From d24179f90949ff6768f89eea0073f65990d0765a Mon Sep 17 00:00:00 2001 From: Martin Bonato Date: Wed, 21 Jan 2015 16:55:53 +0100 Subject: Add unit initial unit tests. --- ...nfigurationProviderLegacyCompatibilityTest.java | 110 +++++++++++++++++++++ .../auth/TestLegacyAuthConfigurationProvider.java | 31 ++++++ 2 files changed, 141 insertions(+) create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java (limited to 'id/server/idserverlib/src/test/java') diff --git a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java new file mode 100644 index 000000000..bd997303a --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java @@ -0,0 +1,110 @@ +package at.gv.egovnerment.moa.id.config.auth; + +import static org.easymock.EasyMock.createMock; +import static org.easymock.EasyMock.expect; +import static org.easymock.EasyMock.replay; +import static org.easymock.EasyMock.verify; + +import java.util.Collections; + +import org.junit.Test; +import org.unitils.reflectionassert.ReflectionAssert; + +import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; +import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; +import at.gv.egovernment.moa.id.commons.db.dao.config.OAuth; +import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; +import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1; +import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; +import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; +import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.NewAuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; + +import com.datentechnik.moa.id.conf.persistence.Configuration; + +public class AuthConfigurationProviderLegacyCompatibilityTest { + + private MOAIDConfiguration getMinimalMoaidConfiguration() { + + MOAIDConfiguration moaidConfiguration = new MOAIDConfiguration(); + AuthComponentGeneral authComponentGeneral = new AuthComponentGeneral(); + MOASP moasp = new MOASP(); + VerifyAuthBlock verifyAuthBlock = new VerifyAuthBlock(); + moasp.setVerifyAuthBlock(verifyAuthBlock); + VerifyIdentityLink verifyIdentityLink = new VerifyIdentityLink(); + moasp.setVerifyIdentityLink(verifyIdentityLink); + authComponentGeneral.setMOASP(moasp); + SecurityLayer securityLayer = new SecurityLayer(); + TransformsInfoType transformsInfo = new TransformsInfoType(); + transformsInfo.setFilename("transforms/TransformsInfoAuthBlockTable_DE.xml"); + transformsInfo.setTransformation(new byte[] {}); + securityLayer.setTransformsInfo(Collections.singletonList(transformsInfo)); + authComponentGeneral.setSecurityLayer(securityLayer); + SLRequestTemplates slRequestTemplates = new SLRequestTemplates(); + moaidConfiguration.setSLRequestTemplates(slRequestTemplates); + GeneralConfiguration generalConfiguration = new GeneralConfiguration(); + generalConfiguration.setTrustManagerRevocationChecking(Boolean.FALSE); + generalConfiguration.setPublicURLPreFix("http://test.org"); + authComponentGeneral.setGeneralConfiguration(generalConfiguration); + moaidConfiguration.setAuthComponentGeneral(authComponentGeneral); + ChainingModes chainingModes = new ChainingModes(); + moaidConfiguration.setChainingModes(chainingModes); + + return moaidConfiguration; + } + + @Test + public void testGetAllowedProtocolls() throws ConfigurationException { + MOAIDConfiguration moaidConfiguration = getMinimalMoaidConfiguration(); + + testGetAllowedProtocolls(moaidConfiguration); + } + + @Test + public void testGetAllowedProtocollsAll() throws ConfigurationException { + MOAIDConfiguration moaidConfiguration = getMinimalMoaidConfiguration(); + Protocols protocols = new Protocols(); + SAML1 saml1 = new SAML1(); + saml1.setIsActive(Boolean.TRUE); + protocols.setSAML1(saml1); + PVP2 pvp2 = new PVP2(); + pvp2.setIsActive(Boolean.FALSE); + protocols.setPVP2(pvp2); + OAuth oAuth = new OAuth(); + oAuth.setIsActive(null); + protocols.setOAuth(oAuth); + moaidConfiguration.getAuthComponentGeneral().setProtocols(protocols); + + testGetAllowedProtocolls(moaidConfiguration); + } + + public void testGetAllowedProtocolls(MOAIDConfiguration moaidConfiguration) throws ConfigurationException { + + TestLegacyAuthConfigurationProvider legacyAuthConfigurationProvider = new TestLegacyAuthConfigurationProvider(moaidConfiguration); + ProtocolAllowed expectedAllowedProtocols = legacyAuthConfigurationProvider.getAllowedProtocols(); + + Configuration configuration = createMock(Configuration.class); + NewAuthConfigurationProvider newAuthConfigurationProvider = new NewAuthConfigurationProvider(); + newAuthConfigurationProvider.setConfiguration(configuration); + + expect(configuration.get(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, AuthComponentGeneral.class)).andReturn(moaidConfiguration.getAuthComponentGeneral()); + + replay(configuration); + + ProtocolAllowed actualAllowedProtocols = newAuthConfigurationProvider.getAllowedProtocols(); + + verify(configuration); + + ReflectionAssert.assertLenientEquals(expectedAllowedProtocols, actualAllowedProtocols); + } + +} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java new file mode 100644 index 000000000..39c8ef310 --- /dev/null +++ b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java @@ -0,0 +1,31 @@ +package at.gv.egovnerment.moa.id.config.auth; + +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; + +public class TestLegacyAuthConfigurationProvider extends + AuthConfigurationProvider { + + private final MOAIDConfiguration moaidConfiguration; + + public TestLegacyAuthConfigurationProvider(MOAIDConfiguration moaidConfiguration) + throws ConfigurationException { + super(); + this.moaidConfiguration = moaidConfiguration; + reloadDataBaseConfig(); + } + + @SuppressWarnings("unused") + private TestLegacyAuthConfigurationProvider(String fileName) + throws ConfigurationException { + super(); + moaidConfiguration = new MOAIDConfiguration(); + } + + @Override + protected MOAIDConfiguration loadDataBaseConfig() { + return this.moaidConfiguration; + } + +} -- cgit v1.2.3 From 0fb4c31f049d71e917dfbfdab96553a807195d0c Mon Sep 17 00:00:00 2001 From: Martin Bonato Date: Thu, 9 Apr 2015 13:24:55 +0200 Subject: Rename java packages --- .../config/auth/ConfigurationToJSONConverter.java | 2 +- .../config/auth/NewAuthConfigurationProvider.java | 3 +- ...nfigurationProviderLegacyCompatibilityTest.java | 3 +- id/server/moa-id-commons/pom.xml | 2 +- .../moa/id/commons/config/ConfigurationUtil.java | 227 +++++++++++++++++++++ .../id/commons/config/MigrateConfiguration.java | 103 ++++++++++ .../moa/id/commons/config/cli/CLIConstants.java | 37 ++++ .../moa/id/commons/config/cli/MOAIDConfCLI.java | 127 ++++++++++++ .../config/cli/MigrateConfigurationParams.java | 106 ++++++++++ .../commons/config/persistence/Configuration.java | 60 ++++++ .../config/persistence/ConfigurationImpl.java | 161 +++++++++++++++ .../id/commons/config/persistence/JsonMapper.java | 73 +++++++ .../moa/id/commons/db/NewConfigurationDBRead.java | 3 +- .../moa/id/commons/db/NewConfigurationDBWrite.java | 3 +- .../commons/db/dao/config/ConfigPropertyDao.java | 58 ++++++ .../db/dao/config/ConfigPropertyDaoImpl.java | 104 ++++++++++ .../moa/id/conf/ConfigurationUtil.java | 227 --------------------- .../moa/id/conf/MigrateConfiguration.java | 103 ---------- .../datentechnik/moa/id/conf/cli/CLIConstants.java | 37 ---- .../datentechnik/moa/id/conf/cli/MOAIDConfCLI.java | 127 ------------ .../id/conf/cli/MigrateConfigurationParams.java | 106 ---------- .../moa/id/conf/persistence/Configuration.java | 60 ------ .../moa/id/conf/persistence/ConfigurationImpl.java | 160 --------------- .../moa/id/conf/persistence/JsonMapper.java | 73 ------- .../id/conf/persistence/dal/ConfigProperty.java | 95 --------- .../id/conf/persistence/dal/ConfigPropertyDao.java | 58 ------ .../persistence/dal/ConfigPropertyDaoImpl.java | 104 ---------- .../src/main/resources/META-INF/persistence.xml | 4 +- .../src/main/resources/configuration.beans.xml | 4 +- .../src/main/resources/persistence_template.xml | 2 +- .../moa/id/commons/db/ConfigurationDBReadTest.java | 2 +- .../moa/id/commons/db/configuration.beans-test.xml | 4 +- .../moa-id-commons/src/test/resources/log4j.xml | 16 ++ id/server/pom.xml | 2 +- 34 files changed, 1087 insertions(+), 1169 deletions(-) create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/CLIConstants.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/MOAIDConfCLI.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/MigrateConfigurationParams.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/Configuration.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/ConfigurationImpl.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/JsonMapper.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDao.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/ConfigurationUtil.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/MigrateConfiguration.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/CLIConstants.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/MOAIDConfCLI.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/MigrateConfigurationParams.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/Configuration.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/ConfigurationImpl.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/JsonMapper.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigProperty.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigPropertyDao.java delete mode 100644 id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigPropertyDaoImpl.java create mode 100644 id/server/moa-id-commons/src/test/resources/log4j.xml (limited to 'id/server/idserverlib/src/test/java') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java index 39225a5b0..6f2c771ec 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java @@ -13,11 +13,11 @@ import org.springframework.beans.factory.config.AutowireCapableBeanFactory; import org.springframework.context.ApplicationContext; import org.springframework.context.support.ClassPathXmlApplicationContext; +import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import com.datentechnik.moa.id.conf.persistence.Configuration; import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonProperty; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java index 0be1dc94b..d8d368a76 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java @@ -15,6 +15,7 @@ import java.util.Properties; import org.springframework.beans.factory.annotation.Autowired; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; @@ -50,8 +51,6 @@ import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import com.datentechnik.moa.id.conf.persistence.Configuration; - /** * A class providing access to the Auth Part of the MOA-ID configuration data. */ diff --git a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java index bd997303a..7606bc9bf 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java @@ -10,6 +10,7 @@ import java.util.Collections; import org.junit.Test; import org.unitils.reflectionassert.ReflectionAssert; +import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; @@ -29,8 +30,6 @@ import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.NewAuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; -import com.datentechnik.moa.id.conf.persistence.Configuration; - public class AuthConfigurationProviderLegacyCompatibilityTest { private MOAIDConfiguration getMinimalMoaidConfiguration() { diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml index 7e520d96b..ee94fb49c 100644 --- a/id/server/moa-id-commons/pom.xml +++ b/id/server/moa-id-commons/pom.xml @@ -135,7 +135,7 @@ org.springframework - spring-tx + spring-orm diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java new file mode 100644 index 000000000..d8fde7eee --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java @@ -0,0 +1,227 @@ +package at.gv.egovernment.moa.id.commons.config; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.Enumeration; +import java.util.List; +import java.util.Properties; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; + +import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; +import at.gv.egovernment.moa.id.commons.config.persistence.JsonMapper; +import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; + +import com.fasterxml.jackson.core.JsonProcessingException; + +public class ConfigurationUtil { + + final boolean isOverwriteData; + + public ConfigurationUtil(boolean isOverwriteData){ + this.isOverwriteData = isOverwriteData; + } + + /** + * Read an input MOAID 2 XML file, transfer it to properties and write the + * properties to a MOAID 3 property file. + * + * @param inStream + * the input stream to read from. + * @param outFile + * the output file to write to. + * @throws JAXBException + */ + public void readFromXMLFileConvertToPropertyFile(FileInputStream inStream, File outFile) throws JAXBException { + + try (FileOutputStream outStream = new FileOutputStream(outFile);) { + + // get config from xml file + JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); + Unmarshaller m = jc.createUnmarshaller(); + MOAIDConfiguration config = (MOAIDConfiguration) m.unmarshal(inStream); + + // serialize config to JSON properties + Properties result = moaIdConfigToJsonProperties(config); + + // write to output stream + result.store(outStream, null); + + } catch (FileNotFoundException e) { + System.out.println("Could not find the output file."); + System.exit(1); + } catch (IOException e) { + System.out.println("Could not write to the output file."); + System.exit(1); + } + } + + /** + * Helper method to serialize a {@link MOAIDConfiguration} to Properties + * with JSON encoded values. + * + * @param config + * the MOAIDConfiguration to serialize + * @return {@link Properties} containing the database key and the serialized + * values + * @throws JsonProcessingException + * is thrown if problem