From 74e36f95b4fb49b37b05d5e93c9404f795c964df Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Tue, 12 Jan 2016 10:43:11 +0100 Subject: refactor MOASession data-object to store generice information from authentication modules --- .../moa/id/auth/data/AuthenticationSession.java | 374 ++++++--------------- .../AuthenticationSessionStorageConstants.java | 38 +++ .../exception/SessionDataStorageException.java | 45 +++ .../moa/id/data/AuthenticationData.java | 122 ++++--- .../at/gv/egovernment/moa/id/data/IAuthData.java | 8 +- 5 files changed, 256 insertions(+), 331 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/SessionDataStorageException.java (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 59482c4a8..ae3ec9a9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -44,13 +44,15 @@ import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Date; import java.util.List; +import java.util.Map; +import org.apache.commons.collections4.map.HashedMap; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; +import at.gv.egovernment.moa.id.auth.exception.SessionDataStorageException; import at.gv.egovernment.moa.id.data.MISMandate; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.MiscUtil; /** * Session data to be stored between AuthenticationServer API calls. @@ -215,129 +217,28 @@ public class AuthenticationSession implements Serializable { * accept. The infobox identifiers are comma separated. */ private String pushInfobox; - - /** - * The STORK AuthRequest to be sent to the C-PEPS - */ - private STORKAuthnRequest storkAuthnRequest; - - private String storkAuthnResponse; - + // private AuthenticationData authData; // protocol selection private String action; private String modul; + private String processInstanceId; + private boolean authenticated; private boolean authenticatedUsed = false; private boolean ssoRequested = false; - + private String QAALevel = null; - -// private OAuth20SessionObject oAuth20SessionObject; - - // /** - // * Indicates if target from configuration is used or not - // */ - // private boolean useTargetFromConfig; - - // /** - // * Authentication data for the assertion - // */ - // private AuthenticationData assertionAuthData; - // - // /** - // * Persondata for the assertion - // */ - // private String assertionPrPerson; - // - // /** - // * Authblock for the assertion - // */ - // private String assertionAuthBlock; - // - // /** - // * Identitylink assertion for the (MOA) assertion - // */ - // private String assertionIlAssertion; - // - // /** - // * Signer certificate (base64 encoded) for the assertion - // */ - // private String assertionSignerCertificateBase64; - // - // /** - // * bussiness service for the assertion - // */ - // boolean assertionBusinessService; - // - // /** - // * timestamp logging when authentication session has been created - // */ - // private Date timestampStart; - // private CreateXMLSignatureResponse XMLCreateSignatureResponse; - + private VerifyXMLSignatureResponse XMLVerifySignatureResponse; private boolean isForeigner; - - private IPersonalAttributeList storkAttributes; + private Map genericSessionDataStorate = new HashedMap(); - //Temporary store SignRequest for local processing - private String signedDoc; - //Temporary store SAMLResponse for processing after user signed signedDoc locally - private String SAMLResponse; - // - private StringBuffer returnURL; - private IPersonalAttributeList authnResponseGetPersonalAttributeList; - private String authnContextClassRef; - // private String requestedProtocolURL = null; - - private String processInstanceId; - - public String getAuthnContextClassRef() { - return authnContextClassRef; - } - - public void setAuthnContextClassRef(String authnContextClassRef) { - this.authnContextClassRef = authnContextClassRef; - } - - public IPersonalAttributeList getAuthnResponseGetPersonalAttributeList() { - return authnResponseGetPersonalAttributeList; - } - - public void setAuthnResponseGetPersonalAttributeList(IPersonalAttributeList authnResponseGetPersonalAttributeList) { - this.authnResponseGetPersonalAttributeList = authnResponseGetPersonalAttributeList; - } - - public String getSAMLResponse() { - return SAMLResponse; - } - - public void setSAMLResponse(String samlResponse) { - SAMLResponse = samlResponse; - } - - public StringBuffer getReturnURL() { - return returnURL; - } - - public void setReturnURL(StringBuffer returnURL) { - this.returnURL = returnURL; - } - - public String getSignedDoc() { - return signedDoc; - } - - public void setSignedDoc(String signedDoc) { - this.signedDoc = signedDoc; - } - public String getModul() { return modul; } @@ -353,15 +254,7 @@ public class AuthenticationSession implements Serializable { public void setAction(String action) { this.action = action; } - - // public AuthenticationData getAuthData() { - // return authData; - // } - // - // public void setAuthData(AuthenticationData authData) { - // this.authData = authData; - // } - + public boolean isAuthenticatedUsed() { return authenticatedUsed; } @@ -378,14 +271,6 @@ public class AuthenticationSession implements Serializable { this.authenticated = authenticated; } - // public String getRequestedProtocolURL() { - // return requestedProtocolURL; - // } - // - // public void setRequestedProtocolURL(String requestedProtocolURL) { - // this.requestedProtocolURL = requestedProtocolURL; - // } - /** * Constructor for AuthenticationSession. * @@ -395,8 +280,7 @@ public class AuthenticationSession implements Serializable { public AuthenticationSession(String id, Date created) { sessionID = id; sessionCreated = created; - // setTimestampStart(); -// infoboxValidators = new ArrayList(); + } public X509Certificate getSignerCertificate() { @@ -760,98 +644,7 @@ public class AuthenticationSession implements Serializable { public void setIssueInstant(String issueInstant) { this.issueInstant = issueInstant; } - -// /** -// * Returns the iterator to the stored infobox validators. -// * -// * @return Iterator -// */ -// public Iterator getInfoboxValidatorIterator() { -// if (infoboxValidators == null) return null; -// return infoboxValidators.iterator(); -// } - - // /** - // * Adds an infobox validator class to the stored infobox validators. - // * - // * @param infoboxIdentifier - // * the identifier of the infobox the validator belongs to - // * @param infoboxFriendlyName - // * the friendly name of the infobox - // * @param infoboxValidator - // * the infobox validator to add - // */ - // public Iterator addInfoboxValidator(String infoboxIdentifier, - // String infoboxFriendlyName, InfoboxValidator infoboxValidator) { - // if (infoboxValidators == null) - // infoboxValidators = new ArrayList(); - // Vector v = new Vector(3); - // v.add(infoboxIdentifier); - // v.add(infoboxFriendlyName); - // v.add(infoboxValidator); - // infoboxValidators.add(v); - // return infoboxValidators.iterator(); - // } - -// /** -// * Tests for pending input events of the infobox validators. -// * -// * @return true if a validator has a form to show -// */ -// public boolean isValidatorInputPending() { -// boolean result = false; -// Iterator iter = getInfoboxValidatorIterator(); -// if (iter != null) { -// while (!result && iter.hasNext()) { -// Vector infoboxValidatorVector = (Vector) iter.next(); -// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector.get(2); -// if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) result = true; -// } -// } -// return result; -// } - - // /** - // * Returns the first pending infobox validator. - // * - // * @return the infobox validator class - // */ - // public InfoboxValidator getFirstPendingValidator() { - // Iterator iter = getInfoboxValidatorIterator(); - // if (iter != null) { - // while (iter.hasNext()) { - // Vector infoboxValidatorVector = (Vector) iter.next(); - // InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - // .get(2); - // String form = infoboxvalidator.getForm(); - // if (!ParepUtils.isEmpty(form)) - // return infoboxvalidator; - // } - // } - // return null; - // } - - // /** - // * Returns the input form of the first pending infobox validator input - // * processor. - // * - // * @return the form to show - // */ - // public String getFirstValidatorInputForm() { - // Iterator iter = getInfoboxValidatorIterator(); - // if (iter != null) { - // while (iter.hasNext()) { - // Vector infoboxValidatorVector = (Vector) iter.next(); - // InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - // .get(2); - // String form = infoboxvalidator.getForm(); - // if (!ParepUtils.isEmpty(form)) - // return form; - // } - // } - // return null; - // } - + /** * Returns domain identifier (the register and number in the register parameter). * null in the case of not a business service. @@ -954,26 +747,7 @@ public class AuthenticationSession implements Serializable { public void setMandateReferenceValue(String mandateReferenceValue) { this.mandateReferenceValue = mandateReferenceValue; } - - /** - * Gets the STORK SAML AuthnRequest - * - * @return STORK SAML AuthnRequest - */ - public STORKAuthnRequest getStorkAuthnRequest() { - return storkAuthnRequest; - } - - /** - * Sets the STORK SAML AuthnRequest - * - * @param storkAuthnRequest - * STORK SAML AuthnRequest - */ - public void setStorkAuthnRequest(STORKAuthnRequest storkAuthnRequest) { - this.storkAuthnRequest = storkAuthnRequest; - } - + public String getCcc() { return ccc; } @@ -1054,24 +828,8 @@ public class AuthenticationSession implements Serializable { } /** - * Memorizes the stork attribute list. - * - * @param personalAttributeList the new stork attributes - */ - public void setStorkAttributes(IPersonalAttributeList personalAttributeList) { - this.storkAttributes = personalAttributeList; - } - - /** - * Recalls the stork attribute list. - * - * @return the stork attributes - */ - public IPersonalAttributeList