From 37be718068ed2c9c3e26a79d2deba88b33655f30 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Fri, 17 Jan 2014 17:29:51 +0100 Subject: copying old changes --- .../at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From 5a929406263d98b140af591ca33ef5ecc1222284 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Fri, 17 Jan 2014 17:31:42 +0100 Subject: copying old changes --- .../at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java | 0 .../java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java | 0 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java new file mode 100644 index 000000000..e69de29bb diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From b5cbffea611b603d2ae28ebb104128e8abbb7656 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Fri, 17 Jan 2014 17:32:48 +0100 Subject: copying old changes --- .../id/protocols/stork2/AuthenticationRequest.java | 160 +++++++++++++++++++++ .../id/protocols/stork2/STORKAuthnRequestDEL.java | 72 ++++++++++ .../moa/id/protocols/stork2/STORKProcotol.java | 127 ++++++++++++++++ 3 files changed, 359 insertions(+) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index e69de29bb..49b6bba8a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -0,0 +1,160 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.logging.Logger; +import eu.stork.mw.messages.saml.STORKAuthnRequest; +import eu.stork.vidp.api.messages.StartAuthResponse; +import eu.stork.vidp.messages.stork.SpInstitution; +import eu.stork.vidp.messages.util.SAMLUtil; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.apache.velocity.runtime.RuntimeConstants; +import org.opensaml.xml.util.Base64; +import org.opensaml.xml.util.XMLHelper; + +import javax.servlet.ServletOutputStream; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.io.OutputStreamWriter; +import java.io.Writer; +import java.util.HashMap; + +/** + * @author bsuzic + * Date: 12/3/13, Time: 2:08 PM + */ + +public class AuthenticationRequest implements IAction { + /* + Second request step - after authentication of the user is done and moasession obtained, + process request and forward the user further to PEPS and/or other entities + */ + + + private VelocityEngine velocityEngine; + + + public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + Logger.debug("Starting AuthenticationRequest"); + //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); + Logger.debug("Http Response: " + httpResp.toString() + ", "); + Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget()); + httpResp.reset(); + //httpResp.addHeader("Location", "http:/www.google.com"); + if (req instanceof STORKAuthnRequestDEL) { + Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel()); + StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest()); + + HttpSession httpSession = httpReq.getSession(); + httpSession.setAttribute("STORKSessionID", "12345"); + httpResp.setStatus(startAuthResponse.getHttpStatusCode()); + try { + ServletOutputStream os = httpResp.getOutputStream(); + String html = new String(startAuthResponse.getContent()); + + + if (html.contains(""); + html = html.substring(beginIndex + 9, endIndex); + startAuthResponse.setContent(html.getBytes()); + + } + Logger.info("HTML : " + html); + + os.write(startAuthResponse.getContent()); + Logger.info("Response sent to client"); + } catch (IOException e) { + Logger.error("ERROR MOA"); + throw new MOAIDException("error response sending", new Object[]{}); + } + //httpSession.setAttribute("CCC", ccc); + } + + + //httpResp.setStatus(200); + //VPEPSInboundPostHandler + + + return "12345"; // AssertionId + } + + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + return true; + } + + + public StartAuthResponse getStartAuthResponse(STORKAuthnRequest authnRequest) { + + StartAuthResponse authResponse = new StartAuthResponse(500, null, new HashMap()); + + if (authnRequest.getSPID() != null) { + Logger.debug("SP id: " + authnRequest.getSPID()); + } else { + SpInstitution spInstitution = (SpInstitution)authnRequest.getExtensions().getUnknownXMLObjects(SpInstitution.DEFAULT_ELEMENT_NAME).get(0); + Logger.debug("SP institution: " + spInstitution.getValue()); + } + + Logger.debug("SPEPS issuer: " + authnRequest.getIssuer().getValue()); + Logger.debug("SPEPS Consumer URL: " + authnRequest.getAssertionConsumerServiceURL()); + + + + try { + + initVelocityEngine(); + VelocityContext velocityContext = new VelocityContext(); + + velocityContext.put("action", authnRequest.getDestination()); + if (authnRequest.getDOM() == null) { + SAMLUtil.marshallMessage(authnRequest); + } + + String messageXML = XMLHelper.nodeToString(authnRequest.getDOM()); + String encodedMessage = Base64.encodeBytes(messageXML.getBytes("UTF-8"), Base64.DONT_BREAK_LINES); + velocityContext.put("SAMLRequest", encodedMessage); + ByteArrayOutputStream outStream = new ByteArrayOutputStream(); + + Writer out = new OutputStreamWriter(outStream, "UTF-8"); + velocityEngine.mergeTemplate("/templates/saml2-post-binding.vm", "UTF-8", velocityContext, out); + out.flush(); + authResponse.setContent(outStream.toByteArray()); + + authResponse.addHeader("Content-Type", "text/html; charset=utf-8"); + authResponse.addHeader("Cache-Control", "no-cache"); + authResponse.setHttpStatusCode(200); + + } catch (Exception e) { + Logger.error("ERROR"); + } + + + return authResponse; + } + + public String getDefaultActionName() { + return STORKProtocol.AUTHENTICATIONREQUEST; + } + + + private void initVelocityEngine() throws Exception { + velocityEngine = new VelocityEngine(); + velocityEngine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); + velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); + velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); + velocityEngine.setProperty("classpath.resource.loader.class", + "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); + + velocityEngine.init(); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java index e69de29bb..9e3e7f53d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java @@ -0,0 +1,72 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.moduls.IRequest; +import eu.stork.mw.messages.saml.STORKAuthnRequest; +import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl; +import org.opensaml.common.xml.SAMLConstants; + +/** + * @author bsuzic + * Date: 12/4/13, Time: 6:31 PM + */ +//public class STORKAuthnRequestDEL extends STORKAuthnRequestImpl implements IRequest { + +public class STORKAuthnRequestDEL implements IRequest { + private String requestID; + private String target = null; + String module = null; + String action = null; + private STORKAuthnRequest storkAuthnRequest; + + public void setSTORKAuthnRequest(STORKAuthnRequestImpl request) { + this.storkAuthnRequest = request; + } + + public STORKAuthnRequest getStorkAuthnRequest() { + return this.storkAuthnRequest; + } + + public String getOAURL() { + return "https://sp:8889/SP"; // + } + + public boolean isPassiv() { + return false; // + } + + public boolean forceAuth() { + return false; // + } + + public boolean isSSOSupported() { + return false; // + } + + public String requestedModule() { + return this.module; // + } + + public String requestedAction() { + return action; // + } + + public void setModule(String module) { + this.module = module; + } + + public void setAction(String action) { + this.action = action; + } + + public String getTarget() { + return this.target; // + } + + public void setRequestID(String id) { + this.requestID = id; + } + + public String getRequestID() { + return this.requestID; // + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java index e69de29bb..15096083e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java @@ -0,0 +1,127 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IModulInfo; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; +import at.gv.egovernment.moa.logging.Logger; +import eu.stork.mw.messages.saml.STORKAuthnRequest; +import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl; +import org.opensaml.common.binding.BasicSAMLMessageContext; +import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; +import org.opensaml.ws.transport.http.HTTPInTransport; +import org.opensaml.ws.transport.http.HTTPOutTransport; +import org.opensaml.ws.transport.http.HttpServletRequestAdapter; +import org.opensaml.ws.transport.http.HttpServletResponseAdapter; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.Collections; +import java.util.HashMap; + +/** + * Stork 2 Protocol Support + * Date: 11/29/13, Time: 12:32 PM + * @author bsuzic + */ +public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { + + public static final String NAME = STORKProtocol.class.getName(); + public static final String PATH = "id_stork2"; + + public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; + + private static HashMap actions = new HashMap(); + + static { + + actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); + + instance = new STORKProtocol(); + } + + private static STORKProtocol instance = null; + + + public String getName() { + return NAME; + } + + public String getPath() { + return PATH; + } + + public IAction getAction(String action) { + return actions.get(action); + } + + /* + First request step - send it to BKU selection for user authentication. After the user credentials + and other info are obtained, in the second step the request will be processed and the user redirected + */ + public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { + Logger.debug("Starting preprocessing"); + Logger.debug("Got request: " + request.toString()); + Logger.debug("Request method: " + request.getMethod()); + for (Object o : Collections.list(request.getHeaderNames())) { + Logger.debug("Request header: " + o.toString() + ":::" + request.getHeader(o.toString())); + } + for (Object o : Collections.list(request.getParameterNames())) { + Logger.debug("Request parameter: " + o.toString() + "::::" + request.getParameter(o.toString())); + } + + Logger.debug("Request content length: " + request.getContentLength()); + Logger.debug("Request query: " + request.getQueryString()); + Logger.debug("Response: " + response.toString()); + Logger.debug("Action: " + action); + + Logger.debug("Processing saml request"); + String SAMLRequest = request.getParameter("SAMLRequest"); + + HTTPInTransport profileReq = new HttpServletRequestAdapter(request); + HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure()); + + + BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); + samlMessageContext.setInboundMessageTransport(profileReq); + + HTTPPostDecoder postDecoder = new HTTPPostDecoder(); + postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator + + try { + Logger.debug("Attempting to decode request..."); + postDecoder.decode(samlMessageContext); + } catch (Exception e) { + Logger.error("Error decoding STORKAuthnRequest", e); + } + + STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage(); + //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage(); + STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL(); + STORK2Request.setSTORKAuthnRequest(ST2Req); + + Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode()); + Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel()); + Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString()); + + + return STORK2Request; + } + + public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) { + return null; + } + + public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable { + return false; + } + + public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { + return false; + } +} + + -- cgit v1.2.3 From dbc6bd6c792519467c490e536ff6f1af5175a796 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Fri, 17 Jan 2014 17:37:56 +0100 Subject: renaming --- .../moa/id/protocols/stork2/STORKProcotol.java | 127 --------------------- .../moa/id/protocols/stork2/STORKProtocol.java | 127 +++++++++++++++++++++ 2 files changed, 127 insertions(+), 127 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java deleted file mode 100644 index 15096083e..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProcotol.java +++ /dev/null @@ -1,127 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IModulInfo; -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; -import at.gv.egovernment.moa.logging.Logger; -import eu.stork.mw.messages.saml.STORKAuthnRequest; -import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl; -import org.opensaml.common.binding.BasicSAMLMessageContext; -import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; -import org.opensaml.ws.transport.http.HTTPInTransport; -import org.opensaml.ws.transport.http.HTTPOutTransport; -import org.opensaml.ws.transport.http.HttpServletRequestAdapter; -import org.opensaml.ws.transport.http.HttpServletResponseAdapter; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.util.Collections; -import java.util.HashMap; - -/** - * Stork 2 Protocol Support - * Date: 11/29/13, Time: 12:32 PM - * @author bsuzic - */ -public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { - - public static final String NAME = STORKProtocol.class.getName(); - public static final String PATH = "id_stork2"; - - public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; - - private static HashMap actions = new HashMap(); - - static { - - actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); - - instance = new STORKProtocol(); - } - - private static STORKProtocol instance = null; - - - public String getName() { - return NAME; - } - - public String getPath() { - return PATH; - } - - public IAction getAction(String action) { - return actions.get(action); - } - - /* - First request step - send it to BKU selection for user authentication. After the user credentials - and other info are obtained, in the second step the request will be processed and the user redirected - */ - public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { - Logger.debug("Starting preprocessing"); - Logger.debug("Got request: " + request.toString()); - Logger.debug("Request method: " + request.getMethod()); - for (Object o : Collections.list(request.getHeaderNames())) { - Logger.debug("Request header: " + o.toString() + ":::" + request.getHeader(o.toString())); - } - for (Object o : Collections.list(request.getParameterNames())) { - Logger.debug("Request parameter: " + o.toString() + "::::" + request.getParameter(o.toString())); - } - - Logger.debug("Request content length: " + request.getContentLength()); - Logger.debug("Request query: " + request.getQueryString()); - Logger.debug("Response: " + response.toString()); - Logger.debug("Action: " + action); - - Logger.debug("Processing saml request"); - String SAMLRequest = request.getParameter("SAMLRequest"); - - HTTPInTransport profileReq = new HttpServletRequestAdapter(request); - HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure()); - - - BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); - samlMessageContext.setInboundMessageTransport(profileReq); - - HTTPPostDecoder postDecoder = new HTTPPostDecoder(); - postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator - - try { - Logger.debug("Attempting to decode request..."); - postDecoder.decode(samlMessageContext); - } catch (Exception e) { - Logger.error("Error decoding STORKAuthnRequest", e); - } - - STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage(); - //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage(); - STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL(); - STORK2Request.setSTORKAuthnRequest(ST2Req); - - Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode()); - Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel()); - Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString()); - - - return STORK2Request; - } - - public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) { - return null; - } - - public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable { - return false; - } - - public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { - return false; - } -} - - diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java new file mode 100644 index 000000000..15096083e --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -0,0 +1,127 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IModulInfo; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; +import at.gv.egovernment.moa.logging.Logger; +import eu.stork.mw.messages.saml.STORKAuthnRequest; +import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl; +import org.opensaml.common.binding.BasicSAMLMessageContext; +import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; +import org.opensaml.ws.transport.http.HTTPInTransport; +import org.opensaml.ws.transport.http.HTTPOutTransport; +import org.opensaml.ws.transport.http.HttpServletRequestAdapter; +import org.opensaml.ws.transport.http.HttpServletResponseAdapter; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.Collections; +import java.util.HashMap; + +/** + * Stork 2 Protocol Support + * Date: 11/29/13, Time: 12:32 PM + * @author bsuzic + */ +public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { + + public static final String NAME = STORKProtocol.class.getName(); + public static final String PATH = "id_stork2"; + + public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; + + private static HashMap actions = new HashMap(); + + static { + + actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); + + instance = new STORKProtocol(); + } + + private static STORKProtocol instance = null; + + + public String getName() { + return NAME; + } + + public String getPath() { + return PATH; + } + + public IAction getAction(String action) { + return actions.get(action); + } + + /* + First request step - send it to BKU selection for user authentication. After the user credentials + and other info are obtained, in the second step the request will be processed and the user redirected + */ + public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { + Logger.debug("Starting preprocessing"); + Logger.debug("Got request: " + request.toString()); + Logger.debug("Request method: " + request.getMethod()); + for (Object o : Collections.list(request.getHeaderNames())) { + Logger.debug("Request header: " + o.toString() + ":::" + request.getHeader(o.toString())); + } + for (Object o : Collections.list(request.getParameterNames())) { + Logger.debug("Request parameter: " + o.toString() + "::::" + request.getParameter(o.toString())); + } + + Logger.debug("Request content length: " + request.getContentLength()); + Logger.debug("Request query: " + request.getQueryString()); + Logger.debug("Response: " + response.toString()); + Logger.debug("Action: " + action); + + Logger.debug("Processing saml request"); + String SAMLRequest = request.getParameter("SAMLRequest"); + + HTTPInTransport profileReq = new HttpServletRequestAdapter(request); + HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure()); + + + BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); + samlMessageContext.setInboundMessageTransport(profileReq); + + HTTPPostDecoder postDecoder = new HTTPPostDecoder(); + postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator + + try { + Logger.debug("Attempting to decode request..."); + postDecoder.decode(samlMessageContext); + } catch (Exception e) { + Logger.error("Error decoding STORKAuthnRequest", e); + } + + STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage(); + //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage(); + STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL(); + STORK2Request.setSTORKAuthnRequest(ST2Req); + + Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode()); + Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel()); + Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString()); + + + return STORK2Request; + } + + public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) { + return null; + } + + public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable { + return false; + } + + public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { + return false; + } +} + + -- cgit v1.2.3 From 52dabc099bc80230128a621aa14f1010ba12221e Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 22 Jan 2014 18:26:58 +0100 Subject: peps saml engine adjustment --- .../id/protocols/stork2/AuthenticationRequest.java | 1 + .../moa/id/protocols/stork2/STORKAuthnReq.java | 73 ++++++++++++++++++++++ .../id/protocols/stork2/STORKAuthnRequestDEL.java | 4 +- 3 files changed, 76 insertions(+), 2 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 49b6bba8a..d5430a358 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -24,6 +24,7 @@ import java.io.IOException; import java.io.OutputStreamWriter; import java.io.Writer; import java.util.HashMap; +import eu.stork.peps.auth.engine.SAMLEngine; /** * @author bsuzic diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java new file mode 100644 index 000000000..c79423ffc --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java @@ -0,0 +1,73 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.moduls.IRequest; +import eu.stork.peps.auth.commons.STORKAuthnRequest; + + + +/** + * @author bsuzic + * Date: 1/22/14, Time: 5:30 PM + */ +public class STORKAuthnReq implements IRequest { + private String requestID; + private String target = null; + String module = null; + String action = null; + private STORKAuthnRequest storkAuthnRequest; + + public void setSTORKAuthnRequest(STORKAuthnRequest request) { + this.storkAuthnRequest = request; + } + + public STORKAuthnRequest getStorkAuthnRequest() { + return this.storkAuthnRequest; + } + + + public String getOAURL() { + return "https://sp:8889/SP"; // + } + + public boolean isPassiv() { + return false; // + } + + public boolean forceAuth() { + return false; // + } + + public boolean isSSOSupported() { + return false; // + } + + public String requestedModule() { + return this.module; // + } + + public String requestedAction() { + return action; // + } + + public void setModule(String module) { + this.module = module; + } + + public void setAction(String action) { + this.action = action; + } + + public String getTarget() { + return this.target; // + } + + public void setRequestID(String id) { + this.requestID = id; + } + + public String getRequestID() { + return this.requestID; // + } + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java index 9e3e7f53d..57dfad73f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java @@ -16,13 +16,13 @@ public class STORKAuthnRequestDEL implements IRequest { private String target = null; String module = null; String action = null; - private STORKAuthnRequest storkAuthnRequest; + private eu.stork.mw.messages.saml.STORKAuthnRequest storkAuthnRequest; public void setSTORKAuthnRequest(STORKAuthnRequestImpl request) { this.storkAuthnRequest = request; } - public STORKAuthnRequest getStorkAuthnRequest() { + public eu.stork.mw.messages.saml.STORKAuthnRequest getStorkAuthnRequest() { return this.storkAuthnRequest; } -- cgit v1.2.3 From ed9ad9b0c13ee0de3231bab038f35b01beeb0d0b Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 23 Jan 2014 12:34:14 +0100 Subject: saml peps engine changeS --- .../moa/id/protocols/stork2/STORKAuthnReq.java | 32 +++++++++++++++++++++- .../moa/id/protocols/stork2/STORKProtocol.java | 4 +++ 2 files changed, 35 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java index c79423ffc..9bf4ed0d1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java @@ -1,8 +1,12 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; +import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.STORKAuthnRequest; - +import org.opensaml.common.binding.BasicSAMLMessageContext; +import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; +import org.opensaml.ws.transport.http.HTTPInTransport; /** @@ -24,6 +28,32 @@ public class STORKAuthnReq implements IRequest { return this.storkAuthnRequest; } + public void createStorkReq(HTTPInTransport profileReq) { + Logger.debug("Generate stork request test..."); + storkAuthnRequest = new STORKAuthnRequest(); + + BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); + samlMessageContext.setInboundMessageTransport(profileReq); + + HTTPPostDecoder postDecoder = new HTTPPostDecoder(); + postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator + + try { + Logger.debug("Attempting to decode request..."); + postDecoder.decode(samlMessageContext); + } catch (Exception e) { + Logger.error("Error decoding STORKAuthnRequest", e); + } + + + storkAuthnRequest = (STORKAuthnRequest)samlMessageContext.getInboundSAMLMessage(); + samlMessageContext.getinbound + storkAuthnRequest.set + + } + + + public String getOAURL() { return "https://sp:8889/SP"; // diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 15096083e..e99079191 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -108,6 +108,10 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString()); + STORKAuthnReq storkAuthnReq = new STORKAuthnReq(); + + + return STORK2Request; } -- cgit v1.2.3 From c3745720650268de1f1b06e2b3dc891122ace9bb Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 5 Feb 2014 12:38:45 +0100 Subject: changing some stork parameters; adjusting spss maven config --- .../id/protocols/stork2/AuthenticationRequest.java | 12 +++++---- .../id/protocols/stork2/STORKAuthnRequestDEL.java | 9 +++---- .../moa/id/protocols/stork2/STORKProtocol.java | 31 +++++++++++++++++++--- 3 files changed, 39 insertions(+), 13 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 297c5f366..7e80273ca 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -5,16 +5,11 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; -import eu.stork.mw.messages.saml.STORKAuthnRequest; -import eu.stork.vidp.api.messages.StartAuthResponse; -import eu.stork.vidp.messages.stork.SpInstitution; -import eu.stork.vidp.messages.util.SAMLUtil; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; import org.opensaml.xml.util.Base64; import org.opensaml.xml.util.XMLHelper; - import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -49,6 +44,7 @@ public class AuthenticationRequest implements IAction { httpResp.reset(); //httpResp.addHeader("Location", "http:/www.google.com"); if (req instanceof STORKAuthnRequestDEL) { + /* Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel()); StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest()); @@ -78,6 +74,8 @@ public class AuthenticationRequest implements IAction { throw new MOAIDException("error response sending", new Object[]{}); } //httpSession.setAttribute("CCC", ccc); + + */ } @@ -93,6 +91,8 @@ public class AuthenticationRequest implements IAction { } + /* + public StartAuthResponse getStartAuthResponse(STORKAuthnRequest authnRequest) { StartAuthResponse authResponse = new StartAuthResponse(500, null, new HashMap()); @@ -141,6 +141,8 @@ public class AuthenticationRequest implements IAction { return authResponse; } + */ + public String getDefaultActionName() { return STORKProtocol.AUTHENTICATIONREQUEST; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java index 57dfad73f..c8a5ac84d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java @@ -1,8 +1,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.moduls.IRequest; -import eu.stork.mw.messages.saml.STORKAuthnRequest; -import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl; +import eu.stork.peps.auth.commons.STORKAuthnRequest; import org.opensaml.common.xml.SAMLConstants; /** @@ -16,13 +15,13 @@ public class STORKAuthnRequestDEL implements IRequest { private String target = null; String module = null; String action = null; - private eu.stork.mw.messages.saml.STORKAuthnRequest storkAuthnRequest; + private STORKAuthnRequest storkAuthnRequest; - public void setSTORKAuthnRequest(STORKAuthnRequestImpl request) { + public void setSTORKAuthnRequest(STORKAuthnRequest request) { this.storkAuthnRequest = request; } - public eu.stork.mw.messages.saml.STORKAuthnRequest getStorkAuthnRequest() { + public STORKAuthnRequest getStorkAuthnRequest() { return this.storkAuthnRequest; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index e99079191..2c47620e1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -8,14 +8,16 @@ import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; import at.gv.egovernment.moa.logging.Logger; -import eu.stork.mw.messages.saml.STORKAuthnRequest; -import eu.stork.vidp.messages.saml.impl.STORKAuthnRequestImpl; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.engine.STORKSAMLEngine; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; import org.opensaml.ws.transport.http.HTTPInTransport; import org.opensaml.ws.transport.http.HTTPOutTransport; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; import org.opensaml.ws.transport.http.HttpServletResponseAdapter; +import eu.stork.peps.auth.commons.STORKAuthnRequest; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -97,6 +99,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } catch (Exception e) { Logger.error("Error decoding STORKAuthnRequest", e); } + /* STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage(); //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage(); @@ -107,10 +110,32 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel()); Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString()); - + */ STORKAuthnReq storkAuthnReq = new STORKAuthnReq(); + STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL(); + + + //extract STORK Response from HTTP Request + //Decodes SAML Response + + /* + byte[] decSamlToken; + try { + decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse")); + } catch(NullPointerException e) { + Logger.error("Unable to retrieve STORK Response", e); + throw new MOAIDException("stork.04", null); + } + + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing"); + + STORKAuthnResponse authnResponse = null; + PEPSUtil.decode + engine.validateSTORKAuthnRequest() + */ return STORK2Request; } -- cgit v1.2.3 From 337c5b67682f893e7907d018077e3fb55c6d5dd6 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 5 Feb 2014 17:49:06 +0100 Subject: saml changes --- .../moa/id/protocols/stork2/STORKProtocol.java | 37 ++++++++++++++++------ 1 file changed, 27 insertions(+), 10 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 2c47620e1..2e42a0d75 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -11,6 +11,7 @@ import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; import org.opensaml.ws.transport.http.HTTPInTransport; @@ -60,10 +61,14 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { return actions.get(action); } + public STORKProtocol() { + super(); // + } + /* - First request step - send it to BKU selection for user authentication. After the user credentials - and other info are obtained, in the second step the request will be processed and the user redirected - */ + First request step - send it to BKU selection for user authentication. After the user credentials + and other info are obtained, in the second step the request will be processed and the user redirected + */ public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { Logger.debug("Starting preprocessing"); Logger.debug("Got request: " + request.toString()); @@ -120,22 +125,34 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { //extract STORK Response from HTTP Request //Decodes SAML Response - /* + byte[] decSamlToken; try { - decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse")); + decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest")); } catch(NullPointerException e) { Logger.error("Unable to retrieve STORK Response", e); throw new MOAIDException("stork.04", null); } //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing"); + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); + + STORKAuthnRequest authnRequest = null; + Logger.error("decsamltoken" +decSamlToken.toString()); + + try { + authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); + } catch (STORKSAMLEngineException ex) { + Logger.error("Unable to validate storkrkauthnreqeust" + ex.getMessage() ); + } + + Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL()); + Logger.error("cc " + authnRequest.getCitizenCountryCode()); + Logger.error("iss " + authnRequest.getIssuer()); + Logger.error("spid " + authnRequest.getSPID()); + Logger.error("spi " + authnRequest.getSpInstitution()); + - STORKAuthnResponse authnResponse = null; - PEPSUtil.decode - engine.validateSTORKAuthnRequest() - */ return STORK2Request; } -- cgit v1.2.3 From 4c104d5d8349195007d19a13ed54426f9fe7b49a Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 6 Feb 2014 18:29:23 +0100 Subject: iml --- .../id/protocols/stork2/AuthenticationRequest.java | 99 +++++++++++++++++++++- .../moa/id/protocols/stork2/STORKProtocol.java | 1 + 2 files changed, 96 insertions(+), 4 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 7e80273ca..1971fe12d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -2,9 +2,16 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; +import edu.emory.mathcs.backport.java.util.Collections; +import eu.stork.peps.auth.commons.*; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import org.apache.commons.io.IOUtils; +import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; @@ -14,12 +21,11 @@ import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.OutputStreamWriter; -import java.io.Writer; +import java.io.*; +import java.util.ArrayList; import java.util.HashMap; import eu.stork.peps.auth.engine.SAMLEngine; +import sun.rmi.runtime.Log; /** * @author bsuzic @@ -40,6 +46,7 @@ public class AuthenticationRequest implements IAction { Logger.debug("Starting AuthenticationRequest"); //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); Logger.debug("Http Response: " + httpResp.toString() + ", "); + Logger.debug("Remote user: " + httpReq.getRemoteAddr()); Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget()); httpResp.reset(); //httpResp.addHeader("Location", "http:/www.google.com"); @@ -82,6 +89,90 @@ public class AuthenticationRequest implements IAction { //httpResp.setStatus(200); //VPEPSInboundPostHandler + // - prepare attribute list + PersonalAttributeList attributeList = new PersonalAttributeList(); + + STORKAuthnResponse authnResponse = new STORKAuthnResponse(); + authnResponse.setCountry("AT"); + + + try { + + IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); + + for (PersonalAttribute personalAttribute : moaAttrList) { + Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); + if (personalAttribute.getValue().size() > 0) { + for (String value : personalAttribute.getValue()) { + Logger.info(" Value found: " + value); + } + } + } + + } catch (Exception e) { + Logger.error("Exception, attributes: " + e.getMessage()); + } + + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("eIdentifier"); + newAttribute.setValue(new ArrayList(Collections.singletonList("xxxxxxxxxxxxxxx"))); + attributeList.add(newAttribute); + authnResponse.setPersonalAttributeList(attributeList); + + + try { + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); + Logger.debug("Starting generation of SAML response"); + authnResponse = engine.generateSTORKAuthnResponse(((STORKAuthnRequestDEL)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false); + //generateSAML Token + Logger.info("SAML response succesfully generated!"); + }catch(STORKSAMLEngineException e){ + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } + + Logger.info("STORK SAML Response message succesfully generated "); + Logger.debug("STORK response: "); + + Logger.debug("authn response string: " + authnResponse.toString()); + + String statusCodeValue = authnResponse.getStatusCode(); + Logger.debug("authn status code value: " + statusCodeValue); + + try { + Logger.debug("authn saml:" + IOUtils.toString(authnResponse.getTokenSaml())); + + } catch (IOException e) { + e.printStackTrace(); + } + + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); + //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString())); + + context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml())); + Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString())); + + Logger.info("Putting assertion consumer url as action: " + ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + context.put("action", ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + StringWriter writer = new StringWriter(); + template.merge(context, writer); + + httpResp.getOutputStream().write(writer.toString().getBytes()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + } + + HttpSession httpSession = httpReq.getSession(); + httpSession.setAttribute("STORKSessionID", "12345"); + Logger.info("Status code: " + authnResponse.getStatusCode()); + + + return "12345"; // AssertionId } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 2e42a0d75..9564afa27 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -153,6 +153,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.error("spi " + authnRequest.getSpInstitution()); + STORK2Request.setSTORKAuthnRequest(authnRequest); return STORK2Request; } -- cgit v1.2.3 From 639017a14904323c0eb2cd5d8cccf65ad8f2a841 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 11 Feb 2014 10:33:48 +0100 Subject: sketched stork attribute provider framework --- .../id/protocols/stork2/AttributeCollector.java | 70 +++++++++++++++++++ .../moa/id/protocols/stork2/AttributeProvider.java | 32 +++++++++ .../id/protocols/stork2/AuthenticationRequest.java | 19 +++++- .../moa/id/protocols/stork2/DataContainer.java | 79 ++++++++++++++++++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 1 + .../stork2/UnsupportedAttributeException.java | 7 ++ 6 files changed, 205 insertions(+), 3 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java new file mode 100644 index 000000000..fbc959cc4 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -0,0 +1,70 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IRequest; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins. + * The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes. + * Furthermore, the class can handle direct posts. That is when the class triggers an attribute query which needs user + * interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes. + * + * TODO how do we treat mandatory and optional attributes? + * + */ +public class AttributeCollector implements IAction { + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) + */ + public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + // check if we have a STORKAttributeResponse in the request + // - no, how did we get here? + // yes, we got a recent requested attribute + // - find the attribute provider plugin that can handle the response + // - fetch the container + DataContainer container = new DataContainer(); + // - insert the embedded attribute(s) into the container + + // see if we need some more attributes + return processRequest(container); + } + + /** + * Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch, + * this very method creates and sends the protocol result to the asking S-PEPS. + * + * @param container the {@link DataContainer} representing the status of the overall query. + * @return the string + */ + public String processRequest(DataContainer container) { + // check if there are attributes we need to fetch + // for each attribute still missing + // - check if we can find a suitable AttributeProvider Plugin + // - hand over control to the suitable plugin + // - add the aquired attribute to the container + // build response + // done + return "12345"; // AssertionId + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + // this action does not need any authentication. The authentication is already done by the preceeding AuthenticationRequest-Action. + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName() + */ + public String getDefaultActionName() { + return STORKProtocol.ATTRIBUTE_COLLECTOR; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java new file mode 100644 index 000000000..2e4f2d8c5 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -0,0 +1,32 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import javax.activation.UnsupportedDataTypeException; +import javax.servlet.http.HttpServletRequest; + +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * An {@link AttributeProvider} can fetch a set of stork attributes. It might complete the query within one method call, + * but might also need to redirect to another webservice to accomplish its task. + */ +public interface AttributeProvider { + + /** + * Acquire the specified attribute. Returns {@code null} when attribute retrieval is in progress, but requires for + * for redirecting the user to an external service. Use {@link AttributeProvider#parse(HttpServletRequest)} to parse + * the response. + * + * @param attributeName the attribute name + * @return the personal attribute + * @throws UnsupportedDataTypeException when the provider cannot acquire the specified attribute + */ + public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException; + + /** + * Parses the response we got from the external attribute provider. + * + * @param httpReq the http req + * @return the personal attribute + */ + public PersonalAttribute parse(HttpServletRequest httpReq); +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 7e80273ca..1f6ffaa9a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -4,6 +4,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.logging.Logger; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; @@ -81,9 +82,21 @@ public class AuthenticationRequest implements IAction { //httpResp.setStatus(200); //VPEPSInboundPostHandler - - - return "12345"; // AssertionId + + // create fresh container + DataContainer container = new DataContainer(); + + // - fill in the request we extracted above + container.setRequest(request); + + // - fill in the partial response created above + container.setResponse(response); + + // - memorize the target url were we have to return the result + container.setTarget(target); + + // see if we need to fetch further attributes + return (new AttributeCollector()).processRequest(container); } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java new file mode 100644 index 000000000..40c827ef8 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java @@ -0,0 +1,79 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.io.Serializable; + +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; + +// TODO: Auto-generated Javadoc +/** + * Holds info about an ongoing but yet incomplete stork authnrequest process. + */ +public class DataContainer implements Serializable { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = -8765997480582363012L; + + /** The incoming request. */ + private STORKAuthnRequest request; + + /** The yet incomplete response. */ + private STORKAuthnResponse response; + + /** The target. */ + private String target; + + /** + * Gets the request. + * + * @return the request + */ + public STORKAuthnRequest getRequest() { + return request; + } + + /** + * Sets the request. + * + * @param request the new request + */ + public void setRequest(STORKAuthnRequest request) { + this.request = request; + } + + /** + * Gets the response. + * + * @return the response + */ + public STORKAuthnResponse getResponse() { + return response; + } + + /** + * Sets the response. + * + * @param response the new response + */ + public void setResponse(STORKAuthnResponse response) { + this.response = response; + } + + /** + * Gets the target. + * + * @return the target + */ + public String getTarget() { + return target; + } + + /** + * Sets the target. + * + * @param target the new target + */ + public void setTarget(String target) { + this.target = target; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 2e42a0d75..323d9ba8e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -36,6 +36,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public static final String PATH = "id_stork2"; public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; + public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; private static HashMap actions = new HashMap(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java new file mode 100644 index 000000000..9447c079f --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java @@ -0,0 +1,7 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +public class UnsupportedAttributeException extends Exception { + + private static final long serialVersionUID = -7720066381435378111L; + +} -- cgit v1.2.3 From 95ea36e8b84de119165ce8c14fc5c1e9facd797f Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 11 Feb 2014 11:01:32 +0100 Subject: added ap logic #1 --- .../id/protocols/stork2/AttributeCollector.java | 38 +++++++++++++++++++--- .../stork2/DemoNoRedirectAttributeProvider.java | 32 ++++++++++++++++++ 2 files changed, 66 insertions(+), 4 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index fbc959cc4..b93b31b49 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -1,12 +1,19 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.util.ArrayList; +import java.util.List; + import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; + /** * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins. * The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes. @@ -17,6 +24,14 @@ import javax.servlet.http.HttpServletResponse; * */ public class AttributeCollector implements IAction { + + private ArrayList attributeProviders; + + public AttributeCollector() { + // TODO generate from config + attributeProviders = new ArrayList(); + attributeProviders.add(new DemoNoRedirectAttributeProvider()); + } /* (non-Javadoc) @@ -44,10 +59,25 @@ public class AttributeCollector implements IAction { */ public String processRequest(DataContainer container) { // check if there are attributes we need to fetch - // for each attribute still missing - // - check if we can find a suitable AttributeProvider Plugin - // - hand over control to the suitable plugin - // - add the aquired attribute to the container + List missingAttributes = new ArrayList(); + try { + // for each attribute still missing + + for(String currentAttribute : missingAttributes) { + // - check if we can find a suitable AttributeProvider Plugin + for(AttributeProvider currentProvider : attributeProviders) { + // - hand over control to the suitable plugin + PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute); + + // - add the aquired attribute to the container + container.getResponse().getPersonalAttributeList().add(aquiredAttribute); + } + } + } catch(UnsupportedAttributeException e) { + // TODO + // memorize the container again + return "12345"; // TODO what to do here? + } // build response // done return "12345"; // AssertionId diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java new file mode 100644 index 000000000..23afc2544 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -0,0 +1,32 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.util.ArrayList; + +import javax.servlet.http.HttpServletRequest; + +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * Just a simple demoprovider who can fetch any attribute you ask him. + */ +public class DemoNoRedirectAttributeProvider implements AttributeProvider { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) + */ + @Override + public PersonalAttribute acquire(String attributeName) + throws UnsupportedAttributeException { + return new PersonalAttribute("sepp", true, new ArrayList(), ""); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) + */ + @Override + public PersonalAttribute parse(HttpServletRequest httpReq) { + // TODO Auto-generated method stub + return null; + } + +} -- cgit v1.2.3 From 366d0f285e0e1a2fa89e512d91f349488cbc82d9 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 11 Feb 2014 13:15:14 +0100 Subject: find missing attributes --- .