From 8dc47981d0d79c413020f087a4f253f64a6cbbea Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 3 Nov 2016 13:01:04 +0100
Subject: change merge problems in cherry picking

---
 .../PropertyBasedAuthConfigurationProvider.java    | 145 ++++++++++++++++-----
 1 file changed, 116 insertions(+), 29 deletions(-)

(limited to 'id/server/idserverlib/src/main/java')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
index 348b1c45a..94353fb6b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
@@ -18,6 +18,7 @@ import java.util.Map;
 import java.util.Properties;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.transaction.annotation.Transactional;
 
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.MOAIDConstants;
@@ -38,13 +39,13 @@ import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl;
 import at.gv.egovernment.moa.id.config.ConfigurationUtils;
 import at.gv.egovernment.moa.id.config.ConnectionParameter;
-import at.gv.egovernment.moa.id.config.ConnectionParameterForeign;
 import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP;
 import at.gv.egovernment.moa.id.config.ConnectionParameterMandate;
 import at.gv.egovernment.moa.id.config.stork.STORKConfig;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
+import iaik.pki.revocation.RevocationSourceTypes;
 
 /**
  * A class providing access to the Auth Part of the MOA-ID configuration data.
@@ -196,6 +197,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertiesWithPrefix(java.lang.String)
 	 */
 	@Override
+	@Transactional
 	public Map<String, String> getConfigurationWithPrefix(String Prefix) {
 		try {
 			return configuration.getPropertySubset(Prefix);
@@ -212,6 +214,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertiesWithPrefix(java.lang.String)
 	 */
 	@Override
+	@Transactional
 	public Map<String, String> getConfigurationWithWildCard(String key) {
 		try {			
 			return configuration.searchPropertiesWithWildcard(key);
@@ -228,23 +231,33 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 		
 	}
 	
+	public String getBasicMOAIDConfiguration(final String key, final String defaultValue) {
+		return properties.getProperty(key, defaultValue);
+		
+	}
+	
+	
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertyWithKey(java.lang.String)
 	 */
 	@Override
+	@Transactional
 	public String getConfigurationWithKey(String key) {
 		try {
-			return configuration.getStringValue(key).trim();
-			
-		} catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
-			return null;
-		}
+			String value = configuration.getStringValue(key);
+			if (value != null)
+				return value.trim();
+						
+		} catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {}
+		
+		return null;
 	}
 	
 	/**
 	 * Returns the general pvp2 properties config. NOTE: may be empty but never {@code null}.
 	 * @return the general pvp2 properties config.
 	 */
+	@Transactional
 	public Properties getGeneralPVP2ProperiesConfig() {
 		return this.getGeneralProperiesConfig("protocols.pvp2.");
 	}
@@ -253,6 +266,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * Returns the general oauth20 properties config. NOTE: may be empty but never {@code null}.
 	 * @return the general oauth20 properties config.
 	 */
+	@Transactional
 	public Properties getGeneralOAuth20ProperiesConfig() {
 		return this.getGeneralProperiesConfig("protocols.oauth20.");
 	}
@@ -262,6 +276,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * 
 	 * @return the allowed protocols or {@code null}.
 	 */
+	@Transactional
 	public ProtocolAllowed getAllowedProtocols() {
 		try {
 			ProtocolAllowed allowedProtcols = new ProtocolAllowed();
@@ -287,6 +302,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getTransactionTimeOut()
 	 */
 	@Override
+	@Transactional
 	public int getTransactionTimeOut() {
 		try {
 			return configuration.getIntegerValue(
@@ -302,6 +318,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getSSOCreatedTimeOut()
 	 */
 	@Override
+	@Transactional
 	public int getSSOCreatedTimeOut() {
 		try {
 			return configuration.getIntegerValue(
@@ -317,6 +334,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getSSOUpdatedTimeOut()
 	 */
 	@Override
+	@Transactional
 	public int getSSOUpdatedTimeOut() {
 		try {
 			return configuration.getIntegerValue(
@@ -334,6 +352,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return an alternative source ID or {@code null}.
 	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}
 	 */
+	@Transactional
 	public String getAlternativeSourceID() throws ConfigurationException {
 		try {
 			return configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_SAML1_SOURCEID);
@@ -349,6 +368,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * 
 	 * @return the list of protocols.
 	 */
+	@Transactional
 	public List<String> getLegacyAllowedProtocols() {
 		
