From 639017a14904323c0eb2cd5d8cccf65ad8f2a841 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 11 Feb 2014 10:33:48 +0100 Subject: sketched stork attribute provider framework --- .../id/protocols/stork2/AttributeCollector.java | 70 +++++++++++++++++++ .../moa/id/protocols/stork2/AttributeProvider.java | 32 +++++++++ .../id/protocols/stork2/AuthenticationRequest.java | 19 +++++- .../moa/id/protocols/stork2/DataContainer.java | 79 ++++++++++++++++++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 1 + .../stork2/UnsupportedAttributeException.java | 7 ++ 6 files changed, 205 insertions(+), 3 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java new file mode 100644 index 000000000..fbc959cc4 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -0,0 +1,70 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IRequest; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins. + * The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes. + * Furthermore, the class can handle direct posts. That is when the class triggers an attribute query which needs user + * interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes. + * + * TODO how do we treat mandatory and optional attributes? + * + */ +public class AttributeCollector implements IAction { + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) + */ + public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + // check if we have a STORKAttributeResponse in the request + // - no, how did we get here? + // yes, we got a recent requested attribute + // - find the attribute provider plugin that can handle the response + // - fetch the container + DataContainer container = new DataContainer(); + // - insert the embedded attribute(s) into the container + + // see if we need some more attributes + return processRequest(container); + } + + /** + * Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch, + * this very method creates and sends the protocol result to the asking S-PEPS. + * + * @param container the {@link DataContainer} representing the status of the overall query. + * @return the string + */ + public String processRequest(DataContainer container) { + // check if there are attributes we need to fetch + // for each attribute still missing + // - check if we can find a suitable AttributeProvider Plugin + // - hand over control to the suitable plugin + // - add the aquired attribute to the container + // build response + // done + return "12345"; // AssertionId + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + // this action does not need any authentication. The authentication is already done by the preceeding AuthenticationRequest-Action. + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName() + */ + public String getDefaultActionName() { + return STORKProtocol.ATTRIBUTE_COLLECTOR; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java new file mode 100644 index 000000000..2e4f2d8c5 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -0,0 +1,32 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import javax.activation.UnsupportedDataTypeException; +import javax.servlet.http.HttpServletRequest; + +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * An {@link AttributeProvider} can fetch a set of stork attributes. It might complete the query within one method call, + * but might also need to redirect to another webservice to accomplish its task. + */ +public interface AttributeProvider { + + /** + * Acquire the specified attribute. Returns {@code null} when attribute retrieval is in progress, but requires for + * for redirecting the user to an external service. Use {@link AttributeProvider#parse(HttpServletRequest)} to parse + * the response. + * + * @param attributeName the attribute name + * @return the personal attribute + * @throws UnsupportedDataTypeException when the provider cannot acquire the specified attribute + */ + public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException; + + /** + * Parses the response we got from the external attribute provider. + * + * @param httpReq the http req + * @return the personal attribute + */ + public PersonalAttribute parse(HttpServletRequest httpReq); +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 7e80273ca..1f6ffaa9a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -4,6 +4,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.logging.Logger; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; @@ -81,9 +82,21 @@ public class AuthenticationRequest implements IAction { //httpResp.setStatus(200); //VPEPSInboundPostHandler - - - return "12345"; // AssertionId + + // create fresh container + DataContainer container = new DataContainer(); + + // - fill in the request we extracted above + container.setRequest(request); + + // - fill in the partial response created above + container.setResponse(response); + + // - memorize the target url were we have to return the result + container.setTarget(target); + + // see if we need to fetch further attributes + return (new AttributeCollector()).processRequest(container); } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java new file mode 100644 index 000000000..40c827ef8 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java @@ -0,0 +1,79 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.io.Serializable; + +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; + +// TODO: Auto-generated Javadoc +/** + * Holds info about an ongoing but yet incomplete stork authnrequest process. + */ +public class DataContainer implements Serializable { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = -8765997480582363012L; + + /** The incoming request. */ + private STORKAuthnRequest request; + + /** The yet incomplete response. */ + private STORKAuthnResponse response; + + /** The target. */ + private String target; + + /** + * Gets the request. + * + * @return the request + */ + public STORKAuthnRequest getRequest() { + return request; + } + + /** + * Sets the request. + * + * @param request the new request + */ + public void setRequest(STORKAuthnRequest request) { + this.request = request; + } + + /** + * Gets the response. + * + * @return the response + */ + public STORKAuthnResponse getResponse() { + return response; + } + + /** + * Sets the response. + * + * @param response the new response + */ + public void setResponse(STORKAuthnResponse response) { + this.response = response; + } + + /** + * Gets the target. + * + * @return the target + */ + public String getTarget() { + return target; + } + + /** + * Sets the target. + * + * @param target the new target + */ + public void setTarget(String target) { + this.target = target; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 2e42a0d75..323d9ba8e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -36,6 +36,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public static final String PATH = "id_stork2"; public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; + public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; private static HashMap actions = new HashMap(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java new file mode 100644 index 000000000..9447c079f --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/UnsupportedAttributeException.java @@ -0,0 +1,7 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +public class UnsupportedAttributeException extends Exception { + + private static final long serialVersionUID = -7720066381435378111L; + +} -- cgit v1.2.3 From 95ea36e8b84de119165ce8c14fc5c1e9facd797f Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 11 Feb 2014 11:01:32 +0100 Subject: added ap logic #1 --- .../id/protocols/stork2/AttributeCollector.java | 38 +++++++++++++++++++--- .../stork2/DemoNoRedirectAttributeProvider.java | 32 ++++++++++++++++++ 2 files changed, 66 insertions(+), 4 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index fbc959cc4..b93b31b49 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -1,12 +1,19 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.util.ArrayList; +import java.util.List; + import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; + /** * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins. * The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes. @@ -17,6 +24,14 @@ import javax.servlet.http.HttpServletResponse; * */ public class AttributeCollector implements IAction { + + private ArrayList attributeProviders; + + public AttributeCollector() { + // TODO generate from config + attributeProviders = new ArrayList(); + attributeProviders.add(new DemoNoRedirectAttributeProvider()); + } /* (non-Javadoc) @@ -44,10 +59,25 @@ public class AttributeCollector implements IAction { */ public String processRequest(DataContainer container) { // check if there are attributes we need to fetch - // for each attribute still missing - // - check if we can find a suitable AttributeProvider Plugin - // - hand over control to the suitable plugin - // - add the aquired attribute to the container + List missingAttributes = new ArrayList(); + try { + // for each attribute still missing + + for(String currentAttribute : missingAttributes) { + // - check if we can find a suitable AttributeProvider Plugin + for(AttributeProvider currentProvider : attributeProviders) { + // - hand over control to the suitable plugin + PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute); + + // - add the aquired attribute to the container + container.getResponse().getPersonalAttributeList().add(aquiredAttribute); + } + } + } catch(UnsupportedAttributeException e) { + // TODO + // memorize the container again + return "12345"; // TODO what to do here? + } // build response // done return "12345"; // AssertionId diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java new file mode 100644 index 000000000..23afc2544 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -0,0 +1,32 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.util.ArrayList; + +import javax.servlet.http.HttpServletRequest; + +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * Just a simple demoprovider who can fetch any attribute you ask him. + */ +public class DemoNoRedirectAttributeProvider implements AttributeProvider { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) + */ + @Override + public PersonalAttribute acquire(String attributeName) + throws UnsupportedAttributeException { + return new PersonalAttribute("sepp", true, new ArrayList(), ""); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) + */ + @Override + public PersonalAttribute parse(HttpServletRequest httpReq) { + // TODO Auto-generated method stub + return null; + } + +} -- cgit v1.2.3 From 366d0f285e0e1a2fa89e512d91f349488cbc82d9 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 11 Feb 2014 13:15:14 +0100 Subject: find missing attributes --- .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index b93b31b49..e74cf4e8b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -59,10 +59,15 @@ public class AttributeCollector implements IAction { */ public String processRequest(DataContainer container) { // check if there are attributes we need to fetch + IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); + IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); List missingAttributes = new ArrayList(); + for(PersonalAttribute current : requestAttributeList) + if(!responseAttributeList.containsKey(current)) + missingAttributes.add(current.getName()); + try { // for each attribute still missing - for(String currentAttribute : missingAttributes) { // - check if we can find a suitable AttributeProvider Plugin for(AttributeProvider currentProvider : attributeProviders) { -- cgit v1.2.3 From d8302a2f7f3aae63593cd55bf0d5d4a4f9e5f55a Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Wed, 12 Feb 2014 11:37:06 +0100 Subject: sketched redirecting ap plugin --- .../id/protocols/stork2/AttributeCollector.java | 46 +++++++++++++++++----- .../moa/id/protocols/stork2/AttributeProvider.java | 2 +- .../stork2/AttributeRequestOngoingException.java | 5 +++ .../stork2/DemoRedirectAttributeProvider.java | 31 +++++++++++++++ .../resources/properties/id_messages_de.properties | 1 + 5 files changed, 74 insertions(+), 11 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index e74cf4e8b..93204f2ab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -7,10 +7,14 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.logging.Logger; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; + import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -30,6 +34,7 @@ public class AttributeCollector implements IAction { public AttributeCollector() { // TODO generate from config attributeProviders = new ArrayList(); + attributeProviders.add(new DemoRedirectAttributeProvider()); attributeProviders.add(new DemoNoRedirectAttributeProvider()); } @@ -56,8 +61,9 @@ public class AttributeCollector implements IAction { * * @param container the {@link DataContainer} representing the status of the overall query. * @return the string + * @throws MOAIDException */ - public String processRequest(DataContainer container) { + public String processRequest(DataContainer container) throws MOAIDException { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -71,18 +77,38 @@ public class AttributeCollector implements IAction { for(String currentAttribute : missingAttributes) { // - check if we can find a suitable AttributeProvider Plugin for(AttributeProvider currentProvider : attributeProviders) { - // - hand over control to the suitable plugin - PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute); + try { + // - hand over control to the suitable plugin + PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute); + + // - add the aquired attribute to the container + container.getResponse().getPersonalAttributeList().add(aquiredAttribute); + } catch(UnsupportedAttributeException e) { + // ok, try the next attributeprovider + } - // - add the aquired attribute to the container - container.getResponse().getPersonalAttributeList().add(aquiredAttribute); } } - } catch(UnsupportedAttributeException e) { - // TODO - // memorize the container again - return "12345"; // TODO what to do here? - } + } catch (AttributeRequestOngoingException e) { + // the attribute request is ongoing and requires an external service. + try { + // memorize the container again + // - generate new key + String newArtifactId = new SecureRandomIdentifierGenerator() + .generateIdentifier(); + + // - put container in temporary store. + AssertionStorage.getInstance().put(newArtifactId, container); + + // TODO - add container-key to httpresponse + } catch (Exception e1) { + // TODO should we return the response as is to the PEPS? + Logger.error("Error putting incomplete Stork response into temporary storage", e); + throw new MOAIDException("stork.11", null); + } + + return "12345"; // TODO what to do here? + } // build response // done return "12345"; // AssertionId diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 2e4f2d8c5..fd35b0c71 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -20,7 +20,7 @@ public interface AttributeProvider { * @return the personal attribute * @throws UnsupportedDataTypeException when the provider cannot acquire the specified attribute */ - public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException; + public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, AttributeRequestOngoingException; /** * Parses the response we got from the external attribute provider. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java new file mode 100644 index 000000000..be5a53f34 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java @@ -0,0 +1,5 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +public class AttributeRequestOngoingException extends Exception { + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java new file mode 100644 index 000000000..f44fbed07 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -0,0 +1,31 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.util.ArrayList; + +import javax.servlet.http.HttpServletRequest; + +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * Just a simple demoprovider who can fetch any attribute you ask him. + */ +public class DemoRedirectAttributeProvider implements AttributeProvider { + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) + */ + @Override + public PersonalAttribute acquire(String attributeName) + throws UnsupportedAttributeException, AttributeRequestOngoingException { + throw new AttributeRequestOngoingException(); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) + */ + @Override + public PersonalAttribute parse(HttpServletRequest httpReq) { + return new PersonalAttribute("sepp", true, new ArrayList(), ""); + } + +} diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index a6c0601e4..d6995a98e 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -202,6 +202,7 @@ stork.07=Es existiert kein STORK AuthnRequest f\u00FCr diese STORK Response stork.08=STORK SAML Assertion Validierung fehlgeschlagen stork.09=Fehler beim \u00FCberpr\u00FCfen der STORK B\u00FCrgerInnen Signatur stork.10=Fehler in der Verbindung zum SZR-Gateway +stork.11=Fehler beim Sammeln von StorkAttributen pvp2.00={0} ist kein gueltiger consumer service index pvp2.01=Fehler beim kodieren der PVP2 Antwort -- cgit v1.2.3 From a330b17e3ddc93181c8142b7c0ae871af528157f Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 17:47:53 +0100 Subject: added ap logic #2 --- .../moa/id/protocols/stork2/AttributeCollector.java | 6 ++++-- .../moa/id/protocols/stork2/AttributeProvider.java | 14 +++++++++++--- .../protocols/stork2/AttributeRequestOngoingException.java | 5 ----- .../protocols/stork2/DemoNoRedirectAttributeProvider.java | 5 +++++ .../id/protocols/stork2/DemoRedirectAttributeProvider.java | 13 +++++++++++-- .../stork2/ExternalAttributeRequestRequiredException.java | 14 ++++++++++++++ 6 files changed, 45 insertions(+), 12 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 93204f2ab..30f7d3df2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -89,7 +89,7 @@ public class AttributeCollector implements IAction { } } - } catch (AttributeRequestOngoingException e) { + } catch (ExternalAttributeRequestRequiredException e) { // the attribute request is ongoing and requires an external service. try { // memorize the container again @@ -100,7 +100,9 @@ public class AttributeCollector implements IAction { // - put container in temporary store. AssertionStorage.getInstance().put(newArtifactId, container); - // TODO - add container-key to httpresponse + // add container-key to redirect embedded within the return URL + // TODO find correct returnURL + e.getAp().performRedirect("returnURL"); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index fd35b0c71..2c024e822 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import javax.activation.UnsupportedDataTypeException; import javax.servlet.http.HttpServletRequest; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -18,10 +17,18 @@ public interface AttributeProvider { * * @param attributeName the attribute name * @return the personal attribute - * @throws UnsupportedDataTypeException when the provider cannot acquire the specified attribute + * @throws UnsupportedAttributeException the unsupported attribute exception + * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done */ - public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, AttributeRequestOngoingException; + public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException; + /** + * Perform redirect. + * + * @param url the return URL ending with ?artifactId=... + */ + public void performRedirect(String url); + /** * Parses the response we got from the external attribute provider. * @@ -29,4 +36,5 @@ public interface AttributeProvider { * @return the personal attribute */ public PersonalAttribute parse(HttpServletRequest httpReq); + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java deleted file mode 100644 index be5a53f34..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeRequestOngoingException.java +++ /dev/null @@ -1,5 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -public class AttributeRequestOngoingException extends Exception { - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 23afc2544..978fa635c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -29,4 +29,9 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { return null; } + @Override + public void performRedirect(String url) { + // we should not get here + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index f44fbed07..13b113711 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -16,8 +16,8 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { */ @Override public PersonalAttribute acquire(String attributeName) - throws UnsupportedAttributeException, AttributeRequestOngoingException { - throw new AttributeRequestOngoingException(); + throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { + throw new ExternalAttributeRequestRequiredException(this); } /* (non-Javadoc) @@ -28,4 +28,13 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { return new PersonalAttribute("sepp", true, new ArrayList(), ""); } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) + */ + @Override + public void performRedirect(String url) { + // TODO Auto-generated method stub + + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java new file mode 100644 index 000000000..29b09487b --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java @@ -0,0 +1,14 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +public class ExternalAttributeRequestRequiredException extends Exception { + private AttributeProvider ap; + + public ExternalAttributeRequestRequiredException(AttributeProvider provider) { + ap = provider; + } + + public AttributeProvider getAp() { + return ap; + } + +} -- cgit v1.2.3 From dcb3a469f10ef2d30d34c50983224db9d9fd85c6 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 17:55:17 +0100 Subject: refactor magic strings to constants --- .../moa/id/protocols/stork2/AttributeCollector.java | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 30f7d3df2..0025307dd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -29,8 +29,15 @@ import eu.stork.peps.auth.commons.PersonalAttribute; */ public class AttributeCollector implements IAction { + /** The Constant ARTIFACT_ID. */ + private static final String ARTIFACT_ID = "artifactId"; + private ArrayList attributeProviders; + /** The return url. */ + // TODO find correct return URL + private String returnUrl = "findCorrectReturnURL"; + public AttributeCollector() { // TODO generate from config attributeProviders = new ArrayList(); @@ -101,8 +108,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - // TODO find correct returnURL - e.getAp().performRedirect("returnURL"); + e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); @@ -120,7 +126,7 @@ public class