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index b93b31b49..e74cf4e8b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -59,10 +59,15 @@ public class AttributeCollector implements IAction { */ public String processRequest(DataContainer container) { // check if there are attributes we need to fetch + IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); + IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); List missingAttributes = new ArrayList(); + for(PersonalAttribute current : requestAttributeList) + if(!responseAttributeList.containsKey(current)) + missingAttributes.add(current.getName()); + try { // for each attribute still missing - for(String currentAttribute : missingAttributes) { // - check if we can find a suitable AttributeProvider Plugin for(AttributeProvider currentProvider : attributeProviders) { -- cgit v1.2.3 From d8302a2f7f3aae63593cd55bf0d5d4a4f9e5f55a Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 12 Feb 2014 11:37:06 +0100 Subject: sketched redirecting ap plugin --- .../id/protocols/stork2/AttributeCollector.java | 46 +++++++++++++++++----- .../moa/id/protocols/stork2/AttributeProvider.java | 2 +- .../stork2/AttributeRequestOngoingException.java | 5 +++ .../stork2/DemoRedirectAttributeProvider.java | 31 +++++++++++++++ 4 files changed, 73 insertions(+), 11 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index e74cf4e8b..93204f2ab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -7,10 +7,14 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.logging.Logger; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; + import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -30,6 +34,7 @@ public class AttributeCollector implements IAction { public AttributeCollector() { // TODO generate from config attributeProviders = new ArrayList(); + attributeProviders.add(new DemoRedirectAttributeProvider()); attributeProviders.add(new DemoNoRedirectAttributeProvider()); } @@ -56,8 +61,9 @@ public class AttributeCollector implements IAction { * * @param container the {@link DataContainer} representing the status of the overall query. * @return the string + * @throws MOAIDException */ - public String processRequest(DataContainer container) { + public String processRequest(DataContainer container) throws MOAIDException { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -71,18 +77,38 @@ public class AttributeCollector implements IAction { for(String currentAttribute : missingAttributes) { // - check if we can find a suitable AttributeProvider Plugin for(AttributeProvider currentProvider : attributeProviders) { - // - hand over control to the suitable plugin - PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute); + try { + // - hand over control to the suitable plugin + PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute); + + // - add the aquired attribute to the container + container.getResponse().getPersonalAttributeList().add(aquiredAttribute); + } catch(UnsupportedAttributeException e) { + // ok, try the next attributeprovider + } - // - add the aquired attribute to the container - container.getResponse().getPersonalAttributeList().add(aquiredAttribute); } } - } catch(UnsupportedAttributeException e) { - // TODO - // memorize the container again - return "12345"; // TODO what to do here? - } + } catch (AttributeRequestOngoingException e) { + // the attribute request is ongoing and requires an external service. + try { + // memorize the container again + // - generate new key + String newArtifactId = new SecureRandomIdentifierGenerator() + .generateIdentifier(); + + // - put container in temporary store. + AssertionStorage.getInstance().put(newArtifactId, container); + + // TODO - add container-key to httpresponse + } catch (Exception e1) { + // TODO should we return the response as is to the PEPS? + Logger.error("Error putting incomplete Stork response into temporary storage", e); + throw new MOAIDException("stork.11", null); + } + + return "12345"; // TODO what to do here? + } // build response // done return "12345"; // AssertionId diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 2e4f2d8c5..fd35b0c71 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -20,7 +20,7 @@ public interface AttributeProvider { * @return the personal attribute * @throws UnsupportedDataTypeException when the provider cannot acquire the specified attribute */ - public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException; + public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, AttributeRequestOngoingException; /** * Parses the response we got from the external attribute provider. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java new file mode 100644 index 000000000..be5a53f34 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java @@ -0,0 +1,5 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +public class AttributeRequestOngoingException extends Exception { + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java new file mode 100644 index 000000000..f44fbed07 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -0,0 +1,31 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.util.ArrayList; + +import javax.servlet.http.HttpServletRequest; + +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * Just a simple demoprovider who can fetch any attribute you ask him. + */ +public class DemoRedirectAttributeProvider implements AttributeProvider { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) + */ + @Override + public PersonalAttribute acquire(String attributeName) + throws UnsupportedAttributeException, AttributeRequestOngoingException { + throw new AttributeRequestOngoingException(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) + */ + @Override + public PersonalAttribute parse(HttpServletRequest httpReq) { + return new PersonalAttribute("sepp", true, new ArrayList(), ""); + } + +} -- cgit v1.2.3 From a330b17e3ddc93181c8142b7c0ae871af528157f Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 17:47:53 +0100 Subject: added ap logic #2 --- .../moa/id/protocols/stork2/AttributeCollector.java | 6 ++++-- .../moa/id/protocols/stork2/AttributeProvider.java | 14 +++++++++++--- .../protocols/stork2/AttributeRequestOngoingException.java | 5 ----- .../protocols/stork2/DemoNoRedirectAttributeProvider.java | 5 +++++ .../id/protocols/stork2/DemoRedirectAttributeProvider.java | 13 +++++++++++-- .../stork2/ExternalAttributeRequestRequiredException.java | 14 ++++++++++++++ 6 files changed, 45 insertions(+), 12 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 93204f2ab..30f7d3df2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -89,7 +89,7 @@ public class AttributeCollector implements IAction { } } - } catch (AttributeRequestOngoingException e) { + } catch (ExternalAttributeRequestRequiredException e) { // the attribute request is ongoing and requires an external service. try { // memorize the container again @@ -100,7 +100,9 @@ public class AttributeCollector implements IAction { // - put container in temporary store. AssertionStorage.getInstance().put(newArtifactId, container); - // TODO - add container-key to httpresponse + // add container-key to redirect embedded within the return URL + // TODO find correct returnURL + e.getAp().performRedirect("returnURL"); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index fd35b0c71..2c024e822 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import javax.activation.UnsupportedDataTypeException; import javax.servlet.http.HttpServletRequest; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -18,10 +17,18 @@ public interface AttributeProvider { * * @param attributeName the attribute name * @return the personal attribute - * @throws UnsupportedDataTypeException when the provider cannot acquire the specified attribute + * @throws UnsupportedAttributeException the unsupported attribute exception + * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done */ - public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, AttributeRequestOngoingException; + public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException; + /** + * Perform redirect. + * + * @param url the return URL ending with ?artifactId=... + */ + public void performRedirect(String url); + /** * Parses the response we got from the external attribute provider. * @@ -29,4 +36,5 @@ public interface AttributeProvider { * @return the personal attribute */ public PersonalAttribute parse(HttpServletRequest httpReq); + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java deleted file mode 100644 index be5a53f34..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java +++ /dev/null @@ -1,5 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -public class AttributeRequestOngoingException extends Exception { - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 23afc2544..978fa635c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -29,4 +29,9 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { return null; } + @Override + public void performRedirect(String url) { + // we should not get here + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index f44fbed07..13b113711 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -16,8 +16,8 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { */ @Override public PersonalAttribute acquire(String attributeName) - throws UnsupportedAttributeException, AttributeRequestOngoingException { - throw new AttributeRequestOngoingException(); + throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { + throw new ExternalAttributeRequestRequiredException(this); } /* (non-Javadoc) @@ -28,4 +28,13 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { return new PersonalAttribute("sepp", true, new ArrayList(), ""); } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) + */ + @Override + public void performRedirect(String url) { + // TODO Auto-generated method stub + + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java new file mode 100644 index 000000000..29b09487b --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java @@ -0,0 +1,14 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +public class ExternalAttributeRequestRequiredException extends Exception { + private AttributeProvider ap; + + public ExternalAttributeRequestRequiredException(AttributeProvider provider) { + ap = provider; + } + + public AttributeProvider getAp() { + return ap; + } + +} -- cgit v1.2.3 From dcb3a469f10ef2d30d34c50983224db9d9fd85c6 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 17:55:17 +0100 Subject: refactor magic strings to constants --- .../moa/id/protocols/stork2/AttributeCollector.java | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 30f7d3df2..0025307dd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -29,8 +29,15 @@ import eu.stork.peps.auth.commons.PersonalAttribute; */ public class AttributeCollector implements IAction { + /** The Constant ARTIFACT_ID. */ + private static final String ARTIFACT_ID = "artifactId"; + private ArrayList attributeProviders; + /** The return url. */ + // TODO find correct return URL + private String returnUrl = "findCorrectReturnURL"; + public AttributeCollector() { // TODO generate from config attributeProviders = new ArrayList(); @@ -101,8 +108,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - // TODO find correct returnURL - e.getAp().performRedirect("returnURL"); + e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); @@ -120,7 +126,7 @@ public class AttributeCollector implements IAction { * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { - // this action does not need any authentication. The authentication is already done by the preceeding AuthenticationRequest-Action. + // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action. return false; } -- cgit v1.2.3 From f3149ae480fac3e12f9a98cba07d11e297cf39f0 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 18:01:30 +0100 Subject: fetch DataContainer from AssertionStore --- .../moa/id/protocols/stork2/AttributeCollector.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 0025307dd..b333fb4fe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -5,6 +5,7 @@ import java.util.List; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; @@ -55,7 +56,14 @@ public class AttributeCollector implements IAction { // yes, we got a recent requested attribute // - find the attribute provider plugin that can handle the response // - fetch the container - DataContainer container = new DataContainer(); + String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); + DataContainer container; + try { + container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); + throw new MOAIDException("stork.11", null); + } // - insert the embedded attribute(s) into the container // see if we need some more attributes -- cgit v1.2.3 From d3099d4ec685e68c25a9198760f8d1661678a85f Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 19:05:48 +0100 Subject: hand AP response to plugin and add result to assertion --- .../moa/id/protocols/stork2/AttributeCollector.java | 19 +++++++++++++++++++ .../moa/id/protocols/stork2/AttributeProvider.java | 3 ++- 2 files changed, 21 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index b333fb4fe..91b09795f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -55,6 +55,23 @@ public class AttributeCollector implements IAction { // - no, how did we get here? // yes, we got a recent requested attribute // - find the attribute provider plugin that can handle the response + PersonalAttribute newAttribute = null; + for (AttributeProvider current : attributeProviders) + try { + newAttribute = current.parse(httpReq); + } catch (UnsupportedAttributeException e1) { + // the current provider cannot find anything familiar within the + // provided httpreq. Try the next one. + } + + if (null == newAttribute) { + // we do not have a provider which is capable of fetching something + // from the received httpreq. + // TODO should we continue with the next attribute? + Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); + throw new MOAIDException("stork.11", null); + } + // - fetch the container String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); DataContainer container; @@ -64,7 +81,9 @@ public class AttributeCollector implements IAction { Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); throw new MOAIDException("stork.11", null); } + // - insert the embedded attribute(s) into the container + container.getResponse().getPersonalAttributeList().add(newAttribute); // see if we need some more attributes return processRequest(container); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 2c024e822..c554485ee 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -34,7 +34,8 @@ public interface AttributeProvider { * * @param httpReq the http req * @return the personal attribute + * @throws UnsupportedAttributeException if the provider cannot find anything familiar in the provided httpReq */ - public PersonalAttribute parse(HttpServletRequest httpReq); + public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException; } -- cgit v1.2.3 From de54a0683a626679df1c110253c8b5ff986ecb71 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 20:24:46 +0100 Subject: added http request and responses to attributeprovider methods --- .../egovernment/moa/id/protocols/stork2/AttributeCollector.java | 6 +++--- .../egovernment/moa/id/protocols/stork2/AttributeProvider.java | 9 +++++++-- .../moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java | 3 ++- .../moa/id/protocols/stork2/DemoRedirectAttributeProvider.java | 3 ++- 4 files changed, 14 insertions(+), 7 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 91b09795f..810b4ae7a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -86,7 +86,7 @@ public class AttributeCollector implements IAction { container.getResponse().getPersonalAttributeList().add(newAttribute); // see if we need some more attributes - return processRequest(container); + return processRequest(container, httpResp); } /** @@ -97,7 +97,7 @@ public class AttributeCollector implements IAction { * @return the string * @throws MOAIDException */ - public String processRequest(DataContainer container) throws MOAIDException { + public String processRequest(DataContainer container, HttpServletResponse response) throws MOAIDException { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -135,7 +135,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId); + e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, response); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index c554485ee..5ca3bd7e1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -1,6 +1,9 @@ package at.gv.egovernment.moa.id.protocols.stork2; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -26,8 +29,9 @@ public interface AttributeProvider { * Perform redirect. * * @param url the return URL ending with ?artifactId=... + * @param resp the response to the preceding request */ - public void performRedirect(String url); + public void performRedirect(String url, HttpServletResponse resp); /** * Parses the response we got from the external attribute provider. @@ -35,7 +39,8 @@ public interface AttributeProvider { * @param httpReq the http req * @return the personal attribute * @throws UnsupportedAttributeException if the provider cannot find anything familiar in the provided httpReq + * @throws MOAIDException if something went wrong */ - public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException; + public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 978fa635c..51663ed38 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -30,7 +31,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { } @Override - public void performRedirect(String url) { + public void performRedirect(String url, HttpServletResponse response) { // we should not get here } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index 13b113711..fad049763 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -32,7 +33,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ @Override - public void performRedirect(String url) { + public void performRedirect(String url, HttpServletResponse response) { // TODO Auto-generated method stub } -- cgit v1.2.3 From c51df468a54912264b0774396ab622f9fa092cf4 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 20:44:00 +0100 Subject: APprovider can return multiple attributes --- .../moa/id/protocols/stork2/AttributeCollector.java | 20 +++++++++++--------- .../moa/id/protocols/stork2/AttributeProvider.java | 11 +++++++---- .../stork2/DemoNoRedirectAttributeProvider.java | 10 +++++++--- .../stork2/DemoRedirectAttributeProvider.java | 10 +++++++--- 4 files changed, 32 insertions(+), 19 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 810b4ae7a..2e9072f0d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -55,16 +55,16 @@ public class AttributeCollector implements IAction { // - no, how did we get here? // yes, we got a recent requested attribute // - find the attribute provider plugin that can handle the response - PersonalAttribute newAttribute = null; + IPersonalAttributeList newAttributes = null; for (AttributeProvider current : attributeProviders) try { - newAttribute = current.parse(httpReq); + newAttributes = current.parse(httpReq); } catch (UnsupportedAttributeException e1) { // the current provider cannot find anything familiar within the // provided httpreq. Try the next one. } - if (null == newAttribute) { + if (null == newAttributes) { // we do not have a provider which is capable of fetching something // from the received httpreq. // TODO should we continue with the next attribute? @@ -83,7 +83,8 @@ public class AttributeCollector implements IAction { } // - insert the embedded attribute(s) into the container - container.getResponse().getPersonalAttributeList().add(newAttribute); + for(PersonalAttribute current : newAttributes) + container.getResponse().getPersonalAttributeList().add(current); // see if we need some more attributes return processRequest(container, httpResp); @@ -101,22 +102,23 @@ public class AttributeCollector implements IAction { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); - List missingAttributes = new ArrayList(); + List missingAttributes = new ArrayList(); for(PersonalAttribute current : requestAttributeList) if(!responseAttributeList.containsKey(current)) - missingAttributes.add(current.getName()); + missingAttributes.add(current); try { // for each attribute still missing - for(String currentAttribute : missingAttributes) { + for(PersonalAttribute currentAttribute : missingAttributes) { // - check if we can find a suitable AttributeProvider Plugin for(AttributeProvider currentProvider : attributeProviders) { try { // - hand over control to the suitable plugin - PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute); + IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute); // - add the aquired attribute to the container - container.getResponse().getPersonalAttributeList().add(aquiredAttribute); + for(PersonalAttribute current : aquiredAttributes) + container.getResponse().getPersonalAttributeList().add(current); } catch(UnsupportedAttributeException e) { // ok, try the next attributeprovider } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 5ca3bd7e1..e1f5620a8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -1,10 +1,13 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.util.List; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; /** @@ -18,12 +21,12 @@ public interface AttributeProvider { * for redirecting the user to an external service. Use {@link AttributeProvider#parse(HttpServletRequest)} to parse * the response. * - * @param attributeName the attribute name + * @param attributes the list of attributes to be acquired * @return the personal attribute * @throws UnsupportedAttributeException the unsupported attribute exception * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done */ - public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException; + public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException; /** * Perform redirect. @@ -37,10 +40,10 @@ public interface AttributeProvider { * Parses the response we got from the external attribute provider. * * @param httpReq the http req - * @return the personal attribute + * @return a list of attributes * @throws UnsupportedAttributeException if the provider cannot find anything familiar in the provided httpReq * @throws MOAIDException if something went wrong */ - public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException; + public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 51663ed38..a38cfed96 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -5,7 +5,9 @@ import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; /** * Just a simple demoprovider who can fetch any attribute you ask him. @@ -16,16 +18,18 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ @Override - public PersonalAttribute acquire(String attributeName) + public IPersonalAttributeList acquire(PersonalAttribute attributeName) throws UnsupportedAttributeException { - return new PersonalAttribute("sepp", true, new ArrayList(), ""); + PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); + requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); + return requestedAttributes; } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ @Override - public PersonalAttribute parse(HttpServletRequest httpReq) { + public IPersonalAttributeList parse(HttpServletRequest httpReq) { // TODO Auto-generated method stub return null; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index fad049763..a9e2cf358 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -5,7 +5,9 @@ import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; /** * Just a simple demoprovider who can fetch any attribute you ask him. @@ -16,7 +18,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ @Override - public PersonalAttribute acquire(String attributeName) + public IPersonalAttributeList acquire(PersonalAttribute attributeName) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { throw new ExternalAttributeRequestRequiredException(this); } @@ -25,8 +27,10 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ @Override - public PersonalAttribute parse(HttpServletRequest httpReq) { - return new PersonalAttribute("sepp", true, new ArrayList(), ""); + public IPersonalAttributeList parse(HttpServletRequest httpReq) { + PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); + requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); + return requestedAttributes; } /* (non-Javadoc) -- cgit v1.2.3 From f9889e63f9263c2d1fc24c9103025d16ee471a79 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 20:51:15 +0100 Subject: added Stork AttributeQuery APProvider --- .../id/protocols/stork2/AttributeCollector.java | 2 + .../stork2/StorkAttributeRequestProvider.java | 45 ++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 2e9072f0d..4eb874d8f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -37,11 +37,13 @@ public class AttributeCollector implements IAction { /** The return url. */ // TODO find correct return URL + // HTTPUtils.getBaseURL(req); private String returnUrl = "findCorrectReturnURL"; public AttributeCollector() { // TODO generate from config attributeProviders = new ArrayList(); + attributeProviders.add(new StorkAttributeRequestProvider()); attributeProviders.add(new DemoRedirectAttributeProvider()); attributeProviders.add(new DemoNoRedirectAttributeProvider()); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java new file mode 100644 index 000000000..1862bdbe9 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -0,0 +1,45 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; + +/** + * creates a STORK attribute request for a configurable set of attributes + */ +public class StorkAttributeRequestProvider implements AttributeProvider { + + private PersonalAttributeList requestedAttributes; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) + */ + @Override + public IPersonalAttributeList acquire(PersonalAttribute attribute) + throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { + requestedAttributes = new PersonalAttributeList(1); + requestedAttributes.add(attribute); + throw new ExternalAttributeRequestRequiredException(this); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) + */ + @Override + public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) + */ + @Override + public void performRedirect(String url, HttpServletResponse resp) { + + } + +} -- cgit v1.2.3 From 6ac37f0acfb232d64607d685c0ad7f11fe581df0 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 20:52:19 +0100 Subject: StorkAPprovider can parse a stork response --- .../stork2/StorkAttributeRequestProvider.java | 33 +++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 1862bdbe9..fbb430362 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -4,9 +4,14 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; /** * creates a STORK attribute request for a configurable set of attributes @@ -31,7 +36,33 @@ public class StorkAttributeRequestProvider implements AttributeProvider { */ @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException { - return null; + Logger.debug("Beginning to extract SAMLResponse out of HTTP Request"); + + //extract STORK Response from HTTP Request + //Decodes SAML Response + byte[] decSamlToken; + try { + decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); + } catch(NullPointerException e) { + Logger.error("Unable to retrieve STORK Response", e); + throw new MOAIDException("stork.04", null); + } + + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + + STORKAttrQueryResponse attrResponse = null; + try { + //validate SAML Token + Logger.debug("Starting validation of SAML response"); + attrResponse = engine.validateSTORKAttrQueryResponse(decSamlToken, (String) httpReq.getRemoteHost()); + Logger.info("SAML response succesfully verified!"); + }catch(STORKSAMLEngineException e){ + Logger.error("Failed to verify STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } + + return attrResponse.getPersonalAttributeList(); } /* (non-Javadoc) -- cgit v1.2.3 From ab303539da5d60a2e12c07b30b997c010155d0b6 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 20:56:37 +0100 Subject: parse reports unsupported data properly now --- .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index fbb430362..32b0bb334 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -35,7 +35,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ @Override - public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException { + public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { Logger.debug("Beginning to extract SAMLResponse out of HTTP Request"); //extract STORK Response from HTTP Request @@ -44,8 +44,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider { try { decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); } catch(NullPointerException e) { - Logger.error("Unable to retrieve STORK Response", e); - throw new MOAIDException("stork.04", null); + throw new UnsupportedAttributeException(); } //Get SAMLEngine instance -- cgit v1.2.3 From 6e4f150c26b55cb2a0771e4d6c9b65cbc760c0f2 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Fri, 14 Feb 2014 16:11:09 +0100 Subject: logging --- .../egovernment/moa/id/protocols/stork2/AuthenticationRequest.java | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 1971fe12d..1fa88e0a2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -156,11 +156,14 @@ public class AuthenticationRequest implements IAction { context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml())); Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString())); - Logger.info("Putting assertion consumer url as action: " + ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + Logger.debug("Putting assertion consumer url as action: " + ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); context.put("action", ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + Logger.debug("Starting template merge"); StringWriter writer = new StringWriter(); + Logger.debug("Doing template merge"); template.merge(context, writer); - + Logger.debug("Template merge done"); + Logger.debug("Sending html content: " + writer.toString().getBytes()); httpResp.getOutputStream().write(writer.toString().getBytes()); } catch (Exception e) { -- cgit v1.2.3 From efa960b616d81e762905b531814560616b98eab4 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 18 Feb 2014 16:26:11 +0100 Subject: saml point --- .../id/protocols/stork2/AuthenticationRequest.java | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 1fa88e0a2..55d5f3626 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -27,6 +27,7 @@ import java.util.HashMap; import eu.stork.peps.auth.engine.SAMLEngine; import sun.rmi.runtime.Log; + /** * @author bsuzic * Date: 12/3/13, Time: 2:08 PM @@ -142,6 +143,7 @@ public class AuthenticationRequest implements IAction { try { Logger.debug("authn saml:" + IOUtils.toString(authnResponse.getTokenSaml())); + Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); } catch (IOException e) { e.printStackTrace(); @@ -153,18 +155,28 @@ public class AuthenticationRequest implements IAction { VelocityContext context = new VelocityContext(); //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString())); - context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml())); - Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString())); + //context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml())); + + context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.encode(context.get("SAMLResponse").toString().getBytes())); Logger.debug("Putting assertion consumer url as action: " + ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); context.put("action", ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); Logger.debug("Starting template merge"); StringWriter writer = new StringWriter(); + //PrintWriter pwriter = new StringWriter(); + Logger.debug("Doing template merge"); template.merge(context, writer); Logger.debug("Template merge done"); - Logger.debug("Sending html content: " + writer.toString().getBytes()); - httpResp.getOutputStream().write(writer.toString().getBytes()); + + Logger.debug("Sending html content: " + writer.getBuffer().toString()); + Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); + + + + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); } catch (Exception e) { Logger.error("Velocity error: " + e.getMessage()); @@ -172,7 +184,7 @@ public class AuthenticationRequest implements IAction { HttpSession httpSession = httpReq.getSession(); httpSession.setAttribute("STORKSessionID", "12345"); - Logger.info("Status code: " + authnResponse.getStatusCode()); + Logger.info("Status code again: " + authnResponse.getStatusCode()); -- cgit v1.2.3 From ad0a0adca1ab94f42ed65d9ccf2c68e283a728aa Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 18 Feb 2014 18:13:19 +0100 Subject: saml point --- .../id/protocols/stork2/AuthenticationRequest.java | 26 +++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 55d5f3626..2debe7452 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -97,11 +97,30 @@ public class AuthenticationRequest implements IAction { authnResponse.setCountry("AT"); + IPersonalAttributeList attrLst = ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getPersonalAttributeList(); + Logger.info("Found number of authnreq personal attributes: " + attrLst.size()); + + try { + for (PersonalAttribute personalAttribute : attrLst) { + Logger.info("Personal authnreq attribute found: " + personalAttribute.getName() + " status: " + personalAttribute.getStatus() + " isrequired: " + personalAttribute.isRequired() + " type: " + personalAttribute.getType()); + + if (personalAttribute.getValue().size() > 0) { + for (String value : personalAttribute.getValue()) { + Logger.info(" Value found: " + value); + } + } + } + } catch (Exception e) { + Logger.error("Exception, attributes: " + e.getMessage()); + } + + try { + IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); + Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); - IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); - for (PersonalAttribute personalAttribute : moaAttrList) { + for (PersonalAttribute personalAttribute : moaAttrList) { Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); if (personalAttribute.getValue().size() > 0) { for (String value : personalAttribute.getValue()) { @@ -142,7 +161,8 @@ public class AuthenticationRequest implements IAction { Logger.debug("authn status code value: " + statusCodeValue); try { - Logger.debug("authn saml:" + IOUtils.toString(authnResponse.getTokenSaml())); + Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); + Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // radi Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); } catch (IOException e) { -- cgit v1.2.3 From 17eb279fb70ec2e1057db7b4377f34b6ad6c844b Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 19 Feb 2014 15:48:32 +0100 Subject: refactoring names --- .../id/protocols/stork2/AuthenticationRequest.java | 21 ++--- .../id/protocols/stork2/MOASTORKAuthnRequest.java | 71 ++++++++++++++ .../moa/id/protocols/stork2/STORKAuthnReq.java | 105 --------------------- .../id/protocols/stork2/STORKAuthnRequestDEL.java | 71 -------------- .../moa/id/protocols/stork2/STORKProtocol.java | 10 +- 5 files changed, 83 insertions(+), 195 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 2debe7452..0724b744f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -15,17 +15,12 @@ import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; -import org.opensaml.xml.util.Base64; -import org.opensaml.xml.util.XMLHelper; -import javax.servlet.ServletOutputStream; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.*; import java.util.ArrayList; -import java.util.HashMap; -import eu.stork.peps.auth.engine.SAMLEngine; -import sun.rmi.runtime.Log; /** @@ -51,10 +46,10 @@ public class AuthenticationRequest implements IAction { Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget()); httpResp.reset(); //httpResp.addHeader("Location", "http:/www.google.com"); - if (req instanceof STORKAuthnRequestDEL) { + if (req instanceof MOASTORKAuthnRequest) { /* - Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel()); - StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest()); + Logger.debug("STORK QAA 2 :" + ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getQAALevel()); + StartAuthResponse startAuthResponse = getStartAuthResponse(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); HttpSession httpSession = httpReq.getSession(); httpSession.setAttribute("STORKSessionID", "12345"); @@ -97,7 +92,7 @@ public class AuthenticationRequest implements IAction { authnResponse.setCountry("AT"); - IPersonalAttributeList attrLst = ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getPersonalAttributeList(); + IPersonalAttributeList attrLst = ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getPersonalAttributeList(); Logger.info("Found number of authnreq personal attributes: " + attrLst.size()); try { @@ -144,7 +139,7 @@ public class AuthenticationRequest implements IAction { //Get SAMLEngine instance STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); Logger.debug("Starting generation of SAML response"); - authnResponse = engine.generateSTORKAuthnResponse(((STORKAuthnRequestDEL)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false); + authnResponse = engine.generateSTORKAuthnResponse(((MOASTORKAuthnRequest)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false); //generateSAML Token Logger.info("SAML response succesfully generated!"); }catch(STORKSAMLEngineException e){ @@ -181,8 +176,8 @@ public class AuthenticationRequest implements IAction { Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.encode(context.get("SAMLResponse").toString().getBytes())); - Logger.debug("Putting assertion consumer url as action: " + ((STORKAuthnRequestDEL)req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); - context.put("action", ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + Logger.debug("Putting assertion consumer url as action: " + ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + context.put("action", ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); Logger.debug("Starting template merge"); StringWriter writer = new StringWriter(); //PrintWriter pwriter = new StringWriter(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java new file mode 100644 index 000000000..7c88e25d6 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java @@ -0,0 +1,71 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.moduls.IRequest; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import org.opensaml.common.xml.SAMLConstants; + +/** + * @author bsuzic + * Date: 12/4/13, Time: 6:31 PM + */ +//public class MOASTORKAuthnRequest extends STORKAuthnRequestImpl implements IRequest { + +public class MOASTORKAuthnRequest implements IRequest { + private String requestID; + private String target = null; + String module = null; + String action = null; + private STORKAuthnRequest storkAuthnRequest; + + public void setSTORKAuthnRequest(STORKAuthnRequest request) { + this.storkAuthnRequest = request; + } + + public STORKAuthnRequest getStorkAuthnRequest() { + return this.storkAuthnRequest; + } + + public String getOAURL() { + return "https://sp:8889/SP"; // + } + + public boolean isPassiv() { + return false; // + } + + public boolean forceAuth() { + return false; // + } + + public boolean isSSOSupported() { + return false; // + } + + public String requestedModule() { + return this.module; // + } + + public String requestedAction() { + return action; // + } + + public void setModule(String module) { + this.module = module; + } + + public void setAction(String action) { + this.action = action; + } + + public String getTarget() { + return this.target; // + } + + public void setRequestID(String id) { + this.requestID = id; + } + + public String getRequestID() { + return this.requestID; // + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java deleted file mode 100644 index 54072b6a3..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnReq.java +++ /dev/null @@ -1,105 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; -import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import org.opensaml.common.binding.BasicSAMLMessageContext; -import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; -import org.opensaml.ws.transport.http.HTTPInTransport; - - -/** - * @author bsuzic - * Date: 1/22/14, Time: 5:30 PM - */ -public class STORKAuthnReq implements IRequest { - private String requestID; - private String target = null; - String module = null; - String action = null; - private STORKAuthnRequest storkAuthnRequest; - - public void setSTORKAuthnRequest(STORKAuthnRequest request) { - this.storkAuthnRequest = request; - } - - public STORKAuthnRequest getStorkAuthnRequest() { - return this.storkAuthnRequest; - } - - public void createStorkReq(HTTPInTransport profileReq) { - Logger.debug("Generate stork request test..."); - storkAuthnRequest = new STORKAuthnRequest(); - - BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); - samlMessageContext.setInboundMessageTransport(profileReq); - - HTTPPostDecoder postDecoder = new HTTPPostDecoder(); - postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator - - try { - Logger.debug("Attempting to decode request..."); - postDecoder.decode(samlMessageContext); - } catch (Exception e) { - Logger.error("Error decoding STORKAuthnRequest", e); - } - - - - //storkAuthnRequest = (STORKAuthnRequest)samlMessageContext.getInboundSAMLMessage(); - //samlMessageContext.getinbound - //storkAuthnRequest.set - - - - } - - - - public String getOAURL() { - return "https://sp:8889/SP"; // - } - - public boolean isPassiv() { - return false; // - } - - public boolean forceAuth() { - return false; // - } - - public boolean isSSOSupported() { - return false; // - } - - public String requestedModule() { - return this.module; // - } - - public String requestedAction() { - return action; // - } - - public void setModule(String module) { - this.module = module; - } - - public void setAction(String action) { - this.action = action; - } - - public String getTarget() { - return this.target; // - } - - public void setRequestID(String id) { - this.requestID = id; - } - - public String getRequestID() { - return this.requestID; // - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java deleted file mode 100644 index c8a5ac84d..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKAuthnRequestDEL.java +++ /dev/null @@ -1,71 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.moduls.IRequest; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import org.opensaml.common.xml.SAMLConstants; - -/** - * @author bsuzic - * Date: 12/4/13, Time: 6:31 PM - */ -//public class STORKAuthnRequestDEL extends STORKAuthnRequestImpl implements IRequest { - -public class STORKAuthnRequestDEL implements IRequest { - private String requestID; - private String target = null; - String module = null; - String action = null; - private STORKAuthnRequest storkAuthnRequest; - - public void setSTORKAuthnRequest(STORKAuthnRequest request) { - this.storkAuthnRequest = request; - } - - public STORKAuthnRequest getStorkAuthnRequest() { - return this.storkAuthnRequest; - } - - public String getOAURL() { - return "https://sp:8889/SP"; // - } - - public boolean isPassiv() { - return false; // - } - - public boolean forceAuth() { - return false; // - } - - public boolean isSSOSupported() { - return false; // - } - - public String requestedModule() { - return this.module; // - } - - public String requestedAction() { - return action; // - } - - public void setModule(String module) { - this.module = module; - } - - public void setAction(String action) { - this.action = action; - } - - public String getTarget() { - return this.target; // - } - - public void setRequestID(String id) { - this.requestID = id; - } - - public String getRequestID() { - return this.requestID; // - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 9564afa27..5611c9269 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; @@ -9,7 +8,6 @@ import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -107,8 +105,8 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { /* STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage(); - //STORKAuthnRequestDEL STORK2Request = (STORKAuthnRequestDEL)samlMessageContext.getInboundSAMLMessage(); - STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL(); + //MOASTORKAuthnRequest STORK2Request = (MOASTORKAuthnRequest)samlMessageContext.getInboundSAMLMessage(); + MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest(); STORK2Request.setSTORKAuthnRequest(ST2Req); Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode()); @@ -116,10 +114,10 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString()); */ - STORKAuthnReq storkAuthnReq = new STORKAuthnReq(); + //STORKAuthnReq storkAuthnReq = new STORKAuthnReq(); - STORKAuthnRequestDEL STORK2Request = new STORKAuthnRequestDEL(); + MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest(); //extract STORK Response from HTTP Request -- cgit v1.2.3 From 7db3b698532a4f10f66ee388571fac102e8bcf11 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 19 Feb 2014 16:11:19 +0100 Subject: remove old code --- .../id/protocols/stork2/AuthenticationRequest.java | 50 ---------------------- .../id/protocols/stork2/MOASTORKAuthnRequest.java | 1 - .../moa/id/protocols/stork2/STORKProtocol.java | 5 +++ 3 files changed, 5 insertions(+), 51 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 0724b744f..52db1c240 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -212,57 +212,7 @@ public class AuthenticationRequest implements IAction { } - /* - - public StartAuthResponse getStartAuthResponse(STORKAuthnRequest authnRequest) { - - StartAuthResponse authResponse = new StartAuthResponse(500, null, new HashMap()); - - if (authnRequest.getSPID() != null) { - Logger.debug("SP id: " + authnRequest.getSPID()); - } else { - SpInstitution spInstitution = (SpInstitution)authnRequest.getExtensions().getUnknownXMLObjects(SpInstitution.DEFAULT_ELEMENT_NAME).get(0); - Logger.debug("SP institution: " + spInstitution.getValue()); - } - - Logger.debug("SPEPS issuer: " + authnRequest.getIssuer().getValue()); - Logger.debug("SPEPS Consumer URL: " + authnRequest.getAssertionConsumerServiceURL()); - - - - try { - - initVelocityEngine(); - VelocityContext velocityContext = new VelocityContext(); - - velocityContext.put("action", authnRequest.getDestination()); - if (authnRequest.getDOM() == null) { - SAMLUtil.marshallMessage(authnRequest); - } - - String messageXML = XMLHelper.nodeToString(authnRequest.getDOM()); - String encodedMessage = Base64.encodeBytes(messageXML.getBytes("UTF-8"), Base64.DONT_BREAK_LINES); - velocityContext.put("SAMLRequest", encodedMessage); - ByteArrayOutputStream outStream = new ByteArrayOutputStream(); - - Writer out = new OutputStreamWriter(outStream, "UTF-8"); - velocityEngine.mergeTemplate("/templates/saml2-post-binding.vm", "UTF-8", velocityContext, out); - out.flush(); - authResponse.setContent(outStream.toByteArray()); - - authResponse.addHeader("Content-Type", "text/html; charset=utf-8"); - authResponse.addHeader("Cache-Control", "no-cache"); - authResponse.setHttpStatusCode(200); - - } catch (Exception e) { - Logger.error("ERROR"); - } - - - return authResponse; - } - */ public String getDefaultActionName() { return STORKProtocol.AUTHENTICATIONREQUEST; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java index 7c88e25d6..c9fb136c9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java @@ -8,7 +8,6 @@ import org.opensaml.common.xml.SAMLConstants; * @author bsuzic * Date: 12/4/13, Time: 6:31 PM */ -//public class MOASTORKAuthnRequest extends STORKAuthnRequestImpl implements IRequest { public class MOASTORKAuthnRequest implements IRequest { private String requestID; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 5611c9269..33d2040eb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -167,6 +167,11 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { return false; } + + public void checkPersonalAttributes() { + + + } } -- cgit v1.2.3 From 51e9d604381d6be35bbe2dd0df9cb75af3152d96 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 19 Feb 2014 19:38:00 +0100 Subject: attrs --- .../id/protocols/stork2/AuthenticationRequest.java | 82 ++++++++++++++++------ .../id/protocols/stork2/MOAAttributeProvider.java | 69 ++++++++++++++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 1 + 3 files changed, 129 insertions(+), 23 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 52db1c240..a537a7708 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -36,9 +36,15 @@ public class AuthenticationRequest implements IAction { private VelocityEngine velocityEngine; + private AuthenticationSession moaSession; + private MOASTORKAuthnRequest moaStorkAuthnRequest; public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + + this.moaSession = moasession; + this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req; + Logger.debug("Starting AuthenticationRequest"); //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); Logger.debug("Http Response: " + httpResp.toString() + ", "); @@ -85,29 +91,12 @@ public class AuthenticationRequest implements IAction { //httpResp.setStatus(200); //VPEPSInboundPostHandler - // - prepare attribute list - PersonalAttributeList attributeList = new PersonalAttributeList(); STORKAuthnResponse authnResponse = new STORKAuthnResponse(); authnResponse.setCountry("AT"); - IPersonalAttributeList attrLst = ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getPersonalAttributeList(); - Logger.info("Found number of authnreq personal attributes: " + attrLst.size()); - - try { - for (PersonalAttribute personalAttribute : attrLst) { - Logger.info("Personal authnreq attribute found: " + personalAttribute.getName() + " status: " + personalAttribute.getStatus() + " isrequired: " + personalAttribute.isRequired() + " type: " + personalAttribute.getType()); - if (personalAttribute.getValue().size() > 0) { - for (String value : personalAttribute.getValue()) { - Logger.info(" Value found: " + value); - } - } - } - } catch (Exception e) { - Logger.error("Exception, attributes: " + e.getMessage()); - } try { @@ -128,12 +117,7 @@ public class AuthenticationRequest implements IAction { Logger.error("Exception, attributes: " + e.getMessage()); } - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName("eIdentifier"); - newAttribute.setValue(new