From 775c9ddc5a13f813ec2392f5e1d5ea0a1b466923 Mon Sep 17 00:00:00 2001 From: Christian Wagner Date: Tue, 20 Jan 2015 17:26:08 +0100 Subject: rewrite 'AuthConfigurationProvider' in order to use key-value database --- .../config/auth/NewAuthConfigurationProvider.java | 757 ++++++++++++++++++--- 1 file changed, 671 insertions(+), 86 deletions(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java index 4f2284d3d..77a9f032c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java @@ -1,216 +1,801 @@ package at.gv.egovernment.moa.id.config.auth; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.math.BigInteger; +import java.util.ArrayList; import java.util.List; import java.util.Properties; import org.springframework.beans.factory.annotation.Autowired; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; +import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; +import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; +import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; +import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; +import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; +import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1; +import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; +import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.ConfigurationUtils; import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; +import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; +import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; import at.gv.egovernment.moa.id.config.stork.STORKConfig; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; -import com.datentechnik.moa.id.conf.persistence.ConfigurationImpl; -import com.fasterxml.jackson.annotation.JsonProperty; +import com.datentechnik.moa.id.conf.persistence.Configuration; +/** + * A class providing access to the Auth Part of the MOA-ID configuration data. + */ public class NewAuthConfigurationProvider extends ConfigurationProvider implements AuthConfiguration { @Autowired - private ConfigurationImpl configuration; + private Configuration configuration; - @JsonProperty("getGeneralPVP2ProperiesConfig") + private final Properties properties = new Properties(); + + public NewAuthConfigurationProvider(String fileName) throws ConfigurationException { + File propertiesFile = new File(fileName); + rootConfigFileDir = propertiesFile.getParent(); + + try (FileInputStream in = new FileInputStream(propertiesFile);) { + properties.load(in); + } catch (FileNotFoundException e) { + throw new ConfigurationException("config.03", null, e); + } catch (IOException e) { + throw new ConfigurationException("config.03", null, e); + } + } + + private Properties getProperties() { + return properties; + } + + /** + * Returns the general pvp2 properties config. NOTE: may be empty but never {@code null}. + * @return the general pvp2 properties config. + */ public Properties getGeneralPVP2ProperiesConfig() { - return configuration.get("getGeneralPVP2ProperiesConfig", Properties.class); + return this.getGeneralProperiesConfig("protocols.pvp2."); } - @JsonProperty("getGeneralOAuth20ProperiesConfig") + /** + * Returns the general oauth20 properties config. NOTE: may be empty but never {@code null}. + * @return the general oauth20 properties config. + */ public Properties getGeneralOAuth20ProperiesConfig() { - return configuration.get("getGeneralOAuth20ProperiesConfig", Properties.class); + return this.getGeneralProperiesConfig("protocols.oauth20."); } - @JsonProperty("getAllowedProtocols") + /** + * Returns the allowed protocols. NOTE: may return {@code null}. + * + * @return the allowed protocols or {@code null}. + */ public ProtocolAllowed getAllowedProtocols() { - return configuration.get("getAllowedProtocols", ProtocolAllowed.class); + + AuthComponentGeneral authComponentGeneral; + try { + authComponentGeneral = getAuthComponentGeneral(); + } catch (ConfigurationException e) { + return null; + } + ProtocolAllowed allowedProtcols = new ProtocolAllowed(); + Protocols protocols = authComponentGeneral.getProtocols(); + if (protocols != null) { + allowedProtcols = new ProtocolAllowed(); + + if (protocols.getSAML1() != null) { + allowedProtcols.setSAML1Active(protocols.getSAML1().isIsActive()); + } + + if (protocols.getOAuth() != null) { + allowedProtcols.setOAUTHActive(protocols.getOAuth().isIsActive()); + } + + if (protocols.getPVP2() != null) { + allowedProtcols.setPVP21Active(protocols.getPVP2().isIsActive()); + } + return allowedProtcols; + } else { + Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); + return null; + } } - @JsonProperty("getGeneralPVP2DBConfig") + /** + * Returns the general PVP2 configuration. NOTE: may return {@code null}. + * + * @return the general PVP2 configuration or {@code null}. + */ public PVP2 getGeneralPVP2DBConfig() { - return configuration.get("getGeneralPVP2DBConfig", PVP2.class); + + AuthComponentGeneral authComponentGeneral; + try { + authComponentGeneral = getAuthComponentGeneral(); + } catch (ConfigurationException e) { + return null; + } + Protocols protocols = authComponentGeneral.getProtocols(); + PVP2 result = null; + if (protocols != null) { + PVP2 pvp2 = protocols.getPVP2(); + if (pvp2 != null) { + result = new PVP2(); + result.setIssuerName(pvp2.getIssuerName()); + result.setPublicURLPrefix(pvp2.getPublicURLPrefix()); + + if (pvp2.getOrganization() != null) { + Organization org = new Organization(); + result.setOrganization(org); + org.setDisplayName(pvp2.getOrganization().getDisplayName()); + org.setName(pvp2.getOrganization().getName()); + org.setURL(pvp2.getOrganization().getURL()); + } + + if (pvp2.getContact() != null) { + List cont = new ArrayList(); + result.setContact(cont); + for (Contact e : pvp2.getContact()) { + Contact c = new Contact(); + c.setCompany(e.getCompany()); + c.setGivenName(e.getGivenName()); + c.getMail().addAll(e.getMail()); + c.getPhone().addAll(e.getPhone()); + c.setSurName(e.getSurName()); + c.setType(e.getType()); + cont.add(c); + } + } + } + + } else { + Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); + } + return result; } - @JsonProperty("getTimeOuts") + /** + * Returns the configured timeouts, or a default timeout. + * + * @return the configured timeout, or the default (never {@code null}). + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. + */ public TimeOuts getTimeOuts() throws ConfigurationException { - return configuration.get("getTimeOuts", TimeOuts.class); + + TimeOuts timeouts = new TimeOuts(); + + // set default timeouts + timeouts.setAssertion(new BigInteger("300")); + timeouts.setMOASessionCreated(new BigInteger("2700")); + timeouts.setMOASessionUpdated(new BigInteger("1200")); + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + // search timeouts in config + GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); + if (generalConfiguration != null) { + if (generalConfiguration.getTimeOuts() != null) { + if (generalConfiguration.getTimeOuts().getAssertion() != null) { + timeouts.setAssertion(generalConfiguration.getTimeOuts().getAssertion()); + } + + if (generalConfiguration.getTimeOuts().getMOASessionCreated() != null) { + timeouts.setMOASessionCreated(generalConfiguration.getTimeOuts().getMOASessionCreated()); + } + + if (generalConfiguration.getTimeOuts().getMOASessionUpdated() != null) { + timeouts.setMOASessionUpdated(generalConfiguration.getTimeOuts().getMOASessionUpdated()); + } + + } else { + Logger.info("No TimeOuts defined. Use default values"); + } + } + return timeouts; } - @JsonProperty("getAlternativeSourceID") + /** + * Returns an alternative source ID. NOTE: may return {@code null}. + * + * @return an alternative source ID or {@code null}. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ public String getAlternativeSourceID() throws ConfigurationException { - return configuration.get("getAlternativeSourceID", String.class); + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + String alternativeSourceId = null; + Protocols protocols = authComponentGeneral.getProtocols(); + if (protocols != null) { + SAML1 saml1 = protocols.getSAML1(); + if (saml1 != null && MiscUtil.isNotEmpty(saml1.getSourceID())) { + alternativeSourceId = saml1.getSourceID(); + } + } + GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); + if (generalConfiguration != null && MiscUtil.isEmpty(alternativeSourceId)) { + alternativeSourceId = generalConfiguration.getAlternativeSourceID(); + } + return alternativeSourceId; } - @JsonProperty("getLegacyAllowedProtocols") + /** + * Returns a list of legacy allowed protocols. NOTE: may return an empty list but never {@code null}. + * + * @return the list of protocols. + */ public List getLegacyAllowedProtocols() { - return configuration.getList("getLegacyAllowedProtocols", String.class); + + try { + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + + if (authComponentGeneral.getProtocols() != null) { + Protocols procols = authComponentGeneral.getProtocols(); + if (procols.getLegacyAllowed() != null) { + LegacyAllowed legacy = procols.getLegacyAllowed(); + return legacy.getProtocolName(); + } + } + + return new ArrayList(); + + } catch (NullPointerException e) { + Logger.info("No protocols found with legacy allowed flag!"); + return new ArrayList(); + } catch (ConfigurationException e) { + return new ArrayList(); + } + } - @JsonProperty("getOnlineApplicationParameter") + /** + * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component. + * + * @param oaURL URL requested for an online application + * @return an OAAuthParameter, or null if none is applicable + */ public OAAuthParameter getOnlineApplicationParameter(String oaURL) { - return configuration.get("getOnlineApplicationParameter", OAAuthParameter.class); + + OnlineApplication oa = NewConfigurationDBRead.getActiveOnlineApplication(oaURL); + if (oa == null) { + Logger.warn("Online application with identifier " + oaURL + " is not found."); + return null; + } + + return new OAAuthParameter(oa); } - @JsonProperty("getMoaSpAuthBlockTrustProfileID") + /** + * Returns a string with a url-reference to the VerifyAuthBlock trust profile id within the moa-sp part of the authentication component. + * + * @return a string with a url-reference to the VerifyAuthBlock trust profile ID. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. + */ public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException { - return configuration.get("getMoaSpAuthBlockTrustProfileID", String.class); + return getVerifyAuthBlock().getTrustProfileID(); } - @JsonProperty("getMoaSpAuthBlockVerifyTransformsInfoIDs") + /** + * Returns a list of strings with references to all verify transform info IDs within the moa-sp part of the authentication component. + * + * @return a list of strings containing all urls to the verify transform info IDs. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. + */ public List getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { - return configuration.getList("getMoaSpAuthBlockVerifyTransformsInfoIDs", String.class); + return getVerifyAuthBlock().getVerifyTransformsInfoProfileID(); } - @JsonProperty("getMoaSpConnectionParameter") + /** + * Returns a ConnectionParameter bean containing all information of the authentication component moa-sp element. + * + * @return ConnectionParameter of the authentication component moa-sp element. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. + */ public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { - return configuration.get("getMoaSpConnectionParameter", ConnectionParameter.class); + ConnectionParameter result = null; + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + MOASP moasp = authComponentGeneral.getMOASP(); + if (moasp != null) { + ConnectionParameterClientAuthType connectionParameter = moasp.getConnectionParameter(); + if (connectionParameter != null) { + result = new ConnectionParameterMOASP(moasp.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); + } + } + return result; } - @JsonProperty("getForeignIDConnectionParameter") + /** + * Returns the {@link ConnectionParameter} for the ForeignID. NOTE: may return {@code null}. + * + * @return the connection parameter. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. + */ public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { - return configuration.get("getForeignIDConnectionParameter", ConnectionParameter.class); + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + ForeignIdentities foreign = authComponentGeneral.getForeignIdentities(); + if (foreign != null) { + return new ConnectionParameterForeign(foreign.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); + } else { + Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to SZRGW Service found"); + return null; + } } - @JsonProperty("getOnlineMandatesConnectionParameter") + /** + * Returns the {@link ConnectionParameter} for the OnlineMandates. NOTE: may return {@code null}. + * + * @return the connection parameter. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { - return configuration.get("getOnlineMandatesConnectionParameter", ConnectionParameter.class); + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + OnlineMandates ovs = authComponentGeneral.getOnlineMandates(); + if (ovs != null) { + return new ConnectionParameterMandate(ovs.