occurred while serializing one of the + * database values + */ + private Properties moaIdConfigToJsonProperties(MOAIDConfiguration config) throws JsonProcessingException { + + Properties result = new Properties(); + boolean prettyPrint = true; + JsonMapper mapper = new JsonMapper(prettyPrint); + + // serialize config to JSON + String oaJson = mapper.serialize(config.getOnlineApplication()); + String authCompGeneralJson = mapper.serialize(config.getAuthComponentGeneral()); + String chainingModeJson = mapper.serialize(config.getChainingModes()); + String defaultBKUJson = mapper.serialize(config.getDefaultBKUs()); + String genericConfigJson = mapper.serialize(config.getGenericConfiguration()); + String pvp2RefreshJson = mapper.serialize(config.getPvp2RefreshItem()); + String slRequestTemplatesJson = mapper.serialize(config.getSLRequestTemplates()); + String timestampJson = mapper.serialize(config.getTimestampItem()); + String trustedCaCertJson = mapper.serialize(config.getTrustedCACertificates()); + + // add to properties + result.put(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY, oaJson); + result.put(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, authCompGeneralJson); + result.put(MOAIDConfigurationConstants.CHAINING_MODES_KEY, chainingModeJson); + result.put(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, defaultBKUJson); + result.put(MOAIDConfigurationConstants.GENERIC_CONFIGURATION_KEY, genericConfigJson); + result.put(MOAIDConfigurationConstants.PVP2REFRESH_ITEM_KEY, pvp2RefreshJson); + result.put(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, slRequestTemplatesJson); + result.put(MOAIDConfigurationConstants.TIMESTAMP_ITEM_KEY, timestampJson); + result.put(MOAIDConfigurationConstants.TRUSTED_CERTIFICATES_KEY, trustedCaCertJson); + + return result; + } + + /** + * Exports a key-value database to a property file, where keys are the same + * as in the database, and the values are serialized JSON objects. + * + * @param inputDBConfigFilePath + * the path to the database properties, for the db the data is + * read from. + * @param outFile + * the destination file for the exported data. + */ + public void readFromDBWriteToFile(String inputDBConfigFilePath, File outFile) { + + try (FileOutputStream outStream = new FileOutputStream(outFile);) { + + Properties result = new Properties(); + + System.getProperties().setProperty("location", "file:" + inputDBConfigFilePath); + ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); + Configuration dbConfiguration = (Configuration) context.getBean("config"); + boolean prettyPrint = true; + at.gv.egovernment.moa.id.commons.config.persistence.JsonMapper mapper = new JsonMapper(prettyPrint); + + for (String key : MOAIDConfigurationConstants.getAllMOAIDConfigurationKeys()) { + + // extract database value + Object value = dbConfiguration.get(key); + + // serialize value to JSON + String json = mapper.serialize(value); + + // add to properties + result.setProperty(key, json); + } + + // write to output stream + result.store(outStream, null); + + System.out.println("Property configuration written to:"); + System.out.println(outFile.getAbsolutePath()); + + } catch (FileNotFoundException e) { + System.out.println("Could not find the output file."); + System.exit(1); + } catch (IOException e) { + System.out.println("Could not write to the output file."); + System.exit(1); + } + } + + /** + * Read an input property file, deserialize it's values and write them to + * the given database. + * + * @param inStream + * the FileInputStream to read from. + * @param outputDBConfigFilePath + * the path to the database properties, for the db which is + * written. + * @throws IOException + * is thrown in case the properties could not be loaded from the + * stream + */ + public void readFromFileWriteToDB(FileInputStream inStream, String outputDBConfigFilePath) throws IOException { + + Properties inProperties = new Properties(); + inProperties.load(inStream); + + System.getProperties().setProperty("location", "file:" + outputDBConfigFilePath); + ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); + Configuration dbConfiguration = (Configuration) context.getBean("config"); + boolean prettyPrint = true; + JsonMapper mapper = new JsonMapper(prettyPrint); + + List keys = dbConfiguration.getAllKeys(); + + if (keys == null) { + System.out.println("Database can not be read."); + System.exit(1); + } + + if (!keys.isEmpty() && !isOverwriteData) { + System.out.println("The database already contains configuration data."); + System.out.println("Use force switch if you want to override data)"); + System.exit(1); + } + + if (isOverwriteData) { + // remove existing entries + for (String key : keys) { + dbConfiguration.set(key, null); + } + } + + Enumeration propertyNames = inProperties.propertyNames(); + + while (propertyNames.hasMoreElements()) { + String key = (String) propertyNames.nextElement(); + // extract database value + String json = inProperties.getProperty(key); + + // deserialize value to object + Object value = mapper.deserialize(json, null); + + // add to database + boolean result = dbConfiguration.set(key, value); + if (!result) { + System.out.println("Could NOT persist the configuration file's information in the database."); + } + } + System.out.println("Data has been successfully written to the database."); + } + + private static void readFromDBWriteToDB(String inputDBConfigFilePath, String outputDBConfigFilePath) { + //TODO: implement + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java new file mode 100644 index 000000000..4e8c7dffd --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java @@ -0,0 +1,103 @@ +package at.gv.egovernment.moa.id.commons.config; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; + +import javax.xml.bind.JAXBException; + +import at.gv.egovernment.moa.id.commons.config.cli.MOAIDConfCLI; +import at.gv.egovernment.moa.id.commons.config.cli.MigrateConfigurationParams; + +/** + * CLI tool which is able to perform the following tasks: + *
    + *
  • transform a MoaID 2 XML configuration XML file to a MoaID 3 property file + *
    • + *
  • read a property file and transfer it's content to a database
    • + *
  • write the content of a database to a property file
    • + *
+ */ +public class MigrateConfiguration { + + public static void main(String[] args) { + + MOAIDConfCLI cli = new MOAIDConfCLI(); + MigrateConfigurationParams parsedParameters = cli.parse(args); + + // consider settings of force switch + boolean isOverwriteData = parsedParameters.isOverwriteData(); + ConfigurationUtil configUtil = new ConfigurationUtil(isOverwriteData); + + if (!parsedParameters.isInputDB() && (parsedParameters.getInputTarget() != null)) { + // read input from file + workWithInputFromFile(parsedParameters.getInputTarget(), parsedParameters, configUtil); + + } else if (parsedParameters.getInputDBConfig() != null) { + // read input from database + workWithImputFromDB(parsedParameters, configUtil); + + } else { + System.exit(1); + } + } + + /** + * Handle the case where input from a file is read. + * + * @param inputFileUrl + * the url of the input file. + * @param parsedParameters + * the command line parameters. + * @param configUtil + * the class for working with the configuration. + */ + private static void workWithInputFromFile(String inputFileUrl, MigrateConfigurationParams parsedParameters, + ConfigurationUtil configUtil) { + File inFile = new File(inputFileUrl); + try (FileInputStream inStream = new FileInputStream(inFile);) { + + if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { + // input from file and output to a file is desired + File outFile = new File(parsedParameters.getOutputFile()); + configUtil.readFromXMLFileConvertToPropertyFile(inStream, outFile); + + } else if (parsedParameters.getOutputDBConfig() != null) { + // input from file and output to a database is desired + configUtil.readFromFileWriteToDB(inStream, parsedParameters.getOutputDBConfig()); + } + } catch (JAXBException e) { + System.out.println("MOA-ID XML configuration can not be loaded from given file."); + System.exit(1); + } catch (FileNotFoundException e) { + System.out.println("Could not find the input file."); + System.exit(1); + } catch (IOException e) { + System.out.println("Could not read from the input file."); + System.exit(1); + } + } + + /** + * Handle the case where input is read from a database. + * + * @param parsedParameters + * the command line parameters. + * @param configUtil + * the class for working with the configuration. + */ + private static void workWithImputFromDB(MigrateConfigurationParams parsedParameters, ConfigurationUtil configUtil) { + if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { + // input from database and output to a file is desired + File outFile = new File(parsedParameters.getOutputFile()); + String inputDBConfigFilePath = parsedParameters.getInputDBConfig(); + configUtil.readFromDBWriteToFile(inputDBConfigFilePath, outFile); + + } else if (parsedParameters.getOutputDBConfig() != null) { + // input from database and output to a database is desired + // configUtil.readFromDBWriteToDB(inDBConfigFilePath, + // outDBConfigFilePath); + } + } +} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/CLIConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/CLIConstants.java new file mode 100644 index 000000000..c652645fc --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/CLIConstants.java @@ -0,0 +1,37 @@ +package at.gv.egovernment.moa.id.commons.config.cli; + +/** + * Constants for the CLI. + * @author Christian Wagner + * + */ +public class CLIConstants { + private CLIConstants() { + } + + public static final String CMD_LINE_SYNTAX = "java -jar migrateMOAIDconfiguration.jar"; + + public static final String HELP_HEADER = "Convert a given MOAID 2.x config-file."; + public static final String HELP_FOOTER = ""; + // default width of a printed row + public static final int HELP_ROW_WIDTH = 80; + + public static final int HELP_SPACE_BEFORE_OPT = 2; + public static final int HELP_SPACE_BEFORE_DESC = 4; + + public static final String CLI_PARAM_IN = "in"; + public static final String CLI_PARAM_IN_LONG = "input-file"; + public static final String CLI_PARAM_OUT = "out"; + public static final String CLI_PARAM_OUT_LONG = "output-file"; + public static final String CLI_PARAM_INDB = "indb"; + public static final String CLI_PARAM_INDB_LONG = "input-dbconf"; + public static final String CLI_PARAM_OUTDB = "outdb"; + public static final String CLI_PARAM_OUTDB_LONG = "output-dbconf"; + + public static final String CLI_PARAM_HELP = "h"; + public static final String CLI_PARAM_HELP_LONG = "help"; + + public static final String CLI_PARAM_FORCE = "f"; + public static final String CLI_PARAM_FORCE_LONG = "force"; + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/MOAIDConfCLI.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/MOAIDConfCLI.java new file mode 100644 index 000000000..f2753c3d0 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/MOAIDConfCLI.java @@ -0,0 +1,127 @@ +package at.gv.egovernment.moa.id.commons.config.cli; + +import java.io.OutputStream; +import java.io.PrintWriter; + +import org.apache.commons.cli.BasicParser; +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.CommandLineParser; +import org.apache.commons.cli.HelpFormatter; +import org.apache.commons.cli.Option; +import org.apache.commons.cli.OptionGroup; +import org.apache.commons.cli.Options; +import org.apache.commons.cli.ParseException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The command-line interface for MOAID configuration migration + * @author Christian Wagner + * + */ +public class MOAIDConfCLI { + + // the default output to write usage information and help text to + private static final OutputStream OUTPUT_STREAM = System.out; + + private Logger log = LoggerFactory.getLogger(getClass()); + + /** + * Parses the given command-line arguments using a {@link BasicParser} with small modifications. + * @param commandLineArgs the command-line arguments. + */ + public MigrateConfigurationParams parse(String[] commandLineArgs) { + + CommandLineParser parser = new BasicParser(); + CommandLine cmd = null; + MigrateConfigurationParams result = null; + try { + + if (null == commandLineArgs || commandLineArgs.length == 0) { + printUsage(OUTPUT_STREAM, true); + System.exit(0); + } + + cmd = parser.parse(createOptions(), commandLineArgs, true); + + if( null != cmd && cmd.hasOption(CLIConstants.CLI_PARAM_HELP)){ + printUsage(OUTPUT_STREAM, true); + System.exit(0); + } + + result = new MigrateConfigurationParams(cmd); + + } catch (ParseException e) { + log.warn("Encountered exception while parsing: {}", e.getMessage()); + System.err.println(e.getMessage()); + printUsage(OUTPUT_STREAM, false); + System.exit(1); + } + return result; + } + + /** + * Prints information about the usage to the given output. + * @param out the {@link OutputStream} to write to + * @param printOptions determines whether the available options are printed + */ + private void printUsage(OutputStream out, boolean printOptions) { + + PrintWriter pOut = new PrintWriter(out); + + HelpFormatter formatter = new HelpFormatter(); + pOut.println(); + pOut.println("usage: " + CLIConstants.CMD_LINE_SYNTAX + " -" + CLIConstants.CLI_PARAM_FORCE + " -" + + CLIConstants.CLI_PARAM_IN + " | -" + CLIConstants.CLI_PARAM_INDB + " -" + + CLIConstants.CLI_PARAM_OUT + " | -" + CLIConstants.CLI_PARAM_OUTDB + " [-" + + CLIConstants.CLI_PARAM_HELP + "]"); + pOut.println(); + pOut.println(CLIConstants.HELP_HEADER); + if(printOptions){ + pOut.println(); + formatter.printOptions(pOut, CLIConstants.HELP_ROW_WIDTH, createOptions(), CLIConstants.HELP_SPACE_BEFORE_OPT, CLIConstants.HELP_SPACE_BEFORE_DESC); + } + pOut.flush(); + + } + + /** + * Create all {@linkplain Option options} that should be available in the CLI. + * @return The {@linkplain Options options} + */ + private Options createOptions() { + + Options options = new Options(); + + OptionGroup inGroup = new OptionGroup(); + Option optionInput = new Option(CLIConstants.CLI_PARAM_IN, CLIConstants.CLI_PARAM_IN_LONG, true, "MOAID config-file to convert"); + optionInput.setArgName("inputfile"); + Option optionDBInput = new Option(CLIConstants.CLI_PARAM_INDB, CLIConstants.CLI_PARAM_INDB_LONG, true, "config for database to read from"); + optionDBInput.setArgName("dbconfig"); + + inGroup.addOption(optionDBInput); + inGroup.addOption(optionInput); + optionInput.setRequired(false); + + OptionGroup outGroup = new OptionGroup(); + Option optionOutput = new Option(CLIConstants.CLI_PARAM_OUT, CLIConstants.CLI_PARAM_OUT_LONG, true, "target file to write to"); + optionOutput.setArgName("outputfile"); + Option optionDBOutput = new Option(CLIConstants.CLI_PARAM_OUTDB, CLIConstants.CLI_PARAM_OUTDB_LONG, true, "config for database to write to"); + optionDBOutput.setArgName("dbconfig"); + + outGroup.addOption(optionDBOutput); + outGroup.addOption(optionOutput); + outGroup.setRequired(false); + + options.addOptionGroup(inGroup); + options.addOptionGroup(outGroup); + + Option optForce = new Option(CLIConstants.CLI_PARAM_FORCE, CLIConstants.CLI_PARAM_FORCE_LONG, false, "overwrite existing data with imported data"); + options.addOption(optForce); + + Option optHelp = new Option(CLIConstants.CLI_PARAM_HELP, CLIConstants.CLI_PARAM_HELP_LONG, false, "prints this message"); + options.addOption(optHelp); + return options; + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/MigrateConfigurationParams.