ArrayList(Collections.singletonList("xxxxxxxxxxxxxxx"))); - attributeList.add(newAttribute); - authnResponse.setPersonalAttributeList(attributeList); - + authnResponse.setPersonalAttributeList(populateAttributes()); try { //Get SAMLEngine instance @@ -212,7 +196,59 @@ public class AuthenticationRequest implements IAction { } + public PersonalAttributeList populateAttributes() { + IPersonalAttributeList attrLst = moaStorkAuthnRequest.getStorkAuthnRequest().getPersonalAttributeList(); + Logger.info("Found " + attrLst.size() + " personal attributes in the request." ); + + // Define attribute list to be populated + PersonalAttributeList attributeList = new PersonalAttributeList(); + MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink()); + + try { + for (PersonalAttribute personalAttribute : attrLst) { + Logger.debug("Personal attribute found: " + personalAttribute.getName() + " status: " + personalAttribute.getStatus() + " isrequired: " + personalAttribute.isRequired() + " type: " + personalAttribute.getType()); + + if ("givenName".equals(personalAttribute.getName())) { + Logger.debug("Providing new attribute: " + personalAttribute.getName()); + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("givenName"); + newAttribute.setValue(new ArrayList(Collections.singletonList(moaSession.getIdentityLink().getGivenName()))); + attributeList.add(newAttribute); + } + + if (personalAttribute.getValue().size() > 0) { + for (String value : personalAttribute.getValue()) { + Logger.info(" Value found: " + value); + } + } + } + } catch (Exception e) { + Logger.error("Exception, attributes: " + e.getMessage()); + } + + + Logger.debug("AUTHBLOCK " + moaSession.getAuthBlock()); + Logger.debug("TARGET " + moaSession.getTarget() + " " + moaSession.getTargetFriendlyName()); + + + Logger.debug("SESSION IDENTIFIER " + moaSession.getCcc() + " " + moaSession.getDomainIdentifier()); + + + Logger.debug("AUTHBLOCKTOKKEN" + moaSession.getAuthBlockTokken()); + + // moaAttributeProvider.populateAttribute(attributeList, personalAttribute.getName()); + + moaAttributeProvider.populateAttribute(attributeList, "givenName"); + + moaAttributeProvider.populateAttribute(attributeList, "surname"); + + moaAttributeProvider.populateAttribute(attributeList, "xxname"); + + moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth"); + + return attributeList; + } public String getDefaultActionName() { return STORKProtocol.AUTHENTICATIONREQUEST; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java new file mode 100644 index 000000000..33c1ffcd2 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -0,0 +1,69 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; + +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; + +/** + * @author bsuzic + * Date: 2/19/14, Time: 4:42 PM + */ +public class MOAAttributeProvider { + private final IdentityLink identityLink; + private static final Map storkAttributeMapping; + + static { + Map tempMap = new HashMap(); + tempMap.put("givenName", "getGivenName"); + tempMap.put("surname", "getFamilyName"); + tempMap.put("dateOfBirth", "getDateOfBirth"); + storkAttributeMapping = Collections.unmodifiableMap(tempMap); + } + + + public MOAAttributeProvider(IdentityLink identityLink) { + this.identityLink = identityLink; + Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue()); + } + + public void populateAttribute(PersonalAttributeList attributeList, String storkAttribute) { + + if (storkAttributeMapping.containsKey(storkAttribute)) { + Method method = null; + Logger.debug("Trying to get value for attribute: " + storkAttribute); + + try { + method = identityLink.getClass().getDeclaredMethod(storkAttributeMapping.get(storkAttribute)); + String attributeValue = method.invoke(identityLink, new Class[]{}).toString(); + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName(storkAttribute); + Logger.debug("Got attribute value: " + attributeValue); + newAttribute.setValue(new ArrayList(edu.emory.mathcs.backport.java.util.Collections.singletonList(attributeValue))); + attributeList.add(newAttribute); + } catch (NoSuchMethodException e) { + Logger.error("Could not found MOA extraction method while getting attribute: " + storkAttribute); + e.printStackTrace(); + } catch (InvocationTargetException e) { + Logger.error("Invocation target expcetiion while getting attribute: " + storkAttribute); + e.printStackTrace(); + } catch (IllegalAccessException e) { + Logger.error("Illegal access exception while getting attribute: " + storkAttribute); + e.printStackTrace(); + } + + } else { + Logger.debug("MOA method for extraction of attribute " + storkAttribute + " not defined."); + } + + } + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 33d2040eb..3d7852c4b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -153,6 +153,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { STORK2Request.setSTORKAuthnRequest(authnRequest); + return STORK2Request; } -- cgit v1.2.3 From 4e840ada79ad862494115374406b1ecb0b4a55ef Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 20 Feb 2014 16:58:47 +0100 Subject: attribute changes --- .../id/protocols/stork2/AuthenticationRequest.java | 33 +++++----- .../id/protocols/stork2/MOAAttributeProvider.java | 74 ++++++++++++++-------- 2 files changed, 64 insertions(+), 43 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index a537a7708..446d942ab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -207,21 +207,18 @@ public class AuthenticationRequest implements IAction { try { for (PersonalAttribute personalAttribute : attrLst) { - Logger.debug("Personal attribute found: " + personalAttribute.getName() + " status: " + personalAttribute.getStatus() + " isrequired: " + personalAttribute.isRequired() + " type: " + personalAttribute.getType()); - - if ("givenName".equals(personalAttribute.getName())) { - Logger.debug("Providing new attribute: " + personalAttribute.getName()); - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName("givenName"); - newAttribute.setValue(new ArrayList(Collections.singletonList(moaSession.getIdentityLink().getGivenName()))); - attributeList.add(newAttribute); - } + Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired()); + + moaAttributeProvider.populateAttribute(attributeList, personalAttribute); + + // if ("givenName".equals(personalAttribute.getName())) { + // Logger.debug("Providing new attribute: " + personalAttribute.getName()); + // PersonalAttribute newAttribute = new PersonalAttribute(); + // newAttribute.setName("givenName"); + // newAttribute.setValue(new ArrayList(Collections.singletonList(moaSession.getIdentityLink().getGivenName()))); + // attributeList.add(newAttribute); + // } - if (personalAttribute.getValue().size() > 0) { - for (String value : personalAttribute.getValue()) { - Logger.info(" Value found: " + value); - } - } } } catch (Exception e) { Logger.error("Exception, attributes: " + e.getMessage()); @@ -239,13 +236,13 @@ public class AuthenticationRequest implements IAction { // moaAttributeProvider.populateAttribute(attributeList, personalAttribute.getName()); - moaAttributeProvider.populateAttribute(attributeList, "givenName"); + // moaAttributeProvider.populateAttribute(attributeList, "givenName"); - moaAttributeProvider.populateAttribute(attributeList, "surname"); + // moaAttributeProvider.populateAttribute(attributeList, "surname"); - moaAttributeProvider.populateAttribute(attributeList, "xxname"); + // moaAttributeProvider.populateAttribute(attributeList, "xxname"); - moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth"); + // moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth"); return attributeList; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 33c1ffcd2..cde902e4d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -18,52 +18,76 @@ import java.util.Map; */ public class MOAAttributeProvider { private final IdentityLink identityLink; - private static final Map storkAttributeMapping; + private static final Map storkAttributeSimpleMapping; + private static final Map storkAttributeFunctionMapping; static { - Map tempMap = new HashMap(); - tempMap.put("givenName", "getGivenName"); - tempMap.put("surname", "getFamilyName"); - tempMap.put("dateOfBirth", "getDateOfBirth"); - storkAttributeMapping = Collections.unmodifiableMap(tempMap); + Map tempSimpleMap = new HashMap(); + tempSimpleMap.put("givenName", "getGivenName"); + tempSimpleMap.put("surname", "getFamilyName"); + tempSimpleMap.put("dateOfBirth", "getDateOfBirth"); + storkAttributeSimpleMapping = Collections.unmodifiableMap(tempSimpleMap); + Map tempFunctionMap = new HashMap(); + tempFunctionMap.put("eIdentifier", "geteIdentifier"); + storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); } - public MOAAttributeProvider(IdentityLink identityLink) { this.identityLink = identityLink; Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue()); } - public void populateAttribute(PersonalAttributeList attributeList, String storkAttribute) { - - if (storkAttributeMapping.containsKey(storkAttribute)) { - Method method = null; - Logger.debug("Trying to get value for attribute: " + storkAttribute); + public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) { + String storkAttribute = requestedAttribute.getName(); + if (storkAttributeSimpleMapping.containsKey(storkAttribute)) { + Logger.debug("Trying to get value for attribute using simple mapping [" + storkAttribute + "]"); try { - method = identityLink.getClass().getDeclaredMethod(storkAttributeMapping.get(storkAttribute)); - String attributeValue = method.invoke(identityLink, new Class[]{}).toString(); - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName(storkAttribute); - Logger.debug("Got attribute value: " + attributeValue); - newAttribute.setValue(new ArrayList(edu.emory.mathcs.backport.java.util.Collections.singletonList(attributeValue))); - attributeList.add(newAttribute); + Method method = identityLink.getClass().getDeclaredMethod(storkAttributeSimpleMapping.get(storkAttribute)); + populateAttributeWithMethod(method, identityLink, attributeList, storkAttribute, requestedAttribute.isRequired()); } catch (NoSuchMethodException e) { Logger.error("Could not found MOA extraction method while getting attribute: " + storkAttribute); e.printStackTrace(); - } catch (InvocationTargetException e) { - Logger.error("Invocation target expcetiion while getting attribute: " + storkAttribute); - e.printStackTrace(); - } catch (IllegalAccessException e) { - Logger.error("Illegal access exception while getting attribute: " + storkAttribute); - e.printStackTrace(); } + } else if (storkAttributeFunctionMapping.containsKey(storkAttribute)) { + + Logger.debug("Trying to get value for attribute using function mapping [" + storkAttribute + "]"); + try { + Method method = this.getClass().getDeclaredMethod(storkAttributeFunctionMapping.get(storkAttribute)); + populateAttributeWithMethod(method, this, attributeList, storkAttribute, requestedAttribute.isRequired()); + } catch (NoSuchMethodException e) { + Logger.error("Could not found MOA extraction method while getting attribute: " + storkAttribute); + e.printStackTrace(); + } } else { Logger.debug("MOA method for extraction of attribute " + storkAttribute + " not defined."); } + } + private String geteIdentifier() { + return "askdlaskdlaskdsds"; + } + + private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) { + try { + String attributeValue = method.invoke(object, new Class[]{}).toString(); + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName(storkAttribute); + newAttribute.setStatus("Available"); + newAttribute.setIsRequired(isRequired); + Logger.debug("Got attribute value: " + attributeValue); + newAttribute.setValue(new ArrayList(edu.emory.mathcs.backport.java.util.Collections.singletonList(attributeValue))); + attributeList.add(newAttribute); + } catch (InvocationTargetException e) { + Logger.error("Invocation target exception while getting attribute: " + storkAttribute); + e.printStackTrace(); + } catch (IllegalAccessException e) { + Logger.error("Illegal access exception while getting attribute: " + storkAttribute); + e.printStackTrace(); + } } } + -- cgit v1.2.3 From 69475d1ca29ac530df84153635119adf908cbb53 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 20 Feb 2014 18:07:42 +0100 Subject: handling errors when configuration entries are non existent --- .../at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java | 1 + 1 file changed, 1 insertion(+) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java index c9fb136c9..cee64e16e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java @@ -25,6 +25,7 @@ public class MOASTORKAuthnRequest implements IRequest { } public String getOAURL() { + return "https://sp:8889/SP"; // } -- cgit v1.2.3 From 0e19ab212b9c652401937ba3a2a4b415c010eeb4 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 20 Feb 2014 11:23:42 +0100 Subject: StorkAPProvider can issue an attribute query draft --- .../id/protocols/stork2/AttributeCollector.java | 6 +- .../moa/id/protocols/stork2/AttributeProvider.java | 6 +- .../stork2/StorkAttributeRequestProvider.java | 71 +++++++++++++++++++++- 3 files changed, 76 insertions(+), 7 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 4eb874d8f..8ccaa35de 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -89,7 +89,7 @@ public class AttributeCollector implements IAction { container.getResponse().getPersonalAttributeList().add(current); // see if we need some more attributes - return processRequest(container, httpResp); + return processRequest(container, httpReq, httpResp); } /** @@ -100,7 +100,7 @@ public class AttributeCollector implements IAction { * @return the string * @throws MOAIDException */ - public String processRequest(DataContainer container, HttpServletResponse response) throws MOAIDException { + public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response) throws MOAIDException { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -139,7 +139,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, response); + e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index e1f5620a8..117a1f6b4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -1,7 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import java.util.List; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -32,9 +30,11 @@ public interface AttributeProvider { * Perform redirect. * * @param url the return URL ending with ?artifactId=... + * @param citizenCountyCode the citizen county code + * @param req the request we got from the S-PEPS and for which we have to ask our APs * @param resp the response to the preceding request */ - public void performRedirect(String url, HttpServletResponse resp); + public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp); /** * Parses the response we got from the external attribute provider. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 32b0bb334..90b1a0180 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -1,15 +1,31 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.io.StringWriter; +import java.util.ArrayList; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; + import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; +import at.gv.egovernment.moa.id.config.OAParameter; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.StringUtils; + import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; @@ -19,6 +35,9 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException; public class StorkAttributeRequestProvider implements AttributeProvider { private PersonalAttributeList requestedAttributes; + + /** The destination. */ + private String destination; /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) @@ -68,8 +87,58 @@ public class StorkAttributeRequestProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ @Override - public void performRedirect(String url, HttpServletResponse resp) { + public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp) { + OAAuthParameter oaParam; + + String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget(); + String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); + String spApplication = spInstitution; + String spCountry = "AT"; + + //generate AuthnRquest + STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest(); + attributeRequest.setDestination(destination); + attributeRequest.setAssertionConsumerServiceURL(url); + attributeRequest.setIssuer(HTTPUtils.getBaseURL(req)); + attributeRequest.setQaa(oaParam.getQaaLevel()); + attributeRequest.setSpInstitution(spInstitution); + attributeRequest.setCountry(spCountry); + attributeRequest.setSpApplication(spApplication); + attributeRequest.setSpSector(spSector); + attributeRequest.setPersonalAttributeList(requestedAttributes); + + attributeRequest.setCitizenCountryCode(citizenCountryCode); + + + Logger.debug("STORK AttrRequest succesfully assembled."); + STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP"); + try { + attributeRequest = samlEngine.generateSTORKAttrQueryRequest(attributeRequest); + } catch (STORKSAMLEngineException e) { + Logger.error("Could not sign STORK SAML AttrRequest.", e); + throw new MOAIDException("stork.00", null); + } + + Logger.info("STORK AttrRequest successfully signed!"); + + try { + Logger.trace("Initialize VelocityEngine..."); + + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); + VelocityContext context = new VelocityContext(); + context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(attributeRequest.getTokenSaml())); + context.put("action", destination); + + StringWriter writer = new StringWriter(); + template.merge(context, writer); + + resp.getOutputStream().write(writer.toString().getBytes()); + } catch (Exception e) { + Logger.error("Error sending STORK SAML AttrRequest.", e); + throw new MOAIDException("stork.11", null); + } } } -- cgit v1.2.3 From 3f388c8862a4543d8c7f791e5ff47090d533aa0c Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 20 Feb 2014 14:55:17 +0100 Subject: added attribute collector action to protocol and urlrewrite --- .../java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java | 1 + 1 file changed, 1 insertion(+) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 323d9ba8e..318a8fc9c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -43,6 +43,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { static { actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); + actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector()); instance = new STORKProtocol(); } -- cgit v1.2.3 From 4c2406224be2df8b09050178630cdcff979c5ebf Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 24 Feb 2014 11:42:44 +0100 Subject: introduced attributeproviderfactory --- .../id/protocols/stork2/AttributeCollector.java | 33 ++++++------- .../protocols/stork2/AttributeProviderFactory.java | 57 ++++++++++++++++++++++ .../stork2/DemoNoRedirectAttributeProvider.java | 6 ++- .../stork2/DemoRedirectAttributeProvider.java | 9 ++-- .../stork2/StorkAttributeRequestProvider.java | 9 ++++ 5 files changed, 90 insertions(+), 24 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 8ccaa35de..32a8cb9c5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -4,8 +4,11 @@ import java.util.ArrayList; import java.util.List; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; @@ -33,32 +36,24 @@ public class AttributeCollector implements IAction { /** The Constant ARTIFACT_ID. */ private static final String ARTIFACT_ID = "artifactId"; - private ArrayList attributeProviders; - /** The return url. */ // TODO find correct return URL // HTTPUtils.getBaseURL(req); private String returnUrl = "findCorrectReturnURL"; - public AttributeCollector() { - // TODO generate from config - attributeProviders = new ArrayList(); - attributeProviders.add(new StorkAttributeRequestProvider()); - attributeProviders.add(new DemoRedirectAttributeProvider()); - attributeProviders.add(new DemoNoRedirectAttributeProvider()); - } - - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { - // check if we have a STORKAttributeResponse in the request - // - no, how did we get here? - // yes, we got a recent requested attribute - // - find the attribute provider plugin that can handle the response + + // read configuration parameters of OA + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); + + // find the attribute provider plugin that can handle the response IPersonalAttributeList newAttributes = null; - for (AttributeProvider current : attributeProviders) + for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) try { newAttributes = current.parse(httpReq); } catch (UnsupportedAttributeException e1) { @@ -89,7 +84,7 @@ public class AttributeCollector implements IAction { container.getResponse().getPersonalAttributeList().add(current); // see if we need some more attributes - return processRequest(container, httpReq, httpResp); + return processRequest(container, httpReq, httpResp, oaParam); } /** @@ -100,7 +95,7 @@ public class AttributeCollector implements IAction { * @return the string * @throws MOAIDException */ - public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response) throws MOAIDException { + public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -113,7 +108,7 @@ public class AttributeCollector implements IAction { // for each attribute still missing for(PersonalAttribute currentAttribute : missingAttributes) { // - check if we can find a suitable AttributeProvider Plugin - for(AttributeProvider currentProvider : attributeProviders) { + for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { try { // - hand over control to the suitable plugin IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java new file mode 100644 index 000000000..98d354e8a --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -0,0 +1,57 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.util.ArrayList; +import java.util.List; + +import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; + +/** + * A factory for creating AttributeProvider objects. + */ +public class AttributeProviderFactory { + + /** + * Gets the available plugins. + * + * @return the available plugins + */ + public static List getAvailablePlugins() { + List result = new ArrayList(); + result.add("StorkAttributeRequestProvider"); + + return result; + } + + /** + * Creates an AttributeProvider object for the given shortname. Returns + * {@code null} if there is no such provider available. + * + * @param shortname + * the simpleName for the providers class + * @return the attribute provider + */ + public static AttributeProvider create(String shortname, String url) { + switch (shortname) { + case "StorkAttributeRequestProvider": + return new StorkAttributeRequestProvider(url); + default: + return null; + } + } + + /** + * Gets fresh instances of the configured plugins. + * + * @param configuredAPs the configured a ps + * @return the configured plugins + */ + public static List getConfiguredPlugins( + List configuredAPs) { + + List result = new ArrayList(); + for(AttributeProviderPlugin current : configuredAPs) + result.add(create(current.getName(), current.getUrl())); + + return result; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index a38cfed96..52ff0a85a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -34,8 +34,12 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { return null; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ @Override - public void performRedirect(String url, HttpServletResponse response) { + public void performRedirect(String url, String citizenCountyCode, + HttpServletRequest req, HttpServletResponse resp) { // we should not get here } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index a9e2cf358..6dc0a30cc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -34,12 +34,13 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ @Override - public void performRedirect(String url, HttpServletResponse response) { - // TODO Auto-generated method stub - + public void performRedirect(String url, String citizenCountyCode, + HttpServletRequest req, HttpServletResponse resp) { + // we should not get here + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 90b1a0180..dd34d0d42 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -38,6 +38,15 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /** The destination. */ private String destination; + + /** + * Instantiates a new stork attribute request provider. + * + * @param apUrl the AP location + */ + public StorkAttributeRequestProvider(String apUrl) { + destination = apUrl; + } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) -- cgit v1.2.3 From e352ed4ac809c333ebbba3421f8cb1857850535b Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 24 Feb 2014 19:18:30 +0100 Subject: correcting certstore directory configyration --- .../at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java | 1 + 1 file changed, 1 insertion(+) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index cde902e4d..414e383fa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -74,6 +74,7 @@ public class MOAAttributeProvider { String attributeValue = method.invoke(object, new Class[]{}).toString(); PersonalAttribute newAttribute = new PersonalAttribute(); newAttribute.setName(storkAttribute); + newAttribute.setStatus("Available"); newAttribute.setIsRequired(isRequired); Logger.debug("Got attribute value: " + attributeValue); -- cgit v1.2.3 From a48a02cf22ae3c021fd81d0d8050018bb535218e Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 24 Feb 2014 15:58:43 +0100 Subject: oaparams available in applugins --- .../moa/id/protocols/stork2/AttributeCollector.java | 2 +- .../egovernment/moa/id/protocols/stork2/AttributeProvider.java | 5 ++++- .../id/protocols/stork2/DemoNoRedirectAttributeProvider.java | 4 +++- .../moa/id/protocols/stork2/DemoRedirectAttributeProvider.java | 4 +++- .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 10 ++-------- 5 files changed, 13 insertions(+), 12 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 32a8cb9c5..c1a61904d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -134,7 +134,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response); + e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 117a1f6b4..adf57d77b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -4,6 +4,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -33,8 +34,10 @@ public interface AttributeProvider { * @param citizenCountyCode the citizen county code * @param req the request we got from the S-PEPS and for which we have to ask our APs * @param resp the response to the preceding request + * @param oaParam the oa param + * @throws MOAIDException */ - public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp); + public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException; /** * Parses the response we got from the external attribute provider. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 52ff0a85a..e6f340c77 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -5,6 +5,8 @@ import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; + import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; @@ -39,7 +41,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { */ @Override public void performRedirect(String url, String citizenCountyCode, - HttpServletRequest req, HttpServletResponse resp) { + HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index 6dc0a30cc..5d4336149 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -5,6 +5,8 @@ import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; + import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; @@ -38,7 +40,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { */ @Override public void performRedirect(String url, String citizenCountyCode, - HttpServletRequest req, HttpServletResponse resp) { + HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index dd34d0d42..3c689cac9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -1,8 +1,6 @@ package at.gv.egovernment.moa.id.protocols.stork2; import java.io.StringWriter; -import java.util.ArrayList; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -12,7 +10,6 @@ import org.apache.velocity.app.VelocityEngine; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; -import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; @@ -24,8 +21,6 @@ import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; @@ -96,10 +91,9 @@ public class StorkAttributeRequestProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ @Override - public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp) { - OAAuthParameter oaParam; + public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget(); + String spSector = "Business"; String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); String spApplication = spInstitution; String spCountry = "AT"; -- cgit v1.2.3 From 3640475187ba8f2bfd4b72b2e6b7fa105432f889 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 25 Feb 2014 09:20:42 +0100 Subject: reentry url is set --- .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index c1a61904d..937f6da74 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -36,11 +36,6 @@ public class AttributeCollector implements IAction { /** The Constant ARTIFACT_ID. */ private static final String ARTIFACT_ID = "artifactId"; - /** The return url. */ - // TODO find correct return URL - // HTTPUtils.getBaseURL(req); - private String returnUrl = "findCorrectReturnURL"; - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) */ @@ -134,7 +129,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); + e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); -- cgit v1.2.3 From 26404cedff0e60969c98d7a7cab30f8e7eda9ea6 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 25 Feb 2014 16:55:24 +0100 Subject: attr nothing --- .../id/protocols/stork2/AttributeCollector.java | 38 +++++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 937f6da74..08244ab38 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -123,7 +123,43 @@ public class AttributeCollector implements IAction { // memorize the container again // - generate new key String newArtifactId = new SecureRandomIdentifierGenerator() - .generateIdentifier(); + .generateIdentifier(); /* + Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel()); + StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest()); + + HttpSession httpSession = httpReq.getSession(); + httpSession.setAttribute("STORKSessionID", "12345"); + httpResp.setStatus(startAuthResponse.getHttpStatusCode()); + try { + ServletOutputStream os = httpResp.getOutputStream(); + String html = new String(startAuthResponse.getContent()); + + + if (html.contains(""); + html = html.substring(beginIndex + 9, endIndex); + startAuthResponse.setContent(html.getBytes()); + } + Logger.info("HTML : " + html); + + os.write(startAuthResponse.getContent()); + Logger.info("Response sent to client"); + } catch (IOException e) { + Logger.error("ERROR MOA"); + throw new MOAIDException("error response sending", new Object[]{}); + } + //httpSession.setAttribute("CCC", ccc); + + */ + } + + + //httpResp.setStatus(200); + //VPEPSInboundPostHandler // - put container in temporary store. AssertionStorage.getInstance().put(newArtifactId, container); -- cgit v1.2.3 From f51b28c24ac466b5e25d3047975beac8f14d2c15 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 25 Feb 2014 20:34:44 +0100 Subject: attrcollector --- .../id/protocols/stork2/AttributeCollector.java | 13 +------- .../protocols/stork2/AttributeProviderFactory.java | 17 ++++++---- .../id/protocols/stork2/AuthenticationRequest.java | 38 ++++++++++++++-------- 3 files changed, 37 insertions(+), 31 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 08244ab38..cc0f8569e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -155,18 +155,7 @@ public class AttributeCollector implements IAction { //httpSession.setAttribute("CCC", ccc); */ - } - - - //httpResp.setStatus(200); - //VPEPSInboundPostHandler - - // - put container in temporary store. - AssertionStorage.getInstance().put(newArtifactId, container); - - // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); - } catch (Exception e1) { + } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); throw new MOAIDException("stork.11", null); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index 98d354e8a..9a4c1f59b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -31,12 +31,17 @@ public class AttributeProviderFactory { * @return the attribute provider */ public static AttributeProvider create(String shortname, String url) { - switch (shortname) { - case "StorkAttributeRequestProvider": - return new StorkAttributeRequestProvider(url); - default: - return null; - } + //switch (shortname) { + //case "StorkAttributeRequestProvider": + // return new StorkAttributeRequestProvider(url); + //default: + // return null; + //} + if (shortname.equals("StorkAttributeRequestProvider")) { + return new StorkAttributeRequestProvider(url); + } else { + return null; + } } /** diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index d742d72ef..6ef85d7ae 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -1,8 +1,11 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; @@ -22,10 +25,7 @@ import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.OutputStreamWriter; -import java.io.Writer; +import java.io.*; import java.util.HashMap; import eu.stork.peps.auth.engine.SAMLEngine; @@ -94,6 +94,13 @@ public class AuthenticationRequest implements IAction { */ } + STORKAuthnResponse authnResponse = new STORKAuthnResponse(); + authnResponse.setCountry("AT"); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); + //httpResp.setStatus(200); //VPEPSInboundPostHandler @@ -102,20 +109,23 @@ public class AuthenticationRequest implements IAction { DataContainer container = new DataContainer(); // - fill in the request we extracted above - container.setRequest(request); + container.setRequest(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); // - fill in the partial response created above - container.setResponse(response); + container.setResponse(authnResponse); // - memorize the target url were we have to return the result - container.setTarget(target); - + container.setTarget(((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + + + + + if (1==1) // test // see if we need to fetch further attributes - return (new AttributeCollector()).processRequest(container); + return (new AttributeCollector()).processRequest(container, httpReq, httpResp, oaParam); + - STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry("AT"); @@ -163,13 +173,15 @@ public class AuthenticationRequest implements IAction { try { Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); - Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // radi + Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); } catch (IOException e) { e.printStackTrace(); } + // preparing redirection for the client + try { VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); @@ -266,7 +278,7 @@ public class AuthenticationRequest implements IAction { // moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth"); - return authResponse; + return attributeList; } public String getDefaultActionName() { -- cgit v1.2.3 From 1aa6fd1a5b007a9c234e096e6d145cb0235cfd70 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 26 Feb 2014 09:34:59 +0100 Subject: init eHvd AP Plugin --- .../protocols/stork2/AttributeProviderFactory.java | 8 ++-- .../stork2/EHvdAttributeProviderPlugin.java | 50 ++++++++++++++++++++++ 2 files changed, 55 insertions(+), 3 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index 98d354e8a..23edf69f9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -18,6 +18,7 @@ public class AttributeProviderFactory { public static List getAvailablePlugins() { List result = new ArrayList(); result.add("StorkAttributeRequestProvider"); + result.add("EHvdAttributeProvider"); return result; } @@ -31,10 +32,11 @@ public class AttributeProviderFactory { * @return the attribute provider */ public static AttributeProvider create(String shortname, String url) { - switch (shortname) { - case "StorkAttributeRequestProvider": + if (shortname.equals("StorkAttributeRequestProvider")) { return new StorkAttributeRequestProvider(url); - default: + } else if(shortname.equals("EHvdAttributeProvider")) { + return new EHvdAttributeProviderPlugin(url); + } else { return null; } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java new file mode 100644 index 000000000..8783026c2 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -0,0 +1,50 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * Fetches the attribute IsHealthcareProfessional from the BAGDAD SOAP service + */ +public class EHvdAttributeProviderPlugin implements AttributeProvider { + + public EHvdAttributeProviderPlugin(String url) { + // TODO Auto-generated constructor stub + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute) + */ + @Override + public IPersonalAttributeList acquire(PersonalAttribute attributes) + throws UnsupportedAttributeException, + ExternalAttributeRequestRequiredException { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) + */ + @Override + public void performRedirect(String url, String citizenCountyCode, + HttpServletRequest req, HttpServletResponse resp, + OAAuthParameter oaParam) throws MOAIDException { + // there is no redirect required + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) + */ + @Override + public IPersonalAttributeList parse(HttpServletRequest httpReq) + throws UnsupportedAttributeException, MOAIDException { + // TODO Auto-generated method stub + return null; + } +} -- cgit v1.2.3 From 2b655368aa6bfb7a0250589a23b2ac328b25c5aa Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 26 Feb 2014 09:36:39 +0100 Subject: disable parse and redirect functionality of eHVD ap plugin --- .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 8783026c2..8813ec8dc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -44,7 +44,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { - // TODO Auto-generated method stub - return null; + // there is no redirect required, so we throw an exception when someone asks us to parse a response + throw new UnsupportedAttributeException(); } } -- cgit v1.2.3 From b7a64411283c5a5496383164ced201ef42eb3d63 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 26 Feb 2014 09:46:41 +0100 Subject: sketched communication process --- .../stork2/EHvdAttributeProviderPlugin.java | 25 ++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 8813ec8dc..28f5b23a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -7,6 +7,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; /** * Fetches the attribute IsHealthcareProfessional from the BAGDAD SOAP service @@ -24,8 +25,28 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { - // TODO Auto-generated method stub - return null; + + try { + // create SOAP connection + + // assemble SOAP request + + // perform SOAP call + + // parse SOAP response + + // assemble attribute + PersonalAttribute acquiredAttribute = new PersonalAttribute(); + + // pack and return the result + PersonalAttributeList result = new PersonalAttributeList(); + result.add(acquiredAttribute); + + return result; + } catch (Exception e) { + // TODO in case of an error, we might want to inform someone somehow different than by just saying nothing + return null; + } } /* (non-Javadoc) -- cgit v1.2.3 From 2f4f739506a1f054c0fbb3f28e97e1c13f798758 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 26 Feb 2014 10:02:16 +0100 Subject: report an attribute request that is not supported by eHVD AP plugin --- .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 28f5b23a3..7dc4b8ac1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -26,6 +26,10 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { + // break when we cannot handle the requested attribute + if(!attributes.getFriendlyName().equals("isHealthcareProfessional")) + throw new UnsupportedAttributeException(); + try { // create SOAP connection -- cgit v1.2.3 From 001161aec7e42825c21fc969cac45f77da31fb86 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 26 Feb 2014 12:09:52 +0100 Subject: raise the SOAP request --- .../stork2/EHvdAttributeProviderPlugin.java | 60 +++++++++++++++++++++- 1 file changed, 58 insertions(+), 2 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 7dc4b8ac1..42652464b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -1,7 +1,22 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.util.ArrayList; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.xml.namespace.QName; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.soap.MessageFactory; +import javax.xml.soap.SOAPBody; +import javax.xml.soap.SOAPConnection; +import javax.xml.soap.SOAPConnectionFactory; +import javax.xml.soap.SOAPElement; +import javax.xml.soap.SOAPEnvelope; +import javax.xml.soap.SOAPMessage; +import javax.xml.soap.SOAPPart; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -14,8 +29,16 @@ import eu.stork.peps.auth.commons.PersonalAttributeList; */ public class EHvdAttributeProviderPlugin implements AttributeProvider { + /** The destination. */ + private Object destination; + + /** + * Instantiates a new e hvd attribute provider plugin. + * + * @param url the service url + */ public EHvdAttributeProviderPlugin(String url) { - // TODO Auto-generated constructor stub + destination = url; } /* (non-Javadoc) @@ -27,15 +50,48 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { ExternalAttributeRequestRequiredException { // break when we cannot handle the requested attribute - if(!attributes.getFriendlyName().equals("isHealthcareProfessional")) + if(!attributes.getFriendlyName().equals("isHCP")) throw new UnsupportedAttributeException(); try { // create SOAP connection + SOAPConnection soapConnection = SOAPConnectionFactory.newInstance().createConnection(); // assemble SOAP request + MessageFactory messageFactory = MessageFactory.newInstance(); + SOAPMessage requestMessage = messageFactory.createMessage(); + SOAPPart requestPart = requestMessage.getSOAPPart(); + + // (soap 1.1 relevant part. could not find a solution to use soap 1.2 in time. + requestMessage.getMimeHeaders().setHeader("SOAPAction", "http://gesundheit.gv.at/BAGDAD/DataAccessService/IsHealthcareProfessional"); + + /* + Construct SOAP Request Message: + + + + string + + + + see https://stork.ehealth.gv.at/GDAService.asmx?op=IsHealthcareProfessional + */ + + // SOAP Envelope + SOAPEnvelope envelope = requestPart.getEnvelope(); + + // SOAP Body + SOAPBody requestBody = envelope.getBody(); + SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional"); + SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK"); + // TODO fetch bpk_gh from somewhere + requestBodyElem1.addTextNode("bpk_gh"); + + requestMessage.saveChanges(); + // perform SOAP call + SOAPMessage responseMessage = soapConnection.call(requestMessage, destination); // parse SOAP response -- cgit v1.2.3 From 5dd5959e9ddd730452d0007fbf2c091d2c2506e1 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 26 Feb 2014 13:54:44 +0100 Subject: parse the SOAP response --- .../stork2/EHvdAttributeProviderPlugin.java | 143 +++++++++++++++++---- 1 file changed, 117 insertions(+), 26 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 42652464b..fdf0806b8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -1,10 +1,13 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.io.StringWriter; import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.xml.namespace.QName; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.soap.MessageFactory; import javax.xml.soap.SOAPBody; @@ -14,6 +17,12 @@ import javax.xml.soap.SOAPElement; import javax.xml.soap.SOAPEnvelope; import javax.xml.soap.SOAPMessage; import javax.xml.soap.SOAPPart; +import javax.xml.transform.Result; +import javax.xml.transform.Source; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -58,13 +67,13 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { SOAPConnection soapConnection = SOAPConnectionFactory.newInstance().createConnection(); // assemble SOAP request - MessageFactory messageFactory = MessageFactory.newInstance(); - SOAPMessage requestMessage = messageFactory.createMessage(); - SOAPPart requestPart = requestMessage.getSOAPPart(); - - // (soap 1.1 relevant part. could not find a solution to use soap 1.2 in time. - requestMessage.getMimeHeaders().setHeader("SOAPAction", "http://gesundheit.gv.at/BAGDAD/DataAccessService/IsHealthcareProfessional"); - + MessageFactory messageFactory = MessageFactory.newInstance(); + SOAPMessage requestMessage = messageFactory.createMessage(); + SOAPPart requestPart = requestMessage.getSOAPPart(); + + // (soap 1.1 relevant part. could not find a solution to use soap 1.2 in time. + requestMessage.getMimeHeaders().setHeader("SOAPAction", "http://gesundheit.gv.at/BAGDAD/DataAccessService/IsHealthcareProfessional"); + /* Construct SOAP Request Message: @@ -74,34 +83,116 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { - + see https://stork.ehealth.gv.at/GDAService.asmx?op=IsHealthcareProfessional */ - // SOAP Envelope - SOAPEnvelope envelope = requestPart.getEnvelope(); + // SOAP Envelope + SOAPEnvelope envelope = requestPart.getEnvelope(); + + // SOAP Body + SOAPBody requestBody = envelope.getBody(); + SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional"); + SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK"); + // TODO fetch bpk_gh from somewhere + requestBodyElem1.addTextNode("bpk_gh"); - // SOAP Body - SOAPBody requestBody = envelope.getBody(); - SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional"); - SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK"); - // TODO fetch bpk_gh from somewhere - requestBodyElem1.addTextNode("bpk_gh"); + requestMessage.saveChanges(); - requestMessage.saveChanges(); - // perform SOAP call - SOAPMessage responseMessage = soapConnection.call(requestMessage, destination); - + SOAPMessage responseMessage = soapConnection.call(requestMessage, destination); + // parse SOAP response - - // assemble attribute - PersonalAttribute acquiredAttribute = new PersonalAttribute(); - + + /* + + + + + boolean + string + boolean + string + string + string + + + + + + see https://stork.ehealth.gv.at/GDAService.asmx?op=IsHealthcareProfessional + */ + SOAPBody responseBody = responseMessage.getSOAPBody(); + + // iterate through tree + SOAPElement responseElement = (SOAPElement) responseBody.getChildElements().next(); + SOAPElement resultElement = (SOAPElement) responseElement.getChildElements().next(); + SOAPElement tmp; + + // collect all info in a map + Iterator it = resultElement.getChildElements(); + Map collection = new HashMap(); + while (it.hasNext()) { + SOAPElement current = (SOAPElement) it.next(); + + collection.put(current.getNodeName(), current.getTextContent()); + + } + + // check if there is anything valid in the map + if (collection.isEmpty() || collection.size() != 6) { + // TODO report error + } + + // - fetch request validity + if (collection.get("RequestOK").equals("false")) { + // TODO report error + } + + PersonalAttribute acquiredAttribute = null; + + if (collection.get("IsHealthcareProfessional").equals("false")) { + // the citizen is no HCP + acquiredAttribute = new PersonalAttribute("isHCP", false, new ArrayList(), "NotAvailable"); + } else { + // go on and parse the data + + Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); + + Element orgname = doc.createElement("nameOfOrganisation"); + orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganization"))); + doc.appendChild(orgname); + + Element type = doc.createElement("HCP"); + // TODO fix value mapping + if (collection.get("Type").equals("Medical Doctors")) + type.appendChild(doc.createTextNode("D")); + doc.appendChild(type); + + Element specialization = doc.createElement("specialisation"); + // TODO fix value mapping + specialization.appendChild(doc.createTextNode(collection.get("Specialization").substring(0, 2))); + doc.appendChild(specialization); + + // get string from dom tree + Source source = new DOMSource(doc); + StringWriter out = new StringWriter(); + Result result = new StreamResult(out); + + TransformerFactory tFactory = TransformerFactory.newInstance(); + Transformer transformer = tFactory.newTransformer(); + transformer.transform(source, result); + + ArrayList value = new ArrayList(); + value.add(out.toString()); + + acquiredAttribute = new PersonalAttribute("isHCP", false, value, "Available"); + } + // pack and return the result PersonalAttributeList result = new PersonalAttributeList(); result.add(acquiredAttribute); - + return result; } catch (Exception e) { // TODO in case of an error, we might want to inform someone somehow different than by just saying nothing -- cgit v1.2.3 From 02800dff9580924a9b912ca9f2ff56c9a40d2152 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 26 Feb 2014 14:06:36 +0100 Subject: error handling --- .../moa/id/protocols/stork2/AttributeCollector.java | 3 +++ .../moa/id/protocols/stork2/AttributeProvider.java | 2 +- .../id/protocols/stork2/EHvdAttributeProviderPlugin.java | 15 ++++++++------- 3 files changed, 12 insertions(+), 8 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 937f6da74..f36232eb9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -113,6 +113,9 @@ public class AttributeCollector implements IAction { container.getResponse().getPersonalAttributeList().add(current); } catch(UnsupportedAttributeException e) { // ok, try the next attributeprovider + } catch(MOAIDException e) { + // the current plugin had an error. Try the next one. + // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index adf57d77b..9e6cba923 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -25,7 +25,7 @@ public interface AttributeProvider { * @throws UnsupportedAttributeException the unsupported attribute exception * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done */ - public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException; + public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException; /** * Perform redirect. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index fdf0806b8..474dcb8fa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -29,6 +29,7 @@ import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; @@ -56,8 +57,8 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { @Override public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, - ExternalAttributeRequestRequiredException { - + ExternalAttributeRequestRequiredException, MOAIDException { + // break when we cannot handle the requested attribute if(!attributes.getFriendlyName().equals("isHCP")) throw new UnsupportedAttributeException(); @@ -136,17 +137,18 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { SOAPElement current = (SOAPElement) it.next(); collection.put(current.getNodeName(), current.getTextContent()); - } // check if there is anything valid in the map if (collection.isEmpty() || collection.size() != 6) { - // TODO report error + Logger.warn("eHVD returned an unexpected count of values. Expected 6 got " + collection.size()); + throw new IndexOutOfBoundsException("response attributes not like specified"); } // - fetch request validity if (collection.get("RequestOK").equals("false")) { - // TODO report error + Logger.warn("eHVD reported an invalid request. The error message is: " + collection.get("Message")); + throw new Exception("eHVD reported an invalid request"); } PersonalAttribute acquiredAttribute = null; @@ -195,8 +197,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { return result; } catch (Exception e) { - // TODO in case of an error, we might want to inform someone somehow different than by just saying nothing - return null; + throw new MOAIDException("stork.13", new Object[] { e }); } } -- cgit v1.2.3 From 03952b60036874105f8d5575ca2d06594e70c759 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 26 Feb 2014 15:05:27 +0100 Subject: use appropriate PK in eHVD AP plugin --- .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 6 +++--- .../gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java | 5 ++++- .../moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java | 3 ++- .../moa/id/protocols/stork2/DemoRedirectAttributeProvider.java | 3 ++- .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java | 7 +++---- .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 3 ++- 6 files changed, 16 insertions(+), 11 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index f36232eb9..b7fa37757 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -79,7 +79,7 @@ public class AttributeCollector implements IAction { container.getResponse().getPersonalAttributeList().add(current); // see if we need some more attributes - return processRequest(container, httpReq, httpResp, oaParam); + return processRequest(container, httpReq, httpResp, moasession, oaParam); } /** @@ -90,7 +90,7 @@ public class AttributeCollector implements IAction { * @return the string * @throws MOAIDException */ - public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException { + public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -106,7 +106,7 @@ public class AttributeCollector implements IAction { for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { try { // - hand over control to the suitable plugin - IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute); + IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); // - add the aquired attribute to the container for(PersonalAttribute current : aquiredAttributes) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 9e6cba923..59376fef6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -21,11 +22,13 @@ public interface AttributeProvider { * the response. * * @param attributes the list of attributes to be acquired + * @param moasession the moasession * @return the personal attribute * @throws UnsupportedAttributeException the unsupported attribute exception * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done + * @throws MOAIDException the mOAID exception */ - public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException; + public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException; /** * Perform redirect. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index e6f340c77..669a9389b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -5,6 +5,7 @@ import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import eu.stork.peps.auth.commons.IPersonalAttributeList; @@ -20,7 +21,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ @Override - public IPersonalAttributeList acquire(PersonalAttribute attributeName) + public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession) throws UnsupportedAttributeException { PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index 5d4336149..2f6b69075 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -5,6 +5,7 @@ import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import eu.stork.peps.auth.commons.IPersonalAttributeList; @@ -20,7 +21,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ @Override - public IPersonalAttributeList acquire(PersonalAttribute attributeName) + public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { throw new ExternalAttributeRequestRequiredException(this); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 474dcb8fa..8b96e0d10 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -27,6 +27,7 @@ import javax.xml.transform.stream.StreamResult; import org.w3c.dom.Document; import org.w3c.dom.Element; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.logging.Logger; @@ -55,7 +56,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute) */ @Override - public IPersonalAttributeList acquire(PersonalAttribute attributes) + public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { @@ -95,8 +96,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { SOAPBody requestBody = envelope.getBody(); SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional"); SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK"); - // TODO fetch bpk_gh from somewhere - requestBodyElem1.addTextNode("bpk_gh"); + requestBodyElem1.addTextNode(moasession.getIdentityLink().getIdentificationValue()); requestMessage.saveChanges(); @@ -128,7 +128,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { // iterate through tree SOAPElement responseElement = (SOAPElement) responseBody.getChildElements().next(); SOAPElement resultElement = (SOAPElement) responseElement.getChildElements().next(); - SOAPElement tmp; // collect all info in a map Iterator it = resultElement.getChildElements(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 3c689cac9..bd6f192dc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -8,6 +8,7 @@ import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -47,7 +48,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ @Override - public IPersonalAttributeList acquire(PersonalAttribute attribute) + public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { requestedAttributes = new PersonalAttributeList(1); requestedAttributes.add(attribute); -- cgit v1.2.3 From caee81b311e93720d4c1fe2b3de22cdcbb0fe74d Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 26 Feb 2014 16:32:48 +0100 Subject: config --- .../id/protocols/stork2/AuthenticationRequest.java | 55 ++++++++++++---------- 1 file changed, 31 insertions(+), 24 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 6ef85d7ae..db3e12f43 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -4,6 +4,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; +import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; @@ -64,7 +65,7 @@ public class AuthenticationRequest implements IAction { Logger.debug("STORK QAA 2 :" + ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getQAALevel()); StartAuthResponse startAuthResponse = getStartAuthResponse(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); - HttpSession httpSession = httpReq.getSession(); + HttpSession httpSession = httpReq.getSession(); performRed httpSession.setAttribute("STORKSessionID", "12345"); httpResp.setStatus(startAuthResponse.getHttpStatusCode()); try { @@ -102,12 +103,37 @@ public class AuthenticationRequest implements IAction { throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); + // Prepare basic AT attributes + try { + IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); + Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); + + + for (PersonalAttribute personalAttribute : moaAttrList) { + Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); + if (personalAttribute.getValue().size() > 0) { + for (String value : personalAttribute.getValue()) { + Logger.info(" Value found: " + value); + } + } + } + + } catch (Exception e) { + Logger.error("Exception, attributes: " + e.getMessage()); + } + + authnResponse.setPersonalAttributeList(populateAttributes()); + + // Prepare extended attributes + Logger.debug("Preparing data container"); + //httpResp.setStatus(200); //VPEPSInboundPostHandler // create fresh container DataContainer container = new DataContainer(); - + + // - fill in the request we extracted above container.setRequest(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); @@ -118,39 +144,20 @@ public class AuthenticationRequest implements IAction { container.setTarget(((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + Logger.debug("Data container prepared"); - if (1==1) // test + if (1==0) // test // see if we need to fetch further attributes return (new AttributeCollector()).processRequest(container, httpReq, httpResp, oaParam); + Logger.debug("Finished sending data container"); - - try { - IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); - Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); - - - for (PersonalAttribute personalAttribute : moaAttrList) { - Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); - if (personalAttribute.getValue().size() > 0) { - for (String value : personalAttribute.getValue()) { - Logger.info(" Value found: " + value); - } - } - } - - } catch (Exception e) { - Logger.error("Exception, attributes: " + e.getMessage()); - } - - authnResponse.setPersonalAttributeList(populateAttributes()); - try { //Get SAMLEngine instance STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); -- cgit v1.2.3 From 11e26b97a643704f17f34e7424269325ed51472d Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 26 Feb 2014 17:21:59 +0100 Subject: adjusting attribute collector --- .../id/protocols/stork2/AttributeCollector.java | 333 +++++++++++++-------- .../id/protocols/stork2/AuthenticationRequest.java | 149 +-------- .../moa/id/protocols/stork2/DataContainer.java | 14 +- .../stork2/StorkAttributeRequestProvider.java | 3 - 4 files changed, 215 insertions(+), 284 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index fcef1487e..bc5a0c0c6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -1,11 +1,9 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import java.util.ArrayList; -import java.util.List; - import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -13,169 +11,240 @@ import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import org.apache.commons.io.IOUtils; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; +import javax.servlet.http.HttpSession; +import java.io.IOException; +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.List; /** * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins. * The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes. * Furthermore, the class can handle direct posts. That is when the class triggers an attribute query which needs user * interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes. - * + *

* TODO how do we treat mandatory and optional attributes? - * */ public class AttributeCollector implements IAction { - - /** The Constant ARTIFACT_ID. */ - private static final String ARTIFACT_ID = "artifactId"; - + + /** + * The Constant ARTIFACT_ID. + */ + private static final String ARTIFACT_ID = "artifactId"; + private DataContainer container; + private HttpServletResponse httpResp; + + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { - // read configuration parameters of OA - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); - - // find the attribute provider plugin that can handle the response - IPersonalAttributeList newAttributes = null; - for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) - try { - newAttributes = current.parse(httpReq); - } catch (UnsupportedAttributeException e1) { - // the current provider cannot find anything familiar within the - // provided httpreq. Try the next one. - } - - if (null == newAttributes) { - // we do not have a provider which is capable of fetching something - // from the received httpreq. - // TODO should we continue with the next attribute? - Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); - throw new MOAIDException("stork.11", null); - } - - // - fetch the container - String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); - DataContainer container; - try { - container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); - } catch (MOADatabaseException e) { - Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); - throw new MOAIDException("stork.11", null); - } - - // - insert the embedded attribute(s) into the container - for(PersonalAttribute current : newAttributes) - container.getResponse().getPersonalAttributeList().add(current); - - // see if we need some more attributes - return processRequest(container, httpReq, httpResp, moasession, oaParam); + this.httpResp = httpResp; + + // read configuration parameters of OA + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + + // find the attribute provider plugin that can handle the response + IPersonalAttributeList newAttributes = null; + for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) + try { + newAttributes = current.parse(httpReq); + } catch (UnsupportedAttributeException e1) { + // the current provider cannot find anything familiar within the + // provided httpreq. Try the next one. + } + + if (null == newAttributes) { + // we do not have a provider which is capable of fetching something + // from the received httpreq. + // TODO should we continue with the next attribute? + Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); + throw new MOAIDException("stork.11", null); + } + + // - fetch the container + String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); + DataContainer container; + try { + container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); + throw new MOAIDException("stork.11", null); + } + + // - insert the embedded attribute(s) into the container + for (PersonalAttribute current : newAttributes) + container.getResponse().getPersonalAttributeList().add(current); + + // see if we need some more attributes + return processRequest(container, httpReq, httpResp, moasession, oaParam); } - + /** * Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch, * this very method creates and sends the protocol result to the asking S-PEPS. * * @param container the {@link DataContainer} representing the status of the overall query. * @return the string - * @throws MOAIDException + * @throws MOAIDException */ public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException { - // check if there are attributes we need to fetch - IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); - IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); - List missingAttributes = new ArrayList(); - for(PersonalAttribute current : requestAttributeList) - if(!responseAttributeList.containsKey(current)) - missingAttributes.add(current); - - try { - // for each attribute still missing - for(PersonalAttribute currentAttribute : missingAttributes) { - // - check if we can find a suitable AttributeProvider Plugin - for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { - try { - // - hand over control to the suitable plugin - IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); - - // - add the aquired attribute to the container - for(PersonalAttribute current : aquiredAttributes) - container.getResponse().getPersonalAttributeList().add(current); - } catch(UnsupportedAttributeException e) { - // ok, try the next attributeprovider - } catch(MOAIDException e) { - // the current plugin had an error. Try the next one. - // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop - } - - } - } - } catch (ExternalAttributeRequestRequiredException e) { - // the attribute request is ongoing and requires an external service. - try { - // memorize the container again - // - generate new key - String newArtifactId = new SecureRandomIdentifierGenerator() - .generateIdentifier(); /* - Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel()); - StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest()); - - HttpSession httpSession = httpReq.getSession(); - httpSession.setAttribute("STORKSessionID", "12345"); - httpResp.setStatus(startAuthResponse.getHttpStatusCode()); - try { - ServletOutputStream os = httpResp.getOutputStream(); - String html = new String(startAuthResponse.getContent()); - - - if (html.contains(""); - html = html.substring(beginIndex + 9, endIndex); - startAuthResponse.setContent(html.getBytes()); - } - Logger.info("HTML : " + html); + // check if there are attributes we need to fetch + this.httpResp = response; + this.container = container; + + IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); + IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); + List missingAttributes = new ArrayList(); + for (PersonalAttribute current : requestAttributeList) + if (!responseAttributeList.containsKey(current)) + missingAttributes.add(current); + + try { + // for each attribute still missing + for (PersonalAttribute currentAttribute : missingAttributes) { + // - check if we can find a suitable AttributeProvider Plugin + for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { + try { + // - hand over control to the suitable plugin + IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); + + // - add the aquired attribute to the container + for (PersonalAttribute current : aquiredAttributes) + container.getResponse().getPersonalAttributeList().add(current); + } catch (UnsupportedAttributeException e) { + // ok, try the next attributeprovider + } catch (MOAIDException e) { + // the current plugin had an error. Try the next one. + // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop + } - os.write(startAuthResponse.getContent()); - Logger.info("Response sent to client"); - } catch (IOException e) { - Logger.error("ERROR MOA"); - throw new MOAIDException("error response sending", new Object[]{}); + } + } + } catch (ExternalAttributeRequestRequiredException e) { + // the attribute request is ongoing and requires an external service. + try { + // memorize the container again + // - generate new key + String newArtifactId = new SecureRandomIdentifierGenerator() + .generateIdentifier(); + } catch (Exception e1) { + // TODO should we return the response as is to the PEPS? + Logger.error("Error putting incomplete Stork response into temporary storage", e); + throw new MOAIDException("stork.11", null); } - //httpSession.setAttribute("CCC", ccc); - - */ - } catch (Exception e1) { - // TODO should we return the response as is to the PEPS? - Logger.error("Error putting incomplete Stork response into temporary storage", e); - throw new MOAIDException("stork.11", null); - } - - return "12345"; // TODO what to do here? - } - // build response - // done - return "12345"; // AssertionId + + return "12345"; // TODO what to do here? + } + + // build response + generateSTORKResponse(); + + // set new http response + generateRedirectResponse(); + response = httpResp; + + return "12345"; // AssertionId + } + + + private void generateSTORKResponse() throws MOAIDException { + STORKAuthnResponse authnResponse = container.getResponse(); + STORKAuthnRequest authnRequest = container.getRequest(); + + try { + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("vidp"); + Logger.debug("Starting generation of SAML response"); + authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false); + + //generateSAML Token + Logger.info("SAML response succesfully generated!"); + } catch (STORKSAMLEngineException e) { + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } + + Logger.info("STORK SAML Response message succesfully generated "); + String statusCodeValue = authnResponse.getStatusCode(); + + try { + Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); + Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works + Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + + } catch (IOException e) { + e.printStackTrace(); + } + + container.setResponse(authnResponse); + + } + + + private void generateRedirectResponse() { + STORKAuthnResponse authnResponse = container.getResponse(); + STORKAuthnRequest authnRequest = container.getRequest(); + + + // preparing redirection for the client + + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); + + context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + + Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); + context.put("action", authnRequest.getAssertionConsumerServiceURL()); + Logger.debug("Starting template merge"); + StringWriter writer = new StringWriter(); + + Logger.debug("Doing template merge"); + template.merge(context, writer); + Logger.debug("Template merge done"); + + Logger.debug("Sending html content: " + writer.getBuffer().toString()); + Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); + + + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + } + + //HttpSession httpSession = this.httpResp.getSession(); + //httpSession.setAttribute("STORKSessionID", "12345"); + //Logger.info("Status code again: " + authnResponse.getStatusCode()); + + //return "12345"; // AssertionId } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { - // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action. + // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action. return false; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index db3e12f43..b3f009ae2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -59,41 +59,6 @@ public class AuthenticationRequest implements IAction { Logger.debug("Remote user: " + httpReq.getRemoteAddr()); Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget()); httpResp.reset(); - //httpResp.addHeader("Location", "http:/www.google.com"); - if (req instanceof MOASTORKAuthnRequest) { - /* - Logger.debug("STORK QAA 2 :" + ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getQAALevel()); - StartAuthResponse startAuthResponse = getStartAuthResponse(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); - - HttpSession httpSession = httpReq.getSession(); performRed - httpSession.setAttribute("STORKSessionID", "12345"); - httpResp.setStatus(startAuthResponse.getHttpStatusCode()); - try { - ServletOutputStream os = httpResp.getOutputStream(); - String html = new String(startAuthResponse.getContent()); - - - if (html.contains(""); - html = html.substring(beginIndex + 9, endIndex); - startAuthResponse.setContent(html.getBytes()); - } - Logger.info("HTML : " + html); - - os.write(startAuthResponse.getContent()); - Logger.info("Response sent to client"); - } catch (IOException e) { - Logger.error("ERROR MOA"); - throw new MOAIDException("error response sending", new Object[]{}); - } - //httpSession.setAttribute("CCC", ccc); - - */ - } STORKAuthnResponse authnResponse = new STORKAuthnResponse(); authnResponse.setCountry("AT"); @@ -122,18 +87,15 @@ public class AuthenticationRequest implements IAction { Logger.error("Exception, attributes: " + e.getMessage()); } + // Get personal attributtes from MOA/IdentityLink authnResponse.setPersonalAttributeList(populateAttributes()); // Prepare extended attributes Logger.debug("Preparing data container"); - //httpResp.setStatus(200); - //VPEPSInboundPostHandler - // create fresh container DataContainer container = new DataContainer(); - // - fill in the request we extracted above container.setRequest(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); @@ -146,90 +108,8 @@ public class AuthenticationRequest implements IAction { Logger.debug("Data container prepared"); + return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); - if (1==0) // test - // see if we need to fetch further attributes - return (new AttributeCollector()).processRequest(container, httpReq, httpResp, oaParam); - - Logger.debug("Finished sending data container"); - - - - - - - try { - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); - Logger.debug("Starting generation of SAML response"); - authnResponse = engine.generateSTORKAuthnResponse(((MOASTORKAuthnRequest)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false); - //generateSAML Token - Logger.info("SAML response succesfully generated!"); - }catch(STORKSAMLEngineException e){ - Logger.error("Failed to generate STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } - - Logger.info("STORK SAML Response message succesfully generated "); - Logger.debug("STORK response: "); - - Logger.debug("authn response string: " + authnResponse.toString()); - - String statusCodeValue = authnResponse.getStatusCode(); - Logger.debug("authn status code value: " + statusCodeValue); - - try { - Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); - Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works - Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); - - } catch (IOException e) { - e.printStackTrace(); - } - - // preparing redirection for the client - - try { - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); - VelocityContext context = new VelocityContext(); - //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString())); - - //context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml())); - - context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); - Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); - //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.encode(context.get("SAMLResponse").toString().getBytes())); - - Logger.debug("Putting assertion consumer url as action: " + ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); - context.put("action", ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); - Logger.debug("Starting template merge"); - StringWriter writer = new StringWriter(); - //PrintWriter pwriter = new StringWriter(); - - Logger.debug("Doing template merge"); - template.merge(context, writer); - Logger.debug("Template merge done"); - - Logger.debug("Sending html content: " + writer.getBuffer().toString()); - Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); - - - - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); - - } catch (Exception e) { - Logger.error("Velocity error: " + e.getMessage()); - } - - HttpSession httpSession = httpReq.getSession(); - httpSession.setAttribute("STORKSessionID", "12345"); - Logger.info("Status code again: " + authnResponse.getStatusCode()); - - - - - return "12345"; // AssertionId } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { @@ -249,42 +129,17 @@ public class AuthenticationRequest implements IAction { try { for (PersonalAttribute personalAttribute : attrLst) { Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired()); - moaAttributeProvider.populateAttribute(attributeList, personalAttribute); - - // if ("givenName".equals(personalAttribute.getName())) { - // Logger.debug("Providing new attribute: " + personalAttribute.getName()); - // PersonalAttribute newAttribute = new PersonalAttribute(); - // newAttribute.setName("givenName"); - // newAttribute.setValue(new ArrayList(Collections.singletonList(moaSession.getIdentityLink().getGivenName()))); - // attributeList.add(newAttribute); - // } - } } catch (Exception e) { Logger.error("Exception, attributes: " + e.getMessage()); } - Logger.debug("AUTHBLOCK " + moaSession.getAuthBlock()); Logger.debug("TARGET " + moaSession.getTarget() + " " + moaSession.getTargetFriendlyName()); - - Logger.debug("SESSION IDENTIFIER " + moaSession.getCcc() + " " + moaSession.getDomainIdentifier()); - - Logger.debug("AUTHBLOCKTOKKEN" + moaSession.getAuthBlockTokken()); - // moaAttributeProvider.populateAttribute(attributeList, personalAttribute.getName()); - - // moaAttributeProvider.populateAttribute(attributeList, "givenName"); - - // moaAttributeProvider.populateAttribute(attributeList, "surname"); - - // moaAttributeProvider.populateAttribute(attributeList, "xxname"); - - // moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth"); - return attributeList; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java index 40c827ef8..44ad0000a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java @@ -22,8 +22,9 @@ public class DataContainer implements Serializable { /** The target. */ private String target; - - /** + private String remoteAddress; + + /** * Gets the request. * * @return the request @@ -76,4 +77,13 @@ public class DataContainer implements Serializable { public void setTarget(String target) { this.target = target; } + + /* + Sets IP address + */ + public void setRemoteAddress(String address) { this.remoteAddress = address; } + public String getRemoteAddress() { + return this.remoteAddress; + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index bd6f192dc..4314e666e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -47,7 +47,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { requestedAttributes = new PersonalAttributeList(1); @@ -58,7 +57,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { Logger.debug("Beginning to extract SAMLResponse out of HTTP Request"); @@ -91,7 +89,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ - @Override public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { String spSector = "Business"; -- cgit v1.2.3 From 27b4ca05aeac39b0a180a13e44ed354e80fb47dd Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 26 Feb 2014 19:28:55 +0100 Subject: attribute collector --- .../id/protocols/stork2/AttributeCollector.java | 30 ++++++++++++++++------ .../id/protocols/stork2/AuthenticationRequest.java | 2 ++ 2 files changed, 24 insertions(+), 8 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index bc5a0c0c6..57c68e94c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -69,6 +69,7 @@ public class AttributeCollector implements IAction { } catch (UnsupportedAttributeException e1) { // the current provider cannot find anything familiar within the // provided httpreq. Try the next one. + // TODO check the loop } if (null == newAttributes) { @@ -89,6 +90,8 @@ public class AttributeCollector implements IAction { throw new MOAIDException("stork.11", null); } + + // - insert the embedded attribute(s) into the container for (PersonalAttribute current : newAttributes) container.getResponse().getPersonalAttributeList().add(current); @@ -117,6 +120,7 @@ public class AttributeCollector implements IAction { if (!responseAttributeList.containsKey(current)) missingAttributes.add(current); + // Try to get all missing attributes try { // for each attribute still missing for (PersonalAttribute currentAttribute : missingAttributes) { @@ -138,6 +142,16 @@ public class AttributeCollector implements IAction { } } + + // build response + generateSTORKResponse(); + + // set new http response + generateRedirectResponse(); + response = httpResp; + + return "12345"; // AssertionId + } catch (ExternalAttributeRequestRequiredException e) { // the attribute request is ongoing and requires an external service. try { @@ -145,6 +159,13 @@ public class AttributeCollector implements IAction { // - generate new key String newArtifactId = new SecureRandomIdentifierGenerator() .generateIdentifier(); + // - put container in temporary store. + AssertionStorage.getInstance().put(newArtifactId, container); + + // add container-key to redirect embedded within the return URL + e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); + + } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); @@ -154,14 +175,7 @@ public class AttributeCollector implements IAction { return "12345"; // TODO what to do here? } - // build response - generateSTORKResponse(); - - // set new http response - generateRedirectResponse(); - response = httpResp; - return "12345"; // AssertionId } @@ -171,7 +185,7 @@ public class AttributeCollector implements IAction { try { //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("vidp"); + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); Logger.debug("Starting generation of SAML response"); authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index b3f009ae2..d4996c26a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -105,6 +105,8 @@ public class AuthenticationRequest implements IAction { // - memorize the target url were we have to return the result container.setTarget(((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + container.setRemoteAddress(httpReq.getRemoteAddr()); + Logger.debug("Data container prepared"); -- cgit v1.2.3 From ce0962d20a720e6c16adfd89ee8d71639d65dd52 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 27 Feb 2014 14:32:30 +0100 Subject: build stork euid --- .../moa/id/protocols/stork2/AuthenticationRequest.java | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index d4996c26a..3288e064f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -10,6 +10,7 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; import edu.emory.mathcs.backport.java.util.Collections; import eu.stork.peps.auth.commons.*; @@ -29,6 +30,7 @@ import javax.servlet.http.HttpSession; import java.io.*; import java.util.HashMap; import eu.stork.peps.auth.engine.SAMLEngine; +import org.w3c.dom.Element; /** @@ -52,6 +54,15 @@ public class AuthenticationRequest implements IAction { this.moaSession = moasession; this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req; + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); + + + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); Logger.debug("Starting AuthenticationRequest"); //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); @@ -61,7 +72,7 @@ public class AuthenticationRequest implements IAction { httpResp.reset(); STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry("AT"); + authnResponse.setCountry("EU"); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); if (oaParam == null) -- cgit v1.2.3 From 433e76b8b63b20a1d28f876f32a04f14342a9092 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 27 Feb 2014 15:14:32 +0100 Subject: integrating stork eidattribute --- .../moa/id/protocols/stork2/AuthenticationRequest.java | 8 ++++++-- .../moa/id/protocols/stork2/MOAAttributeProvider.java | 15 +++++++++++++-- 2 files changed, 19 insertions(+), 4 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 3288e064f..6a2fe3bfc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -54,6 +54,7 @@ public class AuthenticationRequest implements IAction { this.moaSession = moasession; this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req; + try{ MISMandate mandate = moasession.getMISMandate(); String owbpk = mandate.getOWbPK(); byte[] mand = mandate.getMandate(); @@ -63,6 +64,7 @@ public class AuthenticationRequest implements IAction { Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); +} catch (Exception x) {} Logger.debug("Starting AuthenticationRequest"); //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); @@ -72,7 +74,9 @@ public class AuthenticationRequest implements IAction { httpResp.reset(); STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry("EU"); + authnResponse.setCountry(((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getSpCountry()); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); if (oaParam == null) @@ -137,7 +141,7 @@ public class AuthenticationRequest implements IAction { // Define attribute list to be populated PersonalAttributeList attributeList = new PersonalAttributeList(); - MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink()); + MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink(), moaStorkAuthnRequest); try { for (PersonalAttribute personalAttribute : attrLst) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 414e383fa..190a0d27c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -1,6 +1,8 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; @@ -20,6 +22,7 @@ public class MOAAttributeProvider { private final IdentityLink identityLink; private static final Map storkAttributeSimpleMapping; private static final Map storkAttributeFunctionMapping; + private final MOASTORKAuthnRequest moastorkAuthnRequest; static { Map tempSimpleMap = new HashMap(); @@ -32,8 +35,9 @@ public class MOAAttributeProvider { storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); } - public MOAAttributeProvider(IdentityLink identityLink) { + public MOAAttributeProvider(IdentityLink identityLink, MOASTORKAuthnRequest moastorkAuthnRequest) { this.identityLink = identityLink; + this.moastorkAuthnRequest = moastorkAuthnRequest; Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue()); } @@ -66,9 +70,16 @@ public class MOAAttributeProvider { } private String geteIdentifier() { - return "askdlaskdlaskdsds"; + Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry()); + try { + return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry()); + } catch (BuildException be) { + Logger.error("Stork eid could not be constructed; " + be.getMessage()); + return null; // TODO error + } } + private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) { try { String attributeValue = method.invoke(object, new Class[]{}).toString(); -- cgit v1.2.3 From 550177c54ce258715177a28f2d2d78812bf745fd Mon Sep 17 00:00:00 2001 From: Andreas Reiter Date: Thu, 27 Feb 2014 18:31:06 +0100 Subject: Added signeddoc attribute provider plugin --- .../id/protocols/stork2/AttributeCollector.java | 2 + .../stork2/DemoNoRedirectAttributeProvider.java | 3 - .../stork2/DemoRedirectAttributeProvider.java | 3 - .../stork2/EHvdAttributeProviderPlugin.java | 3 - .../stork2/SignedDocAttributeRequestProvider.java | 129 +++++++++++++++++++++ 5 files changed, 131 insertions(+), 9 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 57c68e94c..288e71f58 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -133,6 +133,8 @@ public class AttributeCollector implements IAction { // - add the aquired attribute to the container for (PersonalAttribute current : aquiredAttributes) container.getResponse().getPersonalAttributeList().add(current); + //TODO: return after first AP + } catch (UnsupportedAttributeException e) { // ok, try the next attributeprovider } catch (MOAIDException e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 669a9389b..9c0869d97 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -20,7 +20,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession) throws UnsupportedAttributeException { PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); @@ -31,7 +30,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) { // TODO Auto-generated method stub return null; @@ -40,7 +38,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ - @Override public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index 2f6b69075..26fc00406 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -20,7 +20,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { throw new ExternalAttributeRequestRequiredException(this); @@ -29,7 +28,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) { PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); @@ -39,7 +37,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ - @Override public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 8b96e0d10..758b70f2d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -55,7 +55,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { @@ -203,7 +202,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) */ - @Override public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { @@ -213,7 +211,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { // there is no redirect required, so we throw an exception when someone asks us to parse a response diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java new file mode 100644 index 000000000..e7cd87e85 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java @@ -0,0 +1,129 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; +import java.util.ArrayList; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.codec.binary.Base64; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.StringUtils; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * Forwards a signedDoc attribute request to the oasis-dss service instance + */ +public class SignedDocAttributeRequestProvider implements AttributeProvider { + + private PersonalAttribute requestedAttribute; + + /** + * The URL of the service listening for the oasis dss webform post request + */ + private String oasisDssWebFormURL; + + /** + * Instantiates a new signed doc attribute request provider. + * + * @param oasisDssWebFormURL + * the AP location + */ + public SignedDocAttributeRequestProvider(String oasisDssWebFormURL) { + this.oasisDssWebFormURL = oasisDssWebFormURL; + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java + * .lang.String) + */ + public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) throws UnsupportedAttributeException, + ExternalAttributeRequestRequiredException { + requestedAttribute = attribute; + + throw new ExternalAttributeRequestRequiredException(this); + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax + * .servlet.http.HttpServletRequest) + */ + public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { + Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request"); + + + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + try { + String signResponse = new String(Base64.decodeBase64(httpReq.getParameter("signresponse")), "UTF8"); + List values = new ArrayList(); + values.add(signResponse); + + Logger.debug("Assembling signedDoc attribute"); + PersonalAttribute signedDocAttribute = new PersonalAttribute(requestedAttribute.getName(), requestedAttribute.isRequired(), values, + "Available"); + + // pack and return the result + PersonalAttributeList result = new PersonalAttributeList(); + result.add(signedDocAttribute); + return result; + } catch (UnsupportedEncodingException e) { + Logger.error("Failed to assemble signedDoc attribute"); + throw new MOAIDException("stork.05", null); + } + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect + * (java.lang.String) + */ + public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) + throws MOAIDException { + + try { + Logger.trace("Initialize VelocityEngine..."); + + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/oasis_dss_webform_binding.vm"); + VelocityContext context = new VelocityContext(); + context.put("signrequest", Base64.encodeBase64String(requestedAttribute.getValue().get(0).getBytes("UTF8"))); + context.put("action", oasisDssWebFormURL); + + StringWriter writer = new StringWriter(); + template.merge(context, writer); + + resp.getOutputStream().write(writer.toString().getBytes()); + } catch (Exception e) { + Logger.error("Error sending STORK SAML AttrRequest.", e); + throw new MOAIDException("stork.11", null); + } + } + +} -- cgit v1.2.3 From a949aceb20f55adad0dc797eba42c00f8d026fe1 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 27 Feb 2014 18:53:42 +0100 Subject: auth --- .../id/protocols/stork2/AuthenticationRequest.java | 28 +++++++++++++++------- 1 file changed, 19 insertions(+), 9 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 6a2fe3bfc..e10c4d9d9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -31,6 +31,7 @@ import java.io.