdentifier, String[] dsigTransformInfos) { String dsigTransformInfosString = ""; for (int i = 0; i < dsigTransformInfos.length; i++) dsigTransformInfosString += dsigTransformInfos[i]; String request = MessageFormat.format( - CREATE_XML_SIGNATURE_REQUEST, new Object[] { authBlock, dsigTransformInfosString }); + CREATE_XML_SIGNATURE_REQUEST, new Object[] { authBlock, keyBoxIdentifier, dsigTransformInfosString }); return request; } } diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java index 85ec1cb7f..819ed79bb 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilder.java @@ -26,24 +26,25 @@ public class PersonDataBuilder { /** * Builds the <pr:Person> element.
* Utilizes the parsed <prPerson> from the identity link - * and the information regarding inclusion of "ZMR-Zahl" in the + * and the information regarding inclusion of "Stammzahl" in the * <pr:Person> data. * * @param identityLink IdentityLink containing the * attribute prPerson - * @param provideZMRZahl true if "ZMR-Zahl" is to be included; + * @param provideStammzahl true if "Stammzahl" is to be included; * false otherwise * @return the <pr:Person> element as a String * @throws BuildException on any error */ - public String build(IdentityLink identityLink, boolean provideZMRZahl) + public String build(IdentityLink identityLink, boolean provideStammzahl) throws BuildException { try { Element prPerson = (Element)identityLink.getPrPerson().cloneNode(true); - if (! provideZMRZahl) { - Node prIdentification = XPathUtils.selectSingleNode(prPerson, "pr:Identification"); - prPerson.removeChild(prIdentification); + if (! provideStammzahl) { + Node prIdentification = XPathUtils.selectSingleNode(prPerson, "pr:Identification/pr:Value"); + //remove IdentificationValue + prIdentification.getFirstChild().setNodeValue(""); } String xmlString = DOMUtils.serializeNode(prPerson); return xmlString; diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java deleted file mode 100644 index c18156a01..000000000 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VPKBuilder.java +++ /dev/null @@ -1,52 +0,0 @@ -package at.gv.egovernment.moa.id.auth.builder; - -import java.security.MessageDigest; - -import at.gv.egovernment.moa.id.BuildException; -import at.gv.egovernment.moa.util.Base64Utils; - -/** - * Builder for the VPK, as defined in - * "Ableitung f¨r die verfahrensspezifische Personenkennzeichnung" - * version 1.0.1 from "reference.e-government.gv.at". - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class VPKBuilder { - - /** - * Builds the VPK from given parameters. - * @param identificationValue "ZMR-Zahl" - * @param dateOfBirth "Geburtsdatum" - * @param target "Verfahrensname"; will be transformed to lower case - * @return VPK in a BASE64 encoding - * @throws BuildException while building the VPK - */ - public String buildVPK(String identificationValue, String dateOfBirth, String target) - throws BuildException { - - if (identificationValue == null || identificationValue.length() == 0 - || dateOfBirth == null || dateOfBirth.length() == 0 - || target == null || target.length() == 0) - throw new BuildException( - "builder.00", - new Object[] {"VPK", - "Unvollständige Parameterangaben: identificationValue=" + identificationValue + - ",dateOfBirth=" + dateOfBirth + ",target=" + target}); - String basisbegriff = identificationValue + "+" + dateOfBirth + "+" + target.toLowerCase(); - try { - MessageDigest md = MessageDigest.getInstance("SHA-1"); - byte[] hash = md.digest(basisbegriff.getBytes()); - String hashBase64 = Base64Utils.encode(hash); - return hashBase64; - } - catch (Exception ex) { - throw new BuildException( - "builder.00", - new Object[] {"VPK", ex.toString()}, - ex); - } - } - -} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java index e2ad2625a..cc58db916 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/data/IdentityLink.java @@ -14,9 +14,13 @@ import org.w3c.dom.Element; */ public class IdentityLink { /** - * "identificationValue" is the translation of "ZMR-Zahl". + * "identificationValue" is the translation of "Stammzahl". */ private String identificationValue; + /** + * "identificationType" type of the identificationValue in the IdentityLink. + */ + private String identificationType; /** * first name */ @@ -82,13 +86,22 @@ public class IdentityLink { /** * Returns the identificationValue. - * "identificationValue" is the translation of "ZMR-Zahl". + * "identificationValue" is the translation of "Stammzahl". * @return String */ public String getIdentificationValue() { return identificationValue; } + /** + * Returns the identificationType. + * "identificationType" type of the identificationValue in the IdentityLink. + * @return String + */ + public String getIdentificationType() { + return identificationType; + } + /** * Sets the dateOfBirth. * @param dateOfBirth The dateOfBirth to set @@ -115,12 +128,20 @@ public class IdentityLink { /** * Sets the identificationValue. - * "identificationValue" is the translation of "ZMR-Zahl". + * "identificationValue" is the translation of "Stammzahl". * @param identificationValue The identificationValue to set */ public void setIdentificationValue(String identificationValue) { this.identificationValue = identificationValue; } + + /** + * Sets the Type of the identificationValue. + * @param identificationType The type of identificationValue to set + */ + public void setIdentificationType(String identificationType) { + this.identificationType = identificationType; + } /** * Returns the samlAssertion. diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java index f9ef54884..49baf1bf5 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParser.java @@ -97,6 +97,16 @@ public class IdentityLinkAssertionParser { + "Identification/" + PDATA + "Value"; + + /** Xpath expression to the Identification Value element */ + private static final String PERSON_IDENT_TYPE_XPATH = + PERSON_XPATH + + "/" + + PDATA + + "Identification/" + + PDATA + + "Type"; + /** Xpath expression to the RSAKeyValue element */ private static final String RSA_KEY_VALUE_XPATH = ROOT @@ -179,12 +189,13 @@ public class IdentityLinkAssertionParser { IdentityLink identityLink; try { identityLink = new IdentityLink(); - //ÄNDERN: NUR der Identification-Teil identityLink.setSamlAssertion(assertionElem); identityLink.setPrPerson((Element) XPathUtils.selectSingleNode(assertionElem, PERSON_XPATH)); identityLink.setIdentificationValue( XPathUtils.getElementValue(assertionElem, PERSON_IDENT_VALUE_XPATH, "")); + identityLink.setIdentificationType( + XPathUtils.getElementValue(assertionElem, PERSON_IDENT_TYPE_XPATH, "")); identityLink.setGivenName( XPathUtils.getElementValue(assertionElem, PERSON_GIVEN_NAME_XPATH, "")); identityLink.setFamilyName( diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java index 6ff52bc4a..95878007e 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java @@ -35,7 +35,7 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { *
    *
  • Logs the error
  • *
  • Places error message and exception thrown into the request - * as request attributes (to be used by "/errorpage.jsp")
  • + * as request attributes (to be used by "/errorpage-auth.jsp") *
  • Sets HTTP status 500 (internal server error)
  • *
* @@ -59,9 +59,9 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { req.setAttribute("ExceptionThrown", exceptionThrown); } - //forward this to errorpage.jsp wher the HTML error page is generated + //forward this to errorpage-auth.jsp where the HTML error page is generated ServletContext context = getServletContext(); - RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage.jsp"); + RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp"); try { dispatcher.forward(req, resp); } catch (ServletException e) { @@ -80,9 +80,9 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { Logger.error(ex.toString()); req.setAttribute("WrongParameters", ex.getMessage()); - // forward this to errorpage.jsp where the HTML error page is generated + // forward this to errorpage-auth.jsp where the HTML error page is generated ServletContext context = getServletContext(); - RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage.jsp"); + RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-auth.jsp"); try { dispatcher.forward(req, resp); } catch (ServletException e) { diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java index 1dc1897b2..f33377547 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/servlet/ConfigurationServlet.java @@ -1,17 +1,18 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; -import java.io.PrintWriter; import java.text.DateFormat; import java.util.Date; import java.util.Locale; +import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; +import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -22,9 +23,6 @@ import at.gv.egovernment.moa.logging.Logger; * @version $Id$ */ public class ConfigurationServlet extends HttpServlet { - /** Constant for the DTD-Doc type */ - private static final String DOC_TYPE = - "\n"; /** * Handle a HTTP GET request, used to indicated that the MOA @@ -36,13 +34,7 @@ public class ConfigurationServlet extends HttpServlet { throws ServletException, IOException { MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance(); - PrintWriter out; - response.setContentType("text/html"); - out = response.getWriter(); - out.println(DOC_TYPE); - out.println("MOA configuration update"); - out.println(""); try { MOAIDAuthInitializer.initialized=false; MOAIDAuthInitializer.initialize(); @@ -50,21 +42,13 @@ public class ConfigurationServlet extends HttpServlet { { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} ); Logger.info(message); - //TODO low-priority: change to ErrorPage - out.println("

"); - out.println(message); - out.println("

"); + HTTPRequestJSPForwarder.forwardNamed(message, "/message-auth.jsp", getServletContext(), request, response); + } catch (Throwable t) { String errorMessage = msg.getMessage("config.04", null); Logger.error(errorMessage, t); - out.println("

"); - out.println(errorMessage); - out.println("

"); + HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-auth.jsp", getServletContext(), request, response); } - out.println(""); - - out.flush(); - out.close(); } /** @@ -77,4 +61,15 @@ public class ConfigurationServlet extends HttpServlet { doGet(request, response); } + /** + * Calls the web application initializer. + * + * @see javax.servlet.Servlet#init(ServletConfig) + */ + public void init(ServletConfig servletConfig) throws ServletException { + super.init(servletConfig); + } + } + + diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java index 8de475f95..ec8cb7b1a 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java @@ -53,7 +53,7 @@ public class VerifyXMLSignatureResponseValidator { if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0) throw new ValidateException("validator.06", null); - //TODO enhance error messages (reason why check failed) + //TODO MOA-ID enhance error messages (reason why check failed) if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) if (whatToCheck.equals(CHECK_IDENTITY_LINK)) throw new ValidateException("validator.07", null); diff --git a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java index 6d3e05c29..53f763630 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/ConfigurationBuilder.java @@ -355,10 +355,12 @@ public class ConfigurationBuilder { OAAuthParameter oap = new OAAuthParameter(); oap.setPublicURLPrefix(oAElem.getAttribute("publicURLPrefix")); + oap.setKeyBoxIdentier(oAElem.getAttribute("keyBoxIdentifier")); + //Check if there is an Auth-Block to read from configuration if (authComponent!=null) { - oap.setProvideZMRZahl(BoolUtils.valueOf(authComponent.getAttribute("provideZMRZahl"))); + oap.setProvideStammzahl(BoolUtils.valueOf(authComponent.getAttribute("provideStammzahl"))); oap.setProvideAuthBlock(BoolUtils.valueOf(authComponent.getAttribute("provideAUTHBlock"))); oap.setProvideIdentityLink(BoolUtils.valueOf(authComponent.getAttribute("provideIdentityLink"))); } diff --git a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 9ee1ec606..512d571ab 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -13,10 +13,15 @@ public class OAAuthParameter { * public URL prefix of the online application */ private String publicURLPrefix; + /** - * determines whether "ZMR-Zahl" is to be included in the authentication data + * key box Identifier (e.g. CertifiedKeyPair, SecureSignatureKeyPair) + */ + private String keyBoxIdentifier; + /** + * determines whether "Stammzahl" is to be included in the authentication data */ - private boolean provideZMRZahl; + private boolean provideStammzahl; /** * determines whether AUTH block is to be included in the authentication data */ @@ -43,11 +48,11 @@ public class OAAuthParameter { } /** - * Returns the provideZMRZahl. + * Returns the provideStammzahl. * @return String */ - public boolean getProvideZMRZahl() { - return provideZMRZahl; + public boolean getProvideStammzahl() { + return provideStammzahl; } /** @@ -58,6 +63,14 @@ public class OAAuthParameter { return publicURLPrefix; } + /** + * Returns the key box identifier. + * @return String + */ + public String getKeyBoxIdentifier() { + return keyBoxIdentifier; + } + /** * Sets the provideAuthBlock. * @param provideAuthBlock The provideAuthBlock to set @@ -75,11 +88,11 @@ public class OAAuthParameter { } /** - * Sets the provideZMRZahl. - * @param provideZMRZahl The provideZMRZahl to set + * Sets the provideStammzahl. + * @param provideStammzahl The provideStammzahl to set */ - public void setProvideZMRZahl(boolean