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/MigrateConfigurationParams.java new file mode 100644 index 000000000..86bde1310 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/cli/MigrateConfigurationParams.java @@ -0,0 +1,106 @@ +package at.gv.egovernment.moa.id.commons.config.cli; + +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.MissingOptionException; + +/** + * The result set for the parsed command line arguments + * @author Christian Wagner + * + */ +public class MigrateConfigurationParams { + + private String inputFile = null; + private String outputFile = null; + private String inputDbConfigFile = null; + private String outputDbConfigFile = null; + + private boolean overwriteData = false; + + /** + * Get the path to the input source which is MOAID 2.x config file in XML-format. + * @return the path to the input source or {@code null} if not set. + */ + public String getInputTarget() { + return this.inputFile; + } + + /** + * Get the path to the output file to write to. + * @return the path to the output file or {@code null} if not set. + */ + public String getOutputFile() { + return outputFile; + } + + /** + * Get the path to the configuration file for the input database. + * @return the path to the config file or {@code null} if not set. + */ + public String getInputDBConfig() { + return inputDbConfigFile; + } + + /** + * Get the path to the configuration file for the output database. + * @return the path to the config file or {@code null} if not set. + */ + public String getOutputDBConfig() { + return outputDbConfigFile; + } + + /** + * Returns whether the desired input is a config file for a database. + * @return true if the stored path points at a database config file; false otherwise. + */ + public boolean isInputDB() { + return inputDbConfigFile != null; + } + + /** + * Returns whether the desired output is a config file for a database. + * @return true if the stored path points at a database config file; false otherwise. + */ + public boolean isOutputDB() { + return outputDbConfigFile != null; + } + + /** + * Returns whether existing data should be overwritten by the imported data or not. + * @return true if the existing data should be overwritten; false otherwise. + */ + public boolean isOverwriteData() { + return overwriteData; + } + + /** + * + * @param cmdLine + * @throws MissingOptionException + */ + public MigrateConfigurationParams(CommandLine cmdLine) throws MissingOptionException { + inputFile = cmdLine.getOptionValue(CLIConstants.CLI_PARAM_IN); + inputDbConfigFile = cmdLine.getOptionValue(CLIConstants.CLI_PARAM_INDB); + outputFile = cmdLine.getOptionValue(CLIConstants.CLI_PARAM_OUT); + outputDbConfigFile = cmdLine.getOptionValue(CLIConstants.CLI_PARAM_OUTDB); + overwriteData = cmdLine.hasOption(CLIConstants.CLI_PARAM_FORCE); + + if (null == inputFile && null == inputDbConfigFile) { + throw new MissingOptionException("One of [-" + CLIConstants.CLI_PARAM_IN + ", -" + CLIConstants.CLI_PARAM_INDB + "] required."); + } + + if (null == outputFile && null == outputDbConfigFile) { + throw new MissingOptionException("One of [-" + CLIConstants.CLI_PARAM_OUT + ", -" + CLIConstants.CLI_PARAM_OUTDB + "] required."); + } + + if (null != inputFile && null != inputDbConfigFile) { + throw new MissingOptionException("Only one of [-" + CLIConstants.CLI_PARAM_IN + ", -" + CLIConstants.CLI_PARAM_INDB + "] allowed."); + } + + if (null != outputFile && null != outputDbConfigFile) { + throw new MissingOptionException("Only one of [-" + CLIConstants.CLI_PARAM_OUT + ", -" + CLIConstants.CLI_PARAM_OUTDB + "] allowed."); + } + + } + +} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/Configuration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/Configuration.java new file mode 100644 index 000000000..f357fc570 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/Configuration.java @@ -0,0 +1,60 @@ +package at.gv.egovernment.moa.id.commons.config.persistence; + +import java.util.List; + +/** + * An interface for a key-value configuration. + */ +public interface Configuration { + + /** + * Gets all keys in the database. NOTE: may return an empty list or {@code null}. + * @return a List containing all keys in the database or {@code null}. + */ + List getAllKeys(); + + /** + * Get the value associated with the given key as {@link Object}. + * @param key the key + * @return the object associated with the given key or {@code null} if the key does not exist or does not have a value. + */ + Object get(String key); + + /** + * Get the object of type {@code T} associated with the given key. + * + * @param key the key + * @param clazz the type of the requested object + * @return the object associated with the given key or {@code null} if the key does not exist or does not have a value. + */ + T get(String key, Class clazz); + + /** + * Store an object associated with a key. If the given object is set to {@code null} then the entry associated with the key is deleted. + * + * @param key the key under which the value is stored, respectively key determining the entry to be deleted. + * @param value the object to store. if value is set to {@code null} then the entry associated with key {@code key} is deleted. + * @return {@code true} if the operation was carried out successfully, {@code false} otherwise. + */ + boolean set(String key, Object value); + + /** + * Get the object of type {@code T} associated with the given key from the database. If the key does not exist or does not have a value, the given default + * value is returned. + * + * @param key the key + * @param clazz the type of the requested object + * @param defaultValue the default value to return + * @return the object associated with the given key or {@code defaultValue} if the key does not exist or does not have a value. + */ + T get(String key, Class clazz, Object defaultValue); + + /** + * Get a list of objects associated with the given key. The list may be empty or contain only a single object. + * @param key the key + * @param clazz the type of the requested object + * @return a list containing objects of type {@code T} or an empty list if no objects are associated with the key. + */ + List getList(String key, Class clazz); + +} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/ConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/ConfigurationImpl.java new file mode 100644 index 000000000..c90b60440 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/ConfigurationImpl.java @@ -0,0 +1,161 @@ +package at.gv.egovernment.moa.id.commons.config.persistence; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; + +import javax.persistence.EntityExistsException; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Required; +import org.springframework.stereotype.Component; + +import at.gv.egovernment.moa.id.commons.db.dao.config.ConfigProperty; +import at.gv.egovernment.moa.id.commons.db.dao.config.ConfigPropertyDao; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.JsonMappingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.type.CollectionType; +import com.fasterxml.jackson.databind.type.TypeFactory; + +/** + * The implementation of a key-value configuration implementing the {@link Configuration} interface. + * It employs the {@link ConfigPropertyDao} to persist configuration data. + */ +@Component +public class ConfigurationImpl implements Configuration { + + private final Logger log = LoggerFactory.getLogger(getClass()); + + ConfigPropertyDao configPropertyDao; + private JsonMapper mapper = new JsonMapper(); + + /** + * Sets the {@link ConfigPropertyDao}. + * @param configPropertyDao the ConfigPropertyDao + */ + @Required + public void setConfigPropertyDao(ConfigPropertyDao configPropertyDao) { + this.configPropertyDao = configPropertyDao; + } + + @Override + public List getAllKeys(){ + try { + return this.configPropertyDao.getAllKeys(); + } catch (Exception e) { + log.debug("Error while retrieving a list of all keys in the database."); + return null; + } + } + + @Override + public Object get(String key) { + // return null if key does not exist + try { + ConfigProperty property = configPropertyDao.getProperty(key); + if (property != null && property.getValue() != null) { + return mapper.deserialize(property.getValue(), null); + } else { + return null; + } + } catch (IllegalArgumentException e) { + log.debug("Error while searching for key '{}' in the database.", key); + return null; + } catch (Exception e) { + log.debug("Error while deserializing value of key '{}' to object.", key); + return null; + } + } + + @Override + public T get(String key, Class clazz) { + // return null if key does not exist + try { + ConfigProperty property = configPropertyDao.getProperty(key); + if (property != null && property.getValue() != null) { + return clazz.cast(mapper.deserialize(property.getValue(), clazz)); + } else { + return null; + } + } catch (IllegalArgumentException e) { + log.debug("Error while searching for key '{}' in the database.", key); + return null; + } catch (Exception e) { + log.debug("Error while deserializing value of key '{}' to object of type {}.", key, clazz.getClass()); + return null; + } + } + + @Override + public boolean set(String key, Object value) { + + try { + if (value == null) { + configPropertyDao.delete(key); + return true; + } else { + + ConfigProperty keyValue = new ConfigProperty(); + keyValue.setKey(key); + + keyValue.setValue(mapper.serialize(value)); + configPropertyDao.saveProperty(keyValue); + return true; + } + } catch (JsonProcessingException e) { + log.debug("Error while serializing object for key '{}'.", key); + return false; + } catch (EntityExistsException e) { + log.debug("Property '{}' already exists!", key); + return false; + } catch (Exception e) { + log.debug("Error while setting value for key '{}' in the database.", key); + return false; + } + } + + @Override + public T get(String key, Class clazz, Object defaultValue) { + + T value = get(key, clazz); + if (value != null) { + return value; + } else { + return clazz.cast(defaultValue); + } + } + + @SuppressWarnings("unchecked") + @Override + public List getList(String key, Class clazz) { + + CollectionType listType = TypeFactory.defaultInstance().constructCollectionType(List.class, clazz); + try { + if ((configPropertyDao.getProperty(key) == null) + || (configPropertyDao.getProperty(key).getValue() == null)) { + return new ArrayList(); + } + String json = configPropertyDao.getProperty(key).getValue(); + ObjectMapper mapper = new ObjectMapper(); + + return (List) mapper.readValue(json, listType); + } catch (JsonMappingException e) { + ArrayList tmp = new ArrayList(); + T value = get(key, clazz); + if (value != null) { + tmp.add(value); + } + return tmp; + } catch (IOException e) { + log.debug("Error while deserializing value for key '{}' to List<{}>.", key, clazz.getClass()); + return new ArrayList(); + } catch (Exception e){ + log.debug("Error while searching key '{}' in the database.", key); + return new ArrayList(); + } + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/JsonMapper.