*; import java.util.HashMap; import eu.stork.peps.auth.engine.SAMLEngine; import org.w3c.dom.Element; +import org.w3c.dom.NamedNodeMap; /** @@ -54,17 +55,18 @@ public class AuthenticationRequest implements IAction { this.moaSession = moasession; this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req; - try{ - MISMandate mandate = moasession.getMISMandate(); - String owbpk = mandate.getOWbPK(); - byte[] mand = mandate.getMandate(); - String profprep = mandate.getProfRep(); - //String textdesc = mandate.getTextualDescriptionOfOID(); - Element mndt = moasession.getMandate(); + try { + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); - Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); -} catch (Exception x) {} + iterate(mndt.getAttributes()); + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); + } catch (Exception x) {} Logger.debug("Starting AuthenticationRequest"); //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); @@ -134,6 +136,14 @@ public class AuthenticationRequest implements IAction { } + private void iterate(NamedNodeMap attributesList) { + for (int j = 0; j < attributesList.getLength(); j++) { + Logger.debug("--Attribute: " + + attributesList.item(j).getNodeName() + " = " + + attributesList.item(j).getNodeValue()); + } } + + public PersonalAttributeList populateAttributes() { IPersonalAttributeList attrLst = moaStorkAuthnRequest.getStorkAuthnRequest().getPersonalAttributeList(); -- cgit v1.2.3 From a04189917f59dcc532e088ad366da67e31f62ffd Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Fri, 28 Feb 2014 12:03:28 +0100 Subject: url fix, attribute comparison fix, samlengine profile fix --- .../id/protocols/stork2/AttributeCollector.java | 194 +++++++++++++++------ .../moa/id/protocols/stork2/STORKProtocol.java | 2 +- 2 files changed, 143 insertions(+), 53 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index b7fa37757..7801f9a54 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -91,59 +91,149 @@ public class AttributeCollector implements IAction { * @throws MOAIDException */ public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException { - // check if there are attributes we need to fetch - IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); - IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); - List missingAttributes = new ArrayList(); - for(PersonalAttribute current : requestAttributeList) - if(!responseAttributeList.containsKey(current)) - missingAttributes.add(current); - - try { - // for each attribute still missing - for(PersonalAttribute currentAttribute : missingAttributes) { - // - check if we can find a suitable AttributeProvider Plugin - for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { - try { - // - hand over control to the suitable plugin - IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); - - // - add the aquired attribute to the container - for(PersonalAttribute current : aquiredAttributes) - container.getResponse().getPersonalAttributeList().add(current); - } catch(UnsupportedAttributeException e) { - // ok, try the next attributeprovider - } catch(MOAIDException e) { - // the current plugin had an error. Try the next one. - // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop - } - - } - } - } catch (ExternalAttributeRequestRequiredException e) { - // the attribute request is ongoing and requires an external service. - try { - // memorize the container again - // - generate new key - String newArtifactId = new SecureRandomIdentifierGenerator() - .generateIdentifier(); - - // - put container in temporary store. - AssertionStorage.getInstance().put(newArtifactId, container); - - // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); - } catch (Exception e1) { - // TODO should we return the response as is to the PEPS? - Logger.error("Error putting incomplete Stork response into temporary storage", e); - throw new MOAIDException("stork.11", null); - } + // check if there are attributes we need to fetch + this.httpResp = response; + this.container = container; + + IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); + IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); + List missingAttributes = new ArrayList(); + for (PersonalAttribute current : requestAttributeList) + if (!responseAttributeList.containsKey(current.getName())) + missingAttributes.add(current); + + // Try to get all missing attributes + try { + // for each attribute still missing + for (PersonalAttribute currentAttribute : missingAttributes) { + // - check if we can find a suitable AttributeProvider Plugin + for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { + try { + // - hand over control to the suitable plugin + IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); + + // - add the aquired attribute to the container + for (PersonalAttribute current : aquiredAttributes) + container.getResponse().getPersonalAttributeList().add(current); + } catch (UnsupportedAttributeException e) { + // ok, try the next attributeprovider + } catch (MOAIDException e) { + // the current plugin had an error. Try the next one. + // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop + } + + } + } + + // build response + generateSTORKResponse(); + + // set new http response + generateRedirectResponse(); + response = httpResp; + + return "12345"; // AssertionId + + } catch (ExternalAttributeRequestRequiredException e) { + // the attribute request is ongoing and requires an external service. + try { + // memorize the container again + // - generate new key + String newArtifactId = new SecureRandomIdentifierGenerator() + .generateIdentifier(); + // - put container in temporary store. + AssertionStorage.getInstance().put(newArtifactId, container); + + // add container-key to redirect embedded within the return URL + e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); + + + } catch (Exception e1) { + // TODO should we return the response as is to the PEPS? + Logger.error("Error putting incomplete Stork response into temporary storage", e); + throw new MOAIDException("stork.11", null); + } + + return "12345"; // TODO what to do here? + } - return "12345"; // TODO what to do here? - } - // build response - // done - return "12345"; // AssertionId + + } + + + private void generateSTORKResponse() throws MOAIDException { + STORKAuthnResponse authnResponse = container.getResponse(); + STORKAuthnRequest authnRequest = container.getRequest(); + + try { + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + Logger.debug("Starting generation of SAML response"); + authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false); + + //generateSAML Token + Logger.info("SAML response succesfully generated!"); + } catch (STORKSAMLEngineException e) { + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } + + Logger.info("STORK SAML Response message succesfully generated "); + String statusCodeValue = authnResponse.getStatusCode(); + + try { + Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); + Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works + Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + + } catch (IOException e) { + e.printStackTrace(); + } + + container.setResponse(authnResponse); + + } + + + private void generateRedirectResponse() { + STORKAuthnResponse authnResponse = container.getResponse(); + STORKAuthnRequest authnRequest = container.getRequest(); + + + // preparing redirection for the client + + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); + + context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + + Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); + context.put("action", authnRequest.getAssertionConsumerServiceURL()); + Logger.debug("Starting template merge"); + StringWriter writer = new StringWriter(); + + Logger.debug("Doing template merge"); + template.merge(context, writer); + Logger.debug("Template merge done"); + + Logger.debug("Sending html content: " + writer.getBuffer().toString()); + Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); + + + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + } + + //HttpSession httpSession = this.httpResp.getSession(); + //httpSession.setAttribute("STORKSessionID", "12345"); + //Logger.info("Status code again: " + authnResponse.getStatusCode()); + + //return "12345"; // AssertionId } /* (non-Javadoc) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 318a8fc9c..01f0079ca 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -137,7 +137,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); STORKAuthnRequest authnRequest = null; Logger.error("decsamltoken" +decSamlToken.toString()); -- cgit v1.2.3 From 2517b992ab38c09bc2979ed5010aee113e569834 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Fri, 28 Feb 2014 17:07:38 +0100 Subject: protocol change --- .../java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 502925a2a..9b46ee9c6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -62,7 +62,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } public STORKProtocol() { - super(); // + super(); } /* @@ -152,7 +152,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.error("spid " + authnRequest.getSPID()); Logger.error("spi " + authnRequest.getSpInstitution()); - + authnRequest.setCountry(""); STORK2Request.setSTORKAuthnRequest(authnRequest); -- cgit v1.2.3 From 7767c1c7fe237ec729d98d66577f8a247c622d85 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 09:36:31 +0100 Subject: clean --- .../moa/id/protocols/stork2/STORKProtocol.java | 39 ++-------------------- 1 file changed, 3 insertions(+), 36 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 9b46ee9c6..042d61080 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -25,7 +25,6 @@ import java.util.HashMap; /** * Stork 2 Protocol Support - * Date: 11/29/13, Time: 12:32 PM * @author bsuzic */ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { @@ -71,22 +70,9 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { */ public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { Logger.debug("Starting preprocessing"); - Logger.debug("Got request: " + request.toString()); Logger.debug("Request method: " + request.getMethod()); - for (Object o : Collections.list(request.getHeaderNames())) { - Logger.debug("Request header: " + o.toString() + ":::" + request.getHeader(o.toString())); - } - for (Object o : Collections.list(request.getParameterNames())) { - Logger.debug("Request parameter: " + o.toString() + "::::" + request.getParameter(o.toString())); - } - Logger.debug("Request content length: " + request.getContentLength()); - Logger.debug("Request query: " + request.getQueryString()); - Logger.debug("Response: " + response.toString()); - Logger.debug("Action: " + action); - - Logger.debug("Processing saml request"); - String SAMLRequest = request.getParameter("SAMLRequest"); + Logger.debug("Initiating action: " + action); HTTPInTransport profileReq = new HttpServletRequestAdapter(request); HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure()); @@ -104,28 +90,11 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } catch (Exception e) { Logger.error("Error decoding STORKAuthnRequest", e); } - /* - - STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage(); - //MOASTORKAuthnRequest STORK2Request = (MOASTORKAuthnRequest)samlMessageContext.getInboundSAMLMessage(); - MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest(); - STORK2Request.setSTORKAuthnRequest(ST2Req); - - Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode()); - Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel()); - Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString()); - - */ - //STORKAuthnReq storkAuthnReq = new STORKAuthnReq(); - MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest(); //extract STORK Response from HTTP Request - //Decodes SAML Response - - byte[] decSamlToken; try { decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest")); @@ -138,12 +107,11 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); STORKAuthnRequest authnRequest = null; - Logger.error("decsamltoken" +decSamlToken.toString()); try { - authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); + authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate storkrkauthnreqeust" + ex.getMessage() ); + Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() ); } Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL()); @@ -152,7 +120,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.error("spid " + authnRequest.getSPID()); Logger.error("spi " + authnRequest.getSpInstitution()); - authnRequest.setCountry(""); STORK2Request.setSTORKAuthnRequest(authnRequest); -- cgit v1.2.3 From 85da46b80e3b1c3d3565d044c1fba9c07182482b Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 09:26:02 +0100 Subject: refactoring --- .../id/protocols/stork2/AttributeCollector.java | 37 ++++++++++++---------- .../moa/id/protocols/stork2/DataContainer.java | 21 ++++++++++++ 2 files changed, 41 insertions(+), 17 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 7801f9a54..93b2b0495 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -1,11 +1,14 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.io.IOException; +import java.io.StringWriter; import java.util.ArrayList; import java.util.List; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -17,10 +20,18 @@ import at.gv.egovernment.moa.logging.Logger; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; /** * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins. @@ -92,8 +103,6 @@ public class AttributeCollector implements IAction { */ public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException { // check if there are attributes we need to fetch - this.httpResp = response; - this.container = container; IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -126,11 +135,10 @@ public class AttributeCollector implements IAction { } // build response - generateSTORKResponse(); + generateSTORKResponse(container); // set new http response - generateRedirectResponse(); - response = httpResp; + generateRedirectResponse(response, container); return "12345"; // AssertionId @@ -161,7 +169,7 @@ public class AttributeCollector implements IAction { } - private void generateSTORKResponse() throws MOAIDException { + private void generateSTORKResponse(DataContainer container) throws MOAIDException { STORKAuthnResponse authnResponse = container.getResponse(); STORKAuthnRequest authnRequest = container.getRequest(); @@ -181,21 +189,16 @@ public class AttributeCollector implements IAction { Logger.info("STORK SAML Response message succesfully generated "); String statusCodeValue = authnResponse.getStatusCode(); - try { - Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); - Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works - Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); - - } catch (IOException e) { - e.printStackTrace(); - } + Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); + Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); + Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml())); container.setResponse(authnResponse); } - private void generateRedirectResponse() { + private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) { STORKAuthnResponse authnResponse = container.getResponse(); STORKAuthnRequest authnRequest = container.getRequest(); @@ -207,8 +210,8 @@ public class AttributeCollector implements IAction { Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); VelocityContext context = new VelocityContext(); - context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); - Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()).getBytes()); + Logger.debug("SAMLResponse original: " + new String(authnResponse.getTokenSaml()).getBytes()); Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); context.put("action", authnRequest.getAssertionConsumerServiceURL()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java index 40c827ef8..a1c40526d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java @@ -23,6 +23,9 @@ public class DataContainer implements Serializable { /** The target. */ private String target; + /** The remote address. */ + private String remoteAddress; + /** * Gets the request. * @@ -76,4 +79,22 @@ public class DataContainer implements Serializable { public void setTarget(String target) { this.target = target; } + + /** + * Gets the remote address. + * + * @return the remote address + */ + public String getRemoteAddress() { + return remoteAddress; + } + + /** + * Sets the remote address. + * + * @param remoteAddress the new remote address + */ + public void setRemoteAddress(String remoteAddress) { + this.remoteAddress = remoteAddress; + } } -- cgit v1.2.3 From bf784b6222784758eb846b0aaf2080b009549be0 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 09:30:41 +0100 Subject: cleanup --- .../id/protocols/stork2/AttributeCollector.java | 29 +++++++++------------- .../ExternalAttributeRequestRequiredException.java | 15 +++++++++++ 2 files changed, 27 insertions(+), 17 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 93b2b0495..c711d9400 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import java.io.IOException; import java.io.StringWriter; import java.util.ArrayList; import java.util.List; @@ -164,11 +163,14 @@ public class AttributeCollector implements IAction { return "12345"; // TODO what to do here? } - - } - + /** + * generates binary response from given response class. + * + * @param container the container + * @throws MOAIDException the mOAID exception + */ private void generateSTORKResponse(DataContainer container) throws MOAIDException { STORKAuthnResponse authnResponse = container.getResponse(); STORKAuthnRequest authnRequest = container.getRequest(); @@ -187,24 +189,24 @@ public class AttributeCollector implements IAction { } Logger.info("STORK SAML Response message succesfully generated "); - String statusCodeValue = authnResponse.getStatusCode(); - Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml())); container.setResponse(authnResponse); - } - + /** + * writes the storkresponse to the httpresponse using the velocity engine. + * + * @param httpResp the http resp + * @param container the container + */ private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) { STORKAuthnResponse authnResponse = container.getResponse(); STORKAuthnRequest authnRequest = container.getRequest(); - // preparing redirection for the client - try { VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); @@ -225,18 +227,11 @@ public class AttributeCollector implements IAction { Logger.debug("Sending html content: " + writer.getBuffer().toString()); Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); } catch (Exception e) { Logger.error("Velocity error: " + e.getMessage()); } - - //HttpSession httpSession = this.httpResp.getSession(); - //httpSession.setAttribute("STORKSessionID", "12345"); - //Logger.info("Status code again: " + authnResponse.getStatusCode()); - - //return "12345"; // AssertionId } /* (non-Javadoc) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java index 29b09487b..56f31723c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java @@ -1,12 +1,27 @@ package at.gv.egovernment.moa.id.protocols.stork2; public class ExternalAttributeRequestRequiredException extends Exception { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 5207631348933518908L; + + /** The ap. */ private AttributeProvider ap; + /** + * Instantiates a new external attribute request required exception. + * + * @param provider the provider + */ public ExternalAttributeRequestRequiredException(AttributeProvider provider) { ap = provider; } + /** + * Gets the ap. + * + * @return the ap + */ public AttributeProvider getAp() { return ap; } -- cgit v1.2.3 From 142bf6e5c229aa523e5c1363716d011df6d6af93 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 14:03:38 +0100 Subject: attr supporT --- .../id/protocols/stork2/AuthenticationRequest.java | 95 ++++++++++------------ .../id/protocols/stork2/MOAAttributeProvider.java | 10 +-- .../id/protocols/stork2/MOASTORKAuthnRequest.java | 71 ---------------- .../moa/id/protocols/stork2/MOASTORKRequest.java | 95 ++++++++++++++++++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 25 ++++-- 5 files changed, 160 insertions(+), 136 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index e10c4d9d9..91326a51d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -3,91 +3,77 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; -import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; -import edu.emory.mathcs.backport.java.util.Collections; -import eu.stork.peps.auth.commons.*; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import org.apache.commons.io.IOUtils; -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAuthnResponse; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; -import org.opensaml.xml.util.Base64; -import org.opensaml.xml.util.XMLHelper; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import java.io.*; -import java.util.HashMap; -import eu.stork.peps.auth.engine.SAMLEngine; import org.w3c.dom.Element; import org.w3c.dom.NamedNodeMap; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + /** + * Second request step - after authentication of the user is done and moasession obtained, + * process request and forward the user further to PEPS and/or other entities + * * @author bsuzic - * Date: 12/3/13, Time: 2:08 PM */ public class AuthenticationRequest implements IAction { - /* - Second request step - after authentication of the user is done and moasession obtained, - process request and forward the user further to PEPS and/or other entities - */ private VelocityEngine velocityEngine; private AuthenticationSession moaSession; - private MOASTORKAuthnRequest moaStorkAuthnRequest; + private MOASTORKRequest moaStorkRequest; public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { this.moaSession = moasession; - this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req; - - try { - MISMandate mandate = moasession.getMISMandate(); - String owbpk = mandate.getOWbPK(); - byte[] mand = mandate.getMandate(); - String profprep = mandate.getProfRep(); - //String textdesc = mandate.getTextualDescriptionOfOID(); - Element mndt = moasession.getMandate(); + this.moaStorkRequest = (MOASTORKRequest) req; + + if (moasession.getUseMandate()) { + try { + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); + + iterate(mndt.getAttributes()); + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); + } catch (Exception x) { + Logger.debug("There is no mandate used in transaction"); + } + } - iterate(mndt.getAttributes()); - Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); - } catch (Exception x) {} Logger.debug("Starting AuthenticationRequest"); - //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); - Logger.debug("Http Response: " + httpResp.toString() + ", "); - Logger.debug("Remote user: " + httpReq.getRemoteAddr()); - Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget()); httpResp.reset(); STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry(((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getSpCountry()); - + authnResponse.setCountry(((MOASTORKRequest) req).getStorkAuthnRequest().getSpCountry()); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); // Prepare basic AT attributes try { - IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); + IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); @@ -114,13 +100,13 @@ public class AuthenticationRequest implements IAction { DataContainer container = new DataContainer(); // - fill in the request we extracted above - container.setRequest(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); - + container.setRequest(((MOASTORKRequest) req).getStorkAuthnRequest()); + // - fill in the partial response created above container.setResponse(authnResponse); - + // - memorize the target url were we have to return the result - container.setTarget(((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + container.setTarget(((MOASTORKRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); container.setRemoteAddress(httpReq.getRemoteAddr()); @@ -141,24 +127,25 @@ public class AuthenticationRequest implements IAction { Logger.debug("--Attribute: " + attributesList.item(j).getNodeName() + " = " + attributesList.item(j).getNodeValue()); - } } + } + } public PersonalAttributeList populateAttributes() { - IPersonalAttributeList attrLst = moaStorkAuthnRequest.getStorkAuthnRequest().getPersonalAttributeList(); - Logger.info("Found " + attrLst.size() + " personal attributes in the request." ); + IPersonalAttributeList attrLst = moaStorkRequest.getStorkAuthnRequest().getPersonalAttributeList(); + Logger.info("Found " + attrLst.size() + " personal attributes in the request."); // Define attribute list to be populated PersonalAttributeList attributeList = new PersonalAttributeList(); - MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink(), moaStorkAuthnRequest); + MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink(), moaStorkRequest); try { for (PersonalAttribute personalAttribute : attrLst) { Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired()); moaAttributeProvider.populateAttribute(attributeList, personalAttribute); } - } catch (Exception e) { + } catch (Exception e) { Logger.error("Exception, attributes: " + e.getMessage()); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 190a0d27c..d89fb8cb2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -22,7 +22,7 @@ public class MOAAttributeProvider { private final IdentityLink identityLink; private static final Map storkAttributeSimpleMapping; private static final Map storkAttributeFunctionMapping; - private final MOASTORKAuthnRequest moastorkAuthnRequest; + private final MOASTORKRequest moastorkRequest; static { Map tempSimpleMap = new HashMap(); @@ -35,9 +35,9 @@ public class MOAAttributeProvider { storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); } - public MOAAttributeProvider(IdentityLink identityLink, MOASTORKAuthnRequest moastorkAuthnRequest) { + public MOAAttributeProvider(IdentityLink identityLink, MOASTORKRequest moastorkRequest) { this.identityLink = identityLink; - this.moastorkAuthnRequest = moastorkAuthnRequest; + this.moastorkRequest = moastorkRequest; Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue()); } @@ -70,9 +70,9 @@ public class MOAAttributeProvider { } private String geteIdentifier() { - Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry()); + Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkRequest.getStorkAuthnRequest().getSpCountry()); try { - return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry()); + return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkRequest.getStorkAuthnRequest().getSpCountry()); } catch (BuildException be) { Logger.error("Stork eid could not be constructed; " + be.getMessage()); return null; // TODO error diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java deleted file mode 100644 index cee64e16e..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java +++ /dev/null @@ -1,71 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.moduls.IRequest; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import org.opensaml.common.xml.SAMLConstants; - -/** - * @author bsuzic - * Date: 12/4/13, Time: 6:31 PM - */ - -public class MOASTORKAuthnRequest implements IRequest { - private String requestID; - private String target = null; - String module = null; - String action = null; - private STORKAuthnRequest storkAuthnRequest; - - public void setSTORKAuthnRequest(STORKAuthnRequest request) { - this.storkAuthnRequest = request; - } - - public STORKAuthnRequest getStorkAuthnRequest() { - return this.storkAuthnRequest; - } - - public String getOAURL() { - - return "https://sp:8889/SP"; // - } - - public boolean isPassiv() { - return false; // - } - - public boolean forceAuth() { - return false; // - } - - public boolean isSSOSupported() { - return false; // - } - - public String requestedModule() { - return this.module; // - } - - public String requestedAction() { - return action; // - } - - public void setModule(String module) { - this.module = module; - } - - public void setAction(String action) { - this.action = action; - } - - public String getTarget() { - return this.target; // - } - - public void setRequestID(String id) { - this.requestID = id; - } - - public String getRequestID() { - return this.requestID; // - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java new file mode 100644 index 000000000..8c7fd8706 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -0,0 +1,95 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.moduls.IRequest; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAuthnRequest; + +/** + * Implements MOA request and stores StorkAuthnRequest related data + * + * @author bsuzic + */ + +public class MOASTORKRequest implements IRequest { + private String requestID; + private String target = null; + String module = null; + String action = null; + private STORKAuthnRequest storkAuthnRequest; + private STORKAttrQueryRequest storkAttrQueryRequest; + private boolean isAttrRequest = false; + private boolean isAuthnRequest = false; + + public void setSTORKAuthnRequest(STORKAuthnRequest request) { + this.storkAuthnRequest = request; + if (request != null) { + isAuthnRequest = true; + } + } + + public void setSTORKAttrRequest(STORKAttrQueryRequest request) { + this.storkAttrQueryRequest = request; + if (request != null) { + isAttrRequest = true; + } + + } + + public boolean isAttrRequest() { + return this.isAttrRequest; + } + + public boolean isAuthnRequest() { + return this.isAuthnRequest; + } + + + public STORKAuthnRequest getStorkAuthnRequest() { + return this.storkAuthnRequest; + } + + public String getOAURL() { + + return storkAuthnRequest.getAssertionConsumerServiceURL(); + } + + public boolean isPassiv() { + return false; + } + + public boolean forceAuth() { + return false; + } + + public boolean isSSOSupported() { + return false; + } + + public String requestedModule() { + return this.module; + } + + public String requestedAction() { + return action; + } + + public void setModule(String module) { + this.module = module; + } + + public void setAction(String action) { + this.action = action; + } + + public String getTarget() { + return this.target; + } + + public void setRequestID(String id) { + this.requestID = id; + } + + public String getRequestID() { + return this.requestID; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 042d61080..28a516d2a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -5,13 +5,12 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.opensaml.common.binding.BasicSAMLMessageContext; -import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; import org.opensaml.ws.transport.http.HTTPInTransport; import org.opensaml.ws.transport.http.HTTPOutTransport; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; @@ -20,7 +19,6 @@ import eu.stork.peps.auth.commons.STORKAuthnRequest; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import java.util.Collections; import java.util.HashMap; /** @@ -81,6 +79,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); samlMessageContext.setInboundMessageTransport(profileReq); +/* HTTPPostDecoder postDecoder = new HTTPPostDecoder(); postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator @@ -90,8 +89,9 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } catch (Exception e) { Logger.error("Error decoding STORKAuthnRequest", e); } +*/ - MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest(); + MOASTORKRequest STORK2Request = new MOASTORKRequest(); //extract STORK Response from HTTP Request @@ -99,7 +99,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { try { decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest")); } catch(NullPointerException e) { - Logger.error("Unable to retrieve STORK Response", e); + Logger.error("Unable to retrieve STORK Request", e); throw new MOAIDException("stork.04", null); } @@ -107,13 +107,26 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); STORKAuthnRequest authnRequest = null; + STORKAttrQueryRequest attrRequest = null; + // check if valid authn request is contained try { authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() ); } + + // check if a valid attr request is container + try { + attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken); + } catch (STORKSAMLEngineException ex) { + Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() ); + } + + + + Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL()); Logger.error("cc " + authnRequest.getCitizenCountryCode()); Logger.error("iss " + authnRequest.getIssuer()); @@ -121,7 +134,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.error("spi " + authnRequest.getSpInstitution()); STORK2Request.setSTORKAuthnRequest(authnRequest); - + STORK2Request.setSTORKAttrRequest(attrRequest); return STORK2Request; } -- cgit v1.2.3 From b04102cfcf46aa62417b6f1990dff76e2b706862 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 14:05:18 +0100 Subject: remove comments --- .../moa/id/protocols/stork2/STORKProtocol.java | 25 ++++++---------------- 1 file changed, 6 insertions(+), 19 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 28a516d2a..3b9a5bc29 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -8,6 +8,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAuthnRequest; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -15,7 +16,6 @@ import org.opensaml.ws.transport.http.HTTPInTransport; import org.opensaml.ws.transport.http.HTTPOutTransport; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; import org.opensaml.ws.transport.http.HttpServletResponseAdapter; -import eu.stork.peps.auth.commons.STORKAuthnRequest; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -23,6 +23,7 @@ import java.util.HashMap; /** * Stork 2 Protocol Support + * * @author bsuzic */ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { @@ -31,7 +32,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public static final String PATH = "id_stork2"; public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; - public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; + public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; private static HashMap actions = new HashMap(); @@ -79,18 +80,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); samlMessageContext.setInboundMessageTransport(profileReq); -/* - HTTPPostDecoder postDecoder = new HTTPPostDecoder(); - postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator - - try { - Logger.debug("Attempting to decode request..."); - postDecoder.decode(samlMessageContext); - } catch (Exception e) { - Logger.error("Error decoding STORKAuthnRequest", e); - } -*/ - MOASTORKRequest STORK2Request = new MOASTORKRequest(); @@ -98,7 +87,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { byte[] decSamlToken; try { decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest")); - } catch(NullPointerException e) { + } catch (NullPointerException e) { Logger.error("Unable to retrieve STORK Request", e); throw new MOAIDException("stork.04", null); } @@ -113,7 +102,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { try { authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() ); + Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } @@ -121,12 +110,10 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { try { attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() ); + Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } - - Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL()); Logger.error("cc " + authnRequest.getCitizenCountryCode()); Logger.error("iss " + authnRequest.getIssuer()); -- cgit v1.2.3 From c900f870b2e64c2e25820b8162d8f0444c0dc7d4 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 16:03:08 +0100 Subject: aatributes --- .../id/protocols/stork2/AuthenticationRequest.java | 112 +++++++++++---------- .../stork2/DemoNoRedirectAttributeProvider.java | 3 - .../stork2/DemoRedirectAttributeProvider.java | 3 - .../id/protocols/stork2/MISAttributeProvider.java | 27 +++++ .../moa/id/protocols/stork2/MOASTORKRequest.java | 15 ++- .../moa/id/protocols/stork2/STORKProtocol.java | 22 ++-- 6 files changed, 108 insertions(+), 74 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 91326a51d..d33b33c77 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -33,88 +33,96 @@ public class AuthenticationRequest implements IAction { private VelocityEngine velocityEngine; - private AuthenticationSession moaSession; - private MOASTORKRequest moaStorkRequest; + private AuthenticationSession moaSession = null; + private MOASTORKRequest moaStorkRequest = null; public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { this.moaSession = moasession; - this.moaStorkRequest = (MOASTORKRequest) req; - if (moasession.getUseMandate()) { - try { - MISMandate mandate = moasession.getMISMandate(); - String owbpk = mandate.getOWbPK(); - byte[] mand = mandate.getMandate(); - String profprep = mandate.getProfRep(); - //String textdesc = mandate.getTextualDescriptionOfOID(); - Element mndt = moasession.getMandate(); - - iterate(mndt.getAttributes()); - Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); - } catch (Exception x) { - Logger.debug("There is no mandate used in transaction"); + if (req instanceof MOASTORKRequest) { + + this.moaStorkRequest = (MOASTORKRequest) req; + + + if (moasession.getUseMandate()) { + try { + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); + + iterate(mndt.getAttributes()); + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); + } catch (Exception x) { + Logger.debug("There is no mandate used in transaction"); + } } - } - Logger.debug("Starting AuthenticationRequest"); - httpResp.reset(); + Logger.debug("Starting AuthenticationRequest"); + httpResp.reset(); - STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry(((MOASTORKRequest) req).getStorkAuthnRequest().getSpCountry()); + STORKAuthnResponse authnResponse = new STORKAuthnResponse(); + authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry()); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - // Prepare basic AT attributes - try { - IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); - Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); + // Prepare basic AT attributes + try { + IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); + Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); - for (PersonalAttribute personalAttribute : moaAttrList) { - Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); - if (personalAttribute.getValue().size() > 0) { - for (String value : personalAttribute.getValue()) { - Logger.info(" Value found: " + value); + for (PersonalAttribute personalAttribute : moaAttrList) { + Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); + if (personalAttribute.getValue().size() > 0) { + for (String value : personalAttribute.getValue()) { + Logger.info(" Value found: " + value); + } } } - } - } catch (Exception e) { - Logger.error("Exception, attributes: " + e.getMessage()); - } + } catch (Exception e) { + Logger.error("Exception, attributes: " + e.getMessage()); + } - // Get personal attributtes from MOA/IdentityLink - authnResponse.setPersonalAttributeList(populateAttributes()); + // Get personal attributtes from MOA/IdentityLink + authnResponse.setPersonalAttributeList(populateAttributes()); - // Prepare extended attributes - Logger.debug("Preparing data container"); + // Prepare extended attributes + Logger.debug("Preparing data container"); - // create fresh container - DataContainer container = new DataContainer(); + // create fresh container + DataContainer container = new DataContainer(); - // - fill in the request we extracted above - container.setRequest(((MOASTORKRequest) req).getStorkAuthnRequest()); + // - fill in the request we extracted above + container.setRequest(moaStorkRequest.getStorkAuthnRequest()); - // - fill in the partial response created above - container.setResponse(authnResponse); + // - fill in the partial response created above + container.setResponse(authnResponse); - // - memorize the target url were we have to return the result - container.setTarget(((MOASTORKRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + // - memorize the target url were we have to return the result + container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL()); - container.setRemoteAddress(httpReq.getRemoteAddr()); + container.setRemoteAddress(httpReq.getRemoteAddr()); - Logger.debug("Data container prepared"); + Logger.debug("Data container prepared"); - return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + } else { + Logger.error("Could not recognize request."); + throw new MOAIDException("stork.15", null); + } } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 669a9389b..9c0869d97 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -20,7 +20,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession) throws UnsupportedAttributeException { PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); @@ -31,7 +30,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) { // TODO Auto-generated method stub return null; @@ -40,7 +38,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ - @Override public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index 2f6b69075..26fc00406 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -20,7 +20,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { throw new ExternalAttributeRequestRequiredException(this); @@ -29,7 +28,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) { PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); @@ -39,7 +37,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ - @Override public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java new file mode 100644 index 000000000..7665bb239 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java @@ -0,0 +1,27 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * Implements Attribute Provider for Mandates + */ +public class MISAttributeProvider implements AttributeProvider { + public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { + return null; // + } + + public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { + // + } + + public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { + return null; // + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index 8c7fd8706..1776d958c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -1,11 +1,13 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAuthnRequest; /** - * Implements MOA request and stores StorkAuthnRequest related data + * Implements MOA request and stores StorkAuthn/Attr-Request related data * * @author bsuzic */ @@ -32,7 +34,6 @@ public class MOASTORKRequest implements IRequest { if (request != null) { isAttrRequest = true; } - } public boolean isAttrRequest() { @@ -49,8 +50,14 @@ public class MOASTORKRequest implements IRequest { } public String getOAURL() { - - return storkAuthnRequest.getAssertionConsumerServiceURL(); + if (isAuthnRequest) + return storkAuthnRequest.getAssertionConsumerServiceURL(); + else if (isAttrRequest) + return storkAttrQueryRequest.getAssertionConsumerServiceURL(); + else { + Logger.error("There is no authentication or attribute request contained in MOASTORKRequest."); + return null; + } } public boolean isPassiv() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 3b9a5bc29..e68b66510 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -6,9 +6,7 @@ import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.*; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -93,14 +91,15 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); + STORKSAMLEngine authnEngine = STORKSAMLEngine.getInstance("incoming"); + STORKSAMLEngine attrEngine = STORKSAMLEngine.getInstance("incoming_attr"); STORKAuthnRequest authnRequest = null; STORKAttrQueryRequest attrRequest = null; // check if valid authn request is contained try { - authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); + authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } @@ -108,17 +107,16 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { // check if a valid attr request is container try { - attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken); + attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } - - Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL()); - Logger.error("cc " + authnRequest.getCitizenCountryCode()); - Logger.error("iss " + authnRequest.getIssuer()); - Logger.error("spid " + authnRequest.getSPID()); - Logger.error("spi " + authnRequest.getSpInstitution()); + // if there is no authn or attr request, raise error + if ((authnRequest == null) && (attrRequest == null)) { + Logger.error("There is no authentication or attribute request contained."); + throw new MOAIDException("stork.14", null); + } STORK2Request.setSTORKAuthnRequest(authnRequest); STORK2Request.setSTORKAttrRequest(attrRequest); -- cgit v1.2.3 From e6dc09e9274cc5e38fa0c0832c205881faece862 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 16:03:18 +0100 Subject: remove attr test --- .../moa/id/protocols/stork2/AuthenticationRequest.java | 18 ------------------ 1 file changed, 18 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index d33b33c77..4e7a1bb8b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -75,24 +75,6 @@ public class AuthenticationRequest implements IAction { throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - // Prepare basic AT attributes - try { - IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); - Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); - - - for (PersonalAttribute personalAttribute : moaAttrList) { - Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); - if (personalAttribute.getValue().size() > 0) { - for (String value : personalAttribute.getValue()) { - Logger.info(" Value found: " + value); - } - } - } - - } catch (Exception e) { - Logger.error("Exception, attributes: " + e.getMessage()); - } // Get personal attributtes from MOA/IdentityLink authnResponse.setPersonalAttributeList(populateAttributes()); -- cgit v1.2.3 From 594dc394d958ee8c9106ff4ba837d6ba40fbecae Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 16:03:22 +0100 Subject: remove attr test --- .../at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java | 1 - 1 file changed, 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 4e7a1bb8b..cb49856c4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -75,7 +75,6 @@ public class AuthenticationRequest implements IAction { throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - // Get personal attributtes from MOA/IdentityLink authnResponse.setPersonalAttributeList(populateAttributes()); -- cgit v1.2.3 From 0d11865d1ccab1aca91e28c71cd86d1443faff41 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 16:20:00 +0100 Subject: putting attrrequest in main endpoint --- .../id/protocols/stork2/AuthenticationRequest.java | 101 ++++++++++++--------- .../moa/id/protocols/stork2/MOASTORKRequest.java | 5 +- 2 files changed, 63 insertions(+), 43 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index cb49856c4..18d0b479e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -9,10 +9,7 @@ import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.commons.*; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; import org.w3c.dom.Element; @@ -45,65 +42,63 @@ public class AuthenticationRequest implements IAction { this.moaStorkRequest = (MOASTORKRequest) req; + Logger.debug("Entering MOASTORKRequest"); + httpResp.reset(); - if (moasession.getUseMandate()) { - try { - MISMandate mandate = moasession.getMISMandate(); - String owbpk = mandate.getOWbPK(); - byte[] mand = mandate.getMandate(); - String profprep = mandate.getProfRep(); - //String textdesc = mandate.getTextualDescriptionOfOID(); - Element mndt = moasession.getMandate(); - - iterate(mndt.getAttributes()); - Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); - } catch (Exception x) { - Logger.debug("There is no mandate used in transaction"); - } - } - + // check if it is attribute query + if (moaStorkRequest.isAttrRequest()) { + Logger.debug("Starting AttrQueryRequest"); + STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse(); + IPersonalAttributeList personalAttributeList = moaStorkRequest.getStorkAttrQueryRequest().getPersonalAttributeList(); - Logger.debug("Starting AuthenticationRequest"); - httpResp.reset(); + // TODO Check if this instance is eligible to fetch attributes locally, assuming yes - STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry()); + return (new AttributeCollector()).processRequest(req, httpReq, httpResp, moasession); + } else + // check if we have authentication request + if (moaStorkRequest.isAuthnRequest()) { + Logger.debug("Starting AuthenticationRequest"); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + STORKAuthnResponse authnResponse = new STORKAuthnResponse(); + authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry()); + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - // Get personal attributtes from MOA/IdentityLink - authnResponse.setPersonalAttributeList(populateAttributes()); + // Get personal attributtes from MOA/IdentityLink + authnResponse.setPersonalAttributeList(populateAttributes()); - // Prepare extended attributes - Logger.debug("Preparing data container"); + // Prepare extended attributes + Logger.debug("Preparing data container"); - // create fresh container - DataContainer container = new DataContainer(); + // create fresh container + DataContainer container = new DataContainer(); - // - fill in the request we extracted above - container.setRequest(moaStorkRequest.getStorkAuthnRequest()); + // - fill in the request we extracted above + container.setRequest(moaStorkRequest.getStorkAuthnRequest()); - // - fill in the partial response created above - container.setResponse(authnResponse); + // - fill in the partial response created above + container.setResponse(authnResponse); - // - memorize the target url were we have to return the result - container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL()); + // - memorize the target url were we have to return the result + container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL()); - container.setRemoteAddress(httpReq.getRemoteAddr()); + container.setRemoteAddress(httpReq.getRemoteAddr()); - Logger.debug("Data container prepared"); + Logger.debug("Data container prepared"); - return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + } } else { Logger.error("Could not recognize request."); throw new MOAIDException("stork.15", null); } + + return null; } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { @@ -120,6 +115,28 @@ public class AuthenticationRequest implements IAction { } + // does nothing + public void mandate(AuthenticationSession moasession) { + + if (moasession.getUseMandate()) { + try { + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); + + iterate(mndt.getAttributes()); + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); + } catch (Exception x) { + Logger.debug("There is no mandate used in transaction"); + } + } + + + } + public PersonalAttributeList populateAttributes() { IPersonalAttributeList attrLst = moaStorkRequest.getStorkAuthnRequest().getPersonalAttributeList(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index 1776d958c..47a86174f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; @@ -49,6 +48,10 @@ public class MOASTORKRequest implements IRequest { return this.storkAuthnRequest; } + public STORKAttrQueryRequest getStorkAttrQueryRequest() { + return this.storkAttrQueryRequest; + } + public String getOAURL() { if (isAuthnRequest) return storkAuthnRequest.getAssertionConsumerServiceURL(); -- cgit v1.2.3 From 5e7e02ef338811ea240dd5e53a215f82fdf40954 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 16:30:07 +0100 Subject: remove override --- .