From 139926faa31ae3ed34dc0083fee503d439112281 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 20 Jun 2018 15:11:13 +0200 Subject: refactor PVP2 S-Profile implementation and perform first tests --- id/ConfigWebTool/pom.xml | 10 ++++++++++ .../moa/id/configuration/auth/pvp2/AttributeListBuilder.java | 6 +++--- .../configuration/auth/pvp2/MetaDataVerificationFilter.java | 12 ++++++------ .../auth/pvp2/PVPSOAPRequestSecurityPolicy.java | 6 +++--- .../moa/id/configuration/config/ConfigurationProvider.java | 2 +- .../egovernment/moa/id/configuration/helper/MailHelper.java | 2 +- .../moa/id/configuration/struts/action/BasicOAAction.java | 2 +- .../moa/id/configuration/struts/action/IndexAction.java | 10 +++++----- .../configuration/validation/oa/OAPVP2ConfigValidation.java | 8 ++++---- 9 files changed, 34 insertions(+), 24 deletions(-) (limited to 'id/ConfigWebTool') diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml index 28c0a9fe4..59e03aa43 100644 --- a/id/ConfigWebTool/pom.xml +++ b/id/ConfigWebTool/pom.xml @@ -66,6 +66,16 @@ moa-id-commons + + at.gv.egiz.eaaf + eaaf_module_pvp2_core + + + + at.gv.egiz.eaaf + eaaf-core + + MOA.id moa-id-webgui diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java index f17ec82cb..0d416b8c0 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/AttributeListBuilder.java @@ -28,16 +28,16 @@ import java.util.List; import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.metadata.RequestedAttribute; +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; import at.gv.egovernment.moa.id.configuration.utils.SAML2Utils; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -public class AttributeListBuilder implements PVPConstants{ +public class AttributeListBuilder implements PVPAttributeDefinitions{ protected static RequestedAttribute buildReqAttribute(String name, String friendlyName, boolean required) { RequestedAttribute attribute = SAML2Utils.createSAMLObject(RequestedAttribute.class); attribute.setIsRequired(required); attribute.setName(name); - attribute.setFriendlyName(friendlyName); + attribute.setFriendlyName(friendlyName); attribute.setNameFormat(Attribute.URI_REFERENCE); return attribute; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java index e3de84b0b..730dfe764 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/MetaDataVerificationFilter.java @@ -30,8 +30,8 @@ import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.xml.XMLObject; import org.opensaml.xml.security.x509.BasicX509Credential; -import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; +import at.gv.egovernment.moa.id.config.webgui.exception.SignatureValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.EntityVerifier; public class MetaDataVerificationFilter implements MetadataFilter { @@ -51,9 +51,9 @@ public class MetaDataVerificationFilter implements MetadataFilter { throw new SignatureValidationException("Root element of metadata file has to be signed"); } try { - processEntitiesDescriptor(entitiesDescriptor); + processEntitiesDescriptor(entitiesDescriptor); - } catch (MOAIDException e) { + } catch (EAAFException e) { throw new SignatureValidationException("Invalid signature element in EntitiesDescriptor"); } @@ -66,13 +66,13 @@ public class MetaDataVerificationFilter implements MetadataFilter { else throw new SignatureValidationException("Root element of metadata file has to be signed", null); - } catch (MOAIDException e) { + } catch (EAAFException e) { throw new SignatureValidationException("Invalid signature element in EntityDescriptor", null); } } } - private void processEntitiesDescriptor(EntitiesDescriptor desc) throws MOAIDException { + private void processEntitiesDescriptor(EntitiesDescriptor desc) throws EAAFException { Iterator entID = desc.getEntitiesDescriptors().iterator(); if(desc.getSignature() != null) { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java index a25cc44ef..27673eafd 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/pvp2/PVPSOAPRequestSecurityPolicy.java @@ -32,8 +32,8 @@ import org.opensaml.ws.soap.soap11.Envelope; import org.opensaml.xml.XMLObject; import org.opensaml.xml.signature.SignatureTrustEngine; +import at.gv.egiz.eaaf.modules.pvp2.impl.verification.AbstractRequestSignedSecurityPolicyRule; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule; /** * @author tlenz @@ -42,8 +42,8 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSigned public class PVPSOAPRequestSecurityPolicy extends AbstractRequestSignedSecurityPolicyRule { - /** - * @param trustEngine + /** + * @param trustEngine * @param peerEntityRole */ public PVPSOAPRequestSecurityPolicy(SignatureTrustEngine trustEngine, diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index cfb39b15c..d249fa597 