provideZMRZahl) { - this.provideZMRZahl = provideZMRZahl; + public void setProvideStammzahl(boolean provideStammzahl) { + this.provideStammzahl = provideStammzahl; } /** @@ -90,4 +103,13 @@ public class OAAuthParameter { this.publicURLPrefix = publicURLPrefix; } + /** + * Sets the key box identifier. + * @param keyBoxIdentifier to set + */ + public void setKeyBoxIdentier(String keyBoxIdentifier) { + this.keyBoxIdentifier = keyBoxIdentifier; + } + + } diff --git a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java index 5859d2ae9..fdb7e6f55 100644 --- a/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java +++ b/id.server/src/at/gv/egovernment/moa/id/config/proxy/ProxyConfigurationProvider.java @@ -129,8 +129,6 @@ public class ProxyConfigurationProvider extends ConfigurationProvider { throw new ConfigurationException("config.03", null, t); } - //TODO enhance: use the getter method in makeAbsoluteURL - // build the internal datastructures builder = new ConfigurationBuilder(configElem, rootConfigFileDir); authComponentConnectionParameter = builder.buildAuthComponentConnectionParameter(); diff --git a/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java index aac1dc422..65fe9047d 100644 --- a/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java +++ b/id.server/src/at/gv/egovernment/moa/id/data/AuthenticationData.java @@ -31,14 +31,18 @@ public class AuthenticationData { */ private String issueInstant; /** - * user identification (ZMR-Zahl); null, + * user identification value (Stammzahl); null, * if the authentication module is configured not to return this data */ private String identificationValue; + /** + * user identification type + */ + private String identificationType; /** - * application specific user identifier (VPK) + * application specific user identifier (bPK) */ - private String vpk; + private String bPK; /** * given name of the user */ @@ -112,11 +116,11 @@ public class AuthenticationData { } /** - * Returns the vpk. + * Returns the bPK. * @return String */ - public String getVPK() { - return vpk; + public String getPBK() { + return bPK; } /** @@ -152,11 +156,11 @@ public class AuthenticationData { } /** - * Sets the vpk. - * @param vpk The vpk to set + * Sets the bPK. + * @param bPK The bPK to set */ - public void setVPK(String vpk) { - this.vpk = vpk; + public void setPBK(String bPK) { + this.bPK = bPK; } /** @@ -199,6 +203,14 @@ public class AuthenticationData { return identificationValue; } + /** + * Returns the identificationType + * @return String + */ + public String getIdentificationType() { + return identificationType; + } + /** * Returns the issueInstant. * @return String @@ -263,6 +275,14 @@ public class AuthenticationData { this.identificationValue = identificationValue; } + /** + * Sets the identificationType. + * @param identificationType The identificationType to set + */ + public void setIdentificationType(String identificationType) { + this.identificationType = identificationType; + } + /** * Sets the issueInstant. * @param issueInstant The issueInstant to set diff --git a/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java b/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java index 8d09e2bc9..b41de3c44 100644 --- a/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java +++ b/id.server/src/at/gv/egovernment/moa/id/iaik/config/PKIConfigurationImpl.java @@ -29,6 +29,7 @@ public class PKIConfigurationImpl implements PKIConfiguration { * @throws ConfigurationException for any config error */ public PKIConfigurationImpl(ConfigurationProvider conf) throws ConfigurationException { + certStoreConfiguration = new CertStoreConfigurationImpl(conf); revocationConfiguration = new RevocationConfigurationImpl(); validationConfiguration = new ValidationConfigurationImpl(conf); diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java index 2ac8fe28e..bdadcbb81 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java @@ -36,7 +36,7 @@ public class DefaultConnectionBuilder implements ConnectionBuilder { disableHostnameVerification = BoolUtils.valueOf( ProxyConfigurationProvider.getInstance().getGenericConfigurationParameter( "ProxyComponent.DisableHostnameVerification")); - //TODO undocumented feature + //TODO MOA-ID BRZ undocumented feature if (disableHostnameVerification) Logger.warn("ProxyComponent.DisableHostnameVerification: " + disableHostnameVerification); } diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java index 033a74934..77f6652f3 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/DefaultLoginParameterResolver.java @@ -1,6 +1,7 @@ package at.gv.egovernment.moa.id.proxy; import java.io.IOException; +import java.io.UnsupportedEncodingException; import java.util.HashMap; import java.util.Iterator; import java.util.Map; @@ -8,6 +9,7 @@ import java.util.Map; import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.URLEncoder; /** * Implementation of interface LoginParameterResolver @@ -79,7 +81,14 @@ public class DefaultLoginParameterResolver implements LoginParameterResolver { for (Iterator iter = oaConf.getParamAuthMapping().keySet().iterator(); iter.hasNext();) { String key = (String) iter.next(); String predicate = (String) oaConf.getParamAuthMapping().get(key); - String resolvedValue = resolveValue(predicate, authData, clientIPAddress); + String resolvedValue; + try { + resolvedValue = + URLEncoder.encode(resolveValue(predicate, authData, clientIPAddress), "ISO-8859-1"); + } catch (UnsupportedEncodingException e) { + //ISO-8859-1 is supported + resolvedValue = null; + } result.put(key, resolvedValue); } } @@ -97,27 +106,29 @@ public class DefaultLoginParameterResolver implements LoginParameterResolver { private static String resolveValue(String predicate, AuthenticationData authData, String clientIPAddress) { if (predicate.equals(MOAGivenName)) return authData.getGivenName(); - else if (predicate.equals(MOAFamilyName)) + if (predicate.equals(MOAFamilyName)) return authData.getFamilyName(); - else if (predicate.equals(MOADateOfBirth)) + if (predicate.equals(MOADateOfBirth)) return authData.getDateOfBirth(); - else if (predicate.equals(MOAVPK)) - return authData.getVPK(); - else if (predicate.equals(MOAPublicAuthority)) + if (predicate.equals(MOABPK)) + return authData.getPBK(); + if (predicate.equals(MOAPublicAuthority)) if (authData.isPublicAuthority()) return "true"; else return "false"; - else if (predicate.equals(MOABKZ)) + if (predicate.equals(MOABKZ)) return authData.getPublicAuthorityCode(); - else if (predicate.equals(MOAQualifiedCertificate)) + if (predicate.equals(MOAQualifiedCertificate)) if (authData.isQualifiedCertificate()) return "true"; else return "false"; - else if (predicate.equals(MOAZMRZahl)) + if (predicate.equals(MOAStammzahl)) return authData.getIdentificationValue(); - else