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java | 3 --- 1 file changed, 3 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 8b96e0d10..758b70f2d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -55,7 +55,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { @@ -203,7 +202,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) */ - @Override public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { @@ -213,7 +211,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { // there is no redirect required, so we throw an exception when someone asks us to parse a response -- cgit v1.2.3 From 156ef68f4d89cf83e55fac8526e98e7cd445a31c Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 11:17:30 +0100 Subject: cleanup --- .../id/protocols/stork2/AttributeCollector.java | 91 ++++++++++++---------- 1 file changed, 48 insertions(+), 43 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index c711d9400..428d1c52c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -42,54 +42,59 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException; * */ public class AttributeCollector implements IAction { - - /** The Constant ARTIFACT_ID. */ - private static final String ARTIFACT_ID = "artifactId"; - + + /** + * The Constant ARTIFACT_ID. + */ + private static final String ARTIFACT_ID = "artifactId"; + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { - // read configuration parameters of OA - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); - - // find the attribute provider plugin that can handle the response - IPersonalAttributeList newAttributes = null; - for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) - try { - newAttributes = current.parse(httpReq); - } catch (UnsupportedAttributeException e1) { - // the current provider cannot find anything familiar within the - // provided httpreq. Try the next one. - } - - if (null == newAttributes) { - // we do not have a provider which is capable of fetching something - // from the received httpreq. - // TODO should we continue with the next attribute? - Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); - throw new MOAIDException("stork.11", null); - } - - // - fetch the container - String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); - DataContainer container; - try { - container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); - } catch (MOADatabaseException e) { - Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); - throw new MOAIDException("stork.11", null); - } - - // - insert the embedded attribute(s) into the container - for(PersonalAttribute current : newAttributes) - container.getResponse().getPersonalAttributeList().add(current); - - // see if we need some more attributes - return processRequest(container, httpReq, httpResp, moasession, oaParam); + // read configuration parameters of OA + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + + // find the attribute provider plugin that can handle the response + IPersonalAttributeList newAttributes = null; + for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) + try { + newAttributes = current.parse(httpReq); + } catch (UnsupportedAttributeException e1) { + // the current provider cannot find anything familiar within the + // provided httpreq. Try the next one. + // TODO check the loop + } + + if (null == newAttributes) { + // we do not have a provider which is capable of fetching something + // from the received httpreq. + // TODO should we continue with the next attribute? + Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); + throw new MOAIDException("stork.11", null); + } + + // - fetch the container + String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); + DataContainer container; + try { + container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); + throw new MOAIDException("stork.11", null); + } + + + + // - insert the embedded attribute(s) into the container + for (PersonalAttribute current : newAttributes) + container.getResponse().getPersonalAttributeList().add(current); + + // see if we need some more attributes + return processRequest(container, httpReq, httpResp, moasession, oaParam); } /** -- cgit v1.2.3 From e938b31db45af14312e0fe195d274f7f4c9e0aa9 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 14:43:47 +0100 Subject: fixed spCountryCode in Stork AttrQuery Plugin --- .../egovernment/moa/id/protocols/stork2/AttributeCollector.java | 4 ++-- .../egovernment/moa/id/protocols/stork2/AttributeProvider.java | 6 +++--- .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java | 2 +- .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 9 ++++----- 4 files changed, 10 insertions(+), 11 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 428d1c52c..6b7769c49 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -157,12 +157,12 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); + e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? - Logger.error("Error putting incomplete Stork response into temporary storage", e); + Logger.error("Error putting incomplete Stork response into temporary storage", e1); throw new MOAIDException("stork.11", null); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 59376fef6..6fba91fde 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -34,13 +34,13 @@ public interface AttributeProvider { * Perform redirect. * * @param url the return URL ending with ?artifactId=... - * @param citizenCountyCode the citizen county code + * @param spCountyCode the sp county code * @param req the request we got from the S-PEPS and for which we have to ask our APs * @param resp the response to the preceding request * @param oaParam the oa param - * @throws MOAIDException + * @throws MOAIDException the mOAID exception */ - public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException; + public void performRedirect(String url, String spCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException; /** * Parses the response we got from the external attribute provider. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 8b96e0d10..4404af4e3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -204,7 +204,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) */ @Override - public void performRedirect(String url, String citizenCountyCode, + public void performRedirect(String url, String spCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { // there is no redirect required diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index bd6f192dc..5efdfd117 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -91,13 +91,11 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ - @Override - public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { + public void performRedirect(String url, String spCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { String spSector = "Business"; String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); String spApplication = spInstitution; - String spCountry = "AT"; //generate AuthnRquest STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest(); @@ -106,12 +104,13 @@ public class StorkAttributeRequestProvider implements AttributeProvider { attributeRequest.setIssuer(HTTPUtils.getBaseURL(req)); attributeRequest.setQaa(oaParam.getQaaLevel()); attributeRequest.setSpInstitution(spInstitution); - attributeRequest.setCountry(spCountry); + attributeRequest.setCountry(spCountryCode); + attributeRequest.setSpCountry(spCountryCode); attributeRequest.setSpApplication(spApplication); attributeRequest.setSpSector(spSector); attributeRequest.setPersonalAttributeList(requestedAttributes); - attributeRequest.setCitizenCountryCode(citizenCountryCode); + attributeRequest.setCitizenCountryCode("AT"); Logger.debug("STORK AttrRequest succesfully assembled."); -- cgit v1.2.3 From 013bc5647275872ba182ad7bf62be1cbd7c80f38 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 16:47:25 +0100 Subject: treated possible infinite loop in ap collection --- .../id/protocols/stork2/AttributeCollector.java | 59 ++++++++++++++++------ 1 file changed, 43 insertions(+), 16 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 6b7769c49..2735fde68 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -27,6 +27,7 @@ import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; import eu.stork.peps.auth.commons.STORKAuthnRequest; import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; @@ -63,18 +64,18 @@ public class AttributeCollector implements IAction { for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) try { newAttributes = current.parse(httpReq); + + // stop as soon as we hit a capable plugin + break; } catch (UnsupportedAttributeException e1) { // the current provider cannot find anything familiar within the // provided httpreq. Try the next one. - // TODO check the loop } if (null == newAttributes) { // we do not have a provider which is capable of fetching something // from the received httpreq. - // TODO should we continue with the next attribute? Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); - throw new MOAIDException("stork.11", null); } // - fetch the container @@ -87,11 +88,8 @@ public class AttributeCollector implements IAction { throw new MOAIDException("stork.11", null); } - - // - insert the embedded attribute(s) into the container - for (PersonalAttribute current : newAttributes) - container.getResponse().getPersonalAttributeList().add(current); + addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes); // see if we need some more attributes return processRequest(container, httpReq, httpResp, moasession, oaParam); @@ -119,23 +117,35 @@ public class AttributeCollector implements IAction { try { // for each attribute still missing for (PersonalAttribute currentAttribute : missingAttributes) { - // - check if we can find a suitable AttributeProvider Plugin + + /* + * prefill attributes with "notAvailable". If we get them later, we override the value and status. + * This way, there is no error case in which an attribute is left unanswered. + */ + IPersonalAttributeList aquiredAttributes = new PersonalAttributeList(); + currentAttribute.setStatus("notAvailable"); + addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); + + // - check if we can find a suitable AttributeProvider Plugin for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { try { // - hand over control to the suitable plugin - IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); - - // - add the aquired attribute to the container - for (PersonalAttribute current : aquiredAttributes) - container.getResponse().getPersonalAttributeList().add(current); + aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); + break; } catch (UnsupportedAttributeException e) { // ok, try the next attributeprovider } catch (MOAIDException e) { // the current plugin had an error. Try the next one. - // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop } - } + + // check if we could fetch the attribute + if (null == aquiredAttributes) { + // if not + Logger.error("We have no suitable plugin for obtaining the attribute '" + currentAttribute.getName() + "'"); + } else + // else, update any existing attributes + addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); } // build response @@ -159,7 +169,6 @@ public class AttributeCollector implements IAction { // add container-key to redirect embedded within the return URL e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); - } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e1); @@ -238,6 +247,24 @@ public class AttributeCollector implements IAction { Logger.error("Velocity error: " + e.getMessage()); } } + + /** + * Adds or updates all {@link PersonalAttribute} objects given in {@code source} to/in {@code target}. + * + * @param target the target + * @param source the source + */ + private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) { + for (PersonalAttribute current : source) { + // check if we need to update the current pa + if (target.containsKey(current.getName())) { + target.get(current.getName()).setStatus(current.getStatus()); + target.get(current.getName()).setValue(current.getValue()); + target.get(current.getName()).setComplexValue(current.getComplexValue()); + } else + target.add(current); + } + } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) -- cgit v1.2.3 From 8dbc7af299d5e7a1dd4d1085d2840ff00f403bbb Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 20:28:57 +0100 Subject: attribut test --- .../id/protocols/stork2/AttributeCollector.java | 12 ++- .../moa/id/protocols/stork2/AttributeProvider.java | 1 + .../protocols/stork2/AttributeProviderFactory.java | 98 +++++++++++----------- .../id/protocols/stork2/MISAttributeProvider.java | 22 ++++- .../moa/id/protocols/stork2/MOASTORKRequest.java | 2 +- .../protocols/stork2/MandateRetrievalRequest.java | 28 +++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 8 +- 7 files changed, 115 insertions(+), 56 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 57c68e94c..030d7c497 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -124,15 +124,18 @@ public class AttributeCollector implements IAction { try { // for each attribute still missing for (PersonalAttribute currentAttribute : missingAttributes) { + Logger.error("Checking missing attribute: " + currentAttribute.getName()); // - check if we can find a suitable AttributeProvider Plugin for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { try { // - hand over control to the suitable plugin + Logger.error("Going to acquire missing attribute: " + currentAttribute.getName() + " at provider: " + currentProvider.getClass().getName()); IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); // - add the aquired attribute to the container - for (PersonalAttribute current : aquiredAttributes) - container.getResponse().getPersonalAttributeList().add(current); + + try { for (PersonalAttribute current : aquiredAttributes) + container.getResponse().getPersonalAttributeList().add(current); } catch (NullPointerException ex) { Logger.error ("Nothing found");} } catch (UnsupportedAttributeException e) { // ok, try the next attributeprovider } catch (MOAIDException e) { @@ -154,6 +157,7 @@ public class AttributeCollector implements IAction { } catch (ExternalAttributeRequestRequiredException e) { // the attribute request is ongoing and requires an external service. + Logger.error("EXTERNAL EXCEPTION CAUGHT"); try { // memorize the container again // - generate new key @@ -163,19 +167,19 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL + Logger.info("Performing redirect to gather attributes to: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix()); e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); + e1.printStackTrace(); throw new MOAIDException("stork.11", null); } return "12345"; // TODO what to do here? } - - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 59376fef6..2ecae1288 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -52,4 +52,5 @@ public interface AttributeProvider { */ public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException; + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index 23edf69f9..953758dc3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -1,59 +1,61 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; + import java.util.ArrayList; import java.util.List; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; - /** * A factory for creating AttributeProvider objects. */ public class AttributeProviderFactory { - /** - * Gets the available plugins. - * - * @return the available plugins - */ - public static List getAvailablePlugins() { - List result = new ArrayList(); - result.add("StorkAttributeRequestProvider"); - result.add("EHvdAttributeProvider"); - - return result; - } - - /** - * Creates an AttributeProvider object for the given shortname. Returns - * {@code null} if there is no such provider available. - * - * @param shortname - * the simpleName for the providers class - * @return the attribute provider - */ - public static AttributeProvider create(String shortname, String url) { - if (shortname.equals("StorkAttributeRequestProvider")) { - return new StorkAttributeRequestProvider(url); - } else if(shortname.equals("EHvdAttributeProvider")) { - return new EHvdAttributeProviderPlugin(url); - } else { - return null; - } - } - - /** - * Gets fresh instances of the configured plugins. - * - * @param configuredAPs the configured a ps - * @return the configured plugins - */ - public static List getConfiguredPlugins( - List configuredAPs) { - - List result = new ArrayList(); - for(AttributeProviderPlugin current : configuredAPs) - result.add(create(current.getName(), current.getUrl())); - - return result; - } + /** + * Gets the available plugins. + * + * @return the available plugins + */ + public static List getAvailablePlugins() { + List result = new ArrayList(); + result.add("StorkAttributeRequestProvider"); + result.add("EHvdAttributeProvider"); + result.add("MISAttributeProvider"); + + return result; + } + + /** + * Creates an AttributeProvider object for the given shortname. Returns + * {@code null} if there is no such provider available. + * + * @param shortname the simpleName for the providers class + * @return the attribute provider + */ + public static AttributeProvider create(String shortname, String url) { + if (shortname.equals("StorkAttributeRequestProvider")) { + return new StorkAttributeRequestProvider(url); + } else if (shortname.equals("EHvdAttributeProvider")) { + return new EHvdAttributeProviderPlugin(url); + } else if (shortname.equals("MISAttributeProvider")) { + return new MISAttributeProvider(url); + } else { + return null; + } + } + + /** + * Gets fresh instances of the configured plugins. + * + * @param configuredAPs the configured a ps + * @return the configured plugins + */ + public static List getConfiguredPlugins( + List configuredAPs) { + + List result = new ArrayList(); + for (AttributeProviderPlugin current : configuredAPs) + result.add(create(current.getName(), current.getUrl())); + + return result; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java index 7665bb239..8cdbfd37c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java @@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -13,15 +14,34 @@ import javax.servlet.http.HttpServletResponse; * Implements Attribute Provider for Mandates */ public class MISAttributeProvider implements AttributeProvider { + + String url = null; + + public MISAttributeProvider(String url) { + this.url = url; + } + public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { + Logger.error("Entering MIS for attribute: " + attributes.getName()); + + if (attributes.getName().equals("residencePermit")) { + Logger.error("MIS EXCEPTION: " + attributes.getName()); + throw new ExternalAttributeRequestRequiredException(this); + } + return null; // } public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - // + Logger.error("Entering MIS redirect for attribute: " ); + } public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { return null; // } + + public String getName() { + return "MandateProvider"; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index 47a86174f..39a6907c1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -52,7 +52,7 @@ public class MOASTORKRequest implements IRequest { return this.storkAttrQueryRequest; } - public String getOAURL() { + public String getOAURL() { // TODO CHECK IT if (isAuthnRequest) return storkAuthnRequest.getAssertionConsumerServiceURL(); else if (isAttrRequest) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java new file mode 100644 index 000000000..bad711dbb --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -0,0 +1,28 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IRequest; +import com.sun.xml.ws.security.trust.WSTrustConstants; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * Processes mandate data after authentication is done in AT + * @author bsuzic + */ +public class MandateRetrievalRequest implements IAction { + public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + return null; // + } + + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + return true; + } + + public String getDefaultActionName() { + return STORKProtocol.MANDATERETRIEVALREQUEST; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index e68b66510..3762a5101 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -31,6 +31,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; + public static final String MANDATERETRIEVALREQUEST = "MandateRetrievalRequest"; private static HashMap actions = new HashMap(); @@ -102,16 +103,19 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); + } catch (ClassCastException e) { + Logger.error("Could not extract authenticaiton request"); } - // check if a valid attr request is container + // check if a valid attr request is containerd try { attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); + } catch (ClassCastException e) { + Logger.error("Could not extract attribute request"); } - // if there is no authn or attr request, raise error if ((authnRequest == null) && (attrRequest == null)) { Logger.error("There is no authentication or attribute request contained."); -- cgit v1.2.3 From e503775e1b98bb9ff5ed188a5ff574026c022461 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 4 Mar 2014 13:21:14 +0100 Subject: refactored attributecollector url --- .../at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index c5125912a..bd32bfc78 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -164,7 +164,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); + e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? -- cgit v1.2.3 From 4843bccbf840ae93f855ef6548683ee794593915 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 4 Mar 2014 13:23:37 +0100 Subject: vidp can handle attrquery and authnrequest --- .../id/protocols/stork2/AttributeCollector.java | 34 +++++----- .../id/protocols/stork2/AuthenticationRequest.java | 68 +++++++++----------- .../moa/id/protocols/stork2/DataContainer.java | 24 +++---- .../moa/id/protocols/stork2/MOASTORKRequest.java | 29 ++++++++- .../moa/id/protocols/stork2/MOASTORKResponse.java | 75 ++++++++++++++++++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 16 ++--- 6 files changed, 169 insertions(+), 77 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index bd32bfc78..5f46153af 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -19,8 +19,6 @@ import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.apache.velocity.Template; @@ -183,15 +181,18 @@ public class AttributeCollector implements IAction { * @throws MOAIDException the mOAID exception */ private void generateSTORKResponse(DataContainer container) throws MOAIDException { - STORKAuthnResponse authnResponse = container.getResponse(); - STORKAuthnRequest authnRequest = container.getRequest(); + MOASTORKRequest request = container.getRequest(); + MOASTORKResponse response = container.getResponse(); try { //Get SAMLEngine instance STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); Logger.debug("Starting generation of SAML response"); - authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false); - + if(response.isAuthnResponse()) + response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false)); + else + response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false)); + //generateSAML Token Logger.info("SAML response succesfully generated!"); } catch (STORKSAMLEngineException e) { @@ -200,11 +201,6 @@ public class AttributeCollector implements IAction { } Logger.info("STORK SAML Response message succesfully generated "); - Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); - Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); - Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml())); - - container.setResponse(authnResponse); } /** @@ -214,17 +210,23 @@ public class AttributeCollector implements IAction { * @param container the container */ private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) { - STORKAuthnResponse authnResponse = container.getResponse(); - STORKAuthnRequest authnRequest = container.getRequest(); + MOASTORKResponse authnResponse = container.getResponse(); + MOASTORKRequest authnRequest = container.getRequest(); // preparing redirection for the client try { VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); VelocityContext context = new VelocityContext(); - - context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()).getBytes()); - Logger.debug("SAMLResponse original: " + new String(authnResponse.getTokenSaml()).getBytes()); + + byte[] blob; + if(authnRequest.isAttrRequest()) + blob = authnResponse.getStorkAttrQueryResponse().getTokenSaml(); + else + blob = authnResponse.getStorkAuthnResponse().getTokenSaml(); + + context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob).getBytes()); + Logger.debug("SAMLResponse original: " + new String(blob).getBytes()); Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); context.put("action", authnRequest.getAssertionConsumerServiceURL()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 18d0b479e..619935abe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -44,61 +44,55 @@ public class AuthenticationRequest implements IAction { Logger.debug("Entering MOASTORKRequest"); httpResp.reset(); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + MOASTORKResponse moaStorkResponse = new MOASTORKResponse(); + // check if it is attribute query if (moaStorkRequest.isAttrRequest()) { Logger.debug("Starting AttrQueryRequest"); - STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse(); - IPersonalAttributeList personalAttributeList = moaStorkRequest.getStorkAttrQueryRequest().getPersonalAttributeList(); - - // TODO Check if this instance is eligible to fetch attributes locally, assuming yes - - return (new AttributeCollector()).processRequest(req, httpReq, httpResp, moasession); - - } else - // check if we have authentication request - if (moaStorkRequest.isAuthnRequest()) { - Logger.debug("Starting AuthenticationRequest"); - - STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry()); - - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - - // Get personal attributtes from MOA/IdentityLink - authnResponse.setPersonalAttributeList(populateAttributes()); + + moaStorkResponse.setSTORKAttrResponse(new STORKAttrQueryResponse()); + } + // check if we have authentication request + else if (moaStorkRequest.isAuthnRequest()) { + Logger.debug("Starting AuthenticationRequest"); - // Prepare extended attributes - Logger.debug("Preparing data container"); + moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse()); + // Get personal attributtes from MOA/IdentityLink + moaStorkResponse.setPersonalAttributeList(populateAttributes()); + } + + moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); - // create fresh container - DataContainer container = new DataContainer(); + // Prepare extended attributes + Logger.debug("Preparing data container"); - // - fill in the request we extracted above - container.setRequest(moaStorkRequest.getStorkAuthnRequest()); + // create fresh container + DataContainer container = new DataContainer(); - // - fill in the partial response created above - container.setResponse(authnResponse); + // - fill in the request we extracted above + container.setRequest(moaStorkRequest); - // - memorize the target url were we have to return the result - container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL()); + // - fill in the partial response created above + container.setResponse(moaStorkResponse); - container.setRemoteAddress(httpReq.getRemoteAddr()); + // - memorize the target url were we have to return the result + container.setTarget(moaStorkRequest.getAssertionConsumerServiceURL()); + container.setRemoteAddress(httpReq.getRemoteAddr()); - Logger.debug("Data container prepared"); - return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + Logger.debug("Data container prepared"); - } + return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); } else { Logger.error("Could not recognize request."); throw new MOAIDException("stork.15", null); } - - return null; } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java index a1c40526d..74239318b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java @@ -2,10 +2,6 @@ package at.gv.egovernment.moa.id.protocols.stork2; import java.io.Serializable; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; - -// TODO: Auto-generated Javadoc /** * Holds info about an ongoing but yet incomplete stork authnrequest process. */ @@ -15,10 +11,10 @@ public class DataContainer implements Serializable { private static final long serialVersionUID = -8765997480582363012L; /** The incoming request. */ - private STORKAuthnRequest request; + private MOASTORKRequest request; /** The yet incomplete response. */ - private STORKAuthnResponse response; + private MOASTORKResponse response; /** The target. */ private String target; @@ -31,17 +27,17 @@ public class DataContainer implements Serializable { * * @return the request */ - public STORKAuthnRequest getRequest() { + public MOASTORKRequest getRequest() { return request; } /** * Sets the request. * - * @param request the new request + * @param moaStorkRequest the new request */ - public void setRequest(STORKAuthnRequest request) { - this.request = request; + public void setRequest(MOASTORKRequest moaStorkRequest) { + this.request = moaStorkRequest; } /** @@ -49,17 +45,17 @@ public class DataContainer implements Serializable { * * @return the response */ - public STORKAuthnResponse getResponse() { + public MOASTORKResponse getResponse() { return response; } /** * Sets the response. * - * @param response the new response + * @param moaStorkResponse the new response */ - public void setResponse(STORKAuthnResponse response) { - this.response = response; + public void setResponse(MOASTORKResponse moaStorkResponse) { + this.response = moaStorkResponse; } /** diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index 47a86174f..fa7db82c4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -1,7 +1,10 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.io.Serializable; + import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAuthnRequest; @@ -11,8 +14,9 @@ import eu.stork.peps.auth.commons.STORKAuthnRequest; * @author bsuzic */ -public class MOASTORKRequest implements IRequest { - private String requestID; +public class MOASTORKRequest implements IRequest, Serializable { + private static final long serialVersionUID = 4581953368724501376L; + private String requestID; private String target = null; String module = null; String action = null; @@ -102,4 +106,25 @@ public class MOASTORKRequest implements IRequest { public String getRequestID() { return this.requestID; } + + public IPersonalAttributeList getPersonalAttributeList() { + if(isAttrRequest()) + return this.storkAttrQueryRequest.getPersonalAttributeList(); + else + return this.storkAuthnRequest.getPersonalAttributeList(); + } + + public String getSpCountry() { + if(isAttrRequest()) + return this.storkAttrQueryRequest.getSpCountry(); + else + return this.storkAuthnRequest.getSpCountry(); + } + + public String getAssertionConsumerServiceURL() { + if(isAttrRequest()) + return this.storkAttrQueryRequest.getAssertionConsumerServiceURL(); + else + return this.storkAuthnRequest.getAssertionConsumerServiceURL(); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java new file mode 100644 index 000000000..36f5a80b4 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java @@ -0,0 +1,75 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.io.Serializable; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnResponse; + +/** + * Implements MOA request and stores StorkAuthn/Attr-Request related data + * + * @author bsuzic + */ + +public class MOASTORKResponse implements Serializable { + private static final long serialVersionUID = -5798803155055518747L; + private STORKAuthnResponse storkAuthnRequest; + private STORKAttrQueryResponse storkAttrQueryRequest; + private boolean isAttrRequest = false; + private boolean isAuthnRequest = false; + + public void setSTORKAuthnResponse(STORKAuthnResponse request) { + this.storkAuthnRequest = request; + if (request != null) { + isAuthnRequest = true; + } + } + + public void setSTORKAttrResponse(STORKAttrQueryResponse request) { + this.storkAttrQueryRequest = request; + if (request != null) { + isAttrRequest = true; + } + } + + public boolean isAttrResponse() { + return this.isAttrRequest; + } + + public boolean isAuthnResponse() { + return this.isAuthnRequest; + } + + + public STORKAuthnResponse getStorkAuthnResponse() { + return this.storkAuthnRequest; + } + + public STORKAttrQueryResponse getStorkAttrQueryResponse() { + return this.storkAttrQueryRequest; + } + + public IPersonalAttributeList getPersonalAttributeList() { + if(isAttrResponse()) + return this.storkAttrQueryRequest.getPersonalAttributeList(); + else + return this.storkAuthnRequest.getPersonalAttributeList(); + } + + public void setPersonalAttributeList(PersonalAttributeList populateAttributes) { + if(isAttrResponse()) + this.storkAttrQueryRequest.setPersonalAttributeList(populateAttributes); + else + this.storkAuthnRequest.setPersonalAttributeList(populateAttributes); + } + + public void setCountry(String spCountry) { + if(isAttrResponse()) + this.storkAttrQueryRequest.setCountry(spCountry); + else + this.storkAuthnRequest.setCountry(spCountry); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index e68b66510..d2f2ff663 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -102,14 +102,14 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); - } - - - // check if a valid attr request is container - try { - attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); - } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); + } catch(ClassCastException e) { + // we do not have a authnRequest + // check if a valid attr request is container + try { + attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); + } catch (STORKSAMLEngineException ex) { + Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); + } } // if there is no authn or attr request, raise error -- cgit v1.2.3 From 4e5383a60b4cc2db7b51883f2e85aeff6f3f70cd Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 4 Mar 2014 16:09:21 +0100 Subject: fixed eHVD plugin --- .../id/protocols/stork2/AttributeCollector.java | 4 +-- .../stork2/EHvdAttributeProviderPlugin.java | 39 ++++++++++++++++------ 2 files changed, 30 insertions(+), 13 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 5f46153af..7342a45aa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -225,8 +225,8 @@ public class AttributeCollector implements IAction { else blob = authnResponse.getStorkAuthnResponse().getTokenSaml(); - context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob).getBytes()); - Logger.debug("SAMLResponse original: " + new String(blob).getBytes()); + context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); + Logger.debug("SAMLResponse original: " + new String(blob)); Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); context.put("action", authnRequest.getAssertionConsumerServiceURL()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 4404af4e3..f97d8c804 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -8,6 +8,7 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.xml.namespace.QName; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.soap.MessageFactory; import javax.xml.soap.SOAPBody; @@ -27,6 +28,7 @@ import javax.xml.transform.stream.StreamResult; import org.w3c.dom.Document; import org.w3c.dom.Element; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -61,7 +63,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { ExternalAttributeRequestRequiredException, MOAIDException { // break when we cannot handle the requested attribute - if(!attributes.getFriendlyName().equals("isHCP")) + if(!attributes.getName().equals("isHealthCareProfessional")) throw new UnsupportedAttributeException(); try { @@ -95,8 +97,9 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { // SOAP Body SOAPBody requestBody = envelope.getBody(); SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional"); + requestBodyElem.addAttribute(new QName("xmlns"), "http://gesundheit.gv.at/BAGDAD/DataAccessService"); SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK"); - requestBodyElem1.addTextNode(moasession.getIdentityLink().getIdentificationValue()); + requestBodyElem1.addTextNode(new BPKBuilder().buildBPK(moasession.getIdentityLink().getIdentificationValue(), "GH")); requestMessage.saveChanges(); @@ -154,26 +157,34 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { if (collection.get("IsHealthcareProfessional").equals("false")) { // the citizen is no HCP - acquiredAttribute = new PersonalAttribute("isHCP", false, new ArrayList(), "NotAvailable"); + acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList(), "NotAvailable"); } else { // go on and parse the data Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); + + // create the root element + Element root = doc.createElement("isHealthCareProfessional"); + doc.appendChild(root); Element orgname = doc.createElement("nameOfOrganisation"); - orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganization"))); - doc.appendChild(orgname); + orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganisation"))); + root.appendChild(orgname); Element type = doc.createElement("HCP"); // TODO fix value mapping - if (collection.get("Type").equals("Medical Doctors")) + if (collection.get("Type").equals("Medical doctor")) type.appendChild(doc.createTextNode("D")); - doc.appendChild(type); + root.appendChild(type); Element specialization = doc.createElement("specialisation"); - // TODO fix value mapping - specialization.appendChild(doc.createTextNode(collection.get("Specialization").substring(0, 2))); - doc.appendChild(specialization); + if (collection.get("Specialization").contains("Arzt für Allgemeinmedizin")) + specialization.appendChild(doc.createTextNode("GP")); + root.appendChild(specialization); + + Element aqaa = doc.createElement("AQAA"); + aqaa.appendChild(doc.createTextNode("4")); + root.appendChild(aqaa); // get string from dom tree Source source = new DOMSource(doc); @@ -187,12 +198,18 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { ArrayList value = new ArrayList(); value.add(out.toString()); - acquiredAttribute = new PersonalAttribute("isHCP", false, value, "Available"); + acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, "Available"); } // pack and return the result PersonalAttributeList result = new PersonalAttributeList(); result.add(acquiredAttribute); + + // add stork id for verification + ArrayList value = new ArrayList(); + value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), "IT")); + result.add(new PersonalAttribute("eIdentifier", false, value, "Available")); + return result; } catch (Exception e) { -- cgit v1.2.3 From 7ce4c799eb26f65ef8826b74d0fb09a8d1f4949d Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 4 Mar 2014 17:05:01 +0100 Subject: fixed response handling --- .../id/protocols/stork2/AttributeCollector.java | 22 +++++++++++----------- .../moa/id/protocols/stork2/STORKProtocol.java | 9 +++++---- 2 files changed, 16 insertions(+), 15 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 7342a45aa..b2f5076b6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -49,8 +49,18 @@ public class AttributeCollector implements IAction { */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + // - fetch the container + String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); + DataContainer container; + try { + container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); + throw new MOAIDException("stork.11", null); + } + // read configuration parameters of OA - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL()); if (oaParam == null) throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); @@ -73,16 +83,6 @@ public class AttributeCollector implements IAction { Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); } - // - fetch the container - String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); - DataContainer container; - try { - container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); - } catch (MOADatabaseException e) { - Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); - throw new MOAIDException("stork.11", null); - } - // - insert the embedded attribute(s) into the container addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index d2f2ff663..638035008 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -71,16 +71,17 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.debug("Request content length: " + request.getContentLength()); Logger.debug("Initiating action: " + action); + MOASTORKRequest STORK2Request = new MOASTORKRequest(); + + if (AttributeCollector.class.getSimpleName().equals(action)) + return STORK2Request; + HTTPInTransport profileReq = new HttpServletRequestAdapter(request); HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure()); - BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); samlMessageContext.setInboundMessageTransport(profileReq); - MOASTORKRequest STORK2Request = new MOASTORKRequest(); - - //extract STORK Response from HTTP Request byte[] decSamlToken; try { -- cgit v1.2.3 From cd0887a43b0b4350e736433c2b513901a2151601 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 4 Mar 2014 17:51:06 +0100 Subject: after merge, having problem --- .../egovernment/moa/id/protocols/stork2/AttributeCollector.java | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 84831a7b5..10cdcba6c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -62,7 +62,12 @@ public class AttributeCollector implements IAction { this.httpResp = httpResp; - // find the attribute provider plugin that can handle the response + // read configuration parameters of OA + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + + // find the attribute provider plugin that can handle the response IPersonalAttributeList newAttributes = null; for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) try { @@ -167,7 +172,7 @@ public class AttributeCollector implements IAction { } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); - throw new MOAIDException("stork.11", An Introduction to Knowledge Engineeringnull); + throw new MOAIDException("stork.11", null); } return "12345"; // TODO what to do here? -- cgit v1.2.3 From 55885d24e176c92b97af233796189c8b2cc88808 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 4 Mar 2014 20:16:23 +0100 Subject: attr --- .../moa/id/protocols/stork2/AttributeCollector.java | 15 +++++++-------- .../moa/id/protocols/stork2/MISAttributeProvider.java | 2 +- 2 files changed, 8 insertions(+), 9 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 10cdcba6c..e816725c8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -48,9 +48,8 @@ import eu.stork.peps.auth.commons.PersonalAttribute; public class AttributeCollector implements IAction { /** - * The Constant ARTIFACT_ID. - */ - private static final String ARTIFACT_ID = "artifactId"; + /** The Constant ARTIFACT_ID. */ + private static final String ARTIFACT_ID = "artifactId"; private DataContainer container; private HttpServletResponse httpResp; @@ -62,12 +61,12 @@ public class AttributeCollector implements IAction { this.httpResp = httpResp; - // read configuration parameters of OA - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + // read configuration parameters of OA + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); - // find the attribute provider plugin that can handle the response + // find the attribute provider plugin that can handle the response IPersonalAttributeList newAttributes = null; for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java index 8cdbfd37c..ec38db513 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java @@ -26,7 +26,7 @@ public class MISAttributeProvider implements AttributeProvider { if (attributes.getName().equals("residencePermit")) { Logger.error("MIS EXCEPTION: " + attributes.getName()); - throw new ExternalAttributeRequestRequiredException(this); + //throw new ExternalAttributeRequestRequiredException(this); } return null; // -- cgit v1.2.3 From 458a579978fa4fd0718c754bb8b6ca41f82d8145 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 4 Mar 2014 20:33:36 +0100 Subject: after chaning --- .../id/protocols/stork2/AttributeCollector.java | 58 +--------------------- 1 file changed, 2 insertions(+), 56 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 72dddee88..0317322ee 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -15,25 +15,6 @@ import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.logging.Logger; -<<<<<<< HEAD - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -======= import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -47,7 +28,6 @@ import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; ->>>>>>> origin/bs_3_fr /** * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins. @@ -56,7 +36,6 @@ import javax.servlet.http.HttpServletResponse; * interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes. * * TODO how do we treat mandatory and optional attributes? - * */ public class AttributeCollector implements IAction { @@ -70,8 +49,6 @@ public class AttributeCollector implements IAction { */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { -<<<<<<< HEAD -======= // - fetch the container String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); DataContainer container; @@ -82,7 +59,6 @@ public class AttributeCollector implements IAction { throw new MOAIDException("stork.11", null); } ->>>>>>> origin/bs_3_fr // read configuration parameters of OA OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL()); if (oaParam == null) @@ -107,33 +83,20 @@ public class AttributeCollector implements IAction { Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); } -<<<<<<< HEAD - // - fetch the container - String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); - DataContainer container; - try { - container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); - } catch (MOADatabaseException e) { - Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); - throw new MOAIDException("stork.11", null); - } - -======= ->>>>>>> origin/bs_3_fr // - insert the embedded attribute(s) into the container addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes); // see if we need some more attributes return processRequest(container, httpReq, httpResp, moasession, oaParam); } - + /** * Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch, * this very method creates and sends the protocol result to the asking S-PEPS. * * @param container the {@link DataContainer} representing the status of the overall query. * @return the string - * @throws MOAIDException + * @throws MOAIDException */ public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException { // check if there are attributes we need to fetch @@ -199,11 +162,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL -<<<<<<< HEAD - e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); -======= e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); ->>>>>>> origin/bs_3_fr } catch (Exception e1) { // TODO should we return the response as is to the PEPS? @@ -222,13 +181,8 @@ public class AttributeCollector implements IAction { * @throws MOAIDException the mOAID exception */ private void generateSTORKResponse(DataContainer container) throws MOAIDException { -<<<<<<< HEAD - STORKAuthnResponse authnResponse = container.getResponse(); - STORKAuthnRequest authnRequest = container.getRequest(); -======= MOASTORKRequest request = container.getRequest(); MOASTORKResponse response = container.getResponse(); ->>>>>>> origin/bs_3_fr try { //Get SAMLEngine instance @@ -247,14 +201,6 @@ public class AttributeCollector implements IAction { } Logger.info("STORK SAML Response message succesfully generated "); -<<<<<<< HEAD - Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); - Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); - Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml())); - - container.setResponse(authnResponse); -======= ->>>>>>> origin/bs_3_fr } /** -- cgit v1.2.3 From 683209b2aabf589e1e22ed9cb7c69d6e76442bb0 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 4 Mar 2014 20:40:29 +0100 Subject: after merging, inspecting, fixing, tbc. --- .../moa/id/protocols/stork2/STORKProtocol.java | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 5e9d50221..a361d5f67 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; @@ -105,20 +104,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); -<<<<<<< HEAD - } catch (ClassCastException e) { - Logger.error("Could not extract authenticaiton request"); - } - - - // check if a valid attr request is containerd - try { - attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); - } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); - } catch (ClassCastException e) { - Logger.error("Could not extract attribute request"); -======= } catch(ClassCastException e) { // we do not have a authnRequest // check if a valid attr request is container @@ -127,8 +112,8 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } ->>>>>>> origin/bs_3_fr } + // if there is no authn or attr request, raise error if ((authnRequest == null) && (attrRequest == null)) { Logger.error("There is no authentication or attribute request contained."); -- cgit v1.2.3 From b454a8760bc2692d3d9c4fa3d0477c620895a95b Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 5 Mar 2014 07:44:28 +0100 Subject: check whether attributes obtained from different sources match --- .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index b2f5076b6..aad80512a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -257,6 +257,13 @@ public class AttributeCollector implements IAction { for (PersonalAttribute current : source) { // check if we need to update the current pa if (target.containsKey(current.getName())) { + PersonalAttribute existing = target.get(current.getName()); + if(!(existing.isEmptyValue() && existing.isEmptyComplexValue())) + if(!