AttributeCollector implements IAction { * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { - // this action does not need any authentication. The authentication is already done by the preceeding AuthenticationRequest-Action. + // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action. return false; } -- cgit v1.2.3 From f3149ae480fac3e12f9a98cba07d11e297cf39f0 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 18:01:30 +0100 Subject: fetch DataContainer from AssertionStore --- .../moa/id/protocols/stork2/AttributeCollector.java | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 0025307dd..b333fb4fe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -5,6 +5,7 @@ import java.util.List; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; @@ -55,7 +56,14 @@ public class AttributeCollector implements IAction { // yes, we got a recent requested attribute // - find the attribute provider plugin that can handle the response // - fetch the container - DataContainer container = new DataContainer(); + String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); + DataContainer container; + try { + container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); + throw new MOAIDException("stork.11", null); + } // - insert the embedded attribute(s) into the container // see if we need some more attributes -- cgit v1.2.3 From d3099d4ec685e68c25a9198760f8d1661678a85f Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 19:05:48 +0100 Subject: hand AP response to plugin and add result to assertion --- .../moa/id/protocols/stork2/AttributeCollector.java | 19 +++++++++++++++++++ .../moa/id/protocols/stork2/AttributeProvider.java | 3 ++- 2 files changed, 21 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index b333fb4fe..91b09795f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -55,6 +55,23 @@ public class AttributeCollector implements IAction { // - no, how did we get here? // yes, we got a recent requested attribute // - find the attribute provider plugin that can handle the response + PersonalAttribute newAttribute = null; + for (AttributeProvider current : attributeProviders) + try { + newAttribute = current.parse(httpReq); + } catch (UnsupportedAttributeException e1) { + // the current provider cannot find anything familiar within the + // provided httpreq. Try the next one. + } + + if (null == newAttribute) { + // we do not have a provider which is capable of fetching something + // from the received httpreq. + // TODO should we continue with the next attribute? + Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); + throw new MOAIDException("stork.11", null); + } + // - fetch the container String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); DataContainer container; @@ -64,7 +81,9 @@ public class AttributeCollector implements IAction { Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); throw new MOAIDException("stork.11", null); } + // - insert the embedded attribute(s) into the container + container.getResponse().getPersonalAttributeList().add(newAttribute); // see if we need some more attributes return processRequest(container); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 2c024e822..c554485ee 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -34,7 +34,8 @@ public interface AttributeProvider { * * @param httpReq the http req * @return the personal attribute + * @throws UnsupportedAttributeException if the provider cannot find anything familiar in the provided httpReq */ - public PersonalAttribute parse(HttpServletRequest httpReq); + public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException; } -- cgit v1.2.3 From de54a0683a626679df1c110253c8b5ff986ecb71 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 20:24:46 +0100 Subject: added http request and responses to attributeprovider methods --- .../egovernment/moa/id/protocols/stork2/AttributeCollector.java | 6 +++--- .../egovernment/moa/id/protocols/stork2/AttributeProvider.java | 9 +++++++-- .../moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java | 3 ++- .../moa/id/protocols/stork2/DemoRedirectAttributeProvider.java | 3 ++- 4 files changed, 14 insertions(+), 7 deletions(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 91b09795f..810b4ae7a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -86,7 +86,7 @@ public class AttributeCollector implements IAction { container.getResponse().getPersonalAttributeList().add(newAttribute); // see if we need some more attributes - return processRequest(container); + return processRequest(container, httpResp); } /** @@ -97,7 +97,7 @@ public class AttributeCollector implements IAction { * @return the string * @throws MOAIDException */ - public String processRequest(DataContainer container) throws MOAIDException { + public String processRequest(DataContainer container, HttpServletResponse response) throws MOAIDException { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -135,7 +135,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId); + e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, response); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index c554485ee..5ca3bd7e1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -1,6 +1,9 @@ package at.gv.egovernment.moa.id.protocols.stork2; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -26,8 +29,9 @@ public interface AttributeProvider { * Perform redirect. * * @param url the return URL ending with ?artifactId=... + * @param resp the response to the preceding request */ - public void performRedirect(String url); + public void performRedirect(String url, HttpServletResponse resp); /** * Parses the response we got from the external attribute provider. @@ -35,7 +39,8 @@ public interface AttributeProvider { * @param httpReq the http req * @return the personal attribute * @throws UnsupportedAttributeException if the provider cannot find anything familiar in the provided httpReq + * @throws MOAIDException if something went wrong */ - public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException; + public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 978fa635c..51663ed38 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -30,7 +31,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { } @Override - public void performRedirect(String url) { + public void performRedirect(String url, HttpServletResponse response) { // we should not get here } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index 13b113711..fad049763 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -32,7 +33,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ @Override - public void performRedirect(String url) { + public void performRedirect(String url, HttpServletResponse response) { // TODO Auto-generated method stub } -- cgit v1.2.3 From c51df468a54912264b0774396ab622f9fa092cf4 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 20:44:00 +0100 Subject: APprovider can return multiple attributes --- .../moa/id/protocols/stork2/AttributeCollector.java | 20 +++++++++++--------- .../moa/id/protocols/stork2/AttributeProvider.java | 11 +++++++---- .../stork2/DemoNoRedirectAttributeProvider.java | 10 +++++++--- .../stork2/DemoRedirectAttributeProvider.java | 10 +++++++--- 4 files changed, 32 insertions(+), 19 deletions(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 810b4ae7a..2e9072f0d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -55,16 +55,16 @@ public class AttributeCollector implements IAction { // - no, how did we get here? // yes, we got a recent requested attribute // - find the attribute provider plugin that can handle the response - PersonalAttribute newAttribute = null; + IPersonalAttributeList newAttributes = null; for (AttributeProvider current : attributeProviders) try { - newAttribute = current.parse(httpReq); + newAttributes = current.parse(httpReq); } catch (UnsupportedAttributeException e1) { // the current provider cannot find anything familiar within the // provided httpreq. Try the next one. } - if (null == newAttribute) { + if (null == newAttributes) { // we do not have a provider which is capable of fetching something // from the received httpreq. // TODO should we continue with the next attribute? @@ -83,7 +83,8 @@ public class AttributeCollector implements IAction { } // - insert the embedded attribute(s) into the container - container.getResponse().getPersonalAttributeList().add(newAttribute); + for(PersonalAttribute current : newAttributes) + container.getResponse().getPersonalAttributeList().add(current); // see if we need some more attributes return processRequest(container, httpResp); @@ -101,22 +102,23 @@ public class AttributeCollector implements IAction { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); - List missingAttributes = new ArrayList(); + List missingAttributes = new ArrayList(); for(PersonalAttribute current : requestAttributeList) if(!responseAttributeList.containsKey(current)) - missingAttributes.add(current.getName()); + missingAttributes.add(current); try { // for each attribute still missing - for(String currentAttribute : missingAttributes) { + for(PersonalAttribute currentAttribute : missingAttributes) { // - check if we can find a suitable AttributeProvider Plugin for(AttributeProvider currentProvider : attributeProviders) { try { // - hand over control to the suitable plugin - PersonalAttribute aquiredAttribute = currentProvider.acquire(currentAttribute); + IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute); // - add the aquired attribute to the container - container.getResponse().getPersonalAttributeList().add(aquiredAttribute); + for(PersonalAttribute current : aquiredAttributes) + container.getResponse().getPersonalAttributeList().add(current); } catch(UnsupportedAttributeException e) { // ok, try the next attributeprovider } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 5ca3bd7e1..e1f5620a8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -1,10 +1,13 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.util.List; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; /** @@ -18,12 +21,12 @@ public interface AttributeProvider { * for redirecting the user to an external service. Use {@link AttributeProvider#parse(HttpServletRequest)} to parse * the response. * - * @param attributeName the attribute name + * @param attributes the list of attributes to be acquired * @return the personal attribute * @throws UnsupportedAttributeException the unsupported attribute exception * @throws ExternalAttributeRequestRequiredException an attribute request to an external service has to be done */ - public PersonalAttribute acquire(String attributeName) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException; + public IPersonalAttributeList acquire(PersonalAttribute attributes) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException; /** * Perform redirect. @@ -37,10 +40,10 @@ public interface AttributeProvider { * Parses the response we got from the external attribute provider. * * @param httpReq the http req - * @return the personal attribute + * @return a list of attributes * @throws UnsupportedAttributeException if the provider cannot find anything familiar in the provided httpReq * @throws MOAIDException if something went wrong */ - public PersonalAttribute parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException; + public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 51663ed38..a38cfed96 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -5,7 +5,9 @@ import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; /** * Just a simple demoprovider who can fetch any attribute you ask him. @@ -16,16 +18,18 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ @Override - public PersonalAttribute acquire(String attributeName) + public IPersonalAttributeList acquire(PersonalAttribute attributeName) throws UnsupportedAttributeException { - return new PersonalAttribute("sepp", true, new ArrayList(), ""); + PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); + requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); + return requestedAttributes; } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ @Override - public PersonalAttribute parse(HttpServletRequest httpReq) { + public IPersonalAttributeList parse(HttpServletRequest httpReq) { // TODO Auto-generated method stub return null; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index fad049763..a9e2cf358 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -5,7 +5,9 @@ import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; /** * Just a simple demoprovider who can fetch any attribute you ask him. @@ -16,7 +18,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ @Override - public PersonalAttribute acquire(String attributeName) + public IPersonalAttributeList acquire(PersonalAttribute attributeName) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { throw new ExternalAttributeRequestRequiredException(this); } @@ -25,8 +27,10 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ @Override - public PersonalAttribute parse(HttpServletRequest httpReq) { - return new PersonalAttribute("sepp", true, new ArrayList(), ""); + public IPersonalAttributeList parse(HttpServletRequest httpReq) { + PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); + requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); + return requestedAttributes; } /* (non-Javadoc) -- cgit v1.2.3 From f9889e63f9263c2d1fc24c9103025d16ee471a79 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 20:51:15 +0100 Subject: added Stork AttributeQuery APProvider --- .../id/protocols/stork2/AttributeCollector.java | 2 + .../stork2/StorkAttributeRequestProvider.java | 45 ++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 2e9072f0d..4eb874d8f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -37,11 +37,13 @@ public class AttributeCollector implements IAction { /** The return url. */ // TODO find correct return URL + // HTTPUtils.getBaseURL(req); private String returnUrl = "findCorrectReturnURL"; public AttributeCollector() { // TODO generate from config attributeProviders = new ArrayList(); + attributeProviders.add(new StorkAttributeRequestProvider()); attributeProviders.add(new DemoRedirectAttributeProvider()); attributeProviders.add(new DemoNoRedirectAttributeProvider()); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java new file mode 100644 index 000000000..1862bdbe9 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -0,0 +1,45 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; + +/** + * creates a STORK attribute request for a configurable set of attributes + */ +public class StorkAttributeRequestProvider implements AttributeProvider { + + private PersonalAttributeList requestedAttributes; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) + */ + @Override + public IPersonalAttributeList acquire(PersonalAttribute attribute) + throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { + requestedAttributes = new PersonalAttributeList(1); + requestedAttributes.add(attribute); + throw new ExternalAttributeRequestRequiredException(this); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) + */ + @Override + public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) + */ + @Override + public void performRedirect(String