if (predicate.equals(MOAIPAddress)) + if (predicate.equals(MOAIdentificationValueType)) + return authData.getIdentificationType(); + if (predicate.equals(MOAIPAddress)) return clientIPAddress; else return null; } diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java index 434a4f674..c391fc16f 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/LoginParameterResolver.java @@ -15,25 +15,27 @@ import at.gv.egovernment.moa.id.data.AuthenticationData; */ public interface LoginParameterResolver { - /** Constants used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType, + /** Constants used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType, * naming predicates used by the LoginParameterResolver. */ public static final String MOAGivenName = "MOAGivenName"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOAFamilyName = "MOAFamilyName"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOADateOfBirth = "MOADateOfBirth"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ - public static final String MOAVPK = "MOAVPK"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ + public static final String MOABPK = "MOABPK"; + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOAPublicAuthority = "MOAPublicAuthority"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOABKZ = "MOABKZ"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOAQualifiedCertificate = "MOAQualifiedCertificate"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ - public static final String MOAZMRZahl = "MOAZMRZahl"; - /** Constant used in MOAIDConfiguration-1.1.xsd, type MOAAuthDataType */ + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ + public static final String MOAStammzahl = "MOAStammzahl"; + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ + public static final String MOAIdentificationValueType = "MOAIdentificationValueType"; + /** Constant used in MOAIDConfiguration-1.2.xsd, type MOAAuthDataType */ public static final String MOAIPAddress = "MOAIPAddress"; /** @@ -52,7 +54,7 @@ public interface LoginParameterResolver { public Map getAuthenticationHeaders( OAConfiguration oaConf, AuthenticationData authData, - String clientIPAddress) throws LoginParameterResolverException; + String clientIPAddress) throws LoginParameterResolverException, NotAllowedException; /** * Returns request parameters to be added to a URLConnection. @@ -70,6 +72,6 @@ public interface LoginParameterResolver { AuthenticationData authData, String clientIPAddress) throws LoginParameterResolverException; - public void configure(String configuration) throws LoginParameterResolverException; + public void configure(String configuration) throws LoginParameterResolverException, NotAllowedException; } diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java b/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java new file mode 100644 index 000000000..849160a7b --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/NotAllowedException.java @@ -0,0 +1,39 @@ +package at.gv.egovernment.moa.id.proxy; + +import at.gv.egovernment.moa.id.MOAIDException; + +/** + * Exception thrown while proxying a request to the online application + * Reason for this exception: the dedicated LoginParameterResolver does + * not allow access to the desired ressource. + * + * @author Rudolf Schamberger + * @version $Id$ + */ +public class NotAllowedException extends MOAIDException { + + /** + * Constructor for NotAllowedException. + * @param messageId + * @param parameters + */ + public NotAllowedException( + String messageId, + Object[] parameters) { + super(messageId, parameters); + } + + /** + * Constructor for NotAllowedException. + * @param messageId + * @param parameters + * @param wrapped + */ + public NotAllowedException( + String messageId, + Object[] parameters, + Throwable wrapped) { + super(messageId, parameters, wrapped); + } + +} diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java index c53ed30a6..9766ef57b 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/OldXMLLoginParameterResolver.java @@ -11,9 +11,9 @@ import org.w3c.dom.*; // Referenced classes of package at.gv.egovernment.moa.id.proxy: // LoginParameterResolver -// Old Implementation of XMLLoginParameterResolver (used to migrate old labs applications rapidely to -// version 1.1.1 of MOA-ID -// TODO RS migrate this to XMLLoginParameterResolver +// Old Implementation of XMLLoginParameterResolver +// +// TODO MOA-ID CIO internal: migrate this to XMLLoginParameterResolver public class OldXMLLoginParameterResolver @@ -98,7 +98,7 @@ public class OldXMLLoginParameterResolver { String famName = resolveValue("MOAFamilyName", authData, clientIPAddress); String givenName = resolveValue("MOAGivenName", authData, clientIPAddress); - String bPK = resolveValue("MOAVPK", authData, clientIPAddress); + String bPK = resolveValue("MOABPK", authData, clientIPAddress); String userid = ""; String password = ""; LPRParams params = null; @@ -193,8 +193,8 @@ public class OldXMLLoginParameterResolver return authData.getFamilyName(); if(predicate.equals("MOADateOfBirth")) return authData.getDateOfBirth(); - if(predicate.equals("MOAVPK")) - return authData.getVPK(); + if(predicate.equals("MOABPK")) + return authData.getPBK(); if(predicate.equals("MOAPublicAuthority")) if(authData.isPublicAuthority()) return "true"; @@ -207,8 +207,10 @@ public class OldXMLLoginParameterResolver return "true"; else return "false"; - if(predicate.equals("MOAZMRZahl")) + if(predicate.equals("MOAStammzahl")) return authData.getIdentificationValue(); + if (predicate.equals(MOAIdentificationValueType)) + return authData.getIdentificationType(); if(predicate.equals("MOAIPAddress")) return clientIPAddress; else diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java index 3f7a6872c..3958bb206 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/XMLLoginParameterResolver.java @@ -184,7 +184,7 @@ public class XMLLoginParameterResolver implements LoginParameterResolver { String famName = resolveValue("MOAFamilyName", authData, clientIPAddress); String givenName = resolveValue("MOAGivenName", authData, clientIPAddress); String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress); - String bPK = resolveValue("MOAVPK", authData, clientIPAddress); + String bPK = resolveValue("MOABPK", authData, clientIPAddress); String userid = ""; String password = ""; LPRParams params = null; @@ -247,7 +247,7 @@ public class XMLLoginParameterResolver implements LoginParameterResolver { String famName = resolveValue("MOAFamilyName", authData, clientIPAddress); String givenName = resolveValue("MOAGivenName", authData, clientIPAddress); String dateOfBirth = resolveValue("MOADateOfBirth", authData, clientIPAddress); - String bPK = resolveValue("MOAVPK", authData, clientIPAddress); + String bPK = resolveValue("MOABPK", authData, clientIPAddress); String userid = ""; String password = ""; LPRParams params = null; @@ -293,8 +293,8 @@ public class XMLLoginParameterResolver implements LoginParameterResolver { return authData.getFamilyName(); if (predicate.equals("MOADateOfBirth")) return authData.getDateOfBirth(); - if (predicate.equals("MOAVPK")) - return authData.getVPK(); + if (predicate.equals("MOABPK")) + return authData.getPBK(); if (predicate.equals("MOAPublicAuthority")) if (authData.isPublicAuthority()) return "true"; @@ -307,8 +307,10 @@ public class XMLLoginParameterResolver implements LoginParameterResolver { return "true"; else return "false"; - if (predicate.equals("MOAZMRZahl")) + if (predicate.equals("MOAStammzahl")) return authData.getIdentificationValue(); + if (predicate.equals(MOAIdentificationValueType)) + return authData.getIdentificationType(); if (predicate.equals("MOAIPAddress")) return clientIPAddress; else diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java index ce0743b3d..a78a8d587 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/parser/AuthenticationDataAssertionParser.java @@ -40,7 +40,7 @@ public class AuthenticationDataAssertionParser implements Constants { private static String ATTRIBUTESTATEMENT_XPATH = SAML + "AttributeStatement/"; /** Prefix for Element NameIdentifier in an Xpath-expression */ - private static String VPK_XPATH = + private static String BPK_XPATH = ATTRIBUTESTATEMENT_XPATH + SAML + "Subject/" + SAML + "NameIdentifier"; @@ -51,10 +51,15 @@ public class AuthenticationDataAssertionParser implements Constants { SAML + "AttributeValue/" + PR + "Person/"; /** Prefix for Element Value in an Xpath-expression */ - private static String ZMRZAHL_XPATH = + private static String IDENTIFICATION_VALUE_XPATH = PERSONDATA_XPATH + PR + "Identification/" + PR + "Value"; + private static String IDENTIFICATION_TYPE_XPATH = + PERSONDATA_XPATH + + PR + "Identification/" + + PR + "Type"; + /** Prefix for Element GivenName in an Xpath-expression */ private static String GIVEN_NAME_XPATH = PERSONDATA_XPATH + @@ -112,10 +117,12 @@ public class AuthenticationDataAssertionParser implements Constants { XPathUtils.getAttributeValue(samlAssertion, ISSUER_XPATH, "")); authData.setIssueInstant( XPathUtils.getAttributeValue(samlAssertion, ISSUE_INSTANT_XPATH, "")); - authData.setVPK( - XPathUtils.getElementValue(samlAssertion, VPK_XPATH, "")); + authData.setPBK( + XPathUtils.getElementValue(samlAssertion, BPK_XPATH, "")); authData.setIdentificationValue( - XPathUtils.getElementValue(samlAssertion, ZMRZAHL_XPATH, "")); + XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_VALUE_XPATH, "")); + authData.setIdentificationType( + XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_TYPE_XPATH, "")); authData.setGivenName( XPathUtils.getElementValue(samlAssertion, GIVEN_NAME_XPATH, "")); authData.setFamilyName( diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java index d6ec4951b..4ab2e2cf7 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ConfigurationServlet.java @@ -1,17 +1,18 @@ package at.gv.egovernment.moa.id.proxy.servlet; import java.io.IOException; -import java.io.PrintWriter; import java.text.DateFormat; import java.util.Date; import java.util.Locale; +import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer; +import at.gv.egovernment.moa.id.util.HTTPRequestJSPForwarder; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -22,9 +23,6 @@ import at.gv.egovernment.moa.logging.Logger; * @version $Id$ */ public class ConfigurationServlet extends HttpServlet { - /** The standard String for DTD Doc-type */ - private static final String DOC_TYPE = - "\n"; /** * Handle a HTTP GET request, used to indicated that the MOA @@ -36,13 +34,6 @@ public class ConfigurationServlet extends HttpServlet { throws ServletException, IOException { MOAIDMessageProvider msg = MOAIDMessageProvider.getInstance(); - PrintWriter out; - - response.setContentType("text/html"); - out = response.getWriter(); - out.println(DOC_TYPE); - out.println("MOA configuration update"); - out.println(""); try { MOAIDProxyInitializer.initialize(); @@ -50,21 +41,12 @@ public class ConfigurationServlet extends HttpServlet { { DateFormat.getTimeInstance(DateFormat.MEDIUM, Locale.GERMAN).format(new Date())} ); Logger.info(message); - //TODO low-priority: change to ErrorPage - out.println("

"); - out.println(message); - out.println("

"); + HTTPRequestJSPForwarder.forwardNamed(message, "/message-proxy.jsp", getServletContext(), request, response); } catch (Throwable t) { String errorMessage = msg.getMessage("config.04", null); Logger.error(errorMessage, t); - out.println("

"); - out.println(errorMessage); - out.println("

"); + HTTPRequestJSPForwarder.forwardNamed(errorMessage, "/message-proxy.jsp", getServletContext(), request, response); } - out.println(""); - - out.flush(); - out.close(); } /** @@ -77,4 +59,13 @@ public class ConfigurationServlet extends HttpServlet { doGet(request, response); } +/** + * Calls the web application initializer. + * + * @see javax.servlet.Servlet#init(ServletConfig) + */ +public void init(ServletConfig servletConfig) throws ServletException { + super.init(servletConfig); } + +} \ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java index 362849fb1..7980778d9 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java @@ -3,7 +3,6 @@ package at.gv.egovernment.moa.id.proxy.servlet; import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.IOException; -import java.io.OutputStream; import java.io.PrintWriter; import java.io.StringWriter; import java.net.HttpURLConnection; @@ -14,7 +13,9 @@ import java.util.Iterator; import java.util.Map; import javax.net.ssl.SSLSocketFactory; +import javax.servlet.RequestDispatcher; import javax.servlet.ServletConfig; +import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; @@ -39,6 +40,7 @@ import at.gv.egovernment.moa.id.proxy.LoginParameterResolver; import at.gv.egovernment.moa.id.proxy.LoginParameterResolverException; import at.gv.egovernment.moa.id.proxy.LoginParameterResolverFactory; import at.gv.egovernment.moa.id.proxy.MOAIDProxyInitializer; +import at.gv.egovernment.moa.id.proxy.NotAllowedException; import at.gv.egovernment.moa.id.proxy.invoke.GetAuthenticationDataInvoker; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.SSLUtils; @@ -67,6 +69,8 @@ public class ProxyServlet extends HttpServlet { private static final String ATT_LOGIN_HEADERS = "LoginHeaders"; /** Name of the Attribute for the LoginParameters */ private static final String ATT_LOGIN_PARAMETERS = "LoginParameters"; + /** Name of the Attribute for the SAMLARTIFACT */ + private static final String ATT_SAML_ARTIFACT = "SamlArtifact"; /** * @see javax.servlet.http.HttpServlet#service(HttpServletRequest, HttpServletResponse) @@ -75,17 +79,25 @@ public class ProxyServlet extends HttpServlet { Logger.debug("getRequestURL:" + req.getRequestURL().toString()); try { - if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null) - login(req, resp); + if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null) { + + // check if SAML Artifact was already used in this session (in case of page reload) + HttpSession session = req.getSession(); + if(null != session && req.getParameter(PARAM_SAMLARTIFACT).equals(session.getAttribute(ATT_SAML_ARTIFACT))) { + tunnelRequest(req, resp); + } else + // it is the first time that the SAML Artifact was used + login(req, resp); + } else tunnelRequest(req, resp); } catch (MOAIDException ex) { - handleError(resp, ex.toString(), ex); + handleError(ex.getMessage(), ex, req, resp); } catch (Throwable ex) { - handleError(resp, ex.toString(), ex); - } + handleError(ex.getMessage(), ex, req, resp); + } } /** @@ -113,8 +125,15 @@ public class ProxyServlet extends HttpServlet { // String target = req.getParameter(PARAM_TARGET); parameter given but not processed // get authentication data from the MOA-ID Auth component - AuthenticationData authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact); - + AuthenticationData authData; + try { + authData = new GetAuthenticationDataInvoker().getAuthenticationData(samlArtifact); + } catch (ServiceException ex) { + throw new ProxyException("proxy.14", new Object[] {ex}); + } catch (ProxyException ex) { + throw new ProxyException("proxy.14", new Object[] {ex}); + } + String urlRequested = req.getRequestURL().toString(); // read configuration data @@ -129,29 +148,34 @@ public class ProxyServlet extends HttpServlet { ConnectionParameter oaConnParam = oaParam.getConnectionParameter(); String realURLPrefix = oaConnParam.getUrl(); - // resolve login parameters to be forwarded to online application - LoginParameterResolver lpr = LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix); + // resolve login parameters to be forwarded to online application + LoginParameterResolver lpr = + LoginParameterResolverFactory.getLoginParameterResolver(publicURLPrefix); String clientIPAddress = req.getRemoteAddr(); Map loginHeaders = null; Map loginParameters = null; try { - if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH)) - loginParameters = lpr.getAuthenticationParameters(oaConf, authData, clientIPAddress); - else - loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, clientIPAddress); - - } catch (LoginParameterResolverException ex) { - throw new ProxyException("proxy.13", new Object[] { publicURLPrefix }); - } + if (oaConf.getAuthType().equals(OAConfiguration.PARAM_AUTH)) + loginParameters = lpr.getAuthenticationParameters(oaConf, authData, clientIPAddress); + else + loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, clientIPAddress); + + } catch (LoginParameterResolverException ex) { + throw new ProxyException("proxy.13", new Object[] { publicURLPrefix }); + } catch (NotAllowedException e) { + throw new ProxyException("proxy.15", new Object[] { }); + } // setup SSLSocketFactory for communication with the online application SSLSocketFactory ssf = null; if (oaConnParam.isHTTPSURL()) { try { ssf = SSLUtils.getSSLSocketFactory(proxyConf, oaConnParam); - } - catch (Throwable ex) { - throw new ProxyException("proxy.05", new Object[] { oaConnParam.getUrl(), ex.toString()}, ex); + } catch (Throwable ex) { + throw new ProxyException( + "proxy.05", + new Object[] { oaConnParam.getUrl(), ex.toString()}, + ex); } } @@ -160,6 +184,7 @@ public class ProxyServlet extends HttpServlet { String loginType = oaConf.getLoginType(); Logger.debug("Login type: " + loginType); if (loginType.equals(OAConfiguration.LOGINTYPE_STATELESS)) { + HttpSession session = req.getSession(); int sessionTimeOut = oaParam.getSessionTimeOut(); if (sessionTimeOut == 0) @@ -170,24 +195,40 @@ public class ProxyServlet extends HttpServlet { session.setAttribute(ATT_SSL_SOCKET_FACTORY, ssf); session.setAttribute(ATT_LOGIN_HEADERS, loginHeaders); session.setAttribute(ATT_LOGIN_PARAMETERS, loginParameters); + session.setAttribute(ATT_SAML_ARTIFACT, samlArtifact); Logger.debug("moa-id-proxy: HTTPSession angelegt"); } - - // tunnel request to the online application - int respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf); - if (respcode == 401) - { - Logger.debug("Got 401, trying again"); - respcode = tunnelRequest(req, resp, loginHeaders, loginParameters, publicURLPrefix, realURLPrefix, ssf); - if (respcode == 401) - throw new ProxyException("proxy.12", new Object[] { realURLPrefix}); - } - } - catch (ProxyException ex) { - throw new ProxyException("proxy.12", new Object[] { realURLPrefix}); - } - catch (Throwable ex) { + + // tunnel request to the online application + int respcode = + tunnelRequest( + req, + resp, + loginHeaders, + loginParameters, + publicURLPrefix, + realURLPrefix, + ssf); + if (respcode == 401) { + Logger.debug("Got 401, trying again"); + + respcode = + tunnelRequest( + req, + resp, + loginHeaders, + loginParameters, + publicURLPrefix, + realURLPrefix, + ssf); + if (respcode == 401) + throw new ProxyException("proxy.12", new Object[] { realURLPrefix }); + } + } catch (ProxyException ex) { + throw new ProxyException("proxy.12", new Object[] { realURLPrefix }); + + } catch (Throwable ex) { throw new ProxyException("proxy.04", new Object[] { urlRequested, ex.toString()}, ex); } } @@ -202,9 +243,15 @@ public class ProxyServlet extends HttpServlet { Logger.debug("Tunnel request (stateless)"); HttpSession session = req.getSession(false); + if (session == null) throw new ProxyException("proxy.07", null); String publicURLPrefix = (String) session.getAttribute(ATT_PUBLIC_URLPREFIX); + //A sesssion is automatically created when forwarded 1st time to errorpage-proxy.jsp (with the handleError method) + //additional check if publicURLPrefix is OK, if not throw an Exception + if (publicURLPrefix == null) + throw new ProxyException("proxy.07", null); + String realURLPrefix = (String) session.getAttribute(ATT_REAL_URLPREFIX); SSLSocketFactory ssf = (SSLSocketFactory) session.getAttribute(ATT_SSL_SOCKET_FACTORY); Map loginHeaders = (Map) session.getAttribute(ATT_LOGIN_HEADERS); @@ -487,6 +534,7 @@ private boolean isTransferEncodingChunkedHeader(String headerKey, String headerV * @see javax.servlet.Servlet#init(ServletConfig) */ public void init(ServletConfig servletConfig) throws ServletException { + super.init(servletConfig); try { MOAIDProxyInitializer.initialize(); Logger.info(MOAIDMessageProvider.getInstance().getMessage("proxy.00", null)); @@ -496,42 +544,47 @@ public void init(ServletConfig servletConfig) throws ServletException { throw new ServletException(ex); } } + /** - * Handles an error in proxying the request. + * Handles an error.