(existing.getValue().equals(current.getValue()) || existing.getComplexValue().equals(current.getComplexValue()))) { + Logger.error("Attribute Value does not match the value from first authentication!"); + throw new MOAIDException("stork.14", null); + } + target.get(current.getName()).setStatus(current.getStatus()); target.get(current.getName()).setValue(current.getValue()); target.get(current.getName()).setComplexValue(current.getComplexValue()); -- cgit v1.2.3 From dbbf8045afe2ddf9a1ba4a4f511d85ffcba32cf8 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 5 Mar 2014 08:00:01 +0100 Subject: fixed bug in loop prevention --- .../at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 1 + 1 file changed, 1 insertion(+) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index aad80512a..7aab42426 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -119,6 +119,7 @@ public class AttributeCollector implements IAction { */ IPersonalAttributeList aquiredAttributes = new PersonalAttributeList(); currentAttribute.setStatus("notAvailable"); + aquiredAttributes.add((PersonalAttribute) currentAttribute.clone()); addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); // - check if we can find a suitable AttributeProvider Plugin -- cgit v1.2.3 From 1ba3c2042e0c4da08af39db6172ff1206dfece36 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 5 Mar 2014 10:22:46 +0100 Subject: ap plugins can be configured to listen to certain attributes --- .../moa/id/protocols/stork2/AttributeProviderFactory.java | 8 ++++---- .../id/protocols/stork2/EHvdAttributeProviderPlugin.java | 11 ++++++++--- .../id/protocols/stork2/StorkAttributeRequestProvider.java | 13 +++++++++++-- 3 files changed, 23 insertions(+), 9 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index 23edf69f9..de079c960 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -31,11 +31,11 @@ public class AttributeProviderFactory { * the simpleName for the providers class * @return the attribute provider */ - public static AttributeProvider create(String shortname, String url) { + public static AttributeProvider create(String shortname, String url, String attributes) { if (shortname.equals("StorkAttributeRequestProvider")) { - return new StorkAttributeRequestProvider(url); + return new StorkAttributeRequestProvider(url, attributes); } else if(shortname.equals("EHvdAttributeProvider")) { - return new EHvdAttributeProviderPlugin(url); + return new EHvdAttributeProviderPlugin(url, attributes); } else { return null; } @@ -52,7 +52,7 @@ public class AttributeProviderFactory { List result = new ArrayList(); for(AttributeProviderPlugin current : configuredAPs) - result.add(create(current.getName(), current.getUrl())); + result.add(create(current.getName(), current.getUrl(), current.getAttributes())); return result; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index f97d8c804..a36855d33 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -44,26 +44,31 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /** The destination. */ private Object destination; + + /** The attributes. */ + private String attributes; /** * Instantiates a new e hvd attribute provider plugin. * * @param url the service url + * @param attributes */ - public EHvdAttributeProviderPlugin(String url) { + public EHvdAttributeProviderPlugin(String url, String supportedAttributes) { destination = url; + attributes = supportedAttributes; } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute) */ @Override - public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) + public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { // break when we cannot handle the requested attribute - if(!attributes.getName().equals("isHealthCareProfessional")) + if(!attributes.contains(attribute.getName())) throw new UnsupportedAttributeException(); try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 797695a00..d8becaaf7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -34,14 +34,19 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /** The destination. */ private String destination; - + + /** The attributes. */ + private String attributes; + /** * Instantiates a new stork attribute request provider. * * @param apUrl the AP location + * @param supportedAttributes the supported attributes as csv */ - public StorkAttributeRequestProvider(String apUrl) { + public StorkAttributeRequestProvider(String apUrl, String supportedAttributes) { destination = apUrl; + attributes = supportedAttributes; } /* (non-Javadoc) @@ -49,6 +54,10 @@ public class StorkAttributeRequestProvider implements AttributeProvider { */ public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { + + if (!attributes.contains(attribute.getName())) + throw new UnsupportedAttributeException(); + requestedAttributes = new PersonalAttributeList(1); requestedAttributes.add(attribute); throw new ExternalAttributeRequestRequiredException(this); -- cgit v1.2.3 From 31a10590f3efee8aca463b43623ee689f7b0c605 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 5 Mar 2014 10:33:14 +0100 Subject: fixed throws declaration --- .../at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 7aab42426..f23e0f599 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -253,8 +253,9 @@ public class AttributeCollector implements IAction { * * @param target the target * @param source the source + * @throws MOAIDException */ - private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) { + private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException { for (PersonalAttribute current : source) { // check if we need to update the current pa if (target.containsKey(current.getName())) { -- cgit v1.2.3 From 97ac38abf8d7fcea628ed1e7bd343c3d4ea958f9 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 5 Mar 2014 21:56:33 +0100 Subject: merge fr ap --- .../protocols/stork2/AttributeProviderFactory.java | 95 +++++++++++----------- .../stork2/EHvdAttributeProviderPlugin.java | 3 - 2 files changed, 46 insertions(+), 52 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index dbeaf94e9..d046e12a4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -1,24 +1,24 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; + import java.util.ArrayList; import java.util.List; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; - /** * A factory for creating AttributeProvider objects. */ public class AttributeProviderFactory { - /** - * Gets the available plugins. - * - * @return the available plugins - */ - public static List getAvailablePlugins() { - List result = new ArrayList(); - result.add("StorkAttributeRequestProvider"); - result.add("EHvdAttributeProvider"); + /** + * Gets the available plugins. + * + * @return the available plugins + */ + public static List getAvailablePlugins() { + List result = new ArrayList(); + result.add("StorkAttributeRequestProvider"); + result.add("EHvdAttributeProvider"); result.add("SignedDocAttributeRequestProvider"); result.add("MISAttributeProvider"); @@ -26,43 +26,40 @@ public class AttributeProviderFactory { return result; } - /** - * Creates an AttributeProvider object for the given shortname. Returns - * {@code null} if there is no such provider available. - * - * @param shortname - * the simpleName for the providers class - * @return the attribute provider - */ - public static AttributeProvider create(String shortname, String url, String attributes) { - if (shortname.equals("StorkAttributeRequestProvider")) { - return new StorkAttributeRequestProvider(url, attributes); - } else if(shortname.equals("EHvdAttributeProvider")) { - return new EHvdAttributeProviderPlugin(url); - } else if(shortname.equals("SignedDocAttributeRequestProvider")) { - return new SignedDocAttributeRequestProvider(url); - } else if (shortname.equals("MISAttributeProvider")) { - return new MISAttributeProvider(url); - } else { - return new EHvdAttributeProviderPlugin(url, attributes); - } else { - return null; - } - } + /** + * Creates an AttributeProvider object for the given shortname. Returns + * {@code null} if there is no such provider available. + * + * @param shortname the simpleName for the providers class + * @return the attribute provider + */ + public static AttributeProvider create(String shortname, String url, String attributes) { + if (shortname.equals("StorkAttributeRequestProvider")) { + return new StorkAttributeRequestProvider(url, attributes); + } else if (shortname.equals("EHvdAttributeProvider")) { + return new EHvdAttributeProviderPlugin(url, attributes); + } else if (shortname.equals("SignedDocAttributeRequestProvider")) { + return new SignedDocAttributeRequestProvider(url); + } else if (shortname.equals("MISAttributeProvider")) { + return new MISAttributeProvider(url); + } else { + return null; + } + } - /** - * Gets fresh instances of the configured plugins. - * - * @param configuredAPs the configured a ps - * @return the configured plugins - */ - public static List getConfiguredPlugins( - List configuredAPs) { - - List result = new ArrayList(); - for(AttributeProviderPlugin current : configuredAPs) - result.add(create(current.getName(), current.getUrl(), current.getAttributes())); - - return result; - } + /** + * Gets fresh instances of the configured plugins. + * + * @param configuredAPs the configured a ps + * @return the configured plugins + */ + public static List getConfiguredPlugins( + List configuredAPs) { + + List result = new ArrayList(); + for (AttributeProviderPlugin current : configuredAPs) + result.add(create(current.getName(), current.getUrl(), current.getAttributes())); + + return result; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index a36855d33..1b951c4ff 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -62,7 +62,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { @@ -225,7 +224,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) */ - @Override public void performRedirect(String url, String spCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { @@ -235,7 +233,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { // there is no redirect required, so we throw an exception when someone asks us to parse a response -- cgit v1.2.3 From 257c27091b20e1fbcf7ccce8bfe8b908cb33a62e Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 6 Mar 2014 08:18:18 +0100 Subject: fixed error message --- .../at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index f660e1b33..409e506af 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -263,7 +263,7 @@ public class AttributeCollector implements IAction { if(!(existing.isEmptyValue() && existing.isEmptyComplexValue())) if(!(existing.getValue().equals(current.getValue()) || existing.getComplexValue().equals(current.getComplexValue()))) { Logger.error("Attribute Value does not match the value from first authentication!"); - throw new MOAIDException("stork.14", null); + throw new MOAIDException("stork.16", new Object[] {existing.getName()}); } target.get(current.getName()).setStatus(current.getStatus()); -- cgit v1.2.3 From 58fcfcc39b55705d05ec12cfbbcbd0e05d57e702 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 6 Mar 2014 08:31:53 +0100 Subject: fixed eHVD spCountrycode for eId derivation --- .../egovernment/moa/id/protocols/stork2/AttributeCollector.java | 4 ++-- .../gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java | 6 +++--- .../moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java | 4 ++-- .../moa/id/protocols/stork2/DemoRedirectAttributeProvider.java | 4 ++-- .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java | 6 +++--- .../egovernment/moa/id/protocols/stork2/MISAttributeProvider.java | 4 ++-- .../id/protocols/stork2/SignedDocAttributeRequestProvider.java | 4 ++-- .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 8 ++++++-- 8 files changed, 22 insertions(+), 18 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 409e506af..842c06f15 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -126,7 +126,7 @@ public class AttributeCollector implements IAction { for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { try { // - hand over control to the suitable plugin - aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); + aquiredAttributes = currentProvider.acquire(currentAttribute, container.getRequest().getSpCountry(), moasession); break; } catch (UnsupportedAttributeException e) { // ok, try the next attributeprovider @@ -163,7 +163,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); + e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index d92b0b72f..2914d8f7d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -22,25 +22,25 @@ public interface AttributeProvider { * the response. * * @param attributes the list of attributes to be acquired + * @param spCountyCode the sp county code * @param moasession the moasession * @return the personal attribute * @throws UnsupportedAttributeException the unsupported attribute exception * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done * @throws MOAIDException the mOAID exception */ - public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException; + public IPersonalAttributeList acquire(PersonalAttribute attributes, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException; /** * Perform redirect. * * @param url the return URL ending with ?artifactId=... - * @param spCountyCode the sp county code * @param req the request we got from the S-PEPS and for which we have to ask our APs * @param resp the response to the preceding request * @param oaParam the oa param * @throws MOAIDException the mOAID exception */ - public void performRedirect(String url, String spCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException; + public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException; /** * Parses the response we got from the external attribute provider. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 9c0869d97..56120cba2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -20,7 +20,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ - public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession) + public IPersonalAttributeList acquire(PersonalAttribute attributeName, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException { PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); @@ -38,7 +38,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ - public void performRedirect(String url, String citizenCountyCode, + public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index 26fc00406..aaba87c6c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -20,7 +20,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ - public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession) + public IPersonalAttributeList acquire(PersonalAttribute attributeName, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { throw new ExternalAttributeRequestRequiredException(this); } @@ -37,7 +37,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ - public void performRedirect(String url, String citizenCountyCode, + public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 1b951c4ff..02ae5fd62 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -62,7 +62,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute) */ - public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) + public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountryCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { @@ -211,7 +211,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { // add stork id for verification ArrayList value = new ArrayList(); - value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), "IT")); + value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), spCountryCode)); result.add(new PersonalAttribute("eIdentifier", false, value, "Available")); @@ -224,7 +224,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) */ - public void performRedirect(String url, String spCountyCode, + public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { // there is no redirect required diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java index ec38db513..9492159e3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java @@ -21,7 +21,7 @@ public class MISAttributeProvider implements AttributeProvider { this.url = url; } - public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { + public IPersonalAttributeList acquire(PersonalAttribute attributes, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { Logger.error("Entering MIS for attribute: " + attributes.getName()); if (attributes.getName().equals("residencePermit")) { @@ -32,7 +32,7 @@ public class MISAttributeProvider implements AttributeProvider { return null; // } - public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { + public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { Logger.error("Entering MIS redirect for attribute: " ); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java index 6a8e306a1..59b4f386f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java @@ -59,7 +59,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java * .lang.String) */ - public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) throws UnsupportedAttributeException, + public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { if(!attribute.getName().equals("signedDoc")){ throw new UnsupportedAttributeException(); @@ -108,7 +108,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { * at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect * (java.lang.String) */ - public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) + public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index d8becaaf7..2b946b167 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -38,6 +38,8 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /** The attributes. */ private String attributes; + private String spCountryCode; + /** * Instantiates a new stork attribute request provider. * @@ -52,11 +54,13 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ - public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession) + public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { if (!attributes.contains(attribute.getName())) throw new UnsupportedAttributeException(); + + this.spCountryCode = spCountyCode; requestedAttributes = new PersonalAttributeList(1); requestedAttributes.add(attribute); @@ -98,7 +102,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ - public void performRedirect(String url, String spCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { + public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { String spSector = "Business"; String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); -- cgit v1.2.3 From b5eae4b6d7692a61a943a3238e271d634141f1a0 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 6 Mar 2014 08:34:49 +0100 Subject: cleanup demo ap plugins --- .../stork2/DemoNoRedirectAttributeProvider.java | 46 --------------------- .../stork2/DemoRedirectAttributeProvider.java | 46 --------------------- .../id/protocols/stork2/MISAttributeProvider.java | 47 ---------------------- 3 files changed, 139 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java deleted file mode 100644 index 56120cba2..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ /dev/null @@ -1,46 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -import java.util.ArrayList; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; - -/** - * Just a simple demoprovider who can fetch any attribute you ask him. - */ -public class DemoNoRedirectAttributeProvider implements AttributeProvider { - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) - */ - public IPersonalAttributeList acquire(PersonalAttribute attributeName, String spCountyCode, AuthenticationSession moasession) - throws UnsupportedAttributeException { - PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); - requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); - return requestedAttributes; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) - */ - public IPersonalAttributeList parse(HttpServletRequest httpReq) { - // TODO Auto-generated method stub - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) - */ - public void performRedirect(String url, - HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { - // we should not get here - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java deleted file mode 100644 index aaba87c6c..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ /dev/null @@ -1,46 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -import java.util.ArrayList; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; - -/** - * Just a simple demoprovider who can fetch any attribute you ask him. - */ -public class DemoRedirectAttributeProvider implements AttributeProvider { - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) - */ - public IPersonalAttributeList acquire(PersonalAttribute attributeName, String spCountyCode, AuthenticationSession moasession) - throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { - throw new ExternalAttributeRequestRequiredException(this); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) - */ - public IPersonalAttributeList parse(HttpServletRequest httpReq) { - PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); - requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); - return requestedAttributes; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) - */ - public void performRedirect(String url, - HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { - // we should not get here - - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java deleted file mode 100644 index 9492159e3..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java +++ /dev/null @@ -1,47 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * Implements Attribute Provider for Mandates - */ -public class MISAttributeProvider implements AttributeProvider { - - String url = null; - - public MISAttributeProvider(String url) { - this.url = url; - } - - public IPersonalAttributeList acquire(PersonalAttribute attributes, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { - Logger.error("Entering MIS for attribute: " + attributes.getName()); - - if (attributes.getName().equals("residencePermit")) { - Logger.error("MIS EXCEPTION: " + attributes.getName()); - //throw new ExternalAttributeRequestRequiredException(this); - } - - return null; // - } - - public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - Logger.error("Entering MIS redirect for attribute: " ); - - } - - public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { - return null; // - } - - public String getName() { - return "MandateProvider"; - } -} -- cgit v1.2.3 From 44ff7772172d1baf7ef7201225ee44d74511769e Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 6 Mar 2014 08:50:21 +0100 Subject: cleanup unneeded mandateretrievalrequest --- .../protocols/stork2/AttributeProviderFactory.java | 4 ---- .../protocols/stork2/MandateRetrievalRequest.java | 28 ---------------------- 2 files changed, 32 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index d046e12a4..cbe7e5f3c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -20,8 +20,6 @@ public class AttributeProviderFactory { result.add("StorkAttributeRequestProvider"); result.add("EHvdAttributeProvider"); result.add("SignedDocAttributeRequestProvider"); - result.add("MISAttributeProvider"); - return result; } @@ -40,8 +38,6 @@ public class AttributeProviderFactory { return new EHvdAttributeProviderPlugin(url, attributes); } else if (shortname.equals("SignedDocAttributeRequestProvider")) { return new SignedDocAttributeRequestProvider(url); - } else if (shortname.equals("MISAttributeProvider")) { - return new MISAttributeProvider(url); } else { return null; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java deleted file mode 100644 index bad711dbb..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ /dev/null @@ -1,28 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.moduls.IAction; -import at.gv.egovernment.moa.id.moduls.IRequest; -import com.sun.xml.ws.security.trust.WSTrustConstants; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * Processes mandate data after authentication is done in AT - * @author bsuzic - */ -public class MandateRetrievalRequest implements IAction { - public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { - return null; // - } - - public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { - return true; - } - - public String getDefaultActionName() { - return STORKProtocol.MANDATERETRIEVALREQUEST; - } -} -- cgit v1.2.3 From 2aa46e49f1566ed6582fa40e0fdffb4ec9b790b4 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 6 Mar 2014 08:51:12 +0100 Subject: cleanup datacontainer --- .../moa/id/protocols/stork2/AuthenticationRequest.java | 3 --- .../moa/id/protocols/stork2/DataContainer.java | 18 ------------------ 2 files changed, 21 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 619935abe..2ae3ab03c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -80,9 +80,6 @@ public class AuthenticationRequest implements IAction { // - fill in the partial response created above container.setResponse(moaStorkResponse); - // - memorize the target url were we have to return the result - container.setTarget(moaStorkRequest.getAssertionConsumerServiceURL()); - container.setRemoteAddress(httpReq.getRemoteAddr()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java index 74239318b..d13754aff 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java @@ -58,24 +58,6 @@ public class DataContainer implements Serializable { this.response = moaStorkResponse; } - /** - * Gets the target. - * - * @return the target - */ - public String getTarget() { - return target; - } - - /** - * Sets the target. - * - * @param target the new target - */ - public void setTarget(String target) { - this.target = target; - } - /** * Gets the remote address. * -- cgit v1.2.3 From 96dee381a4dd221a6f7dc9a63c9dda72e7cbbb04 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 6 Mar 2014 08:52:17 +0100 Subject: cleanup SignedDoc AP Plugin --- .../id/protocols/stork2/AttributeProviderFactory.java | 2 +- .../stork2/SignedDocAttributeRequestProvider.java | 19 +++++++------------ 2 files changed, 8 insertions(+), 13 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index cbe7e5f3c..c998b5f69 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -37,7 +37,7 @@ public class AttributeProviderFactory { } else if (shortname.equals("EHvdAttributeProvider")) { return new EHvdAttributeProviderPlugin(url, attributes); } else if (shortname.equals("SignedDocAttributeRequestProvider")) { - return new SignedDocAttributeRequestProvider(url); + return new SignedDocAttributeRequestProvider(url, attributes); } else { return null; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java index 59b4f386f..3993ee92f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java @@ -17,18 +17,10 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.StringUtils; - import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; /** * Forwards a signedDoc attribute request to the oasis-dss service instance @@ -42,14 +34,19 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { */ private String oasisDssWebFormURL; + /** The attributes. */ + private String attributes; + /** * Instantiates a new signed doc attribute request provider. * * @param oasisDssWebFormURL * the AP location + * @param attributes */ - public SignedDocAttributeRequestProvider(String oasisDssWebFormURL) { + public SignedDocAttributeRequestProvider(String oasisDssWebFormURL, String attributes) { this.oasisDssWebFormURL = oasisDssWebFormURL; + this.attributes = attributes; } /* @@ -61,7 +58,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { */ public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { - if(!attribute.getName().equals("signedDoc")){ + if(!attributes.contains(attribute.getName())) { throw new UnsupportedAttributeException(); } @@ -80,8 +77,6 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request"); - - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); try { String signResponse = new String(Base64.decodeBase64(httpReq.getParameter("signresponse")), "UTF8"); List values = new ArrayList(); -- cgit v1.2.3 From eb08e465772a766919fdce9dbebc8d5c4e51f224 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 6 Mar 2014 08:53:00 +0100 Subject: cleanup on javadoc --- .../ExternalAttributeRequestRequiredException.java | 2 +- .../moa/id/protocols/stork2/MOASTORKRequest.java | 113 ++++++++++++++++++--- .../moa/id/protocols/stork2/MOASTORKResponse.java | 92 ++++++++++++----- .../stork2/StorkAttributeRequestProvider.java | 1 + 4 files changed, 167 insertions(+), 41 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java index 56f31723c..67fbd50f8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java @@ -18,7 +18,7 @@ public class ExternalAttributeRequestRequiredException extends Exception { } /** - * Gets the ap. + * Gets the ap that caused the exception. * * @return the ap */ diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index e95cfabe2..9ea33c8ef 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -9,57 +9,95 @@ import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAuthnRequest; /** - * Implements MOA request and stores StorkAuthn/Attr-Request related data + * Implements MOA request and stores StorkAuthn/Attr-Request related data. * * @author bsuzic */ - public class MOASTORKRequest implements IRequest, Serializable { + + /** The Constant serialVersionUID. */ private static final long serialVersionUID = 4581953368724501376L; + + /** The request id. */ private String requestID; + + /** The target. */ private String target = null; + + /** The module. */ String module = null; + + /** The action. */ String action = null; + + /** The stork authn request. */ private STORKAuthnRequest storkAuthnRequest; + + /** The stork attr query request. */ private STORKAttrQueryRequest storkAttrQueryRequest; - private boolean isAttrRequest = false; - private boolean isAuthnRequest = false; + /** + * Sets the sTORK authn request. + * + * @param request the new sTORK authn request + */ public void setSTORKAuthnRequest(STORKAuthnRequest request) { this.storkAuthnRequest = request; - if (request != null) { - isAuthnRequest = true; - } } + /** + * Sets the sTORK attr request. + * + * @param request the new sTORK attr request + */ public void setSTORKAttrRequest(STORKAttrQueryRequest request) { this.storkAttrQueryRequest = request; - if (request != null) { - isAttrRequest = true; - } } + /** + * Checks if the container holds an AttrQueryRequest + * + * @return true, if is attr request + */ public boolean isAttrRequest() { - return this.isAttrRequest; + return null != storkAttrQueryRequest; } + /** + * Checks if the container holds an AuthnRequest + * + * @return true, if is authn request + */ public boolean isAuthnRequest() { - return this.isAuthnRequest; + return null != storkAuthnRequest; } + /** + * Gets the stork authn request. + * + * @return the stork authn request + */ public STORKAuthnRequest getStorkAuthnRequest() { return this.storkAuthnRequest; } + /** + * Gets the stork attr query request. + * + * @return the stork attr query request + */ public STORKAttrQueryRequest getStorkAttrQueryRequest() { return this.storkAttrQueryRequest; } - public String getOAURL() { // TODO CHECK IT - if (isAuthnRequest) + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getOAURL() + */ + public String getOAURL() { + if (isAuthnRequest()) return storkAuthnRequest.getAssertionConsumerServiceURL(); - else if (isAttrRequest) + else if (isAttrRequest()) return storkAttrQueryRequest.getAssertionConsumerServiceURL(); else { Logger.error("There is no authentication or attribute request contained in MOASTORKRequest."); @@ -67,46 +105,81 @@ public class MOASTORKRequest implements IRequest, Serializable { } } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#isPassiv() + */ public boolean isPassiv() { return false; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#forceAuth() + */ public boolean forceAuth() { return false; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#isSSOSupported() + */ public boolean isSSOSupported() { return false; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedModule() + */ public String requestedModule() { return this.module; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedAction() + */ public String requestedAction() { return action; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#setModule(java.lang.String) + */ public void setModule(String module) { this.module = module; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#setAction(java.lang.String) + */ public void setAction(String action) { this.action = action; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getTarget() + */ public String getTarget() { return this.target; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#setRequestID(java.lang.String) + */ public void setRequestID(String id) { this.requestID = id; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getRequestID() + */ public String getRequestID() { return this.requestID; } + /** + * Gets the personal attribute list. + * + * @return the personal attribute list + */ public IPersonalAttributeList getPersonalAttributeList() { if(isAttrRequest()) return this.storkAttrQueryRequest.getPersonalAttributeList(); @@ -114,6 +187,11 @@ public class MOASTORKRequest implements IRequest, Serializable { return this.storkAuthnRequest.getPersonalAttributeList(); } + /** + * Gets the sp country. + * + * @return the sp country + */ public String getSpCountry() { if(isAttrRequest()) return this.storkAttrQueryRequest.getSpCountry(); @@ -121,6 +199,11 @@ public class MOASTORKRequest implements IRequest, Serializable { return this.storkAuthnRequest.getSpCountry(); } + /** + * Gets the assertion consumer service url. + * + * @return the assertion consumer service url + */ public String getAssertionConsumerServiceURL() { if(isAttrRequest()) return this.storkAttrQueryRequest.getAssertionConsumerServiceURL(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java index 36f5a80b4..4e0f57779 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java @@ -8,68 +8,110 @@ import eu.stork.peps.auth.commons.STORKAttrQueryResponse; import eu.stork.peps.auth.commons.STORKAuthnResponse; /** - * Implements MOA request and stores StorkAuthn/Attr-Request related data + * Implements MOA request and stores StorkAuthn/Attr-Request related data. * * @author bsuzic */ - public class MOASTORKResponse implements Serializable { + + /** The Constant serialVersionUID. */ private static final long serialVersionUID = -5798803155055518747L; - private STORKAuthnResponse storkAuthnRequest; - private STORKAttrQueryResponse storkAttrQueryRequest; - private boolean isAttrRequest = false; - private boolean isAuthnRequest = false; - + + /** The stork authn request. */ + private STORKAuthnResponse storkAuthnResponse; + + /** The stork attr query request. */ + private STORKAttrQueryResponse storkAttrQueryResponse; + + /** + * Sets the sTORK authn response. + * + * @param request the new sTORK authn response + */ public void setSTORKAuthnResponse(STORKAuthnResponse request) { - this.storkAuthnRequest = request; - if (request != null) { - isAuthnRequest = true; - } + this.storkAuthnResponse = request; } + /** + * Sets the sTORK attr response. + * + * @param request the new sTORK attr response + */ public void setSTORKAttrResponse(STORKAttrQueryResponse request) { - this.storkAttrQueryRequest = request; - if (request != null) { - isAttrRequest = true; - } + this.storkAttrQueryResponse = request; } + /** + * Checks if the container holds an AttrQuery + * + * @return true, if is attr response + */ public boolean isAttrResponse() { - return this.isAttrRequest; + return null != storkAttrQueryResponse; } + /** + * Checks if the container holds an AuthnRequest + * + * @return true, if is authn response + */ public boolean isAuthnResponse() { - return this.isAuthnRequest; + return null != storkAuthnResponse; } + /** + * Gets the AuthnResponse. + * + * @return the stork authn response + */ public STORKAuthnResponse getStorkAuthnResponse() { - return this.storkAuthnRequest; + return this.storkAuthnResponse; } + /** + * Gets the AttrQueryResponse. + * + * @return the stork attr query response + */ public STORKAttrQueryResponse getStorkAttrQueryResponse() { - return this.storkAttrQueryRequest; + return this.storkAttrQueryResponse; } + /** + * Gets the personal attribute list. + * + * @return the personal attribute list + */ public IPersonalAttributeList getPersonalAttributeList() { if(isAttrResponse()) - return this.storkAttrQueryRequest.getPersonalAttributeList(); + return this.storkAttrQueryResponse.getPersonalAttributeList(); else - return this.storkAuthnRequest.getPersonalAttributeList(); + return this.storkAuthnResponse.getPersonalAttributeList(); } + /** + * Sets the personal attribute list. + * + * @param populateAttributes the new personal attribute list + */ public void setPersonalAttributeList(PersonalAttributeList populateAttributes) { if(isAttrResponse()) - this.storkAttrQueryRequest.setPersonalAttributeList(populateAttributes); + this.storkAttrQueryResponse.setPersonalAttributeList(populateAttributes); else - this.storkAuthnRequest.setPersonalAttributeList(populateAttributes); + this.storkAuthnResponse.setPersonalAttributeList(populateAttributes); } + /** + * Sets the country. + * + * @param spCountry the new country + */ public void setCountry(String spCountry) { if(isAttrResponse()) - this.storkAttrQueryRequest.setCountry(spCountry); + this.storkAttrQueryResponse.setCountry(spCountry); else - this.storkAuthnRequest.setCountry(spCountry); + this.storkAuthnResponse.setCountry(spCountry); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 2b946b167..73b8e01b9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -38,6 +38,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /** The attributes. */ private String attributes; + /** The sp country code. */ private String spCountryCode; /** -- cgit v1.2.3 From 0adb60a5f345f8914b40b108608358c573b3dffb Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 6 Mar 2014 08:53:26 +0100 Subject: cleanup StorkProtocol base --- .../moa/id/protocols/stork2/STORKProtocol.java | 30 +++------------------- 1 file changed, 3 insertions(+), 27 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index a361d5f67..496d1044b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -9,12 +9,6 @@ import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.*; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; -import org.opensaml.common.binding.BasicSAMLMessageContext; -import org.opensaml.ws.transport.http.HTTPInTransport; -import org.opensaml.ws.transport.http.HTTPOutTransport; -import org.opensaml.ws.transport.http.HttpServletRequestAdapter; -import org.opensaml.ws.transport.http.HttpServletResponseAdapter; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.HashMap; @@ -36,16 +30,10 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { private static HashMap actions = new HashMap(); static { - actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector()); - - instance = new STORKProtocol(); } - private static STORKProtocol instance = null; - - public String getName() { return NAME; } @@ -77,12 +65,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { if (AttributeCollector.class.getSimpleName().equals(action)) return STORK2Request; - HTTPInTransport profileReq = new HttpServletRequestAdapter(request); - HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure()); - - BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); - samlMessageContext.setInboundMessageTransport(profileReq); - //extract STORK Response from HTTP Request byte[] decSamlToken; try { @@ -93,22 +75,21 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } //Get SAMLEngine instance - STORKSAMLEngine authnEngine = STORKSAMLEngine.getInstance("incoming"); - STORKSAMLEngine attrEngine = STORKSAMLEngine.getInstance("incoming_attr"); + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); STORKAuthnRequest authnRequest = null; STORKAttrQueryRequest attrRequest = null; // check if valid authn request is contained try { - authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken); + authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } catch(ClassCastException e) { // we do not have a authnRequest // check if a valid attr request is container try { - attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); + attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } @@ -137,11 +118,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { return false; } - - public void checkPersonalAttributes() { - - - } } -- cgit v1.2.3 From 12052df3f07a1439f4126c34b683eb6e48230086 Mon Sep 17 00:00:00 2001 From: Andreas Reiter Date: Thu, 6 Mar 2014 11:30:30 +0100 Subject: Fix EHvdAttributeProviderPlugin soap request --- .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 02ae5fd62..b99e0ca4d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -101,7 +101,8 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { // SOAP Body SOAPBody requestBody = envelope.getBody(); SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional"); - requestBodyElem.addAttribute(new QName("xmlns"), "http://gesundheit.gv.at/BAGDAD/DataAccessService"); + requestBodyElem.addAttribute(envelope.createName("xmlns"), "http://gesundheit.gv.at/BAGDAD/DataAccessService"); + SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK"); requestBodyElem1.addTextNode(new BPKBuilder().buildBPK(moasession.getIdentityLink().getIdentificationValue(), "GH")); -- cgit v1.2.3 From 1c802614fe489280f93d36bfb6908ebffc96e4aa Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 11 Mar 2014 08:03:45 +0100 Subject: logging --- .../moa/id/protocols/stork2/AttributeCollector.java | 15 +++++++++++++++ .../moa/id/protocols/stork2/AuthenticationRequest.java | 1 + .../id/protocols/stork2/EHvdAttributeProviderPlugin.java | 4 ++++ .../moa/id/protocols/stork2/STORKProtocol.java | 1 + .../stork2/SignedDocAttributeRequestProvider.java | 5 ++++- .../protocols/stork2/StorkAttributeRequestProvider.java | 13 +++++++++---- 6 files changed, 34 insertions(+), 5 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 842c06f15..9cd825fc8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -99,6 +99,7 @@ public class AttributeCollector implements IAction { * @throws MOAIDException */ public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException { + Logger.setHierarchy("moa.id.protocols.stork2"); // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); @@ -108,6 +109,8 @@ public class AttributeCollector implements IAction { if (!responseAttributeList.containsKey(current.getName())) missingAttributes.add(current); + Logger.debug("found " + missingAttributes.size() + " missing attributes"); + // Try to get all missing attributes try { // for each attribute still missing @@ -126,7 +129,9 @@ public class AttributeCollector implements IAction { for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { try { // - hand over control to the suitable plugin + Logger.info(currentProvider.getClass().getSimpleName() + " called to handle attribute '" + currentAttribute.getName() + "'"); aquiredAttributes = currentProvider.acquire(currentAttribute, container.getRequest().getSpCountry(), moasession); + Logger.info(currentProvider.getClass().getSimpleName() + " can handle attribute '" + currentAttribute.getName() + "'"); break; } catch (UnsupportedAttributeException e) { // ok, try the next attributeprovider @@ -156,12 +161,17 @@ public class AttributeCollector implements IAction { // the attribute request is ongoing and requires an external service. try { // memorize the container again + Logger.debug("prepare putting the container into temporary storage..."); + // - generate new key String newArtifactId = new SecureRandomIdentifierGenerator() .generateIdentifier(); // - put container in temporary store. AssertionStorage.getInstance().put(newArtifactId, container); + Logger.debug("...successful"); + + Logger.info(e.getAp().getClass().getSimpleName() + " is going to ask an external service provider for the requested attributes"); // add container-key to redirect embedded within the return URL e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam); @@ -256,7 +266,10 @@ public class AttributeCollector implements IAction { * @throws MOAIDException */ private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException { + Logger.info("Updating " + source.size() + " attributes..."); for (PersonalAttribute current : source) { + Logger.debug("treating " + current.getName()); + // check if we need to update the current pa if (target.containsKey(current.getName())) { PersonalAttribute existing = target.get(current.getName()); @@ -271,6 +284,8 @@ public class AttributeCollector implements IAction { target.get(current.getName()).setComplexValue(current.getComplexValue()); } else target.add(current); + + Logger.debug("...successfully treated " + current.getName()); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 2ae3ab03c..3d5fbd337 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -36,6 +36,7 @@ public class AuthenticationRequest implements IAction { public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + Logger.setHierarchy("moa.id.protocols.stork2"); this.moaSession = moasession; if (req instanceof MOASTORKRequest) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index b99e0ca4d..f7d105ab8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -71,6 +71,8 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { throw new UnsupportedAttributeException(); try { + Logger.setHierarchy("moa.id.protocols.stork2"); + Logger.debug("initializing SOAP connections..."); // create SOAP connection SOAPConnection soapConnection = SOAPConnectionFactory.newInstance().createConnection(); @@ -109,6 +111,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { requestMessage.saveChanges(); // perform SOAP call + Logger.debug("call..."); SOAPMessage responseMessage = soapConnection.call(requestMessage, destination); // parse SOAP response @@ -131,6 +134,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { see https://stork.ehealth.gv.at/GDAService.asmx?op=IsHealthcareProfessional */ + Logger.debug("call successful. Parse..."); SOAPBody responseBody = responseMessage.getSOAPBody(); // iterate through tree diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 496d1044b..e415daf3e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -55,6 +55,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { and other info are obtained, in the second step the request will be processed and the user redirected */ public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { + Logger.setHierarchy("moa.id.protocols.stork2"); Logger.debug("Starting preprocessing"); Logger.debug("Request method: " + request.getMethod()); Logger.debug("Request content length: " + request.getContentLength()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java index 3993ee92f..f629db5a4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java @@ -75,6 +75,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { * .servlet.http.HttpServletRequest) */ public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { + Logger.setHierarchy("moa.id.protocols.stork2"); Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request"); try { @@ -106,6 +107,8 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { + Logger.setHierarchy("moa.id.protocols.stork2"); + try { Logger.trace("Initialize VelocityEngine..."); @@ -121,7 +124,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { resp.getOutputStream().write(writer.toString().getBytes()); } catch (Exception e) { - Logger.error("Error sending STORK SAML AttrRequest.", e); + Logger.error("Error sending DSS signrequest.", e); throw new MOAIDException("stork.11", null); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 73b8e01b9..b3d831b80 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -72,7 +72,9 @@ public class StorkAttributeRequestProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { - Logger.debug("Beginning to extract SAMLResponse out of HTTP Request"); + + Logger.setHierarchy("moa.id.protocols.stork2"); + Logger.info(this.getClass().getSimpleName() + " tries to extract SAMLResponse out of HTTP Request"); //extract STORK Response from HTTP Request //Decodes SAML Response @@ -91,7 +93,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider { //validate SAML Token Logger.debug("Starting validation of SAML response"); attrResponse = engine.validateSTORKAttrQueryResponse(decSamlToken, (String) httpReq.getRemoteHost()); - Logger.info("SAML response succesfully verified!"); + Logger.info("SAML response successfully verified!"); }catch(STORKSAMLEngineException e){ Logger.error("Failed to verify STORK SAML Response", e); throw new MOAIDException("stork.05", null); @@ -104,7 +106,9 @@ public class StorkAttributeRequestProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - + + Logger.setHierarchy("moa.id.protocols.stork2"); + String spSector = "Business"; String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); String spApplication = spInstitution; @@ -125,7 +129,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider { attributeRequest.setCitizenCountryCode("AT"); - Logger.debug("STORK AttrRequest succesfully assembled."); + Logger.debug("STORK AttrRequest successfully assembled."); STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP"); try { @@ -154,6 +158,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider { Logger.error("Error sending STORK SAML AttrRequest.", e); throw new MOAIDException("stork.11", null); } + Logger.info("STORK AttrRequest successfully rendered!"); } } -- cgit v1.2.3 From 921a14d46078fba6ee66addd9b0c40ae82081f9c Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 12 Mar 2014 09:54:39 +0100 Subject: sketched consent collector --- .../id/protocols/stork2/AttributeCollector.java | 80 +---------- .../moa/id/protocols/stork2/ConsentEvaluator.java | 149 +++++++++++++++++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 4 +- 3 files changed, 153 insertions(+), 80 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 9cd825fc8..5d972ba00 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -148,12 +148,7 @@ public class AttributeCollector implements