url, HttpServletResponse resp) { + + } + +} -- cgit v1.2.3 From 6ac37f0acfb232d64607d685c0ad7f11fe581df0 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 20:52:19 +0100 Subject: StorkAPprovider can parse a stork response --- .../stork2/StorkAttributeRequestProvider.java | 33 +++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 1862bdbe9..fbb430362 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -4,9 +4,14 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; /** * creates a STORK attribute request for a configurable set of attributes @@ -31,7 +36,33 @@ public class StorkAttributeRequestProvider implements AttributeProvider { */ @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException { - return null; + Logger.debug("Beginning to extract SAMLResponse out of HTTP Request"); + + //extract STORK Response from HTTP Request + //Decodes SAML Response + byte[] decSamlToken; + try { + decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); + } catch(NullPointerException e) { + Logger.error("Unable to retrieve STORK Response", e); + throw new MOAIDException("stork.04", null); + } + + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + + STORKAttrQueryResponse attrResponse = null; + try { + //validate SAML Token + Logger.debug("Starting validation of SAML response"); + attrResponse = engine.validateSTORKAttrQueryResponse(decSamlToken, (String) httpReq.getRemoteHost()); + Logger.info("SAML response succesfully verified!"); + }catch(STORKSAMLEngineException e){ + Logger.error("Failed to verify STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } + + return attrResponse.getPersonalAttributeList(); } /* (non-Javadoc) -- cgit v1.2.3 From ab303539da5d60a2e12c07b30b997c010155d0b6 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 13 Feb 2014 20:56:37 +0100 Subject: parse reports unsupported data properly now --- .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index fbb430362..32b0bb334 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -35,7 +35,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ @Override - public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException { + public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException { Logger.debug("Beginning to extract SAMLResponse out of HTTP Request"); //extract STORK Response from HTTP Request @@ -44,8 +44,7 @@ public class StorkAttributeRequestProvider implements AttributeProvider { try { decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); } catch(NullPointerException e) { - Logger.error("Unable to retrieve STORK Response", e); - throw new MOAIDException("stork.04", null); + throw new UnsupportedAttributeException(); } //Get SAMLEngine instance -- cgit v1.2.3 From 0e19ab212b9c652401937ba3a2a4b415c010eeb4 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 20 Feb 2014 11:23:42 +0100 Subject: StorkAPProvider can issue an attribute query draft --- .../id/protocols/stork2/AttributeCollector.java | 6 +- .../moa/id/protocols/stork2/AttributeProvider.java | 6 +- .../stork2/StorkAttributeRequestProvider.java | 71 +++++++++++++++++++++- 3 files changed, 76 insertions(+), 7 deletions(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 4eb874d8f..8ccaa35de 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -89,7 +89,7 @@ public class AttributeCollector implements IAction { container.getResponse().getPersonalAttributeList().add(current); // see if we need some more attributes - return processRequest(container, httpResp); + return processRequest(container, httpReq, httpResp); } /** @@ -100,7 +100,7 @@ public class AttributeCollector implements IAction { * @return the string * @throws MOAIDException */ - public String processRequest(DataContainer container, HttpServletResponse response) throws MOAIDException { + public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response) throws MOAIDException { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -139,7 +139,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, response); + e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index e1f5620a8..117a1f6b4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -1,7 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import java.util.List; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -32,9 +30,11 @@ public interface AttributeProvider { * Perform redirect. * * @param url the return URL ending with ?artifactId=... + * @param citizenCountyCode the citizen county code + * @param req the request we got from the S-PEPS and for which we have to ask our APs * @param resp the response to the preceding request */ - public void performRedirect(String url, HttpServletResponse resp); + public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp); /** * Parses the response we got from the external attribute provider. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 32b0bb334..90b1a0180 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -1,15 +1,31 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.io.StringWriter; +import java.util.ArrayList; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; + import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; +import at.gv.egovernment.moa.id.config.OAParameter; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.StringUtils; + import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; @@ -19,6 +35,9 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException; public class StorkAttributeRequestProvider implements AttributeProvider { private PersonalAttributeList requestedAttributes; + + /** The destination. */ + private String destination; /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) @@ -68,8 +87,58 @@ public class StorkAttributeRequestProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ @Override - public void performRedirect(String url, HttpServletResponse resp) { + public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp) { + OAAuthParameter oaParam; + + String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget(); + String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); + String spApplication = spInstitution; + String spCountry = "AT"; + + //generate AuthnRquest + STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest(); + attributeRequest.setDestination(destination); + attributeRequest.setAssertionConsumerServiceURL(url); + attributeRequest.setIssuer(HTTPUtils.getBaseURL(req)); + attributeRequest.setQaa(oaParam.getQaaLevel()); + attributeRequest.setSpInstitution(spInstitution); + attributeRequest.setCountry(spCountry); + attributeRequest.setSpApplication(spApplication); + attributeRequest.setSpSector(spSector); + attributeRequest.setPersonalAttributeList(requestedAttributes); + + attributeRequest.setCitizenCountryCode(citizenCountryCode); + + + Logger.debug("STORK AttrRequest succesfully assembled."); + STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("VIDP"); + try { + attributeRequest = samlEngine.generateSTORKAttrQueryRequest(attributeRequest); + } catch (STORKSAMLEngineException e) { + Logger.error("Could not sign STORK SAML AttrRequest.", e); + throw new MOAIDException("stork.00", null); + } + + Logger.info("STORK AttrRequest successfully signed!"); + + try { + Logger.trace("Initialize VelocityEngine..."); + + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); + VelocityContext context = new VelocityContext(); + context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(attributeRequest.getTokenSaml())); + context.put("action", destination); + + StringWriter writer = new StringWriter(); + template.merge(context, writer); + + resp.getOutputStream().write(writer.toString().getBytes()); + } catch (Exception e) { + Logger.error("Error sending STORK SAML AttrRequest.", e); + throw new MOAIDException("stork.11", null); + } } } -- cgit v1.2.3 From 3f388c8862a4543d8c7f791e5ff47090d533aa0c Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 20 Feb 2014 14:55:17 +0100 Subject: added attribute collector action to protocol and urlrewrite --- .../java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java | 1 + 1 file changed, 1 insertion(+) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 323d9ba8e..318a8fc9c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -43,6 +43,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { static { actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); + actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector()); instance = new STORKProtocol(); } -- cgit v1.2.3 From 4c2406224be2df8b09050178630cdcff979c5ebf Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 24 Feb 2014 11:42:44 +0100 Subject: introduced attributeproviderfactory --- .../moa/id/config/auth/OAAuthParameter.java | 6 ++- .../id/protocols/stork2/AttributeCollector.java | 33 ++++++------- .../protocols/stork2/AttributeProviderFactory.java | 57 ++++++++++++++++++++++ .../stork2/DemoNoRedirectAttributeProvider.java | 6 ++- .../stork2/DemoRedirectAttributeProvider.java | 9 ++-- .../stork2/StorkAttributeRequestProvider.java | 9 ++++ .../resources/properties/id_messages_de.properties | 1 + 7 files changed, 96 insertions(+), 25 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 7a38e2afd..c3943d816 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -51,6 +51,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType; import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; @@ -66,6 +67,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.id.config.ConfigurationUtils; import at.gv.egovernment.moa.id.config.OAParameter; +import at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -342,7 +344,9 @@ public List getRequestedAttributes() { return oa_auth.getOASTORK().getOAAttributes(); } - +public List getStorkAPs() { + return oa_auth.getOASTORK().getAttributeProviders(); +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 8ccaa35de..32a8cb9c5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -4,8 +4,11 @@ import java.util.ArrayList; import java.util.List; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; @@ -33,32 +36,24 @@ public class AttributeCollector implements IAction { /** The Constant ARTIFACT_ID. */ private static final String ARTIFACT_ID = "artifactId"; - private ArrayList attributeProviders; - /** The return url. */ // TODO find correct return URL // HTTPUtils.getBaseURL(req); private String returnUrl = "findCorrectReturnURL"; - public AttributeCollector() { - // TODO generate from config - attributeProviders = new ArrayList(); - attributeProviders.add(new StorkAttributeRequestProvider()); - attributeProviders.add(new DemoRedirectAttributeProvider()); - attributeProviders.add(new DemoNoRedirectAttributeProvider()); - } - - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { - // check if we have a STORKAttributeResponse in the request - // - no, how did we get here? - // yes, we got a recent requested attribute - // - find the attribute provider plugin that can handle the response + + // read configuration parameters of OA + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); + + // find the attribute provider plugin that can handle the response IPersonalAttributeList newAttributes = null; - for (AttributeProvider current : attributeProviders) + for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) try { newAttributes = current.parse(httpReq); } catch (UnsupportedAttributeException e1) { @@ -89,7 +84,7 @@ public class AttributeCollector implements IAction { container.getResponse().getPersonalAttributeList().add(current); // see if we need some more attributes - return processRequest(container, httpReq, httpResp); + return processRequest(container, httpReq, httpResp, oaParam); } /** @@ -100,7 +95,7 @@ public class AttributeCollector implements IAction { * @return the string * @throws MOAIDException */ - public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response) throws MOAIDException { + public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException { // check if there are attributes we need to fetch IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -113,7 +108,7 @@ public class AttributeCollector implements IAction { // for each attribute still missing for(PersonalAttribute currentAttribute : missingAttributes) { // - check if we can find a suitable AttributeProvider Plugin - for(AttributeProvider currentProvider : attributeProviders) { + for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { try { // - hand over control to the suitable plugin IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java new file mode 100644 index 000000000..98d354e8a --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -0,0 +1,57 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.util.ArrayList; +import java.util.List; + +import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; + +/** + * A factory for creating AttributeProvider objects. + */ +public class AttributeProviderFactory { + + /** + * Gets the available plugins. + * + * @return the available plugins + */ + public static List getAvailablePlugins() { + List result = new ArrayList(); + result.add("StorkAttributeRequestProvider"); + + return result; + } + + /** + * Creates an AttributeProvider object for the given shortname. Returns + * {@code null} if there is no such provider available. + * + * @param shortname + * the simpleName for the providers class + * @return the attribute provider + */ + public static AttributeProvider create(String shortname, String url) { + switch (shortname) { + case "StorkAttributeRequestProvider": + return new StorkAttributeRequestProvider(url); + default: + return null; + } + } + + /** + * Gets fresh instances of the configured plugins. + * + * @param configuredAPs the configured a ps + * @return the configured plugins + */ + public static List getConfiguredPlugins( + List configuredAPs) { + + List result = new ArrayList(); + for(AttributeProviderPlugin current : configuredAPs) + result.add(create(current.getName(), current.getUrl())); + + return result; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index a38cfed96..52ff0a85a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -34,8 +34,12 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { return null; } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) + */ @Override - public void performRedirect(String url, HttpServletResponse response) { + public void performRedirect(String url, String citizenCountyCode, + HttpServletRequest req, HttpServletResponse resp) { // we should not get here } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index a9e2cf358..6dc0a30cc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -34,12 +34,13 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) + * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ @Override - public void performRedirect(String url, HttpServletResponse response) { - // TODO Auto-generated method stub - + public void performRedirect(String url, String citizenCountyCode, + HttpServletRequest req, HttpServletResponse resp) { + // we should not get here + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index 90b1a0180..dd34d0d42 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -38,6 +38,15 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /** The destination. */ private String destination; + + /** + * Instantiates