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/JsonMapper.java new file mode 100644 index 000000000..6138d571b --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/JsonMapper.java @@ -0,0 +1,73 @@ +package at.gv.egovernment.moa.id.commons.config.persistence; + +import java.io.IOException; + +import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility; +import com.fasterxml.jackson.annotation.PropertyAccessor; +import com.fasterxml.jackson.core.JsonParseException; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.JavaType; +import com.fasterxml.jackson.databind.JsonMappingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.SerializationFeature; +import com.fasterxml.jackson.databind.type.TypeFactory; + +/** + * Helper class to handle the JSON (de-)serialization. + * + */ +public class JsonMapper { + + private ObjectMapper mapper = new ObjectMapper(); + + /** + * The default constructor where the default pretty printer is disabled. + */ + public JsonMapper() { + this(false); + } + + /** + * The constructor. + * @param prettyPrint enables or disables the default pretty printer + */ + public JsonMapper(boolean prettyPrint) { + mapper.setVisibility(PropertyAccessor.ALL, Visibility.NONE); + mapper.setVisibility(PropertyAccessor.GETTER, Visibility.PUBLIC_ONLY); + mapper.setVisibility(PropertyAccessor.IS_GETTER, Visibility.PUBLIC_ONLY); + if (prettyPrint) { + mapper.enable(SerializationFeature.INDENT_OUTPUT); + } + } + + /** + * Serialize an object to a JSON string. + * @param value the object to serialize + * @return a JSON string + * @throws JsonProcessingException thrown when an error occurs during serialization + */ + public String serialize(Object value) throws JsonProcessingException { + return mapper.writeValueAsString(value); + } + + /** + * Deserialize a JSON string. + * + * @param value the JSON string to deserialize + * @param clazz optional parameter that determines the type of the returned object. If not set, an {@link Object} is returned. + * @return the deserialized JSON string as an object of type {@code clazz} or {@link Object} + * @throws JsonParseException if the JSON string contains invalid content. + * @throws JsonMappingException if the input JSON structure does not match structure expected for result type + * @throws IOException if an I/O problem occurs (e.g. unexpected end-of-input) + */ + public Object deserialize(String value, Class clazz) throws JsonParseException, JsonMappingException, IOException{ + + ObjectMapper mapper = new ObjectMapper(); + if (clazz != null) { + JavaType javaType = TypeFactory.defaultInstance().constructType(clazz); + return mapper.readValue(value, javaType); + } else { + return mapper.readValue(value, Object.class); + } + } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java index 0dd232773..28363a1eb 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java @@ -7,6 +7,7 @@ import java.util.List; import org.springframework.beans.factory.annotation.Autowired; +import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; @@ -17,8 +18,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; import at.gv.egovernment.moa.logging.Logger; -import com.datentechnik.moa.id.conf.persistence.Configuration; - /** * * diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java index e1b51ee9b..de4a1789e 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java @@ -6,6 +6,7 @@ import java.util.List; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; +import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; @@ -15,8 +16,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; -import com.datentechnik.moa.id.conf.persistence.Configuration; - /** * This class is used for writing to the key-value database. */ diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDao.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDao.java new file mode 100644 index 000000000..db35ba1df --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDao.java @@ -0,0 +1,58 @@ +package at.gv.egovernment.moa.id.commons.db.dao.config; + +import java.util.List; +import java.util.Set; + +/** + * DAO interface providing means for accessing MOAID configuration properties. + * + */ +public interface ConfigPropertyDao { + + /** + * Gets all keys in the database. + * @return a List containing all keys in the database. + */ + List getAllKeys(); + + /** + * Returns the {@link ConfigProperty} associated with {@code key} or {@code null} if the entry does not exist. + * + * @param key The configuration key. + * @return The configuration property value or {@code null}. + */ + ConfigProperty getProperty(String key); + + /** + * Persists a given {@link ConfigProperty}. + * @param property The property to be persisted. + */ + void saveProperty(ConfigProperty property); + + /** + * Returns a {@link List} containing all stored {@linkplain ConfigProperty ConfigProperties}. + * @return The list with the properties. + */ + List getProperties(); + + /** + * Returns the value for the configuration property associated with {@code key} or {@code null} if the entry does not exist or its value is {@code null}. + * + * @param key The configuration key. + * @return The configuration property value or {@code null}. + */ + String getPropertyValue(String key); + + /** + * Persists a {@link List} of {@linkplain ConfigProperty ConfigProperties}. + * @param properties The list containing all the properties to be persisted. + */ + void saveProperties(Set properties); + + /** + * Deletes the object associated with the given key. + * @param key the key + */ + void delete(String key); + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java new file mode 100644 index 000000000..6a76c1d17 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java @@ -0,0 +1,104 @@ +package at.gv.egovernment.moa.id.commons.db.dao.config; + +import java.util.List; +import java.util.Set; + +import javax.persistence.EntityManager; +import javax.persistence.NoResultException; +import javax.persistence.PersistenceContext; +import javax.persistence.TypedQuery; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.transaction.annotation.Transactional; + +/** + * Database backed implementation of the DAO interface + * + */ +@Transactional("transactionManager") +public class ConfigPropertyDaoImpl implements ConfigPropertyDao { + + private Logger log = LoggerFactory.getLogger(getClass()); + + @PersistenceContext(unitName = "moaidconf") + private EntityManager em; + + @Override + public List getAllKeys() { + if (null == em) { + log.error("No EntityManager set!"); + return null; + } + TypedQuery query = em.createQuery("select key from ConfigProperty", String.class); + List result = query.getResultList(); + return result; + } + + @Override + public void saveProperty(ConfigProperty property) { + if (null == em) { + log.error("No EntityManager set!"); + return; + } + + log.debug("Storing '{}'.", property.toString()); + em.persist(property); + } + + @Override + public ConfigProperty getProperty(String key) { + log.debug("Looking for configuration property for key '{}'.", key); + ConfigProperty result = em.find(ConfigProperty.class, key); + if (result != null) { + log.debug("Found configuration property {}.", result); + } else { + log.debug("Unable to find configuration property for key '{}'.", key); + } + return result; + } + + @Override + public String getPropertyValue(String key) { + ConfigProperty property = getProperty(key); + if (property == null) { + return null; + } + return property.getValue(); + } + + @Override + public List getProperties() { + + if (null == em) { + log.error("No EntityManager set!"); + return null; + } + + log.debug("Retrieving all properties from database."); + TypedQuery query = em.createQuery("select mc from ConfigProperty mc", ConfigProperty.class); + try { + List propertiesList = query.getResultList(); + return propertiesList; + } catch (NoResultException e) { + log.debug("No property found in database."); + return null; + } + } + + @Override + public void saveProperties(Set properties) { + log.debug("Storing {} properties to database.", properties.size()); + for (ConfigProperty cp : properties) { + saveProperty(cp); + } + em.flush(); + } + + @Override + public void delete(String key) { + log.debug("Deleting entry with key '{}'.", key); + em.remove(em.find(ConfigProperty.class, key)); + } + +} diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/ConfigurationUtil.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/ConfigurationUtil.java deleted file mode 100644 index e771b96a2..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/ConfigurationUtil.java +++ /dev/null @@ -1,227 +0,0 @@ -package com.datentechnik.moa.id.conf; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.FileOutputStream; -import java.io.IOException; -import java.util.Enumeration; -import java.util.List; -import java.util.Properties; - -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBException; -import javax.xml.bind.Unmarshaller; - -import org.springframework.context.ApplicationContext; -import org.springframework.context.support.ClassPathXmlApplicationContext; - -import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; - -import com.datentechnik.moa.id.conf.persistence.Configuration; -import com.datentechnik.moa.id.conf.persistence.JsonMapper; -import com.fasterxml.jackson.core.JsonProcessingException; - -public class ConfigurationUtil { - - final boolean isOverwriteData; - - public ConfigurationUtil(boolean isOverwriteData){ - this.isOverwriteData = isOverwriteData; - } - - /** - * Read an input MOAID 2 XML file, transfer it to properties and write the - * properties to a MOAID 3 property file. - * - * @param inStream - * the input stream to read from. - * @param outFile - * the output file to write to. - * @throws JAXBException - */ - public void readFromXMLFileConvertToPropertyFile(FileInputStream inStream, File outFile) throws JAXBException { - - try (FileOutputStream outStream = new FileOutputStream(outFile);) { - - // get config from xml file - JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); - Unmarshaller m = jc.createUnmarshaller(); - MOAIDConfiguration config = (MOAIDConfiguration) m.unmarshal(inStream); - - // serialize config to JSON properties - Properties result = moaIdConfigToJsonProperties(config); - - // write to output stream - result.store(outStream, null); - - } catch (FileNotFoundException e) { - System.out.println("Could not find the output file."); - System.exit(1); - } catch (IOException e) { - System.out.println("Could not write to the output file."); - System.exit(1); - } - } - - /** - * Helper method to serialize a {@link MOAIDConfiguration} to Properties - * with JSON encoded values. - * - * @param config - * the MOAIDConfiguration to serialize - * @return {@link Properties} containing the database key and the serialized - * values - * @throws JsonProcessingException - * is thrown if problem occurred while serializing one of the - * database values - */ - private Properties moaIdConfigToJsonProperties(MOAIDConfiguration config) throws JsonProcessingException { - - Properties result = new Properties(); - boolean prettyPrint = true; - JsonMapper mapper = new JsonMapper(prettyPrint); - - // serialize config to JSON - String oaJson = mapper.serialize(config.getOnlineApplication()); - String authCompGeneralJson = mapper.serialize(config.getAuthComponentGeneral()); - String chainingModeJson = mapper.serialize(config.getChainingModes()); - String defaultBKUJson = mapper.serialize(config.getDefaultBKUs()); - String genericConfigJson = mapper.serialize(config.getGenericConfiguration()); - String pvp2RefreshJson = mapper.serialize(config.getPvp2RefreshItem()); - String slRequestTemplatesJson = mapper.serialize(config.getSLRequestTemplates()); - String timestampJson = mapper.serialize(config.getTimestampItem()); - String trustedCaCertJson = mapper.serialize(config.getTrustedCACertificates()); - - // add to properties - result.put(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY, oaJson); - result.put(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, authCompGeneralJson); - result.put(MOAIDConfigurationConstants.CHAINING_MODES_KEY, chainingModeJson); - result.put(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, defaultBKUJson); - result.put(MOAIDConfigurationConstants.GENERIC_CONFIGURATION_KEY, genericConfigJson); - result.put(MOAIDConfigurationConstants.PVP2REFRESH_ITEM_KEY, pvp2RefreshJson); - result.put(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, slRequestTemplatesJson); - result.put(MOAIDConfigurationConstants.TIMESTAMP_ITEM_KEY, timestampJson); - result.put(MOAIDConfigurationConstants.TRUSTED_CERTIFICATES_KEY, trustedCaCertJson); - - return result; - } - - /** - * Exports a key-value database to a property file, where keys are the same - * as in the database, and the values are serialized JSON objects. - * - * @param inputDBConfigFilePath - * the path to the database properties, for the db the data is - * read from. - * @param outFile - * the destination file for the exported data. - */ - public void readFromDBWriteToFile(String inputDBConfigFilePath, File outFile) { - - try (FileOutputStream outStream = new FileOutputStream(outFile);) { - - Properties result = new Properties(); - - System.getProperties().setProperty("location", "file:" + inputDBConfigFilePath); - ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); - Configuration dbConfiguration = (Configuration) context.getBean("config"); - boolean prettyPrint = true; - com.datentechnik.moa.id.conf.persistence.JsonMapper mapper = new JsonMapper(prettyPrint); - - for (String key : MOAIDConfigurationConstants.getAllMOAIDConfigurationKeys()) { - - // extract database value - Object value = dbConfiguration.get(key); - - // serialize value to JSON - String json = mapper.serialize(value); - - // add to properties - result.setProperty(key, json); - } - - // write to output stream - result.store(outStream, null); - - System.out.println("Property configuration written to:"); - System.out.println(outFile.getAbsolutePath()); - - } catch (FileNotFoundException e) { - System.out.println("Could not find the output file."); - System.exit(1); - } catch (IOException e) { - System.out.println("Could not write to the output file."); - System.exit(1); - } - } - - /** - * Read an input property file, deserialize it's values and write them to - * the given database. - * - * @param inStream - * the FileInputStream to read from. - * @param outputDBConfigFilePath - * the path to the database properties, for the db which is - * written. - * @throws IOException - * is thrown in case the properties could not be loaded from the - * stream - */ - public void readFromFileWriteToDB(FileInputStream inStream, String outputDBConfigFilePath) throws IOException { - - Properties inProperties = new Properties(); - inProperties.load(inStream); - - System.getProperties().setProperty("location", "file:" + outputDBConfigFilePath); - ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); - Configuration dbConfiguration = (Configuration) context.getBean("config"); - boolean prettyPrint = true; - JsonMapper mapper = new JsonMapper(prettyPrint); - - List keys = dbConfiguration.getAllKeys(); - - if (keys == null) { - System.out.println("Database can not be read."); - System.exit(1); - } - - if (!keys.isEmpty() && !isOverwriteData) { - System.out.println("The database already contains configuration data."); - System.out.println("Use force switch if you want to override data)"); - System.exit(1); - } - - if (isOverwriteData) { - // remove existing entries - for (String key : keys) { - dbConfiguration.set(key, null); - } - } - - Enumeration propertyNames = inProperties.propertyNames(); - - while (propertyNames.hasMoreElements()) { - String key = (String) propertyNames.nextElement(); - // extract database value - String json = inProperties.getProperty(key); - - // deserialize value to object - Object value = mapper.deserialize(json, null); - - // add to database - boolean result = dbConfiguration.set(key, value); - if (!result) { - System.out.println("Could NOT persist the configuration file's information in the database."); - } - } - System.out.println("Data has been successfully written to the database."); - } - - private static void readFromDBWriteToDB(String inputDBConfigFilePath, String outputDBConfigFilePath) { - //TODO: implement - } - -} diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/MigrateConfiguration.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/MigrateConfiguration.java deleted file mode 100644 index fefcf5028..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/MigrateConfiguration.java +++ /dev/null @@ -1,103 +0,0 @@ -package com.datentechnik.moa.id.conf; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; - -import javax.xml.bind.JAXBException; - -import com.datentechnik.moa.id.conf.cli.MOAIDConfCLI; -import com.datentechnik.moa.id.conf.cli.MigrateConfigurationParams; - -/** - * CLI tool which is able to perform the following tasks: - *
