From 70ae2eb241fa347bda7bd89612c88db63506311c Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 18 Jan 2016 17:35:10 +0100 Subject: refactor additional parts of MOA-ID-Auth to enabled virtual IDP functionality --- .../moa/id/auth/servlet/IDPSingleLogOutServlet.java | 3 ++- .../moa/id/config/auth/AuthConfiguration.java | 2 ++ .../auth/PropertyBasedAuthConfigurationProvider.java | 20 ++++++++++++++++++++ .../moa/id/moduls/AuthenticationManager.java | 4 ++-- .../at/gv/egovernment/moa/id/moduls/RequestImpl.java | 9 +++++---- .../moa/id/protocols/pvp2x/SingleLogOutAction.java | 2 +- 6 files changed, 32 insertions(+), 8 deletions(-) (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index 0a6d30be7..b7148a318 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -45,6 +45,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NOSLOServiceDescripto import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; @@ -142,7 +143,7 @@ public class IDPSingleLogOutServlet extends AuthServlet { } else { //print SLO information directly - redirectURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/idpSingleLogout"; + redirectURL = HTTPUtils.extractAuthURLFromRequest(req) + "/idpSingleLogout"; String artifact = Random.nextRandom(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java index 47abf78db..65dcc7bf3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java @@ -89,6 +89,8 @@ public interface AuthConfiguration extends ConfigurationProvider{ */ public List getPublicURLPrefix() throws ConfigurationException; + public boolean isVirtualIDPsEnabled(); + public boolean isPVP2AssertionEncryptionActive(); public boolean isCertifiacteQCActive(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index d3c26cdbe..00d38eec9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -1149,4 +1149,24 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide else return getMoaSpIdentityLinkTrustProfileID(); } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#isVirtualIDPsEnabled() + */ + @Override + public boolean isVirtualIDPsEnabled() { + try { + String value = configuration.getStringValue( + MOAIDConfigurationConstants.GENERAL_ISVIRTUALIDPSENABLED); + if (MiscUtil.isNotEmpty(value)) { + return Boolean.valueOf(value); + } + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.error("Error during 'isVirutalIDPsEnabled' load operationen." , e); + + } + + return false; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index b29220af2..86fcdb8b5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -258,8 +258,8 @@ public class AuthenticationManager extends MOAIDAuthConstants { AssertionStorage.getInstance().put(relayState, sloContainer); - String timeOutURL = pvpReq - + "idpSingleLogout" + String timeOutURL = pvpReq.getAuthURL() + + "/idpSingleLogout" + "?restart=" + relayState; VelocityContext context = new VelocityContext(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java index c9482967f..a7027fcf1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestImpl.java @@ -33,6 +33,7 @@ import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; @@ -76,11 +77,11 @@ public abstract class RequestImpl implements IRequest, Serializable{ } - List configuredPublicURLPrefix = - AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); + List configuredPublicURLPrefix = config.getPublicURLPrefix(); - if (MiscUtil.isEmpty(authURLString)) { - Logger.info("AuthenticationServiceURL extraction FAILED. Use default IDP PublicURLPrefix from configuration: " + configuredPublicURLPrefix.get(0)); + if (!config.isVirtualIDPsEnabled()) { + Logger.debug("Virtual IDPs are disabled. Use default IDP PublicURLPrefix from configuration: " + configuredPublicURLPrefix.get(0)); this.authURL = configuredPublicURLPrefix.get(0); } else { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java index b567798fa..911197a05 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java @@ -259,7 +259,7 @@ public class SingleLogOutAction implements IAction { } else { //print SLO information directly - redirectURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/idpSingleLogout"; + redirectURL = req.getAuthURL() + "/idpSingleLogout"; String artifact = Random.nextRandom(); -- cgit v1.2.3