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); + } + return null; } - @JsonProperty("getMoaSpIdentityLinkTrustProfileID") + /** + * Returns a string with a url-reference to the VerifyIdentityLink trust profile id within the moa-sp part of the authentication component + * + * @return String with a url-reference to the VerifyIdentityLink trust profile ID + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link VerifyIdentityLink}. + */ public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException { - return configuration.get("getMoaSpIdentityLinkTrustProfileID", String.class); + + String result = null; + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + MOASP moasp = authComponentGeneral.getMOASP(); + if (moasp != null) { + VerifyIdentityLink verifyIdentityLink = moasp.getVerifyIdentityLink(); + if (verifyIdentityLink != null) { + result = verifyIdentityLink.getTrustProfileID(); + } else { + Logger.warn("Error in MOA-ID Configuration. No Trustprofile for IdentityLink validation."); + throw new ConfigurationException("config.02", null); + } + } + return result; } - @JsonProperty("getTransformsInfos") + /** + * Returns a non-empty list of transform infos. NOTE: list is never {@code empty} or {@code null}. + * + * @return a list of transform infos. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link SecurityLayer}. + */ public List getTransformsInfos() throws ConfigurationException { - return configuration.getList("getTransformsInfos", String.class); + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + SecurityLayer securityLayer = authComponentGeneral.getSecurityLayer(); + if (securityLayer != null) { + + List result = ConfigurationUtils.getTransformInfos(securityLayer.getTransformsInfo()); + + if (result == null || result.isEmpty()) { + Logger.error("No Security-Layer Transformation found."); + throw new ConfigurationException("config.05", new Object[] { "Security-Layer Transformation" }); + } + return result; + + } else { + Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration->SecurityLayer found"); + throw new ConfigurationException("config.02", null); + } } - @JsonProperty("getIdentityLinkX509SubjectNames") + /** + * Returns a list of IdentityLinkX509SubjectNames. NOTE: may return an empty list but never {@code null}. + * + * @return the list of IdentityLinkX509SubjectNames. + * + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ public List getIdentityLinkX509SubjectNames() throws ConfigurationException { - return configuration.getList("getIdentityLinkX509SubjectNames", String.class); + + ArrayList identityLinkX509SubjectNames = new ArrayList(); + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + + IdentityLinkSigners idlsigners = authComponentGeneral.getIdentityLinkSigners(); + if (idlsigners != null) { + Logger.debug("Load own IdentityLinkX509SubjectNames"); + identityLinkX509SubjectNames.addAll(new ArrayList(idlsigners.getX509SubjectName())); + } + + String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; + for (int i = 0; i < identityLinkSignersWithoutOID.length; i++) { + String identityLinkSigner = identityLinkSignersWithoutOID[i]; + if (!identityLinkX509SubjectNames.contains(identityLinkSigner)) { + identityLinkX509SubjectNames.add(identityLinkSigner); + } + } + + return identityLinkX509SubjectNames; } - @JsonProperty("getSLRequestTemplates") + /** + * Returns a list of default SLRequestTemplates. NOTE: may return an empty list but never {@code null}. + * + * @return list of default SLRequestTemplates. + * @throws ConfigurationException is never thrown + */ public List getSLRequestTemplates() throws ConfigurationException { - return configuration.getList("getSLRequestTemplates", String.class); + + SLRequestTemplates templates = configuration.get(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, SLRequestTemplates.class); + List templatesList = new ArrayList(); + + if (templates != null) { + templatesList.add(templates.getOnlineBKU()); + templatesList.add(templates.getLocalBKU()); + templatesList.add(templates.getHandyBKU()); + } + return templatesList; } - @JsonProperty("getSLRequestTemplates") + /** + * Returns the type's default SLRequestTemplate. NOTE: may return {@code null}. + * + * @param type the type of BKU. + * @return the