IAction { // else, update any existing attributes addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); } - - // build response - generateSTORKResponse(container); - - // set new http response - generateRedirectResponse(response, container); + new ConsentEvaluatorSepp().requestConsent(container, response, oaParam); return "12345"; // AssertionId @@ -185,79 +180,6 @@ public class AttributeCollector implements IAction { } } - /** - * generates binary response from given response class. - * - * @param container the container - * @throws MOAIDException the mOAID exception - */ - private void generateSTORKResponse(DataContainer container) throws MOAIDException { - MOASTORKRequest request = container.getRequest(); - MOASTORKResponse response = container.getResponse(); - - try { - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - Logger.debug("Starting generation of SAML response"); - if(response.isAuthnResponse()) - response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false)); - else - response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false)); - - //generateSAML Token - Logger.info("SAML response succesfully generated!"); - } catch (STORKSAMLEngineException e) { - Logger.error("Failed to generate STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } - - Logger.info("STORK SAML Response message succesfully generated "); - } - - /** - * writes the storkresponse to the httpresponse using the velocity engine. - * - * @param httpResp the http resp - * @param container the container - */ - private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) { - MOASTORKResponse authnResponse = container.getResponse(); - MOASTORKRequest authnRequest = container.getRequest(); - - // preparing redirection for the client - try { - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); - VelocityContext context = new VelocityContext(); - - byte[] blob; - if(authnRequest.isAttrRequest()) - blob = authnResponse.getStorkAttrQueryResponse().getTokenSaml(); - else - blob = authnResponse.getStorkAuthnResponse().getTokenSaml(); - - context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); - Logger.debug("SAMLResponse original: " + new String(blob)); - - Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); - context.put("action", authnRequest.getAssertionConsumerServiceURL()); - Logger.debug("Starting template merge"); - StringWriter writer = new StringWriter(); - - Logger.debug("Doing template merge"); - template.merge(context, writer); - Logger.debug("Template merge done"); - - Logger.debug("Sending html content: " + writer.getBuffer().toString()); - Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); - - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); - - } catch (Exception e) { - Logger.error("Velocity error: " + e.getMessage()); - } - } - /** * Adds or updates all {@link PersonalAttribute} objects given in {@code source} to/in {@code target}. * diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java new file mode 100644 index 000000000..9745d81c5 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -0,0 +1,149 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.io.StringWriter; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * The ConsentEvaluator assists with fetching user consent on the list of attributes to be sent to the asking S-PEPS. + */ +public class ConsentEvaluator implements IAction { + + /** + * The Constant ARTIFACT_ID. + */ + private static final String ARTIFACT_ID = "artifactId"; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) + */ + public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + + // - fetch the container + String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); + DataContainer container; + try { + container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); + throw new MOAIDException("stork.17", null); + } + + // TODO evaluate response + + // build and send response + generateSTORKResponse(httpResp, container); + + return "12345"; // AssertionId + } + + /** + * Fills the given HttpResponse with the required web page. + * + * @param container the container + * @param response the response + * @param oaParam the oa param + * @return the string + * @throws MOAIDException the mOAID exception + */ + public String requestConsent(DataContainer container, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException { + // prepare redirect + + // ask for consent + + return "12345"; // AssertionId + } + + /** + * generates binary response from given response class and fill the given HttpResponse with a SAML Post Binding template. + * + * @param httpResp the http resp + * @param container the container + * @throws MOAIDException the mOAID exception + */ + public void generateSTORKResponse(HttpServletResponse httpResp, DataContainer container) throws MOAIDException { + MOASTORKRequest request = container.getRequest(); + MOASTORKResponse response = container.getResponse(); + + try { + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + Logger.debug("Starting generation of SAML response"); + if(response.isAuthnResponse()) + response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false)); + else + response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false)); + + //generateSAML Token + Logger.info("SAML response succesfully generated!"); + } catch (STORKSAMLEngineException e) { + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } + + Logger.info("STORK SAML Response message succesfully generated "); + + // preparing redirection for the client + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); + + byte[] blob; + if(request.isAttrRequest()) + blob = response.getStorkAttrQueryResponse().getTokenSaml(); + else + blob = response.getStorkAuthnResponse().getTokenSaml(); + + context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); + Logger.debug("SAMLResponse original: " + new String(blob)); + + Logger.debug("Putting assertion consumer url as action: " + request.getAssertionConsumerServiceURL()); + context.put("action", request.getAssertionConsumerServiceURL()); + Logger.debug("Starting template merge"); + StringWriter writer = new StringWriter(); + + Logger.debug("Doing template merge"); + template.merge(context, writer); + Logger.debug("Template merge done"); + + Logger.debug("Sending html content: " + writer.getBuffer().toString()); + Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); + + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action. + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName() + */ + public String getDefaultActionName() { + return STORKProtocol.CONSENT_EVALUATOR; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index e415daf3e..b1c923b9f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -26,12 +26,14 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; public static final String MANDATERETRIEVALREQUEST = "MandateRetrievalRequest"; + public static final String CONSENT_EVALUATOR = "ConsentEvaluator"; private static HashMap actions = new HashMap(); static { actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector()); + actions.put(CONSENT_EVALUATOR, new ConsentEvaluatorSepp()); } public String getName() { @@ -63,7 +65,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { MOASTORKRequest STORK2Request = new MOASTORKRequest(); - if (AttributeCollector.class.getSimpleName().equals(action)) + if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluatorSepp.class.getSimpleName().equals(action)) return STORK2Request; //extract STORK Response from HTTP Request -- cgit v1.2.3 From 3075521544ff79c5fa0d740c6b388bfeab58b8c5 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 12 Mar 2014 09:57:37 +0100 Subject: storing datacontainer in temporary storage before redirecting --- .../moa/id/protocols/stork2/ConsentEvaluator.java | 25 ++++++++++++++++++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 4 ++-- 2 files changed, 27 insertions(+), 2 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index 9745d81c5..8b7bcf0c6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -1,21 +1,27 @@ package at.gv.egovernment.moa.id.protocols.stork2; import java.io.StringWriter; +import java.util.ArrayList; +import java.util.HashMap; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -63,6 +69,25 @@ public class ConsentEvaluator implements IAction { */ public String requestConsent(DataContainer container, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException { // prepare redirect + String newArtifactId; + try { + + // memorize the container again + Logger.debug("prepare putting the container into temporary storage..."); + + // - generate new key + newArtifactId = new SecureRandomIdentifierGenerator().generateIdentifier(); + + // - put container in temporary store. + AssertionStorage.getInstance().put(newArtifactId, container); + + Logger.debug("...successful"); + + } catch (Exception e1) { + // TODO should we return the response as is to the PEPS? + Logger.error("Error putting incomplete Stork response into temporary storage", e1); + throw new MOAIDException("stork.17", null); + } // ask for consent diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index b1c923b9f..19d1c7f15 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -33,7 +33,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { static { actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector()); - actions.put(CONSENT_EVALUATOR, new ConsentEvaluatorSepp()); + actions.put(CONSENT_EVALUATOR, new ConsentEvaluator()); } public String getName() { @@ -65,7 +65,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { MOASTORKRequest STORK2Request = new MOASTORKRequest(); - if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluatorSepp.class.getSimpleName().equals(action)) + if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluator.class.getSimpleName().equals(action)) return STORK2Request; //extract STORK Response from HTTP Request -- cgit v1.2.3 From eb993b9da5938138373a3ad4a619bf2e290c6cfc Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 12 Mar 2014 09:58:22 +0100 Subject: render consent html page --- .../moa/id/protocols/stork2/ConsentEvaluator.java | 23 ++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index 8b7bcf0c6..5b5c00b2a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -90,6 +90,29 @@ public class ConsentEvaluator implements IAction { } // ask for consent + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_consent.html"); + VelocityContext context = new VelocityContext(); + + context.put("action", AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/CompleteAuthentication?" + ARTIFACT_ID + "=" + newArtifactId); + + // assemble table + String table = ""; + for (PersonalAttribute current : container.getResponse().getPersonalAttributeList()) + if ("Available".equals(current.getStatus())) + table += "" + current.getName() + "\n"; + + context.put("tablecontent", table); + + StringWriter writer = new StringWriter(); + template.merge(context, writer); + response.getOutputStream().write(writer.getBuffer().toString().getBytes()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + throw new MOAIDException("stork.17", null); + } return "12345"; // AssertionId } -- cgit v1.2.3 From 4ade7db6124eec07aebf087721d3d478f92bdaad Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 12 Mar 2014 09:59:19 +0100 Subject: added consent-checkbox to config ui --- .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 5d972ba00..7dbbb5734 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -148,7 +148,12 @@ public class AttributeCollector implements IAction { // else, update any existing attributes addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); } - new ConsentEvaluatorSepp().requestConsent(container, response, oaParam); + + // ask for consent if necessary + if(oaParam.isRequireConsentForStorkAttributes()) + new ConsentEvaluator().requestConsent(container, response, oaParam); + else + new ConsentEvaluator().generateSTORKResponse(response, container); return "12345"; // AssertionId -- cgit v1.2.3 From 8ad16443ec20f49e8f14b1dc79c72a8dff674a64 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 12 Mar 2014 09:59:46 +0100 Subject: evaluate consent page result --- .../gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index 5b5c00b2a..79404d4f0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -50,7 +50,14 @@ public class ConsentEvaluator implements IAction { throw new MOAIDException("stork.17", null); } - // TODO evaluate response + // evaluate response + for(PersonalAttribute current : container.getResponse().getPersonalAttributeList()) { + if(null == httpReq.getParameter(current.getName())) { + current.setStatus("notAvailable"); + current.setValue(new ArrayList()); + current.setComplexValue(new HashMap()); + } + } // build and send response generateSTORKResponse(httpResp, container); -- cgit v1.2.3 From 60ac2a89fce86eb1e8344eb22535cfdd0b9aa147 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Fri, 14 Mar 2014 18:37:56 +0100 Subject: attr --- .../id/protocols/stork2/AttributeCollector.java | 1 + .../protocols/stork2/AttributeProviderFactory.java | 10 ++++- .../id/protocols/stork2/AuthenticationRequest.java | 32 ++++++++++++- .../moa/id/protocols/stork2/ConsentEvaluator.java | 8 +++- .../stork2/MandateAttributeRequestProvider.java | 52 ++++++++++++++++++++++ 5 files changed, 98 insertions(+), 5 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 7dbbb5734..1dfccb6c0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -178,6 +178,7 @@ public class AttributeCollector implements IAction { } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e1); + e1.printStackTrace(); throw new MOAIDException("stork.11", null); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index c998b5f69..a8a9d9677 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -1,6 +1,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; +import at.gv.egovernment.moa.logging.Logger; import java.util.ArrayList; import java.util.List; @@ -20,6 +21,7 @@ public class AttributeProviderFactory { result.add("StorkAttributeRequestProvider"); result.add("EHvdAttributeProvider"); result.add("SignedDocAttributeRequestProvider"); + result.add("MandateAttributeRequestProvider"); return result; } @@ -38,6 +40,8 @@ public class AttributeProviderFactory { return new EHvdAttributeProviderPlugin(url, attributes); } else if (shortname.equals("SignedDocAttributeRequestProvider")) { return new SignedDocAttributeRequestProvider(url, attributes); + } else if (shortname.equals("MandateAttributeRequestProvider")) { + return new MandateAttributeRequestProvider(url, attributes); } else { return null; } @@ -51,10 +55,14 @@ public class AttributeProviderFactory { */ public static List getConfiguredPlugins( List configuredAPs) { + Logger.setHierarchy("moa.id.protocols.stork2"); List result = new ArrayList(); - for (AttributeProviderPlugin current : configuredAPs) + for (AttributeProviderPlugin current : configuredAPs) { + result.add(create(current.getName(), current.getUrl(), current.getAttributes())); + Logger.debug("Adding configured attribute provider: " + current.getClass().getName() + current.getName() + " at " + current.getUrl()); + } return result; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 3d5fbd337..442fa8a5b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -10,8 +10,11 @@ import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.*; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; +import org.joda.time.DateTime; import org.w3c.dom.Element; import org.w3c.dom.NamedNodeMap; @@ -61,13 +64,25 @@ public class AuthenticationRequest implements IAction { // check if we have authentication request else if (moaStorkRequest.isAuthnRequest()) { Logger.debug("Starting AuthenticationRequest"); - moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse()); + // Get personal attributtes from MOA/IdentityLink moaStorkResponse.setPersonalAttributeList(populateAttributes()); + + + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + STORKAuthnResponse authnResponse = new STORKAuthnResponse(); + + Logger.debug("Starting generation of SAML response"); + try { + moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(),httpReq.getRemoteAddr(), false)); + } catch (STORKSAMLEngineException ex) { + // TODO + } + } - moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); + //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); // Prepare extended attributes Logger.debug("Preparing data container"); @@ -84,6 +99,19 @@ public class AuthenticationRequest implements IAction { container.setRemoteAddress(httpReq.getRemoteAddr()); + STORKAuthnResponse arep = moaStorkResponse.getStorkAuthnResponse(); + + + arep.setCountry("XX"); + arep.setInResponseTo("xxxx"); + arep.setMessage("xxxx"); + arep.setSamlId("xxxx"); + arep.setStatusCode("xxxx"); + + // arep.setNotBefore(new DateTime().withTimeAtStartOfDay()); + // arep.setNotOnOrAfter(new DateTime().withTimeAtStartOfDay()); + + Logger.debug("Data container prepared"); return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index 79404d4f0..19ec754ee 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -15,11 +15,13 @@ import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; +import org.joda.time.DateTime; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import javax.servlet.http.HttpServletRequest; @@ -92,7 +94,8 @@ public class ConsentEvaluator implements IAction { } catch (Exception e1) { // TODO should we return the response as is to the PEPS? - Logger.error("Error putting incomplete Stork response into temporary storage", e1); + e1.printStackTrace(); + Logger.error("Error putting incomplete Stork response into temporary storage", e1); throw new MOAIDException("stork.17", null); } @@ -143,7 +146,8 @@ public class ConsentEvaluator implements IAction { response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false)); else response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false)); - + + //generateSAML Token Logger.info("SAML response succesfully generated!"); } catch (STORKSAMLEngineException e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java new file mode 100644 index 000000000..123999166 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java @@ -0,0 +1,52 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * Provides mandate attribute from MIS + * + */ +public class MandateAttributeRequestProvider implements AttributeProvider { + /** The destination. */ + private Object destination; + + /** The attributes. */ + private String attributes; + + public MandateAttributeRequestProvider(String url, String supportedAttributes) { + Logger.setHierarchy("moa.id.protocols.stork2"); + destination = url; + attributes = supportedAttributes; + } + + public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { + Logger.info("Acquiring attribute: " + this.getClass().getName()); + // break if we cannot handle the requested attribute + if(!attributes.contains(attribute.getName())) + throw new UnsupportedAttributeException(); + PersonalAttributeList result = new PersonalAttributeList(); + //return result; + throw new ExternalAttributeRequestRequiredException(this); + } + + public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { + Logger.info("Redirecting: " + this.getClass().getName()); + + } + + public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { + Logger.info("Parsing attribute: " + this.getClass().getName()); + + return null; // + } +} -- cgit v1.2.3 From cb7942a2d5f13744b114fd6d4fad49aefdac12f1 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 17 Mar 2014 19:06:54 +0100 Subject: attr not working completely --- .../egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index d89fb8cb2..44b140548 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -43,7 +43,7 @@ public class MOAAttributeProvider { public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) { String storkAttribute = requestedAttribute.getName(); - + Logger.setHierarchy("moa.id.protocols.stork2"); if (storkAttributeSimpleMapping.containsKey(storkAttribute)) { Logger.debug("Trying to get value for attribute using simple mapping [" + storkAttribute + "]"); try { @@ -70,6 +70,7 @@ public class MOAAttributeProvider { } private String geteIdentifier() { + Logger.setHierarchy("moa.id.protocols.stork2"); Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkRequest.getStorkAuthnRequest().getSpCountry()); try { return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkRequest.getStorkAuthnRequest().getSpCountry()); @@ -81,6 +82,7 @@ public class MOAAttributeProvider { private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) { + Logger.setHierarchy("moa.id.protocols.stork2"); try { String attributeValue = method.invoke(object, new Class[]{}).toString(); PersonalAttribute newAttribute = new PersonalAttribute(); @@ -88,7 +90,7 @@ public class MOAAttributeProvider { newAttribute.setStatus("Available"); newAttribute.setIsRequired(isRequired); - Logger.debug("Got attribute value: " + attributeValue); + Logger.info("Got attribute value: " + attributeValue); newAttribute.setValue(new ArrayList(edu.emory.mathcs.backport.java.util.Collections.singletonList(attributeValue))); attributeList.add(newAttribute); } catch (InvocationTargetException e) { -- cgit v1.2.3 From 7f896d543b412062935db895c9a951d64d638b5d Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 18 Mar 2014 16:02:05 +0100 Subject: correcting mandate request --- .../id/protocols/stork2/AttributeCollector.java | 2 +- .../protocols/stork2/AttributeProviderFactory.java | 7 +- .../id/protocols/stork2/AuthenticationRequest.java | 8 +- .../stork2/MandateAttributeRequestProvider.java | 109 +++++++++++++++++---- 4 files changed, 103 insertions(+), 23 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 1dfccb6c0..e0f14c41d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -194,7 +194,7 @@ public class AttributeCollector implements IAction { * @throws MOAIDException */ private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException { - Logger.info("Updating " + source.size() + " attributes..."); + Logger.info("Updating " + source.size() + " attribute(s)..."); for (PersonalAttribute current : source) { Logger.debug("treating " + current.getName()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index a8a9d9677..7fb7a7bc6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -41,7 +41,12 @@ public class AttributeProviderFactory { } else if (shortname.equals("SignedDocAttributeRequestProvider")) { return new SignedDocAttributeRequestProvider(url, attributes); } else if (shortname.equals("MandateAttributeRequestProvider")) { - return new MandateAttributeRequestProvider(url, attributes); + try { + return new MandateAttributeRequestProvider(url, attributes); + } catch (Exception ex) { + ex.printStackTrace(); + return null; + } } else { return null; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 442fa8a5b..88c0e889d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -66,12 +66,8 @@ public class AuthenticationRequest implements IAction { Logger.debug("Starting AuthenticationRequest"); moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse()); - // Get personal attributtes from MOA/IdentityLink - moaStorkResponse.setPersonalAttributeList(populateAttributes()); - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - STORKAuthnResponse authnResponse = new STORKAuthnResponse(); Logger.debug("Starting generation of SAML response"); try { @@ -80,6 +76,10 @@ public class AuthenticationRequest implements IAction { // TODO } + // Get personal attributtes from MOA/IdentityLink + moaStorkResponse.setPersonalAttributeList(populateAttributes()); + + } //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java index 123999166..d3eded934 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java @@ -1,52 +1,127 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; +import at.gv.egovernment.moa.util.StringUtils; +import eu.stork.peps.auth.commons.*; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.io.StringWriter; /** - * Provides mandate attribute from MIS - * + * Provides mandate attribute from MIS */ public class MandateAttributeRequestProvider implements AttributeProvider { - /** The destination. */ - private Object destination; + /** + * The destination. + */ + private String destination; - /** The attributes. */ + /** + * The attributes. + */ private String attributes; - public MandateAttributeRequestProvider(String url, String supportedAttributes) { + private String spCountryCode; + + private PersonalAttributeList requestedAttributes; + + public MandateAttributeRequestProvider(String aPurl, String supportedAttributes) throws MOAIDException { Logger.setHierarchy("moa.id.protocols.stork2"); - destination = url; + destination = aPurl; attributes = supportedAttributes; } - public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountyCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { - Logger.info("Acquiring attribute: " + this.getClass().getName()); + public String getAttrProviderName() { + return "MandateAttributeRequestProvider"; + } + + public IPersonalAttributeList acquire(PersonalAttribute attribute, String spCountryCode, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { + Logger.info("Acquiring attribute: " + attribute.getName() + ", by: " + getAttrProviderName()); + this.spCountryCode = spCountryCode; + requestedAttributes = new PersonalAttributeList(1); + requestedAttributes.add(attribute); + // break if we cannot handle the requested attribute - if(!attributes.contains(attribute.getName())) + if (!attributes.contains(attribute.getName())) { + Logger.info("Attribute " + attribute.getName() + " not supported by the provider: " + getAttrProviderName()); throw new UnsupportedAttributeException(); + } PersonalAttributeList result = new PersonalAttributeList(); //return result; + Logger.info("Thrown external request by: " + getAttrProviderName()); throw new ExternalAttributeRequestRequiredException(this); } public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - Logger.info("Redirecting: " + this.getClass().getName()); + Logger.setHierarchy("moa.id.protocols.stork2"); + + String spSector = "Business"; + String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); + String spApplication = spInstitution; + + //generate AuthnRquest + STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest(); + attributeRequest.setDestination(destination); + attributeRequest.setAssertionConsumerServiceURL(url); + attributeRequest.setIssuer(HTTPUtils.getBaseURL(req)); + attributeRequest.setQaa(oaParam.getQaaLevel()); + attributeRequest.setSpInstitution(spInstitution); + attributeRequest.setCountry(spCountryCode); + attributeRequest.setSpCountry(spCountryCode); + attributeRequest.setSpApplication(spApplication); + attributeRequest.setSpSector(spSector); + attributeRequest.setPersonalAttributeList(requestedAttributes); + + attributeRequest.setCitizenCountryCode("AT"); + + + Logger.info("STORK AttrRequest successfully assembled."); + + STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP"); + try { + attributeRequest = samlEngine.generateSTORKAttrQueryRequest(attributeRequest); + } catch (STORKSAMLEngineException e) { + Logger.error("Could not sign STORK SAML AttrRequest.", e); + throw new MOAIDException("stork.00", null); + } + + Logger.info("STORK AttrRequest successfully signed!"); + + try { + Logger.trace("Initialize VelocityEngine..."); + + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); + VelocityContext context = new VelocityContext(); + context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(attributeRequest.getTokenSaml())); + context.put("action", destination); + + StringWriter writer = new StringWriter(); + template.merge(context, writer); + + resp.getOutputStream().write(writer.toString().getBytes()); + } catch (Exception e) { + Logger.error("Error sending STORK SAML AttrRequest.", e); + throw new MOAIDException("stork.11", null); + } + Logger.info("STORK AttrRequest successfully rendered!"); } public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { - Logger.info("Parsing attribute: " + this.getClass().getName()); - return null; // } + } + -- cgit v1.2.3 From e928a8ba66724466dc613ff4bf0320d1d1ef9e98 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 18 Mar 2014 19:35:11 +0100 Subject: mandaterequest --- .../protocols/stork2/MandateRetrievalRequest.java | 29 ++++++++++++++++++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 3 ++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java new file mode 100644 index 000000000..4e99cc8aa --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -0,0 +1,29 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.logging.Logger; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + */ +public class MandateRetrievalRequest implements IAction { + public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + Logger.setHierarchy("moa.id.protocols.stork2"); + Logger.info("Entering mandateretrievalrequest"); + return null; // + } + + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + return true; // + } + + public String getDefaultActionName() { + return STORKProtocol.MANDATERETRIEVALREQUEST; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 19d1c7f15..ec77109af 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -34,6 +34,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector()); actions.put(CONSENT_EVALUATOR, new ConsentEvaluator()); + actions.put(MANDATERETRIEVALREQUEST, new MandateRetrievalRequest()); } public String getName() { @@ -58,7 +59,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { */ public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { Logger.setHierarchy("moa.id.protocols.stork2"); - Logger.debug("Starting preprocessing"); + Logger.info("Starting preprocessing for Stork2 protocol"); Logger.debug("Request method: " + request.getMethod()); Logger.debug("Request content length: " + request.getContentLength()); Logger.debug("Initiating action: " + action); -- cgit v1.2.3 From 81e83a4889ea8a3c2a1cd645bc02b5b72604e71f Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 20 Mar 2014 11:47:52 +0100 Subject: logging statements tweaked --- .../moa/id/protocols/stork2/AttributeCollector.java | 10 +++++++--- .../egovernment/moa/id/protocols/stork2/ConsentEvaluator.java | 4 ++-- 2 files changed, 9 insertions(+), 5 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index e0f14c41d..4bf193e9e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -109,6 +109,7 @@ public class AttributeCollector implements IAction { if (!responseAttributeList.containsKey(current.getName())) missingAttributes.add(current); + Logger.info("collecting attributes..."); Logger.debug("found " + missingAttributes.size() + " missing attributes"); // Try to get all missing attributes @@ -135,8 +136,10 @@ public class AttributeCollector implements IAction { break; } catch (UnsupportedAttributeException e) { // ok, try the next attributeprovider + Logger.info(currentProvider.getClass().getSimpleName() + " could not handle attribute '" + currentAttribute.getName() + "'"); } catch (MOAIDException e) { // the current plugin had an error. Try the next one. + Logger.info(currentProvider.getClass().getSimpleName() + " could not handle attribute '" + currentAttribute.getName() + "' due to an error"); } } @@ -148,6 +151,7 @@ public class AttributeCollector implements IAction { // else, update any existing attributes addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); } + Logger.info("collecting attributes done"); // ask for consent if necessary if(oaParam.isRequireConsentForStorkAttributes()) @@ -194,9 +198,9 @@ public class AttributeCollector implements IAction { * @throws MOAIDException */ private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) throws MOAIDException { - Logger.info("Updating " + source.size() + " attribute(s)..."); + Logger.debug("Updating " + source.size() + " attributes..."); for (PersonalAttribute current : source) { - Logger.debug("treating " + current.getName()); + Logger.trace("treating " + current.getName()); // check if we need to update the current pa if (target.containsKey(current.getName())) { @@ -213,7 +217,7 @@ public class AttributeCollector implements IAction { } else target.add(current); - Logger.debug("...successfully treated " + current.getName()); + Logger.trace("...successfully treated " + current.getName()); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index 19ec754ee..bcf086b56 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -137,6 +137,8 @@ public class ConsentEvaluator implements IAction { public void generateSTORKResponse(HttpServletResponse httpResp, DataContainer container) throws MOAIDException { MOASTORKRequest request = container.getRequest(); MOASTORKResponse response = container.getResponse(); + + Logger.info("generating stork response..."); try { //Get SAMLEngine instance @@ -155,8 +157,6 @@ public class ConsentEvaluator implements IAction { throw new MOAIDException("stork.05", null); } - Logger.info("STORK SAML Response message succesfully generated "); - // preparing redirection for the client try { VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); -- cgit v1.2.3 From 70e3ac3a5a76c430f453019eba72a1f291069913 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 20 Mar 2014 13:35:29 +0100 Subject: adjust bpk builder --- .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 1 + 1 file changed, 1 insertion(+) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index b3d831b80..618311a28 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -162,3 +162,4 @@ public class StorkAttributeRequestProvider implements AttributeProvider { } } + -- cgit v1.2.3 From 2364aa253e1ea8e6d578450674028c6724cfbabc Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 20 Mar 2014 15:27:15 +0100 Subject: fixed nullpointerex in SignedDocAPPlugin --- .../moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java index f629db5a4..43f6a5984 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java @@ -84,7 +84,7 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { values.add(signResponse); Logger.debug("Assembling signedDoc attribute"); - PersonalAttribute signedDocAttribute = new PersonalAttribute(requestedAttribute.getName(), requestedAttribute.isRequired(), values, + PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values, "Available"); // pack and return the result -- cgit v1.2.3 From 97c4024c8ab745cdd5bd8126bb4af18f11387040 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 20 Mar 2014 15:27:47 +0100 Subject: refactored velocityprovider location --- .../moa/id/protocols/pvp2x/binding/PostBinding.java | 15 ++------------- .../moa/id/protocols/stork2/AttributeCollector.java | 2 +- .../moa/id/protocols/stork2/ConsentEvaluator.java | 2 +- .../protocols/stork2/MandateAttributeRequestProvider.java | 2 +- .../stork2/SignedDocAttributeRequestProvider.java | 2 +- .../protocols/stork2/StorkAttributeRequestProvider.java | 2 +- 6 files changed, 7 insertions(+), 18 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java index af29054e1..6bbbee302 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java @@ -26,7 +26,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.velocity.app.VelocityEngine; -import org.apache.velocity.runtime.RuntimeConstants; import org.opensaml.common.SAMLObject; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.common.xml.SAMLConstants; @@ -49,6 +48,7 @@ import org.opensaml.xml.security.credential.Credential; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; +import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; public class PostBinding implements IDecoder, IEncoder { @@ -70,18 +70,7 @@ public class PostBinding implements IDecoder, IEncoder { Logger.debug("create SAML POSTBinding response"); - // VelocityEngine engine = - // VelocityProvider.getClassPathVelocityEngine(); - VelocityEngine engine = new VelocityEngine(); - engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); - engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); - engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); - engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); - engine.setProperty("classpath.resource.loader.class", - "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); - engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS, - "org.apache.velocity.runtime.log.SimpleLog4JLogSystem"); - engine.init(); + VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine(); HTTPPostEncoder encoder = new HTTPPostEncoder(engine, "resources/templates/pvp_postbinding_template.html"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 4bf193e9e..31114a319 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -7,13 +7,13 @@ import java.util.List; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PEPSUtil; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index bcf086b56..9a3376e4c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -5,13 +5,13 @@ import java.util.ArrayList; import java.util.HashMap; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java index d3eded934..e691f87e1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java @@ -2,9 +2,9 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.StringUtils; import eu.stork.peps.auth.commons.*; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java index 43f6a5984..01297c963 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java @@ -15,8 +15,8 @@ import org.apache.velocity.app.VelocityEngine; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 618311a28..449fef1cb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -10,9 +10,9 @@ import org.apache.velocity.app.VelocityEngine; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.util.HTTPUtils; +import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.StringUtils; -- cgit v1.2.3 From 185aa361aec65c967d2908f69db4abbe9d3d9b2e Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 20 Mar 2014 18:32:14 +0100 Subject: introduced log4j logging system --- .../at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 1 - .../egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java | 1 - .../gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java | 1 - .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java | 1 - .../gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java | 3 --- .../moa/id/protocols/stork2/MandateAttributeRequestProvider.java | 2 -- .../egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java | 1 - .../java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java | 1 - .../moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java | 3 --- .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 3 --- 10 files changed, 17 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 31114a319..1d9e31674 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -99,7 +99,6 @@ public class AttributeCollector implements IAction { * @throws MOAIDException */ public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException { - Logger.setHierarchy("moa.id.protocols.stork2"); // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index 7fb7a7bc6..a339cff23 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -60,7 +60,6 @@ public class AttributeProviderFactory { */ public static List getConfiguredPlugins( List configuredAPs) { - Logger.setHierarchy("moa.id.protocols.stork2"); List result = new ArrayList(); for (AttributeProviderPlugin current : configuredAPs) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 88c0e889d..5e49fe413 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -39,7 +39,6 @@ public class AuthenticationRequest implements IAction { public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { - Logger.setHierarchy("moa.id.protocols.stork2"); this.moaSession = moasession; if (req instanceof MOASTORKRequest) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index f7d105ab8..a257474e3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -71,7 +71,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { throw new UnsupportedAttributeException(); try { - Logger.setHierarchy("moa.id.protocols.stork2"); Logger.debug("initializing SOAP connections..."); // create SOAP connection SOAPConnection soapConnection = SOAPConnectionFactory.newInstance().createConnection(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 44b140548..873ec1e26 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -43,7 +43,6 @@ public class MOAAttributeProvider { public void populateAttribute(PersonalAttributeList attributeList, PersonalAttribute requestedAttribute ) { String storkAttribute = requestedAttribute.getName(); - Logger.setHierarchy("moa.id.protocols.stork2"); if (storkAttributeSimpleMapping.containsKey(storkAttribute)) { Logger.debug("Trying to get value for attribute using simple mapping [" + storkAttribute + "]"); try { @@ -70,7 +69,6 @@ public class MOAAttributeProvider { } private String geteIdentifier() { - Logger.setHierarchy("moa.id.protocols.stork2"); Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkRequest.getStorkAuthnRequest().getSpCountry()); try { return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkRequest.getStorkAuthnRequest().getSpCountry()); @@ -82,7 +80,6 @@ public class MOAAttributeProvider { private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) { - Logger.setHierarchy("moa.id.protocols.stork2"); try { String attributeValue = method.invoke(object, new Class[]{}).toString(); PersonalAttribute newAttribute = new PersonalAttribute(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java index e691f87e1..0e94600db 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java @@ -37,7 +37,6 @@ public class MandateAttributeRequestProvider implements AttributeProvider { private PersonalAttributeList requestedAttributes; public MandateAttributeRequestProvider(String aPurl, String supportedAttributes) throws MOAIDException { - Logger.setHierarchy("moa.id.protocols.stork2"); destination = aPurl; attributes = supportedAttributes; } @@ -64,7 +63,6 @@ public class MandateAttributeRequestProvider implements AttributeProvider { } public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - Logger.setHierarchy("moa.id.protocols.stork2"); String spSector = "Business"; String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index 4e99cc8aa..3bd1686b4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -14,7 +14,6 @@ import javax.servlet.http.HttpServletResponse; */ public class MandateRetrievalRequest implements IAction { public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { - Logger.setHierarchy("moa.id.protocols.stork2"); Logger.info("Entering mandateretrievalrequest"); return null; // } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index ec77109af..5b844580d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -58,7 +58,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { and other info are obtained, in the second step the request will be processed and the user redirected */ public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { - Logger.setHierarchy("moa.id.protocols.stork2"); Logger.info("Starting preprocessing for Stork2 protocol"); Logger.debug("Request method: " + request.getMethod()); Logger.debug("Request content length: " + request.getContentLength()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java index 01297c963..89eb07815 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/SignedDocAttributeRequestProvider.java @@ -75,7 +75,6 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { * .servlet.http.HttpServletRequest) */ public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { - Logger.setHierarchy("moa.id.protocols.stork2"); Logger.debug("Beginning to extract OASIS-DSS response out of HTTP Request"); try { @@ -107,8 +106,6 @@ public class SignedDocAttributeRequestProvider implements AttributeProvider { public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - Logger.setHierarchy("moa.id.protocols.stork2"); - try { Logger.trace("Initialize VelocityEngine..."); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 449fef1cb..c0e613b82 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -73,7 +73,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider { */ public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { - Logger.setHierarchy("moa.id.protocols.stork2"); Logger.info(this.getClass().getSimpleName() + " tries to extract SAMLResponse out of HTTP Request"); //extract STORK Response from HTTP Request @@ -107,8 +106,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider { */ public void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - Logger.setHierarchy("moa.id.protocols.stork2"); - String spSector = "Business"; String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); String spApplication = spInstitution; -- cgit v1.2.3 From 05f8b895f82b67637e5758810139c30c29be9f1a Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Fri, 21 Mar 2014 08:34:53 +0100 Subject: refactored eHVD plugin to use jaxb --- .../stork2/EHvdAttributeProviderPlugin.java | 67 +++++++--------------- 1 file changed, 22 insertions(+), 45 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index a257474e3..5e9d9404c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -8,8 +8,8 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.xml.namespace.QName; -import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.Marshaller; import javax.xml.soap.MessageFactory; import javax.xml.soap.SOAPBody; import javax.xml.soap.SOAPConnection; @@ -18,16 +18,6 @@ import javax.xml.soap.SOAPElement; import javax.xml.soap.SOAPEnvelope; import javax.xml.soap.SOAPMessage; import javax.xml.soap.SOAPPart; -import javax.xml.transform.Result; -import javax.xml.transform.Source; -import javax.xml.transform.Transformer; -import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; -import javax.xml.transform.stream.StreamResult; - -import org.w3c.dom.Document; -import org.w3c.dom.Element; - import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; @@ -36,6 +26,8 @@ import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.complex.attributes.IsHealthCareProfessionalType; +import eu.stork.peps.complex.attributes.ObjectFactory; /** * Fetches the attribute IsHealthcareProfessional from the BAGDAD SOAP service @@ -141,7 +133,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { SOAPElement resultElement = (SOAPElement) responseElement.getChildElements().next(); // collect all info in a map - Iterator it = resultElement.getChildElements(); + Iterator it = resultElement.getChildElements(); Map collection = new HashMap(); while (it.hasNext()) { SOAPElement current = (SOAPElement) it.next(); @@ -168,43 +160,29 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList(), "NotAvailable"); } else { // go on and parse the data + IsHealthCareProfessionalType result = new IsHealthCareProfessionalType(); + result.setNameOfOrganisation(collection.get("NameOfOrganisation")); - Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); - - // create the root element - Element root = doc.createElement("isHealthCareProfessional"); - doc.appendChild(root); - - Element orgname = doc.createElement("nameOfOrganisation"); - orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganisation"))); - root.appendChild(orgname); - - Element type = doc.createElement("HCP"); - // TODO fix value mapping if (collection.get("Type").equals("Medical doctor")) - type.appendChild(doc.createTextNode("D")); - root.appendChild(type); + result.setHCPType("D"); + else + result.setHCPType("?"); - Element specialization = doc.createElement("specialisation"); if (collection.get("Specialization").contains("Arzt für Allgemeinmedizin")) - specialization.appendChild(doc.createTextNode("GP")); - root.appendChild(specialization); - - Element aqaa = doc.createElement("AQAA"); - aqaa.appendChild(doc.createTextNode("4")); - root.appendChild(aqaa); + result.setSpecialisation("GP"); + else + result.setSpecialisation("??"); - // get string from dom tree - Source source = new DOMSource(doc); - StringWriter out = new StringWriter(); - Result result = new StreamResult(out); - - TransformerFactory tFactory = TransformerFactory.newInstance(); - Transformer transformer = tFactory.newTransformer(); - transformer.transform(source, result); + result.setAQAA(4); + final Marshaller m = JAXBContext.newInstance(IsHealthCareProfessionalType.class).createMarshaller(); + m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + + StringWriter stringWriter = new StringWriter(); + m.marshal(new ObjectFactory().createIsHealthCareProfessional(result), stringWriter); + ArrayList value = new ArrayList(); - value.add(out.toString()); + value.add(stringWriter.toString()); acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, "Available"); } @@ -212,12 +190,11 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { // pack and return the result PersonalAttributeList result = new PersonalAttributeList(); result.add(acquiredAttribute); - + // add stork id for verification ArrayList value = new ArrayList(); value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), spCountryCode)); result.add(new PersonalAttribute("eIdentifier", false, value, "Available")); - return result; } catch (Exception e) { -- cgit v1.2.3