getStorkAttributes() { - return this.storkAttributes; - } - - /** + * eIDAS QAA level + * * @return the qAALevel */ public String getQAALevel() { @@ -1079,26 +837,14 @@ public class AuthenticationSession implements Serializable { } /** + * set QAA level in eIDAS form + * * @param qAALevel the qAALevel to set */ public void setQAALevel(String qAALevel) { QAALevel = qAALevel; } - /** - * @return the storkAuthnResponse - */ - public String getStorkAuthnResponse() { - return storkAuthnResponse; - } - - /** - * @param storkAuthnResponse the storkAuthnResponse to set - */ - public void setStorkAuthnResponse(String storkAuthnResponse) { - this.storkAuthnResponse = storkAuthnResponse; - } - /** * @return the sessionCreated */ @@ -1121,5 +867,89 @@ public class AuthenticationSession implements Serializable { public void setProcessInstanceId(String processInstanceId) { this.processInstanceId = processInstanceId; } + + public Map getGenericSessionDataStorage() { + return genericSessionDataStorate; + } + + /** + * Returns a generic session-data object with is stored with a specific identifier + * + * @param key The specific identifier of the session-data object + * @return The session-data object or null if no data is found with this key + */ + public Object getGenericDataFromSession(String key) { + if (MiscUtil.isNotEmpty(key)) { + return genericSessionDataStorate.get(key); + + } + + Logger.warn("Can not load generic session-data with key='null'"); + return null; + + } + + /** + * Returns a generic session-data object with is stored with a specific identifier + * + * @param key The specific identifier of the session-data object + * @param clazz The class type which is stored with this key + * @return The session-data object or null if no data is found with this key + */ + public T getGenericDataFromSession(String key, final Class clazz) { + if (MiscUtil.isNotEmpty(key)) { + Object data = genericSessionDataStorate.get(key); + + if (data == null) + return null; + + try { + @SuppressWarnings("unchecked") + T test = (T) data; + return test; + + } catch (Exception e) { + Logger.warn("Generic authentication-data object can not be casted to requsted type", e); + return null; + + } + + } + + Logger.warn("Can not load generic session-data with key='null'"); + return null; + + } + + /** + * Store a generic data-object to session with a specific identifier + * + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface + * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage + */ + public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException { + if (MiscUtil.isEmpty(key)) { + Logger.warn("Generic session-data can not be stored with a 'null' key"); + throw new SessionDataStorageException("Generic session-data can not be stored with a 'null' key", null); + + } + + if (object != null) { + if (!Serializable.class.isInstance(object)) { + Logger.warn("Generic session-data can only store objects which implements the 'Seralizable' interface"); + throw new SessionDataStorageException("Generic session-data can only store objects which implements the 'Seralizable' interface", null); + + } + } + + if (genericSessionDataStorate.containsKey(key)) + Logger.debug("Overwrite generic session-data with key:" + key); + else + Logger.trace("Add generic session-data with key:" + key + " to session."); + + genericSessionDataStorate.put(key, object); + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java new file mode 100644 index 000000000..f67f41dd3 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSessionStorageConstants.java @@ -0,0 +1,38 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.data; + +/** + * @author tlenz + * + */ +public class AuthenticationSessionStorageConstants { + + public static final String PREFIX_STORK = "stork_"; + public static final String PREFIX_eIDAS = "eIDAS_"; + + public static final String STORK_ATTRIBUTELIST = PREFIX_STORK + "attributelist"; + public static final String STORK_REQUEST = PREFIX_STORK + "request"; + public static final String STORK_RESPONSE = PREFIX_STORK + "response"; + public static final String STORK_CCC = PREFIX_STORK + "ccc"; +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/SessionDataStorageException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/SessionDataStorageException.java new file mode 100644 index 000000000..203be784e --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/exception/SessionDataStorageException.java @@ -0,0 +1,45 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.auth.exception; + +/** + * @author tlenz + * + */ +public class SessionDataStorageException extends MOAIDException { + + /** + * + */ + private static final long serialVersionUID = 5743057708136365929L; + + /** + * @param messageId + * @param parameters + */ + public SessionDataStorageException(String messageId, Object[] parameters) { + super(messageId, parameters); + + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java