a new stork attribute request provider. + * + * @param apUrl the AP location + */ + public StorkAttributeRequestProvider(String apUrl) { + destination = apUrl; + } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index d6995a98e..e5fdb5ca7 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -203,6 +203,7 @@ stork.08=STORK SAML Assertion Validierung fehlgeschlagen stork.09=Fehler beim \u00FCberpr\u00FCfen der STORK B\u00FCrgerInnen Signatur stork.10=Fehler in der Verbindung zum SZR-Gateway stork.11=Fehler beim Sammeln von StorkAttributen +stork.12=Konnte keine VIDP Konfiguration finden pvp2.00={0} ist kein gueltiger consumer service index pvp2.01=Fehler beim kodieren der PVP2 Antwort -- cgit v1.2.3 From a48a02cf22ae3c021fd81d0d8050018bb535218e Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 24 Feb 2014 15:58:43 +0100 Subject: oaparams available in applugins --- .../moa/id/protocols/stork2/AttributeCollector.java | 2 +- .../egovernment/moa/id/protocols/stork2/AttributeProvider.java | 5 ++++- .../id/protocols/stork2/DemoNoRedirectAttributeProvider.java | 4 +++- .../moa/id/protocols/stork2/DemoRedirectAttributeProvider.java | 4 +++- .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 10 ++-------- 5 files changed, 13 insertions(+), 12 deletions(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 32a8cb9c5..c1a61904d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -134,7 +134,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response); + e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 117a1f6b4..adf57d77b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -4,6 +4,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -33,8 +34,10 @@ public interface AttributeProvider { * @param citizenCountyCode the citizen county code * @param req the request we got from the S-PEPS and for which we have to ask our APs * @param resp the response to the preceding request + * @param oaParam the oa param + * @throws MOAIDException */ - public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp); + public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException; /** * Parses the response we got from the external attribute provider. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 52ff0a85a..e6f340c77 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -5,6 +5,8 @@ import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; + import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; @@ -39,7 +41,7 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { */ @Override public void performRedirect(String url, String citizenCountyCode, - HttpServletRequest req, HttpServletResponse resp) { + HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index 6dc0a30cc..5d4336149 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -5,6 +5,8 @@ import java.util.ArrayList; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; + import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; @@ -38,7 +40,7 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { */ @Override public void performRedirect(String url, String citizenCountyCode, - HttpServletRequest req, HttpServletResponse resp) { + HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index dd34d0d42..3c689cac9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -1,8 +1,6 @@ package at.gv.egovernment.moa.id.protocols.stork2; import java.io.StringWriter; -import java.util.ArrayList; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -12,7 +10,6 @@ import org.apache.velocity.app.VelocityEngine; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; -import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; @@ -24,8 +21,6 @@ import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; @@ -96,10 +91,9 @@ public class StorkAttributeRequestProvider implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ @Override - public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp) { - OAAuthParameter oaParam; + public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget(); + String spSector = "Business"; String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); String spApplication = spInstitution; String spCountry = "AT"; -- cgit v1.2.3 From 5ae5bb1ca7ffda1d4c3f864625c569e6b4b8d6de Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 25 Feb 2014 09:14:17 +0100 Subject: fixed merge issues --- .../main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java | 1 + .../main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 881d3bb2a..d1de20c4d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -352,6 +352,7 @@ public List getRequestedAttributes() { public List getStorkAPs() { return oa_auth.getOASTORK().getAttributeProviders(); +} public byte[] getBKUSelectionTemplate() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java index ab106e3c0..d655dc7f2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java @@ -106,8 +106,6 @@ public class STORKConfig { } - } - public SignatureCreationParameter getSignatureCreationParameter() { return new SignatureCreationParameter(props, basedirectory); -- cgit v1.2.3 From 3640475187ba8f2bfd4b72b2e6b7fa105432f889 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 25 Feb 2014 09:20:42 +0100 Subject: reentry url is set --- .../gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index c1a61904d..937f6da74 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -36,11 +36,6 @@ public class AttributeCollector implements IAction { /** The Constant ARTIFACT_ID. */ private static final String ARTIFACT_ID = "artifactId"; - /** The return url. */ - // TODO find correct return URL - // HTTPUtils.getBaseURL(req); - private String returnUrl = "findCorrectReturnURL"; - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) */ @@ -134,7 +129,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(returnUrl + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); + e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); -- cgit v1.2.3 From 26404cedff0e60969c98d7a7cab30f8e7eda9ea6 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 25 Feb 2014 16:55:24 +0100 Subject: attr nothing --- .../id/protocols/stork2/AttributeCollector.java | 38 +++++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) (limited to 'id/server/idserverlib/src/main') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 937f6da74..08244ab38 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -123,7 +123,43 @@ public class AttributeCollector implements IAction { // memorize the container again // - generate new key String newArtifactId = new SecureRandomIdentifierGenerator() - .generateIdentifier(); + .generateIdentifier(); /* + Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel()); + StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest()); + + HttpSession httpSession = httpReq.getSession(); + httpSession.setAttribute("STORKSessionID", "12345"); + httpResp.setStatus(startAuthResponse.getHttpStatusCode()); + try { + ServletOutputStream os = httpResp.getOutputStream(); + String html = new String(startAuthResponse.getContent()); + + + if (html.contains(""); + html = html.substring(beginIndex + 9, endIndex); + startAuthResponse.setContent(html.getBytes()); + } + Logger.info("HTML : " + html); + + os.write(startAuthResponse.getContent()); + Logger.info("Response sent to client"); + } catch (IOException e) { + Logger.error("ERROR MOA"); + throw new MOAIDException("error response sending", new Object[]{}); + } + //httpSession.setAttribute("CCC", ccc); + + */ + } + + + //httpResp.setStatus(200); + //VPEPSInboundPostHandler // - put container in temporary store. AssertionStorage.getInstance().put(newArtifactId, container); -- cgit v1.2.3