    - *
  • transform a MoaID 2 XML configuration XML file to a MoaID 3 property file - *
    • - *
  • read a property file and transfer it's content to a database
    • - *
  • write the content of a database to a property file
    • - *
- */ -public class MigrateConfiguration { - - public static void main(String[] args) { - - MOAIDConfCLI cli = new MOAIDConfCLI(); - MigrateConfigurationParams parsedParameters = cli.parse(args); - - // consider settings of force switch - boolean isOverwriteData = parsedParameters.isOverwriteData(); - ConfigurationUtil configUtil = new ConfigurationUtil(isOverwriteData); - - if (!parsedParameters.isInputDB() && (parsedParameters.getInputTarget() != null)) { - // read input from file - workWithInputFromFile(parsedParameters.getInputTarget(), parsedParameters, configUtil); - - } else if (parsedParameters.getInputDBConfig() != null) { - // read input from database - workWithImputFromDB(parsedParameters, configUtil); - - } else { - System.exit(1); - } - } - - /** - * Handle the case where input from a file is read. - * - * @param inputFileUrl - * the url of the input file. - * @param parsedParameters - * the command line parameters. - * @param configUtil - * the class for working with the configuration. - */ - private static void workWithInputFromFile(String inputFileUrl, MigrateConfigurationParams parsedParameters, - ConfigurationUtil configUtil) { - File inFile = new File(inputFileUrl); - try (FileInputStream inStream = new FileInputStream(inFile);) { - - if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { - // input from file and output to a file is desired - File outFile = new File(parsedParameters.getOutputFile()); - configUtil.readFromXMLFileConvertToPropertyFile(inStream, outFile); - - } else if (parsedParameters.getOutputDBConfig() != null) { - // input from file and output to a database is desired - configUtil.readFromFileWriteToDB(inStream, parsedParameters.getOutputDBConfig()); - } - } catch (JAXBException e) { - System.out.println("MOA-ID XML configuration can not be loaded from given file."); - System.exit(1); - } catch (FileNotFoundException e) { - System.out.println("Could not find the input file."); - System.exit(1); - } catch (IOException e) { - System.out.println("Could not read from the input file."); - System.exit(1); - } - } - - /** - * Handle the case where input is read from a database. - * - * @param parsedParameters - * the command line parameters. - * @param configUtil - * the class for working with the configuration. - */ - private static void workWithImputFromDB(MigrateConfigurationParams parsedParameters, ConfigurationUtil configUtil) { - if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { - // input from database and output to a file is desired - File outFile = new File(parsedParameters.getOutputFile()); - String inputDBConfigFilePath = parsedParameters.getInputDBConfig(); - configUtil.readFromDBWriteToFile(inputDBConfigFilePath, outFile); - - } else if (parsedParameters.getOutputDBConfig() != null) { - // input from database and output to a database is desired - // configUtil.readFromDBWriteToDB(inDBConfigFilePath, - // outDBConfigFilePath); - } - } -} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/CLIConstants.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/CLIConstants.java deleted file mode 100644 index 481b6d6f6..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/CLIConstants.java +++ /dev/null @@ -1,37 +0,0 @@ -package com.datentechnik.moa.id.conf.cli; - -/** - * Constants for the CLI. - * @author Christian Wagner - * - */ -public class CLIConstants { - private CLIConstants() { - } - - public static final String CMD_LINE_SYNTAX = "java -jar migrateMOAIDconfiguration.jar"; - - public static final String HELP_HEADER = "Convert a given MOAID 2.x config-file."; - public static final String HELP_FOOTER = ""; - // default width of a printed row - public static final int HELP_ROW_WIDTH = 80; - - public static final int HELP_SPACE_BEFORE_OPT = 2; - public static final int HELP_SPACE_BEFORE_DESC = 4; - - public static final String CLI_PARAM_IN = "in"; - public static final String CLI_PARAM_IN_LONG = "input-file"; - public static final String CLI_PARAM_OUT = "out"; - public static final String CLI_PARAM_OUT_LONG = "output-file"; - public static final String CLI_PARAM_INDB = "indb"; - public static final String CLI_PARAM_INDB_LONG = "input-dbconf"; - public static final String CLI_PARAM_OUTDB = "outdb"; - public static final String CLI_PARAM_OUTDB_LONG = "output-dbconf"; - - public static final String CLI_PARAM_HELP = "h"; - public static final String CLI_PARAM_HELP_LONG = "help"; - - public static final String CLI_PARAM_FORCE = "f"; - public static final String CLI_PARAM_FORCE_LONG = "force"; - -} diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/MOAIDConfCLI.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/MOAIDConfCLI.java deleted file mode 100644 index ac5ead171..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/MOAIDConfCLI.java +++ /dev/null @@ -1,127 +0,0 @@ -package com.datentechnik.moa.id.conf.cli; - -import java.io.OutputStream; -import java.io.PrintWriter; - -import org.apache.commons.cli.BasicParser; -import org.apache.commons.cli.CommandLine; -import org.apache.commons.cli.CommandLineParser; -import org.apache.commons.cli.HelpFormatter; -import org.apache.commons.cli.Option; -import org.apache.commons.cli.OptionGroup; -import org.apache.commons.cli.Options; -import org.apache.commons.cli.ParseException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -/** - * The command-line interface for MOAID configuration migration - * @author Christian Wagner - * - */ -public class MOAIDConfCLI { - - // the default output to write usage information and help text to - private static final OutputStream OUTPUT_STREAM = System.out; - - private Logger log = LoggerFactory.getLogger(getClass()); - - /** - * Parses the given command-line arguments using a {@link BasicParser} with small modifications. - * @param commandLineArgs the command-line arguments. - */ - public MigrateConfigurationParams parse(String[] commandLineArgs) { - - CommandLineParser parser = new BasicParser(); - CommandLine cmd = null; - MigrateConfigurationParams result = null; - try { - - if (null == commandLineArgs || commandLineArgs.length == 0) { - printUsage(OUTPUT_STREAM, true); - System.exit(0); - } - - cmd = parser.parse(createOptions(), commandLineArgs, true); - - if( null != cmd && cmd.hasOption(CLIConstants.CLI_PARAM_HELP)){ - printUsage(OUTPUT_STREAM, true); - System.exit(0); - } - - result = new MigrateConfigurationParams(cmd); - - } catch (ParseException e) { - log.warn("Encountered exception while parsing: {}", e.getMessage()); - System.err.println(e.getMessage()); - printUsage(OUTPUT_STREAM, false); - System.exit(1); - } - return result; - } - - /** - * Prints information about the usage to the given output. - * @param out the {@link OutputStream} to write to - * @param printOptions determines whether the available options are printed - */ - private void printUsage(OutputStream out, boolean printOptions) { - - PrintWriter pOut = new PrintWriter(out); - - HelpFormatter formatter = new HelpFormatter(); - pOut.println(); - pOut.println("usage: " + CLIConstants.CMD_LINE_SYNTAX + " -" + CLIConstants.CLI_PARAM_FORCE + " -" - + CLIConstants.CLI_PARAM_IN + " | -" + CLIConstants.CLI_PARAM_INDB + " -" - + CLIConstants.CLI_PARAM_OUT + " | -" + CLIConstants.CLI_PARAM_OUTDB + " [-" - + CLIConstants.CLI_PARAM_HELP + "]"); - pOut.println(); - pOut.println(CLIConstants.HELP_HEADER); - if(printOptions){ - pOut.println(); - formatter.printOptions(pOut, CLIConstants.HELP_ROW_WIDTH, createOptions(), CLIConstants.HELP_SPACE_BEFORE_OPT, CLIConstants.HELP_SPACE_BEFORE_DESC); - } - pOut.flush(); - - } - - /** - * Create all {@linkplain Option options} that should be available in the CLI. - * @return The {@linkplain Options options} - */ - private Options createOptions() { - - Options options = new Options(); - - OptionGroup inGroup = new OptionGroup(); - Option optionInput = new Option(CLIConstants.CLI_PARAM_IN, CLIConstants.CLI_PARAM_IN_LONG, true, "MOAID config-file to convert"); - optionInput.setArgName("inputfile"); - Option optionDBInput = new Option(CLIConstants.CLI_PARAM_INDB, CLIConstants.CLI_PARAM_INDB_LONG, true, "config for database to read from"); - optionDBInput.setArgName("dbconfig"); - - inGroup.addOption(optionDBInput); - inGroup.addOption(optionInput); - optionInput.setRequired(false); - - OptionGroup outGroup = new OptionGroup(); - Option optionOutput = new Option(CLIConstants.CLI_PARAM_OUT, CLIConstants.CLI_PARAM_OUT_LONG, true, "target file to write to"); - optionOutput.setArgName("outputfile"); - Option optionDBOutput = new Option(CLIConstants.CLI_PARAM_OUTDB, CLIConstants.CLI_PARAM_OUTDB_LONG, true, "config for database to write to"); - optionDBOutput.setArgName("dbconfig"); - - outGroup.addOption(optionDBOutput); - outGroup.addOption(optionOutput); - outGroup.setRequired(false); - - options.addOptionGroup(inGroup); - options.addOptionGroup(outGroup); - - Option optForce = new Option(CLIConstants.CLI_PARAM_FORCE, CLIConstants.CLI_PARAM_FORCE_LONG, false, "overwrite existing data with imported data"); - options.addOption(optForce); - - Option optHelp = new Option(CLIConstants.CLI_PARAM_HELP, CLIConstants.CLI_PARAM_HELP_LONG, false, "prints this message"); - options.addOption(optHelp); - return options; - } - -} diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/MigrateConfigurationParams.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/MigrateConfigurationParams.java deleted file mode 100644 index da2cac31b..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/cli/MigrateConfigurationParams.java +++ /dev/null @@ -1,106 +0,0 @@ -package com.datentechnik.moa.id.conf.cli; - -import org.apache.commons.cli.CommandLine; -import org.apache.commons.cli.MissingOptionException; - -/** - * The result set for the parsed command line arguments - * @author Christian Wagner - * - */ -public class MigrateConfigurationParams { - - private String inputFile = null; - private String outputFile = null; - private String inputDbConfigFile = null; - private String outputDbConfigFile = null; - - private boolean overwriteData = false; - - /** - * Get the path to the input source which is MOAID 2.x config file in XML-format. - * @return the path to the input source or {@code null} if not set. - */ - public String getInputTarget() { - return this.inputFile; - } - - /** - * Get the path to the output file to write to. - * @return the path to the output file or {@code null} if not set. - */ - public String getOutputFile() { - return outputFile; - } - - /** - * Get the path to the configuration file for the input database. - * @return the path to the config file or {@code null} if not set. - */ - public String getInputDBConfig() { - return inputDbConfigFile; - } - - /** - * Get the path to the configuration file for the output database. - * @return the path to the config file or {@code null} if not set. - */ - public String getOutputDBConfig() { - return outputDbConfigFile; - } - - /** - * Returns whether the desired input is a config file for a database. - * @return true if the stored path points at a database config file; false otherwise. - */ - public boolean isInputDB() { - return inputDbConfigFile != null; - } - - /** - * Returns whether the desired output is a config file for a database. - * @return true if the stored path points at a database config file; false otherwise. - */ - public boolean isOutputDB() { - return outputDbConfigFile != null; - } - - /** - * Returns whether existing data should be overwritten by the imported data or not. - * @return true if the existing data should be overwritten; false otherwise. - */ - public boolean isOverwriteData() { - return overwriteData; - } - - /** - * - * @param cmdLine - * @throws MissingOptionException - */ - public MigrateConfigurationParams(CommandLine cmdLine) throws MissingOptionException { - inputFile = cmdLine.getOptionValue(CLIConstants.CLI_PARAM_IN); - inputDbConfigFile = cmdLine.getOptionValue(CLIConstants.CLI_PARAM_INDB); - outputFile = cmdLine.getOptionValue(CLIConstants.CLI_PARAM_OUT); - outputDbConfigFile = cmdLine.getOptionValue(CLIConstants.CLI_PARAM_OUTDB); - overwriteData = cmdLine.hasOption(CLIConstants.CLI_PARAM_FORCE); - - if (null == inputFile && null == inputDbConfigFile) { - throw new MissingOptionException("One of [-" + CLIConstants.CLI_PARAM_IN + ", -" + CLIConstants.CLI_PARAM_INDB + "] required."); - } - - if (null == outputFile && null == outputDbConfigFile) { - throw new MissingOptionException("One of [-" + CLIConstants.CLI_PARAM_OUT + ", -" + CLIConstants.CLI_PARAM_OUTDB + "] required."); - } - - if (null != inputFile && null != inputDbConfigFile) { - throw new MissingOptionException("Only one of [-" + CLIConstants.CLI_PARAM_IN + ", -" + CLIConstants.CLI_PARAM_INDB + "] allowed."); - } - - if (null != outputFile && null != outputDbConfigFile) { - throw new MissingOptionException("Only one of [-" + CLIConstants.CLI_PARAM_OUT + ", -" + CLIConstants.CLI_PARAM_OUTDB + "] allowed."); - } - - } - -} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/Configuration.