*
    - *
  • Logs the error.
  • - *
  • Outputs an HTML error page.
  • + *
  • Logs the error
  • + *
  • Places error message and exception thrown into the request + * as request attributes (to be used by "/errorpage-proxy.jsp")
  • + *
  • Sets HTTP status 500 (internal server error)
  • *
- * @param resp the HttpServletResponse - * @param errorMessage error message to be used - * @param ex the exception to be logged + * + * @param errorMessage error message + * @param exceptionThrown exception thrown + * @param req servlet request + * @param resp servlet response */ -private void handleError(HttpServletResponse resp, String errorMessage, Throwable ex) { - Logger.error(errorMessage, ex); - String htmlCode = - "" - + "" - + MOAIDMessageProvider.getInstance().getMessage("proxy.10", null) - + "" - + "

" - + MOAIDMessageProvider.getInstance().getMessage("proxy.10", null) - + "

" - + "

" - + MOAIDMessageProvider.getInstance().getMessage("proxy.11", null) - + "

" - + "

" - + errorMessage - + "

" - + ""; - resp.setContentType("text/html"); - try { - OutputStream respOut = resp.getOutputStream(); - respOut.write(htmlCode.getBytes()); - respOut.flush(); - } - catch (IOException ioex) { - Logger.error("", ioex); - } +protected void handleError( + String errorMessage, Throwable exceptionThrown, HttpServletRequest req, HttpServletResponse resp) { + + + if(null != errorMessage) { + Logger.error(errorMessage); + req.setAttribute("ErrorMessage", errorMessage ); + } + + if (null != exceptionThrown) { + if(null == errorMessage) errorMessage = exceptionThrown.getMessage(); + Logger.error(errorMessage, exceptionThrown); + //req.setAttribute("ExceptionThrown", exceptionThrown); + } + + //forward this to errorpage-proxy.jsp wher the HTML error page is generated + ServletContext context = getServletContext(); + RequestDispatcher dispatcher = context.getRequestDispatcher("/errorpage-proxy.jsp"); + try { + dispatcher.forward(req, resp); + } catch (ServletException e) { + Logger.error(e); + } catch (IOException e) { + Logger.error(e); + } + } } diff --git a/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java b/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java new file mode 100644 index 000000000..7c4731555 --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/util/HTTPRequestJSPForwarder.java @@ -0,0 +1,76 @@ +/* + * Created on 17.02.2004 + * + * To change the template for this generated file go to + * Window>Preferences>Java>Code Generation>Code and Comments + */ +package at.gv.egovernment.moa.id.util; + +import java.io.IOException; +import javax.servlet.ServletContext; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author rschamberger + * + * To change the template for this generated type comment go to + * Window>Preferences>Java>Code Generation>Code and Comments + */ +public class HTTPRequestJSPForwarder { + + /** + * Forwards the HttpServletRequest to a customizable JSP Page and serves the Response.
+ *
    + *
  • Logs the message
  • + *
+ * + * @param message message text + * @param jspPageURI URI of the JSP page + * @param context the servlet context of the servlet belonging to the req, resp + * @param req servlet request + * @param resp servlet response + */ + public static void forwardNamed( + String message, + String jspPageURI, + ServletContext context, + HttpServletRequest req, + HttpServletResponse resp) { + + if (null != message) { + Logger.info(message); + req.setAttribute("Message", message); + } + + //forward this to the given jsp page where the HTML response is generated + try { + context.getRequestDispatcher(jspPageURI).forward(req, resp); + } catch (IOException e) { + Logger.error(e); + } catch (ServletException e) { + Logger.error(e); + } + } + + /** + * Forwards the HttpServletRequest to the customizable JSP Page 'message.jsp' and serves the Response.
+ *
    + *
  • Logs the message
  • + *
+ * + * @param message message text + * @param context the servlet context of the servlet belonging to the req, resp + * @param req servlet request + * @param resp servlet response + */ + public static void forwardDefault( + String message, + ServletContext context, + HttpServletRequest req, + HttpServletResponse resp) { + forwardNamed(message, "/message.jsp", context, req, resp); + } +} \ No newline at end of file diff --git a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java b/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java index e0739d941..276f126c6 100644 --- a/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java +++ b/id.server/src/at/gv/egovernment/moa/id/util/SSLUtils.java @@ -119,7 +119,7 @@ public class SSLUtils { String boolString = conf.getGenericConfigurationParameter(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING); //not using BoolUtils because default value hast to be true! boolean checkRevocation = !("false".equals(boolString) || "0".equals(boolString)); - //TODO RS verify SSL Revocation handling + //TODO MOA-ID verify SSL Revocation handling PKIProfile profile = new PKIProfileImpl(trustStoreURL, checkRevocation); // This call fixes a bug occuring when PKIConfiguration is // initialized by the MOA-SP initialization code, in case diff --git a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java index d9e69eba4..de4fe8fbf 100644 --- a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java +++ b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java @@ -11,7 +11,7 @@ import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; -import at.gv.egovernment.moa.id.auth.builder.VPKBuilder; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; @@ -563,9 +563,9 @@ public class Test300VerifyAuthBlock extends AbnahmeTestCase { authData.setAssertionID(Random.nextRandom()); authData.setIssuer(session.getAuthURL()); authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance())); - String vpkBase64 = new VPKBuilder().buildVPK( - identityLink.getIdentificationValue(), identityLink.getDateOfBirth(), session.getTarget()); - authData.setVPK(vpkBase64); + String vpkBase64 = new BPKBuilder().buildBPK( + identityLink.getIdentificationValue(), session.getTarget()); + authData.setPBK(vpkBase64); authData.setGivenName(identityLink.getGivenName()); authData.setFamilyName(identityLink.getFamilyName()); authData.setDateOfBirth(identityLink.getDateOfBirth()); @@ -576,7 +576,7 @@ public class Test300VerifyAuthBlock extends AbnahmeTestCase { AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( session.getPublicOAURLPrefix()); String