index e2892e70a..a5dfe7524 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java @@ -29,13 +29,13 @@ import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.Date; import java.util.List; +import java.util.Map; +import org.apache.commons.collections4.map.HashedMap; import org.w3c.dom.Element; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; - import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.SessionDataStorageException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.DateTimeUtils; @@ -122,9 +122,8 @@ public class AuthenticationData implements IAuthData, Serializable { * STORK attributes from response */ private String ccc = null; - private IPersonalAttributeList storkAttributes = null; - private String storkAuthnResponse; - private STORKAuthnRequest storkRequest = null; + + private Map genericDataStorate = new HashedMap(); private byte[] signerCertificate = null; @@ -397,23 +396,6 @@ public class AuthenticationData implements IAuthData, Serializable { this.identityLink = identityLink; } - - /** - * @return the storkAttributes - */ - public IPersonalAttributeList getStorkAttributes() { - return storkAttributes; - } - - - /** - * @param storkAttributes the storkAttributes to set - */ - public void setStorkAttributes(IPersonalAttributeList storkAttributes) { - this.storkAttributes = storkAttributes; - } - - /** * @return the signerCertificate */ @@ -538,35 +520,6 @@ public class AuthenticationData implements IAuthData, Serializable { this.ssoSession = ssoSession; } - /** - * @param storkRequest the storkRequest to set - */ - public void setStorkRequest(STORKAuthnRequest storkRequest) { - this.storkRequest = storkRequest; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.data.IAuthData#getStorkAuthnRequest() - */ - @Override - public STORKAuthnRequest getStorkAuthnRequest() { - return this.storkRequest; - } - - /** - * @return the storkAuthnResponse - */ - public String getStorkAuthnResponse() { - return storkAuthnResponse; - } - - /** - * @param storkAuthnResponse the storkAuthnResponse to set - */ - public void setStorkAuthnResponse(String storkAuthnResponse) { - this.storkAuthnResponse = storkAuthnResponse; - } - /** * @return the mandateReferenceValue */ @@ -743,5 +696,68 @@ public class AuthenticationData implements IAuthData, Serializable { public void setIsBusinessService(boolean flag) { this.businessService = flag; - } + } + + /** + * Returns a generic data-object with is stored with a specific identifier + * + * @param key The specific identifier of the data object + * @param clazz The class type which is stored with this key + * @return The data object or null if no data is found with this key + */ + public T getGenericData(String key, final Class clazz) { + if (MiscUtil.isNotEmpty(key)) { + Object data = genericDataStorate.get(key); + + if (data == null) + return null; + + try { + @SuppressWarnings("unchecked") + T test = (T) data; + return test; + + } catch (Exception e) { + Logger.warn("Generic authentication-data object can not be casted to requsted type", e); + return null; + + } + + } + + Logger.warn("Can not load generic session-data with key='null'"); + return null; + + } + + /** + * Store a generic data-object to session with a specific identifier + * + * @param key Identifier for this data-object + * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface + * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage + */ + public void setGenericData(String key, Object object) throws SessionDataStorageException { + if (MiscUtil.isEmpty(key)) { + Logger.warn("Generic session-data can not be stored with a 'null' key"); + throw new SessionDataStorageException("Generic data can not be stored with a 'null' key", null); + + } + + if (object != null) { + if (!Serializable.class.isInstance(object)) { + Logger.warn("Generic data can only store objects which implements the 'Seralizable' interface"); + throw new SessionDataStorageException("Generic data can only store objects which implements the 'Seralizable' interface", null); + + } + } + + if (genericDataStorate.containsKey(key)) + Logger.debug("Overwrite generic data with key:" + key); + else + Logger.trace("Add generic data with key:" + key + " to session."); + + genericDataStorate.put(key, object); + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java index 09b0d7971..915242787 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/IAuthData.java @@ -27,9 +27,6 @@ import java.util.List; import org.w3c.dom.Element; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; - import at.gv.egovernment.moa.id.auth.data.IdentityLink; /** @@ -89,8 +86,7 @@ public interface IAuthData { boolean isForeigner(); String getCcc(); - STORKAuthnRequest getStorkAuthnRequest(); - String getStorkAuthnResponse(); - IPersonalAttributeList getStorkAttributes(); + + public T getGenericData(String key, final Class clazz); } -- cgit v1.2.3