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/Configuration.java deleted file mode 100644 index 406c21026..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/Configuration.java +++ /dev/null @@ -1,60 +0,0 @@ -package com.datentechnik.moa.id.conf.persistence; - -import java.util.List; - -/** - * An interface for a key-value configuration. - */ -public interface Configuration { - - /** - * Gets all keys in the database. NOTE: may return an empty list or {@code null}. - * @return a List containing all keys in the database or {@code null}. - */ - List getAllKeys(); - - /** - * Get the value associated with the given key as {@link Object}. - * @param key the key - * @return the object associated with the given key or {@code null} if the key does not exist or does not have a value. - */ - Object get(String key); - - /** - * Get the object of type {@code T} associated with the given key. - * - * @param key the key - * @param clazz the type of the requested object - * @return the object associated with the given key or {@code null} if the key does not exist or does not have a value. - */ - T get(String key, Class clazz); - - /** - * Store an object associated with a key. If the given object is set to {@code null} then the entry associated with the key is deleted. - * - * @param key the key under which the value is stored, respectively key determining the entry to be deleted. - * @param value the object to store. if value is set to {@code null} then the entry associated with key {@code key} is deleted. - * @return {@code true} if the operation was carried out successfully, {@code false} otherwise. - */ - boolean set(String key, Object value); - - /** - * Get the object of type {@code T} associated with the given key from the database. If the key does not exist or does not have a value, the given default - * value is returned. - * - * @param key the key - * @param clazz the type of the requested object - * @param defaultValue the default value to return - * @return the object associated with the given key or {@code defaultValue} if the key does not exist or does not have a value. - */ - T get(String key, Class clazz, Object defaultValue); - - /** - * Get a list of objects associated with the given key. The list may be empty or contain only a single object. - * @param key the key - * @param clazz the type of the requested object - * @return a list containing objects of type {@code T} or an empty list if no objects are associated with the key. - */ - List getList(String key, Class clazz); - -} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/ConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/ConfigurationImpl.java deleted file mode 100644 index 43974de7a..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/ConfigurationImpl.java +++ /dev/null @@ -1,160 +0,0 @@ -package com.datentechnik.moa.id.conf.persistence; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; - -import javax.persistence.EntityExistsException; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Required; -import org.springframework.stereotype.Component; - -import com.datentechnik.moa.id.conf.persistence.dal.ConfigProperty; -import com.datentechnik.moa.id.conf.persistence.dal.ConfigPropertyDao; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.JsonMappingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.type.CollectionType; -import com.fasterxml.jackson.databind.type.TypeFactory; - -/** - * The implementation of a key-value configuration implementing the {@link Configuration} interface. - * It employs the {@link ConfigPropertyDao} to persist configuration data. - */ -@Component -public class ConfigurationImpl implements Configuration { - - private final Logger log = LoggerFactory.getLogger(getClass()); - - ConfigPropertyDao configPropertyDao; - private JsonMapper mapper = new JsonMapper(); - - /** - * Sets the {@link ConfigPropertyDao}. - * @param configPropertyDao the ConfigPropertyDao - */ - @Required - public void setConfigPropertyDao(ConfigPropertyDao configPropertyDao) { - this.configPropertyDao = configPropertyDao; - } - - @Override - public List getAllKeys(){ - try { - return this.configPropertyDao.getAllKeys(); - } catch (Exception e) { - log.debug("Error while retrieving a list of all keys in the database."); - return null; - } - } - - @Override - public Object get(String key) { - // return null if key does not exist - try { - ConfigProperty property = configPropertyDao.getProperty(key); - if (property != null && property.getValue() != null) { - return mapper.deserialize(property.getValue(), null); - } else { - return null; - } - } catch (IllegalArgumentException e) { - log.debug("Error while searching for key '{}' in the database.", key); - return null; - } catch (Exception e) { - log.debug("Error while deserializing value of key '{}' to object.", key); - return null; - } - } - - @Override - public T get(String key, Class clazz) { - // return null if key does not exist - try { - ConfigProperty property = configPropertyDao.getProperty(key); - if (property != null && property.getValue() != null) { - return clazz.cast(mapper.deserialize(property.getValue(), clazz)); - } else { - return null; - } - } catch (IllegalArgumentException e) { - log.debug("Error while searching for key '{}' in the database.", key); - return null; - } catch (Exception e) { - log.debug("Error while deserializing value of key '{}' to object of type {}.", key, clazz.getClass()); - return null; - } - } - - @Override - public boolean set(String key, Object value) { - - try { - if (value == null) { - configPropertyDao.delete(key); - return true; - } else { - - ConfigProperty keyValue = new ConfigProperty(); - keyValue.setKey(key); - - keyValue.setValue(mapper.serialize(value)); - configPropertyDao.saveProperty(keyValue); - return true; - } - } catch (JsonProcessingException e) { - log.debug("Error while serializing object for key '{}'.", key); - return false; - } catch (EntityExistsException e) { - log.debug("Property '{}' already exists!", key); - return false; - } catch (Exception e) { - log.debug("Error while setting value for key '{}' in the database.", key); - return false; - } - } - - @Override - public T get(String key, Class clazz, Object defaultValue) { - - T value = get(key, clazz); - if (value != null) { - return value; - } else { - return clazz.cast(defaultValue); - } - } - - @SuppressWarnings("unchecked") - @Override - public List getList(String key, Class clazz) { - - CollectionType listType = TypeFactory.defaultInstance().constructCollectionType(List.class, clazz); - try { - if ((configPropertyDao.getProperty(key) == null) - || (configPropertyDao.getProperty(key).getValue() == null)) { - return new ArrayList(); - } - String json = configPropertyDao.getProperty(key).getValue(); - ObjectMapper mapper = new ObjectMapper(); - - return (List) mapper.readValue(json, listType); - } catch (JsonMappingException e) { - ArrayList tmp = new ArrayList(); - T value = get(key, clazz); - if (value != null) { - tmp.add(value); - } - return tmp; - } catch (IOException e) { - log.debug("Error while deserializing value for key '{}' to List<{}>.", key, clazz.getClass()); - return new ArrayList(); - } catch (Exception e){ - log.debug("Error while searching key '{}' in the database.", key); - return new ArrayList(); - } - } - -} diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/JsonMapper.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/JsonMapper.java deleted file mode 100644 index 8e5d2e7c4..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/JsonMapper.java +++ /dev/null @@ -1,73 +0,0 @@ -package com.datentechnik.moa.id.conf.persistence; - -import java.io.IOException; - -import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility; -import com.fasterxml.jackson.annotation.PropertyAccessor; -import com.fasterxml.jackson.core.JsonParseException; -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.JavaType; -import com.fasterxml.jackson.databind.JsonMappingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.SerializationFeature; -import com.fasterxml.jackson.databind.type.TypeFactory; - -/** - * Helper class to handle the JSON (de-)serialization. - * - */ -public class JsonMapper { - - private ObjectMapper mapper = new ObjectMapper(); - - /** - * The default constructor where the default pretty printer is disabled. - */ - public JsonMapper() { - this(false); - } - - /** - * The constructor. - * @param prettyPrint enables or disables the default pretty printer - */ - public JsonMapper(boolean prettyPrint) { - mapper.setVisibility(PropertyAccessor.ALL, Visibility.NONE); - mapper.setVisibility(PropertyAccessor.GETTER, Visibility.PUBLIC_ONLY); - mapper.setVisibility(PropertyAccessor.IS_GETTER, Visibility.PUBLIC_ONLY); - if (prettyPrint) { - mapper.enable(SerializationFeature.INDENT_OUTPUT); - } - } - - /** - * Serialize an object to a JSON string. - * @param value the object to serialize - * @return a JSON string - * @throws JsonProcessingException thrown when an error occurs during serialization - */ - public String serialize(Object value) throws JsonProcessingException { - return mapper.writeValueAsString(value); - } - - /** - * Deserialize a JSON string. - * - * @param value the JSON string to deserialize - * @param clazz optional parameter that determines the type of the returned object. If not set, an {@link Object} is returned. - * @return the deserialized JSON string as an object of type {@code clazz} or {@link Object} - * @throws JsonParseException if the JSON string contains invalid content. - * @throws JsonMappingException if the input JSON structure does not match structure expected for result type - * @throws IOException if an I/O problem occurs (e.g. unexpected end-of-input) - */ - public Object deserialize(String value, Class clazz) throws JsonParseException, JsonMappingException, IOException{ - - ObjectMapper mapper = new ObjectMapper(); - if (clazz != null) { - JavaType javaType = TypeFactory.defaultInstance().constructType(clazz); - return mapper.readValue(value, javaType); - } else { - return mapper.readValue(value, Object.class); - } - } -} diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigProperty.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigProperty.java deleted file mode 100644 index 7e4e217b0..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigProperty.java +++ /dev/null @@ -1,95 +0,0 @@ -package com.datentechnik.moa.id.conf.persistence.dal; - -import java.io.Serializable; - -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.Id; -import javax.persistence.Lob; -import javax.persistence.Table; - -/** - * Reflects a MOAID configuration entry. - * - */ -@Table(name = "moaid_configuration") -@Entity -public class ConfigProperty implements Serializable { - private static final long serialVersionUID = 1L; - - @Id - @Column(name = "propertyKey", unique = true) - private String key; - - @Lob - @Column(name = "propertyValue") - private String value; - - /** - * Returns the property's key. - * @return The key. - */ - public String getKey() { - return key; - } - - /** - * Sets the property's key. - * @param key The key - */ - public void setKey(String key) { - this.key = key; - } - - /** - * Returns the property's value (which might be {@code null}). - * @return The property's value (might be {@code null}). - */ - public String getValue() { - return value; - } - - /** - * Sets the property's value. - * @param value The value - */ - public void setValue(String value) { - this.value = value; - } - - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result + ((key == null) ? 0 : key.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) { - if (this == obj) - return true; - if (obj == null) - return false; - if (getClass() != obj.getClass()) - return false; - ConfigProperty other = (ConfigProperty) obj; - if (key == null) { - if (other.key != null) - return false; - } else if (!key.equals(other.key)) - return false; - return true; - } - - @Override - public String toString() { - StringBuilder builder = new StringBuilder(); - builder.append("ConfigProperty [key="); - builder.append(key); - builder.append(", value="); - builder.append(value); - builder.append("]"); - return builder.toString(); - } -} diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigPropertyDao.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigPropertyDao.java deleted file mode 100644 index 8f00bd226..