 		List<String> legacy = new ArrayList<String>();
@@ -380,6 +400,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @param oaURL URL requested for an online application
 	 * @return an <code>OAAuthParameter</code>, or <code>null</code> if none is applicable
 	 */
+	@Transactional
 	public OAAuthParameter getOnlineApplicationParameter(String oaURL) {
 		Map<String, String> oa = getActiveOnlineApplication(oaURL);
 		if (oa == null) {			
@@ -395,6 +416,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return a string with a url-reference to the VerifyAuthBlock trust profile ID.
 	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}.
 	 */
+	@Transactional
 	public String getMoaSpAuthBlockTrustProfileID(boolean useTestTrustStore) throws ConfigurationException {
 		if (useTestTrustStore)
 			return getMoaSpAuthBlockTestTrustProfileID();
@@ -451,6 +473,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return a list of strings containing all urls to the verify transform info IDs.
 	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}.
 	 */
+	@Transactional
 	public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException {
 		try {
 			return Arrays.asList(configuration.getStringValue(
@@ -468,6 +491,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return ConnectionParameter of the authentication component moa-sp element.
 	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}.
 	 */
+	@Transactional
 	public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException {
 		ConnectionParameter result = null;
 		String moaspURL;
@@ -494,24 +518,34 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return the connection parameter.
 	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}.
 	 */
-	public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException {
-		ConnectionParameter result = null;
-		String serviceURL;
+	@Transactional
+	public ConnectionParameter getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException {
+		String serviceURL = null;
 		try {
-			serviceURL = configuration.getStringValue(
-					MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL);
-			if (serviceURL != null) {
-				result = 
-						new ConnectionParameterForeign(serviceURL, this.getProperties(), this.getRootConfigFileDir());
+			//load OA specific MIS service URL if OA configuration exists
+			if (oaParameters != null)
+				serviceURL = oaParameters.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL);
 				
+			//get first entry from general configuration if no OA specific URL exists				
+			if (MiscUtil.isEmpty(serviceURL)) {
+					List<String> serviceURLs = KeyValueUtils.getListOfCSVValues(
+							configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_SZRGW_URL));
+					if (serviceURLs.size() > 0)
+						serviceURL = serviceURLs.get(0);
+										
 			}
 			
+			if (MiscUtil.isNotEmpty(serviceURL))
+				return new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir());
+			
+			else
+				throw new ConfigurationException("service.09", new Object[]{"NO SZR-GW Service URL"});
+					
 		} catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
-			Logger.warn("Loading SZRGW Service URL from configuration FAILED.", e);
+			Logger.warn("Initialize SZR-GW service connection parameters FAILED.", e);
+			throw new ConfigurationException("service.09", new Object[]{e.getMessage()}, e);
 			
-		}
-
-		return result;
+		}		
 	}
 
 	/**
@@ -520,24 +554,35 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return the connection parameter.
 	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}
 	 */
-	public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException {
-		ConnectionParameter result = null;
-		String serviceURL;
+	@Transactional
+	public ConnectionParameter getOnlineMandatesConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException {
+		String serviceURL = null;
 		try {
-			serviceURL = configuration.getStringValue(
-					MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL);
-			if (serviceURL != null) {
-				result = 
-						new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir());
+			//load OA specific MIS service URL if OA configuration exists
+			if (oaParameters != null)
+				serviceURL = oaParameters.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_MIS_SERVICE_URL);
 				
+			//get first entry from general configuration if no OA specific URL exists				
+			if (MiscUtil.isEmpty(serviceURL)) {
+					List<String> serviceURLs = KeyValueUtils.getListOfCSVValues(
+							configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_OVS_URL));
+					if (serviceURLs.size() > 0)
+						serviceURL = serviceURLs.get(0);
+										
 			}
 			
+			if (MiscUtil.isNotEmpty(serviceURL))
+				return new ConnectionParameterMandate(serviceURL, this.getProperties(), this.getRootConfigFileDir());
+			
+			else
+				throw new ConfigurationException("service.06", new Object[]{"NO MIS Service URL"});
+					
 		} catch (at.gv.egiz.components.configuration.api.ConfigurationException e) {
-			Logger.warn("Loading SZRGW Service URL from configuration FAILED.", e);
+			Logger.warn("Initialize MIS service connection parameters FAILED.", e);
+			throw new ConfigurationException("service.06", new Object[]{e.getMessage()}, e);
 			
 		}
-
-		return result;
+		
 	}
 
 	/**
@@ -563,6 +608,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return a list of transform infos.
 	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link SecurityLayer}.
 	 */
+	@Transactional
 	public List<String> getTransformsInfos() throws ConfigurationException {
 		try {
 			String securityLayer = configuration.getStringValue(
@@ -595,6 +641,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * 
 	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}
 	 */
+	@Transactional
 	public List<String> getIdentityLinkX509SubjectNames() throws ConfigurationException {
 
 		ArrayList<String> identityLinkX509SubjectNames = new ArrayList<String>();
@@ -616,6 +663,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return list of default SLRequestTemplates.
 	 * @throws ConfigurationException is never thrown
 	 */
+	@Transactional
 	public List<String> getSLRequestTemplates() throws ConfigurationException {
 		List<String> templatesList = new ArrayList<String>();
 