default SLRequestTemplate for the given type. + * + * @throws ConfigurationException is never thrown + */ public String getSLRequestTemplates(String type) throws ConfigurationException { - return configuration.get("getSLRequestTemplates", String.class); + + SLRequestTemplates templates = configuration.get(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, SLRequestTemplates.class); + String slRequestTemplate = null; + + if (templates != null) { + switch (type) { + case IOAAuthParameters.ONLINEBKU: + slRequestTemplate = templates.getOnlineBKU(); + break; + case IOAAuthParameters.LOCALBKU: + slRequestTemplate = templates.getLocalBKU(); + break; + case IOAAuthParameters.HANDYBKU: + slRequestTemplate = templates.getHandyBKU(); + break; + default: + Logger.warn("getSLRequestTemplates: BKU Type does not match: " + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + + IOAAuthParameters.LOCALBKU); + } + } + return slRequestTemplate; } - @JsonProperty("getDefaultBKUURLs") + /** + * Returns a list of default BKUURLs. NOTE: may return an empty list but never {@code null}. + * + * @return list of default BKUURLs. + * @throws ConfigurationException is never thrown + */ public List getDefaultBKUURLs() throws ConfigurationException { - return configuration.getList("getDefaultBKUURLs", String.class); + + DefaultBKUs bkuurls = configuration.get(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, DefaultBKUs.class); + List bkuurlsList = new ArrayList(); + + if (bkuurls != null) { + bkuurlsList.add(bkuurls.getOnlineBKU()); + bkuurlsList.add(bkuurls.getLocalBKU()); + bkuurlsList.add(bkuurls.getHandyBKU()); + } + return bkuurlsList; } - @JsonProperty("getDefaultBKUURL") + /** + * Returns the type's default BKUURL. NOTE: may return {@code null}. + * + * @param type the type of BKU. + * @return the default BKUURL for the given type. + * + * @throws ConfigurationException is never thrown + */ public String getDefaultBKUURL(String type) throws ConfigurationException { - // FIXME find a solution for this getter - // String el = DefaultBKUURLs.get(type); - // if (MiscUtil.isNotEmpty(el)) - // return el; - // else { - // Logger.warn("getSLRequestTemplates: BKU Type does not match: " + - // IOAAuthParameters.ONLINEBKU + " or " - // + IOAAuthParameters.HANDYBKU + " or " + IOAAuthParameters.LOCALBKU); - // return null; - // } - return null; + DefaultBKUs bkuurls = configuration.get(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, DefaultBKUs.class); + String defaultBKUUrl = null; + + if (bkuurls != null) { + switch (type) { + case IOAAuthParameters.ONLINEBKU: + defaultBKUUrl = bkuurls.getOnlineBKU(); + break; + case IOAAuthParameters.LOCALBKU: + defaultBKUUrl = bkuurls.getLocalBKU(); + break; + case IOAAuthParameters.HANDYBKU: + defaultBKUUrl = bkuurls.getHandyBKU(); + break; + default: + Logger.warn("getDefaultBKUURL: BKU Type does not match: " + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + + IOAAuthParameters.LOCALBKU); + } + } + return defaultBKUUrl; } - @JsonProperty("getSSOTagetIdentifier") + /** + * Returns the SSOTagetIdentifier. NOTE: returns {@code null} if no SSOTargetIdentifier is set. + * + * @return the SSOTagetIdentifier or {@code null} + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ public String getSSOTagetIdentifier() throws ConfigurationException { - return configuration.get("getSSOTagetIdentifier", String.class); + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + + SSO sso = authComponentGeneral.getSSO(); + if (sso != null) { + return sso.getTarget(); + } + return null; } - @JsonProperty("getSSOFriendlyName") + /** + * Returns the SSOFriendlyName. NOTE: never returns {@code null}, if no SSOFriendlyName is set, a default String is returned. + * + * @return the SSOFriendlyName or a default String + */ public String getSSOFriendlyName() { - return configuration.get("getSSOFriendlyName", String.class); + + AuthComponentGeneral authComponentGeneral; + String defaultValue = "Default MOA-ID friendly name for SSO"; + try { + authComponentGeneral = getAuthComponentGeneral(); + } catch (ConfigurationException e) { + return defaultValue; + } + + SSO sso = authComponentGeneral.getSSO(); + if (sso != null) { + if (MiscUtil.isEmpty(sso.getFriendlyName())) { + return sso.getFriendlyName(); + } + } + return defaultValue; } - @JsonProperty("getSSOSpecialText") + /** + * Returns the SSOSpecialText. NOTE: never returns {@code null}, if no SSOSpecialText is set, an empty String is returned. + * + * @return the SSOSpecialText or an empty String + */ public String getSSOSpecialText() { - return configuration.get("getSSOSpecialText", String.class); + + AuthComponentGeneral authComponentGeneral; + try { + authComponentGeneral = getAuthComponentGeneral(); + } catch (ConfigurationException e) { + return new String(); + } + + SSO sso = authComponentGeneral.getSSO(); + if (sso != null) { + String text = sso.getSpecialText(); + return MiscUtil.isEmpty(text) ? new String() : text; + } + return new String(); } - @JsonProperty("getMOASessionEncryptionKey") + /** + * Returns the MOASessionEncryptionKey NOTE: returns {@code null} if no MOASessionEncryptionKey is set. + * + * @return the MOASessionEncryptionKey or {@code null} + */ public String getMOASessionEncryptionKey() { - return configuration.get("getMOASessionEncryptionKey", String.class); + String prop = properties.getProperty("configuration.moasession.key"); + return MiscUtil.isNotEmpty(prop) ? prop : null; } - @JsonProperty("getMOAConfigurationEncryptionKey") + /** + * Returns the MOAConfigurationEncryptionKey NOTE: returns {@code null} if no MOAConfigurationEncryptionKey is set. + * + * @return the MOAConfigurationEncryptionKey or {@code null} + */ public String getMOAConfigurationEncryptionKey() { - return configuration.get("getMOAConfigurationEncryptionKey", String.class); + String prop = properties.getProperty("configuration.moaconfig.key"); + return MiscUtil.isNotEmpty(prop) ? prop : null; } - @JsonProperty("isIdentityLinkResigning") + /** + * @return {@code true} if IdentityLinkResigning is set, {@code false} otherwise. + */ public boolean isIdentityLinkResigning() { - return configuration.get("isIdentityLinkResigning", Boolean.class); + String prop = properties.getProperty("configuration.resignidentitylink.active", "false"); + return Boolean.valueOf(prop); } - @JsonProperty("getIdentityLinkResigningKey") + /** + * Returns the IdentityLinkResigningKey. NOTE: returns {@code null} if no IdentityLinkResigningKey is set. + * + * @return the IdentityLinkResigningKey or {@code null} + */ public String getIdentityLinkResigningKey() { - return configuration.get("getIdentityLinkResigningKey", String.class); + String prop = properties.getProperty("configuration.resignidentitylink.keygroup"); + return MiscUtil.isNotEmpty(prop) ? prop : null; } - @JsonProperty("isMonitoringActive") + /** + * @return {@code true} if MonitoringActive is set, {@code false} otherwise. + */ public boolean isMonitoringActive() { - return configuration.get("isMonitoringActive", Boolean.class); + String prop = properties.getProperty("configuration.monitoring.active", "false"); + return Boolean.valueOf(prop); } - @JsonProperty("getMonitoringTestIdentityLinkURL") + /** + * Returns the MonitoringTestIdentityLinkURL. NOTE: returns {@code null} if no MonitoringTestIdentityLinkURL is set. + * + * @return the MonitoringTestIdentityLinkURL or {@code null} + */ public String getMonitoringTestIdentityLinkURL() { - return configuration.get("getMonitoringTestIdentityLinkURL", String.class); + String prop = properties.getProperty("configuration.monitoring.test.identitylink.url"); + return MiscUtil.isNotEmpty(prop) ? prop : null; } - @JsonProperty("getMonitoringMessageSuccess") + /** + * Returns the MonitoringMessageSuccess. NOTE: returns {@code null} if no MonitoringMessageSuccess is set. + * + * @return the MonitoringMessageSuccess or {@code null} + */ public String getMonitoringMessageSuccess() { - return configuration.get("getMonitoringMessageSuccess", String.class); + String prop = properties.getProperty("configuration.monitoring.message.success"); + return MiscUtil.isNotEmpty(prop) ? prop : null; } - @JsonProperty("isAdvancedLoggingActive") + /** + * @return {@code true} if AdvancedLoggingActive is set, {@code false} otherwise. + */ public boolean isAdvancedLoggingActive() { - return configuration.get("isAdvancedLoggingActive", Boolean.class); + String prop = properties.getProperty("configuration.advancedlogging.active", "false"); + return Boolean.valueOf(prop); } - @JsonProperty("getPublicURLPrefix") + /** + * Returns the PublicURLPrefix. NOTE: returns {@code null} if no PublicURLPrefix is set. + * + * @return the PublicURLPrefix or {@code null} + */ public String getPublicURLPrefix() { - return