prPerson = new PersonDataBuilder().build( - identityLink, oaParam.getProvideZMRZahl()); + identityLink, oaParam.getProvideStammzahl()); try { String ilAssertion = diff --git a/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java b/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java index 8b7b2002f..ede69dd8b 100644 --- a/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java +++ b/id.server/src/test/abnahme/P/Test100LoginParameterResolver.java @@ -84,7 +84,7 @@ public class Test100LoginParameterResolver extends AbnahmeTestCase { String DATE_OF_BIRTH = "1963-12-29"; String VPK = "kp6hOq6LRAkLtrqm6EvDm6bMwJw="; authData.setDateOfBirth(DATE_OF_BIRTH); - authData.setVPK(VPK); + authData.setPBK(VPK); // resolve login parameters Map loginParameters = lpr.getAuthenticationParameters(oaConf, authData, CLIENT_IP_ADDRESS); @@ -115,11 +115,11 @@ public class Test100LoginParameterResolver extends AbnahmeTestCase { boolean PUBLIC_AUTH = true; String BKZ = "FinanzamtWien23Leitstelle"; boolean QUAL_CERT = false; - String ZMR_ZAHL = "3456789012"; + String STAMMZAHL = "3456789012"; authData.setPublicAuthority(PUBLIC_AUTH); authData.setPublicAuthorityCode(BKZ); authData.setQualifiedCertificate(QUAL_CERT); - authData.setIdentificationValue(ZMR_ZAHL); + authData.setIdentificationValue(STAMMZAHL); // resolve login headers Map loginHeaders = lpr.getAuthenticationHeaders(oaConf, authData, CLIENT_IP_ADDRESS); @@ -134,7 +134,7 @@ public class Test100LoginParameterResolver extends AbnahmeTestCase { assertEquals(String.valueOf(PUBLIC_AUTH), loginHeaders.get("Param1")); assertEquals(BKZ, loginHeaders.get("Param2")); assertEquals(String.valueOf(QUAL_CERT), loginHeaders.get("Param3")); - assertEquals(ZMR_ZAHL, loginHeaders.get("Param4")); + assertEquals(STAMMZAHL, loginHeaders.get("Param4")); assertEquals(CLIENT_IP_ADDRESS, loginHeaders.get("Param5")); System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------"); } diff --git a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java index 13f86efee..ebc61e5c4 100644 --- a/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java +++ b/id.server/src/test/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureBuilderTest.java @@ -51,7 +51,7 @@ TRANSFORMS_INFO + public void testBuild() throws Exception { String request = new CreateXMLSignatureRequestBuilder().build( - AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD, + AuthenticationBlockAssertionBuilderTest.ASSERTION_SHOULD, "SecureSignatureKeypair", new String[] {TRANSFORMS_INFO}); assertXmlEquals(REQUEST_SHOULD, request); } diff --git a/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java index 7935c5179..655c33fd9 100644 --- a/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java +++ b/id.server/src/test/at/gv/egovernment/moa/id/config/auth/MOAIDAuthConfigurationProviderTest.java @@ -77,12 +77,12 @@ public class MOAIDAuthConfigurationProviderTest extends UnitTestCase { OAAuthParameter[] result = provider.getOnlineApplicationParameters(); assertEquals(result[0].getPublicURLPrefix(),"StringOALoginURL"); - assertEquals(result[0].getProvideZMRZahl(),false); + assertEquals(result[0].getProvideStammzahl(),false); assertEquals(result[0].getProvideAuthBlock(),false); assertEquals(result[0].getProvideIdentityLink(),false); assertEquals(result[1].getPublicURLPrefix(),"StringOALoginURL2"); - assertEquals(result[1].getProvideZMRZahl(),true); + assertEquals(result[1].getProvideStammzahl(),true); assertEquals(result[1].getProvideAuthBlock(),true); assertEquals(result[1].getProvideIdentityLink(),true); @@ -90,7 +90,7 @@ public class MOAIDAuthConfigurationProviderTest extends UnitTestCase { /* for (int i = 0; i < result.length; i++) { System.out.println(); System.out.println("getOnlineApplicationParameters Url: " + result[i].getUrl()); - System.out.println("getOnlineApplicationParameters ProvideZMRZahl: " + result[i].getProvideZMRZahl()); + System.out.println("getOnlineApplicationParameters ProvideStammzahl: " + result[i].getProvideStammzahl()); System.out.println("getOnlineApplicationParameters ProvideAuthBlock: " + result[i].getProvideAuthBlock()); System.out.println("getOnlineApplicationParameters ProvideIdentityLink: " + result[i].getProvideIdentityLink()); }*/ diff --git a/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java b/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java index 12eddf8c3..ec6a65581 100644 --- a/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java +++ b/id.server/src/test/at/gv/egovernment/moa/id/config/proxy/MOAIDProxyConfigurationProviderTest.java @@ -105,14 +105,14 @@ public class MOAIDProxyConfigurationProviderTest extends UnitTestCase { OAConfiguration oac1 = result[0].getOaConfiguration(); assertEquals(OAConfiguration.PARAM_AUTH, oac1.getAuthType()); assertEquals("MOADateOfBirth", oac1.getParamAuthMapping().get("Param1")); - assertEquals("MOAVPK", oac1.getParamAuthMapping().get("Param2")); + assertEquals("MOABPK", oac1.getParamAuthMapping().get("Param2")); // sollte HeaderAuth sein OAConfiguration oac2 = result[1].getOaConfiguration(); assertEquals(OAConfiguration.HEADER_AUTH, oac2.getAuthType()); assertEquals("MOAPublicAuthority", oac2.getHeaderAuthMapping().get("Param1")); assertEquals("MOABKZ", oac2.getHeaderAuthMapping().get("Param2")); assertEquals("MOAQualifiedCertificate", oac2.getHeaderAuthMapping().get("Param3")); - assertEquals("MOAZMRZahl", oac2.getHeaderAuthMapping().get("Param4")); + assertEquals("MOAStammzahl", oac2.getHeaderAuthMapping().get("Param4")); assertEquals("MOAIPAddress", oac2.getHeaderAuthMapping().get("Param5")); // sollte BasicAuth sein diff --git a/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java b/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java index 39e7240d1..69e5958bf 100644 --- a/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java +++ b/id.server/src/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java @@ -170,7 +170,7 @@ public class SAMLResponseParserTest extends UnitTestCase { assertEquals("http://localhost:8080/moa-id-auth/", authData.getIssuer()); assertEquals("2003-04-02T14:55:42+02:00", authData.getIssueInstant()); assertEquals("123456789012", authData.getIdentificationValue()); - assertEquals("MTk2OC0xMC0yMmdi", authData.getVPK()); + assertEquals("MTk2OC0xMC0yMmdi", authData.getPBK()); assertEquals("Hermann", authData.getGivenName()); assertEquals("Muster", authData.getFamilyName()); assertEquals("1968-10-22", authData.getDateOfBirth()); -- cgit v1.2.3