@@ -642,6 +690,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * 
 	 * @throws ConfigurationException is never thrown
 	 */
+	@Transactional
 	public String getSLRequestTemplates(String type) throws ConfigurationException {
 		String slRequestTemplate = null;
 
@@ -677,6 +726,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return list of default BKUURLs.
 	 * @throws ConfigurationException is never thrown
 	 */
+	@Transactional
 	public List<String> getDefaultBKUURLs() throws ConfigurationException {
 		List<String> bkuurlsList = new ArrayList<String>();
 		try {
@@ -702,6 +752,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * 
 	 * @throws ConfigurationException is never thrown
 	 */
+	@Transactional
 	public String getDefaultBKUURL(String type) throws ConfigurationException {
 		String defaultBKUUrl = null;
 		try {
@@ -736,6 +787,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return the SSOTagetIdentifier or {@code null}
 	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}
 	 */
+	@Transactional
 	public String getSSOTagetIdentifier() throws ConfigurationException {
 		try {
 			String value = configuration.getStringValue(
@@ -756,6 +808,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * 
 	 * @return the SSOFriendlyName or a default String
 	 */
+	@Transactional
 	public String getSSOFriendlyName() {
 		try {
 			return configuration.getStringValue(
@@ -772,6 +825,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * 
 	 * @return the SSOSpecialText or an empty String
 	 */
+	@Transactional
 	public String getSSOSpecialText() {
 		try {
 			String text = configuration.getStringValue(
@@ -858,6 +912,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 		return Boolean.valueOf(prop);
 	}
 
+	@Transactional
 	public List<String> getPublicURLPrefix() throws ConfigurationException{
 		try {			
 			String publicURLPrefixList = configuration.getStringValue(
@@ -923,6 +978,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return a new STORK Configuration or {@code null}
 	 * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}
 	 */
+	@Transactional
 	public IStorkConfig getStorkConfig() throws ConfigurationException {
 		IStorkConfig result = null;
 		try {
@@ -1009,6 +1065,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return {@code true} if enable, {@code false} if disabled
 	 */
 	@Override
+	@Transactional
 	public boolean isTrustmanagerrevoationchecking() {
 
 		try {
@@ -1027,6 +1084,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @return the path to the certstore directory or {@code null}
 	 */
 	@Override
+	@Transactional
 	public String getCertstoreDirectory() {
 		try {
 			String path = rootConfigFileDir + configuration.getStringValue(
@@ -1047,6 +1105,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	}
 
 	@Override
+	@Transactional
 	public String getTrustedCACertificates() {
 		try {
 			String path = rootConfigFileDir + configuration.getStringValue(
@@ -1073,6 +1132,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @param id the id of the requested online application
 	 * @return the requested online application or {@code null}
 	 */
+	@Transactional
 	public Map<String, String> getActiveOnlineApplication(String id) {
 		Logger.trace("Get active OnlineApplication with ID " + id + " from database.");
 		Map<String, String> oaConfig = null;
@@ -1173,10 +1233,35 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 		  return Boolean.valueOf(prop);
 	}
 
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.commons.api.AuthConfiguration#getRevocationMethodOrder()
+	 */
+	@Override
+	public String[] getRevocationMethodOrder() {
+		final String[] DEFAULTORDER = new String[] {RevocationSourceTypes.OCSP, RevocationSourceTypes.CRL};
+		List<String> result = new ArrayList<String>();
+		
+		String prop = properties.getProperty("configuration.ssl.validation.revocation.method.order");
+		if (MiscUtil.isNotEmpty(prop)) {
+			String[] configOrder = prop.split(",");
+			for (String el : configOrder) {
+				if (RevocationSourceTypes.ALL.contains(el.trim())) {
+					result.add(el.trim());
+				}
+			}			
+		}
+		
+		if (result.isEmpty())		
+			return DEFAULTORDER;
+		else
+			return result.toArray(new String[result.size()]);
+	}
+	
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getDefaultRevisionsLogEventCodes()
 	 */
 	@Override
+	@Transactional
 	public List<Integer> getDefaultRevisionsLogEventCodes() {
 		try {
 			String eventcodes = configuration.getStringValue(MOAIDConfigurationConstants.GENERAL_REVERSION_LOGS_EVENTCODES);
@@ -1209,6 +1294,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getMoaSpIdentityLinkTrustProfileID(boolean)
 	 */
 	@Override
+	@Transactional
 	public String getMoaSpIdentityLinkTrustProfileID(boolean useTestTrustStore)
 			throws ConfigurationException {
 		if (useTestTrustStore)
@@ -1221,6 +1307,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#isVirtualIDPsEnabled()
 	 */
 	@Override
+	@Transactional
 	public boolean isVirtualIDPsEnabled() {
 		try {
 			String value = configuration.getStringValue(
-- 
cgit v1.2.3