configuration.get("getPublicURLPrefix", String.class); + + AuthComponentGeneral authComponentGeneral; + try { + authComponentGeneral = getAuthComponentGeneral(); + } catch (ConfigurationException e) { + return null; + } + + String publicURLPreFix = null; + GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); + if (generalConfiguration != null && MiscUtil.isNotEmpty(generalConfiguration.getPublicURLPreFix())) { + publicURLPreFix = generalConfiguration.getPublicURLPreFix(); + } else { + Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); + } + return publicURLPreFix; } - @JsonProperty("isPVP2AssertionEncryptionActive") + /** + * @return {@code true} if PVP2AssertionEncryptionActive is set, {@code false} otherwise. + */ public boolean isPVP2AssertionEncryptionActive() { - return configuration.get("isPVP2AssertionEncryptionActive", Boolean.class); + String prop = this.getProperties().getProperty("protocols.pvp2.assertion.encryption.active", "true"); + return Boolean.valueOf(prop); } - @JsonProperty("isCertifiacteQCActive") + /** + * @return {@code true} if CertifiacteQCActive is set, {@code false} otherwise. + */ public boolean isCertifiacteQCActive() { - return configuration.get("isCertifiacteQCActive", Boolean.class); + String prop = this.getProperties().getProperty("configuration.validation.certificate.QC.ignore", "false"); + return !Boolean.valueOf(prop); } /** - * Retruns the STORK Configuration + * Returns a STORK Configuration, NOTE: may return {@code null}. * - * @return STORK Configuration - * @throws ConfigurationException + * @return a new STORK Configuration or {@code null} + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} */ - @JsonProperty("getStorkConfig") public STORKConfig getStorkConfig() throws ConfigurationException { - return configuration.get("getStorkConfig", STORKConfig.class); + + STORKConfig result = null; + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + ForeignIdentities foreign = authComponentGeneral.getForeignIdentities(); + if (foreign == null) { + Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); + } else { + result = new STORKConfig(foreign.getSTORK(), this.getProperties(), this.getRootConfigFileDir()); + } + return result; + } + + /** + * Small helper method. + * + * @return the {@link AuthComponentGeneral} from the database + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + private AuthComponentGeneral getAuthComponentGeneral() throws ConfigurationException { + + AuthComponentGeneral authComponentGeneral = configuration.get(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, AuthComponentGeneral.class); + if (authComponentGeneral == null) { + Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration found"); + throw new ConfigurationException("config.02", null); + } + return authComponentGeneral; + } + + /** + * Returns the {@link VerifyAuthBlock}. + * + * @return the {@link VerifyAuthBlock}. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. + */ + private VerifyAuthBlock getVerifyAuthBlock() throws ConfigurationException { + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + MOASP moasp = authComponentGeneral.getMOASP(); + if (moasp != null) { + VerifyAuthBlock vab = moasp.getVerifyAuthBlock(); + if (vab != null) { + VerifyAuthBlock verifyIdl = new VerifyAuthBlock(); + verifyIdl.setTrustProfileID(vab.getTrustProfileID()); + verifyIdl.setVerifyTransformsInfoProfileID(new ArrayList(vab.getVerifyTransformsInfoProfileID())); + return verifyIdl; + } else { + Logger.warn("Error in MOA-ID Configuration. No Trustprofile for AuthBlock validation."); + throw new ConfigurationException("config.02", null); + } + } else { + Logger.warn("Error in MOA-ID Configuration. No MOASP configuration found"); + throw new ConfigurationException("config.02", null); + } + } + + /** + * Small helper method. NOTE: may return empty properties, but never {@code null}. + * @param propPrefix the prefix of the desired property. + * @return the {@link Properties} + */ + private Properties getGeneralProperiesConfig(final String propPrefix) { + + Properties configProp = new Properties(); + for (Object key : this.getProperties().keySet()) { + if (key.toString().startsWith(propPrefix)) { + String propertyName = key.toString().substring(propPrefix.length()); + configProp.put(propertyName, this.getProperties().get(key.toString())); + } + } + return configProp; } } -- cgit v1.2.3