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigPropertyDao.java +++ /dev/null @@ -1,58 +0,0 @@ -package com.datentechnik.moa.id.conf.persistence.dal; - -import java.util.List; -import java.util.Set; - -/** - * DAO interface providing means for accessing MOAID configuration properties. - * - */ -public interface ConfigPropertyDao { - - /** - * Gets all keys in the database. - * @return a List containing all keys in the database. - */ - List getAllKeys(); - - /** - * Returns the {@link ConfigProperty} associated with {@code key} or {@code null} if the entry does not exist. - * - * @param key The configuration key. - * @return The configuration property value or {@code null}. - */ - ConfigProperty getProperty(String key); - - /** - * Persists a given {@link ConfigProperty}. - * @param property The property to be persisted. - */ - void saveProperty(ConfigProperty property); - - /** - * Returns a {@link List} containing all stored {@linkplain ConfigProperty ConfigProperties}. - * @return The list with the properties. - */ - List getProperties(); - - /** - * Returns the value for the configuration property associated with {@code key} or {@code null} if the entry does not exist or its value is {@code null}. - * - * @param key The configuration key. - * @return The configuration property value or {@code null}. - */ - String getPropertyValue(String key); - - /** - * Persists a {@link List} of {@linkplain ConfigProperty ConfigProperties}. - * @param properties The list containing all the properties to be persisted. - */ - void saveProperties(Set properties); - - /** - * Deletes the object associated with the given key. - * @param key the key - */ - void delete(String key); - -} diff --git a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigPropertyDaoImpl.java b/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigPropertyDaoImpl.java deleted file mode 100644 index 6de10e9b9..000000000 --- a/id/server/moa-id-commons/src/main/java/com/datentechnik/moa/id/conf/persistence/dal/ConfigPropertyDaoImpl.java +++ /dev/null @@ -1,104 +0,0 @@ -package com.datentechnik.moa.id.conf.persistence.dal; - -import java.util.List; -import java.util.Set; - -import javax.persistence.EntityManager; -import javax.persistence.NoResultException; -import javax.persistence.PersistenceContext; -import javax.persistence.TypedQuery; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.transaction.annotation.Transactional; - -/** - * Database backed implementation of the DAO interface - * - */ -@Transactional("transactionManager") -public class ConfigPropertyDaoImpl implements ConfigPropertyDao { - - private Logger log = LoggerFactory.getLogger(getClass()); - - @PersistenceContext(unitName = "moaidconf") - private EntityManager em; - - @Override - public List getAllKeys() { - if (null == em) { - log.error("No EntityManager set!"); - return null; - } - TypedQuery query = em.createQuery("select key from ConfigProperty", String.class); - List result = query.getResultList(); - return result; - } - - @Override - public void saveProperty(ConfigProperty property) { - if (null == em) { - log.error("No EntityManager set!"); - return; - } - - log.debug("Storing '{}'.", property.toString()); - em.persist(property); - } - - @Override - public ConfigProperty getProperty(String key) { - log.debug("Looking for configuration property for key '{}'.", key); - ConfigProperty result = em.find(ConfigProperty.class, key); - if (result != null) { - log.debug("Found configuration property {}.", result); - } else { - log.debug("Unable to find configuration property for key '{}'.", key); - } - return result; - } - - @Override - public String getPropertyValue(String key) { - ConfigProperty property = getProperty(key); - if (property == null) { - return null; - } - return property.getValue(); - } - - @Override - public List getProperties() { - - if (null == em) { - log.error("No EntityManager set!"); - return null; - } - - log.debug("Retrieving all properties from database."); - TypedQuery query = em.createQuery("select mc from ConfigProperty mc", ConfigProperty.class); - try { - List propertiesList = query.getResultList(); - return propertiesList; - } catch (NoResultException e) { - log.debug("No property found in database."); - return null; - } - } - - @Override - public void saveProperties(Set properties) { - log.debug("Storing {} properties to database.", properties.size()); - for (ConfigProperty cp : properties) { - saveProperty(cp); - } - em.flush(); - } - - @Override - public void delete(String key) { - log.debug("Deleting entry with key '{}'.", key); - em.remove(em.find(ConfigProperty.class, key)); - } - -} diff --git a/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml b/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml index 640c1504c..8ff384eb9 100644 --- a/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml +++ b/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml @@ -7,12 +7,12 @@ http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd" org.hibernate.ejb.HibernatePersistence - com.datentechnik.moa.id.conf.persistence.dal.SOME_CLASS + at.gv.egovernment.moa.id.commons.config.persistence.dal.SOME_CLASS org.hibernate.ejb.HibernatePersistence - com.datentechnik.moa.id.conf.persistence.dal.ConfigProperty + at.gv.egovernment.moa.id.commons.db.dao.config.ConfigProperty diff --git a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml index 444b01095..732c19721 100644 --- a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml +++ b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml @@ -16,8 +16,8 @@ - + class="at.gv.egovernment.moa.id.commons.db.dao.config.ConfigPropertyDaoImpl" /> + diff --git a/id/server/moa-id-commons/src/main/resources/persistence_template.xml b/id/server/moa-id-commons/src/main/resources/persistence_template.xml index f5bbe8555..06706e27a 100644 --- a/id/server/moa-id-commons/src/main/resources/persistence_template.xml +++ b/id/server/moa-id-commons/src/main/resources/persistence_template.xml @@ -5,7 +5,7 @@ http://java.sun.com/xml/ns/persistence/orm http://java.sun.com/xml/ns/persistenc org.hibernate.ejb.HibernatePersistence - com.datentechnik.moa.id.conf.persistence.dal.ConfigProperty + at.gv.egovernment.moa.id.commons.db.dao.config.ConfigProperty diff --git a/id/server/moa-id-commons/src/test/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBReadTest.java b/id/server/moa-id-commons/src/test/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBReadTest.java index 7147cd5bc..cdfaf825f 100644 --- a/id/server/moa-id-commons/src/test/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBReadTest.java +++ b/id/server/moa-id-commons/src/test/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBReadTest.java @@ -19,11 +19,11 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import com.datentechnik.moa.id.conf.persistence.Configuration; import com.fasterxml.jackson.annotation.JsonProperty; @RunWith(SpringJUnit4ClassRunner.class) diff --git a/id/server/moa-id-commons/src/test/resources/at/gv/egovernment/moa/id/commons/db/configuration.beans-test.xml b/id/server/moa-id-commons/src/test/resources/at/gv/egovernment/moa/id/commons/db/configuration.beans-test.xml index 4c7cd3ab1..cfe4db385 100644 --- a/id/server/moa-id-commons/src/test/resources/at/gv/egovernment/moa/id/commons/db/configuration.beans-test.xml +++ b/id/server/moa-id-commons/src/test/resources/at/gv/egovernment/moa/id/commons/db/configuration.beans-test.xml @@ -16,8 +16,8 @@ location="classpath:at/gv/egovernment/moa/id/commons/db/testDatabase.properties" /> - + class="at.gv.egovernment.moa.id.commons.db.dao.config.ConfigPropertyDaoImpl" /> + diff --git a/id/server/moa-id-commons/src/test/resources/log4j.xml b/id/server/moa-id-commons/src/test/resources/log4j.xml new file mode 100644 index 000000000..6685c1e82 --- /dev/null +++ b/id/server/moa-id-commons/src/test/resources/log4j.xml @@ -0,0 +1,16 @@ + + + + + + + + + + + + + + + + diff --git a/id/server/pom.xml b/id/server/pom.xml index 9ce48bf60..22d9536d6 100644 --- a/id/server/pom.xml +++ b/id/server/pom.xml @@ -84,7 +84,7 @@ org.springframework - spring-tx + spring-orm ${org.springframework.version} -- cgit v1.2.3 From c276e33e5ebdebc1c727dbd93ea1f876588a0dec Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 19 Jun 2015 10:59:09 +0200 Subject: refactor MOA-ID AuthConfiguration --- .../moa/id/advancedlogging/StatisticLogger.java | 7 +- .../moa/id/auth/AuthenticationServer.java | 49 +- .../moa/id/auth/MOAIDAuthInitializer.java | 6 +- .../AuthenticationBlockAssertionBuilder.java | 12 +- .../id/auth/builder/AuthenticationDataBuilder.java | 13 +- .../builder/DynamicOAAuthParameterBuilder.java | 4 +- .../moa/id/auth/builder/LoginFormBuilder.java | 6 +- .../moa/id/auth/builder/SAMLArtifactBuilder.java | 4 +- .../id/auth/builder/SendAssertionFormBuilder.java | 5 +- .../auth/builder/StartAuthenticationBuilder.java | 3 - .../auth/invoke/SignatureVerificationInvoker.java | 5 +- .../internal/tasks/GetMISSessionIDTask.java | 7 +- .../tasks/PrepareAuthBlockSignatureTask.java | 7 +- .../tasks/VerifyAuthenticationBlockTask.java | 7 +- .../StartAuthentificationParameterParser.java | 21 +- .../servlet/GenerateIFrameTemplateServlet.java | 10 +- .../id/auth/servlet/GetMISSessionIDServlet.java | 7 +- .../id/auth/servlet/IDPSingleLogOutServlet.java | 6 +- .../moa/id/auth/servlet/LogOutServlet.java | 6 +- .../moa/id/auth/servlet/PEPSConnectorServlet.java | 10 +- .../PEPSConnectorWithLocalSigningServlet.java | 8 +- .../moa/id/auth/servlet/RedirectServlet.java | 4 +- .../servlet/VerifyAuthenticationBlockServlet.java | 7 +- .../id/auth/servlet/VerifyIdentityLinkServlet.java | 7 +- .../CreateXMLSignatureResponseValidator.java | 8 +- .../VerifyXMLSignatureResponseValidator.java | 4 +- .../gv/egovernment/moa/id/client/SZRGWClient.java | 4 +- .../moa/id/config/ConfigurationProvider.java | 173 ---- .../moa/id/config/ConfigurationProviderImpl.java | 173 ++++ .../moa/id/config/auth/AuthConfigLoader.java | 4 +- .../moa/id/config/auth/AuthConfiguration.java | 17 +- .../id/config/auth/AuthConfigurationProvider.java | 153 ++-- .../config/auth/ConfigurationToJSONConverter.java | 6 +- .../config/auth/NewAuthConfigurationProvider.java | 982 -------------------- .../PropertyBasedAuthConfigurationProvider.java | 983 +++++++++++++++++++++ .../moa/id/entrypoints/DispatcherServlet.java | 6 +- .../moa/id/moduls/AuthenticationManager.java | 18 +- .../gv/egovernment/moa/id/moduls/SSOManager.java | 10 +- .../id/protocols/oauth20/OAuth20Configuration.java | 6 +- .../oauth20/protocol/OAuth20AuthAction.java | 4 +- .../oauth20/protocol/OAuth20AuthRequest.java | 6 +- .../oauth20/protocol/OAuth20BaseRequest.java | 4 +- .../oauth20/protocol/OAuth20Protocol.java | 4 +- .../oauth20/protocol/OAuth20TokenRequest.java | 4 +- .../moa/id/protocols/pvp2x/PVP2XProtocol.java | 6 +- .../id/protocols/pvp2x/PVPTargetConfiguration.java | 4 +- .../moa/id/protocols/pvp2x/SingleLogOutAction.java | 6 +- .../pvp2x/builder/AuthResponseBuilder.java | 4 +- .../builder/assertion/PVP2AssertionBuilder.java | 4 +- .../protocols/pvp2x/config/PVPConfiguration.java | 20 +- .../pvp2x/metadata/MOAMetadataProvider.java | 10 +- .../protocols/pvp2x/utils/MOASAMLSOAPClient.java | 10 +- .../pvp2x/verification/SAMLVerifierMOASP.java | 4 +- .../metadata/SchemaValidationFilter.java | 4 +- .../moa/id/protocols/saml1/GetArtifactAction.java | 6 +- .../moa/id/protocols/saml1/SAML1Protocol.java | 10 +- .../moa/id/protocols/saml1/SAML1RequestImpl.java | 4 +- .../id/protocols/stork2/AttributeCollector.java | 6 +- .../id/protocols/stork2/AuthenticationRequest.java | 14 +- .../moa/id/protocols/stork2/ConsentEvaluator.java | 4 +- .../moa/id/protocols/stork2/MOASTORKRequest.java | 4 +- .../protocols/stork2/MandateRetrievalRequest.java | 4 +- .../moa/id/protocols/stork2/STORKProtocol.java | 4 +- .../SignedDocAttributeRequestProvider.java | 5 +- .../id/storage/AuthenticationSessionStoreage.java | 4 +- .../moa/id/util/AbstractEncrytionUtil.java | 1 - .../moa/id/util/ConfigurationEncrytionUtil.java | 4 +- .../moa/id/util/IdentityLinkReSigner.java | 2 +- .../moa/id/util/ParamValidatorUtils.java | 5 +- .../at/gv/egovernment/moa/id/util/SSLUtils.java | 6 +- .../moa/id/util/SessionEncrytionUtil.java | 4 +- ...nfigurationProviderLegacyCompatibilityTest.java | 2 +- .../auth/TestLegacyAuthConfigurationProvider.java | 4 +- .../VerifyXMLSignatureRequestBuilderTest.java | 6 +- .../id/auth/invoke/SignatureVerificationTest.java | 6 +- .../test/java/test/lasttest/LasttestClient.java | 4 +- .../src/test/java/test/tlenz/simpletest.java | 24 +- .../moa/id/commons/config/ConfigurationUtil.java | 1 - .../config/MOAIDConfigurationConstants.java | 246 ++++++ .../commons/config/persistence/Configuration.java | 60 -- .../config/persistence/ConfigurationImpl.java | 161 ---- .../config/persistence/MOAIDConfiguration.java | 62 ++ .../config/persistence/MOAIDConfigurationImpl.java | 136 +++ .../commons/db/ConfigurationFromDBExtractor.java | 1 + .../id/commons/db/MOAIDConfigurationConstants.java | 44 - .../moa/id/commons/db/NewConfigurationDBRead.java | 12 +- .../moa/id/commons/db/NewConfigurationDBWrite.java | 11 +- .../commons/db/dao/config/ConfigPropertyDao.java | 58 -- .../db/dao/config/ConfigPropertyDaoImpl.java | 169 +++- .../moa/id/commons/db/ConfigurationDBReadTest.java | 13 +- .../moa/id/auth/servlet/MonitoringServlet.java | 5 +- .../moa/id/monitoring/DatabaseTestModule.java | 5 +- .../moa/id/monitoring/IdentityLinkTestModule.java | 5 +- .../egovernment/moa/id/monitoring/TestManager.java | 5 +- .../AbstractPepsConnectorWithLocalSigningTask.java | 4 +- .../tasks/CreateStorkAuthRequestFormTask.java | 4 +- ...onnectorHandleResponseWithoutSignatureTask.java | 6 +- .../modules/stork/tasks/PepsConnectorTask.java | 8 +- 98 files changed, 2132 insertions(+), 1879 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/Configuration.