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -55,6 +55,7 @@ import org.springframework.context.ApplicationContext; import org.springframework.context.support.ClassPathXmlApplicationContext; import org.springframework.context.support.GenericApplicationContext; +import at.gv.egiz.eaaf.core.impl.utils.FileUtils; import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; @@ -64,7 +65,6 @@ import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.pvp2.MetaDataVerificationFilter; import at.gv.egovernment.moa.id.configuration.config.usermanagement.FileBasedUserConfiguration; import at.gv.egovernment.moa.id.configuration.utils.UserRequestCleaner; -import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import iaik.asn1.structures.AlgorithmID; import iaik.x509.X509Certificate; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java index 0fb41189d..8f3b8f479 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/MailHelper.java @@ -43,11 +43,11 @@ import javax.mail.internet.MimeMultipart; import org.apache.commons.io.IOUtils; import org.apache.log4j.Logger; +import at.gv.egiz.eaaf.core.impl.utils.FileUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; -import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; public class MailHelper { diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java index 7d411b161..9e0b8b1cd 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/BasicOAAction.java @@ -44,11 +44,11 @@ import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import at.gv.egiz.components.configuration.meta.api.ConfigurationStorageException; +import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider; import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.auth.frontend.builder.AbstractServiceProviderSpecificGUIFormBuilderConfiguration; import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils; -import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider; import at.gv.egovernment.moa.id.commons.config.ConfigurationMigrationUtils; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java index f1d1c94af..6f9d233b1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java @@ -60,6 +60,7 @@ import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter; import org.opensaml.xml.security.x509.X509Credential; import org.opensaml.xml.signature.Signature; +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; import at.gv.egiz.eaaf.core.impl.utils.Random; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication; @@ -76,7 +77,6 @@ import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper; import at.gv.egovernment.moa.id.configuration.helper.DateTimeHelper; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.util.MiscUtil; public class IndexAction extends BasicAction { @@ -401,19 +401,19 @@ public class IndexAction extends BasicAction { { String strAttributeName = attributes.get(x).getDOM().getAttribute("Name"); - if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME)) { + if (strAttributeName.equals(PVPAttributeDefinitions.PRINCIPAL_NAME_NAME)) { user.setFamilyName(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); } - if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME)) { + if (strAttributeName.equals(PVPAttributeDefinitions.GIVEN_NAME_NAME)) { user.setGivenName(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); } - if (strAttributeName.equals(PVPConstants.MANDATE_TYPE_NAME)) { + if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_TYPE_NAME)) { user.setIsmandateuser(true); } - if (strAttributeName.equals(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME)) { + if (strAttributeName.equals(PVPAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME)) { user.setInstitut(attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue()); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java index 79e7e9252..8b41823e1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAPVP2ConfigValidation.java @@ -47,13 +47,13 @@ import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; +import at.gv.egovernment.moa.id.config.webgui.exception.SchemaValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.SignatureValidationException; +import at.gv.egovernment.moa.id.config.webgui.validation.utils.SchemaValidationFilter; import at.gv.egovernment.moa.id.configuration.auth.pvp2.MetaDataVerificationFilter; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; -import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; -import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; import iaik.x509.X509Certificate; @@ -158,7 +158,7 @@ public class OAPVP2ConfigValidation { } catch (ConfigurationException e) { log.warn("Configuration access FAILED!", e); - + } MetadataFilterChain filter = new MetadataFilterChain(); -- cgit v1.2.3