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/ConfigurationImpl.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfiguration.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOAIDConfigurationConstants.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDao.java (limited to 'id/server/idserverlib/src/test/java') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java index f45a16780..cd1acaa8c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java @@ -52,7 +52,8 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.moduls.IRequest; @@ -91,7 +92,7 @@ public class StatisticLogger { private StatisticLogger() { try { - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); if (config != null) isAktive = config.isAdvancedLoggingActive(); @@ -373,7 +374,7 @@ public class StatisticLogger { Logger.trace("Staticic Log search BKUType from DefaultBKUs"); try { - AuthConfigurationProvider authconfig = AuthConfigurationProvider.getInstance(); + AuthConfiguration authconfig = AuthConfigurationProviderFactory.getInstance(); if (bkuURL.equals(authconfig.getDefaultBKUURL(IOAAuthParameters.ONLINEBKU))) return IOAAuthParameters.ONLINEBKU; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index eab7c511e..1db580530 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -85,7 +85,8 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.config.stork.CPEPS; import at.gv.egovernment.moa.id.config.stork.STORKConfig; @@ -216,7 +217,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { //load OnlineApplication configuration OAAuthParameter oaParam = - AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); if (oaParam == null) throw new AuthenticationException("auth.00", new Object[]{session.getPublicOAURLPrefix()}); @@ -234,7 +235,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { String infoboxReadRequest = ""; - String domainIdentifier = AuthConfigurationProvider.getInstance().getSSOTagetIdentifier().trim(); + String domainIdentifier = AuthConfigurationProviderFactory.getInstance().getSSOTagetIdentifier().trim(); if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) { //do not use SSO if no Target is set Logger.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!"); @@ -354,7 +355,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[]{ REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE}); - AuthConfigurationProvider authConf = AuthConfigurationProvider + AuthConfiguration authConf = AuthConfigurationProviderFactory .getInstance(); // check if an identity link was found @@ -396,7 +397,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( domVerifyXMLSignatureResponse).parseData(); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); // validates the @@ -462,10 +463,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setOW(false); } - AuthConfigurationProvider authConf = AuthConfigurationProvider + AuthConfiguration authConf = AuthConfigurationProviderFactory .getInstance(); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session, @@ -499,7 +500,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[]{ GET_MIS_SESSIONID, PARAM_SESSIONID}); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); try { @@ -536,7 +537,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws ValidateException */ public String getCreateXMLSignatureRequestAuthBlockOrRedirect( - AuthenticationSession session, AuthConfigurationProvider authConf, + AuthenticationSession session, AuthConfiguration authConf, OAAuthParameter oaParam) throws ConfigurationException, BuildException, ValidateException { @@ -545,9 +546,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { // return "Redirect to Input Processor"; if (authConf == null) - authConf = AuthConfigurationProvider.getInstance(); + authConf = AuthConfigurationProviderFactory.getInstance(); if (oaParam == null) - oaParam = AuthConfigurationProvider.getInstance() + oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter( session.getPublicOAURLPrefix()); @@ -583,10 +584,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[]{ REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID}); - AuthConfigurationProvider authConf = AuthConfigurationProvider + AuthConfiguration authConf = AuthConfigurationProviderFactory .getInstance(); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam, @@ -594,7 +595,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } public String getCreateXMLSignatureRequestForeigID( - AuthenticationSession session, AuthConfigurationProvider authConf, + AuthenticationSession session, AuthConfiguration authConf, OAAuthParameter oaParam, X509Certificate cert) throws ConfigurationException { @@ -603,9 +604,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { // return "Redirect to Input Processor"; if (authConf == null) - authConf = AuthConfigurationProvider.getInstance(); + authConf = AuthConfigurationProviderFactory.getInstance(); if (oaParam == null) - oaParam = AuthConfigurationProvider.getInstance() + oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter( session.getPublicOAURLPrefix()); @@ -648,7 +649,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[]{ REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE}); - AuthConfigurationProvider authConf = AuthConfigurationProvider + AuthConfiguration authConf = AuthConfigurationProviderFactory .getInstance(); // parses the @@ -783,7 +784,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { if (session.isSsoRequested()) { String oaURL = new String(); try { - oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); if (MiscUtil.isNotEmpty(oaURL)) oaURL = oaURL.replaceAll("&", "&"); @@ -1122,7 +1123,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[]{ REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE}); - AuthConfigurationProvider authConf = AuthConfigurationProvider + AuthConfiguration authConf = AuthConfigurationProviderFactory .getInstance(); // parses CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser( @@ -1195,7 +1196,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } } - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); // validates the @@ -1601,7 +1602,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, List filters, String PEPSFiscalNumber) throws SZRGWClientException { try { - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance(); ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter(); SZRGWClient client = new SZRGWClient(connectionParameters); @@ -1695,12 +1696,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { } //read configuration paramters of OA - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); if (oaParam == null) throw new AuthenticationException("auth.00", new Object[]{moasession.getPublicOAURLPrefix()}); //Start of STORK Processing - STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig(); + STORKConfig storkConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig(); CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc()); @@ -1709,7 +1710,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { Logger.debug("C-PEPS URL: " + destination); - String issuerValue = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); // String acsURL = new DataURLBuilder().buildDataURL(issuerValue, // PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index 025c4c652..39ab28285 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -18,7 +18,9 @@ import javax.net.ssl.SSLSocketFactory; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigLoader; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.PropertyBasedAuthConfigurationProvider; import at.gv.egovernment.moa.id.iaik.config.LoggerConfigImpl; import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; @@ -129,7 +131,7 @@ public class MOAIDAuthInitializer { Constants.nSMap.put(Constants.DSIG_PREFIX, Constants.DSIG_NS_URI); // Loads the configuration - AuthConfigurationProvider authConf = AuthConfigurationProvider.reload(); + AuthConfiguration authConf = AuthConfigurationProviderFactory.reload(); ConnectionParameter moaSPConnParam = authConf .getMoaSpConnectionParameter(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java index a6c2cde05..6df0c4742 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java @@ -50,7 +50,7 @@ import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.util.Random; @@ -265,7 +265,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String text = ""; try { - OAAuthParameter oaparam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + OAAuthParameter oaparam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); if (MiscUtil.isNotEmpty(text = oaparam.getAditionalAuthBlockText())) Logger.info("Use addional AuthBlock Text from OA=" + oaparam.getPublicURLPrefix()); } catch (ConfigurationException e) { @@ -352,7 +352,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion //BZ.., reading OA parameters OAAuthParameter oaParam; try { - oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter( session.getPublicOAURLPrefix()); } catch (ConfigurationException e) { Logger.error("Error on building AUTH-Block: " + e.getMessage()); @@ -417,7 +417,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String text = ""; try { - OAAuthParameter oaparam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + OAAuthParameter oaparam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); if (MiscUtil.isNotEmpty(text = oaparam.getAditionalAuthBlockText())) Logger.info("Use addional AuthBlock Text from OA=" + oaparam.getPublicURLPrefix()); } catch (ConfigurationException e) { @@ -525,7 +525,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion //adding friendly name of OA String friendlyname; try { - friendlyname = AuthConfigurationProvider.getInstance().getSSOFriendlyName(); + friendlyname = AuthConfigurationProviderFactory.getInstance().getSSOFriendlyName(); ExtendedSAMLAttribute oaFriendlyNameAttribute = new ExtendedSAMLAttributeImpl("oaFriendlyName", friendlyname, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY); @@ -533,7 +533,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion extendedSAMLAttributes.add(oaFriendlyNameAttribute); - String text = AuthConfigurationProvider.getInstance().getSSOSpecialText(); + String text = AuthConfigurationProviderFactory.getInstance().getSSOSpecialText(); if (MiscUtil.isEmpty(text)) text=""; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index cd751ce7f..f646f200d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -75,7 +75,8 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionSto import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.AuthenticationData; @@ -176,7 +177,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { IOAAuthParameters oaParam = null; if (reqAttributes == null) { //get OnlineApplication from MOA-ID-Auth configuration - oaParam = AuthConfigurationProvider.getInstance() + oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(oaID); //build OA dynamically from STROK request if this OA is used as STORK<->PVP gateway @@ -199,7 +200,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { } else { //get attributes from interfederated IDP - OAAuthParameter idp = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(interfIDP.getIdpurlprefix()); + OAAuthParameter idp = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(interfIDP.getIdpurlprefix()); getAuthDataFromInterfederation(authdata, session, oaParam, protocolRequest, interfIDP, idp, reqAttributes); //mark attribute request as used @@ -484,7 +485,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { if (MiscUtil.isEmpty(authData.getIdentificationValue())) { Logger.info("No baseID found. Connect SZR to reveive baseID ..."); try { - EgovUtilPropertiesConfiguration eGovClientsConfig = AuthConfigurationProvider.getInstance().geteGovUtilsConfig(); + EgovUtilPropertiesConfiguration eGovClientsConfig = AuthConfigurationProviderFactory.getInstance().geteGovUtilsConfig(); if (eGovClientsConfig != null) { SZRClient szrclient = new SZRClient(eGovClientsConfig); @@ -929,7 +930,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { //set max. SSO session time if (authData.isSsoSession()) { - long maxSSOSessionTime = AuthConfigurationProvider.getInstance().getTimeOuts().getMOASessionCreated().longValue() * 1000; + long maxSSOSessionTime = AuthConfigurationProviderFactory.getInstance().getTimeOuts().getMOASessionCreated().longValue() * 1000; Date ssoSessionValidTo = new Date(session.getSessionCreated().getTime() + maxSSOSessionTime); authData.setSsoSessionValidTo(ssoSessionValidTo); @@ -994,7 +995,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); Element resignedilAssertion; - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); if (config.isIdentityLinkResigning()) { resignedilAssertion = identitylinkresigner.resignIdentityLink(businessServiceIdl.getSamlAssertion(), config.getIdentityLinkResigningKey()); } else { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java index 49f87122d..bc3645e74 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java @@ -29,7 +29,7 @@ import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.auth.exception.DynamicOABuildException; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; @@ -77,7 +77,7 @@ public class DynamicOAAuthParameterBuilder { if (interfIDP != null) { //load interfederated IDP informations - OAAuthParameter idp = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(interfIDP.getIdpurlprefix()); + OAAuthParameter idp = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(interfIDP.getIdpurlprefix()); if (idp == null) { Logger.warn("Interfederated IDP configuration is not loadable."); throw new DynamicOABuildException("Interfederated IDP configuration is not loadable.", null); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java index 54196427e..a8e5a4253 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java @@ -25,12 +25,10 @@ package at.gv.egovernment.moa.id.auth.builder; import java.io.ByteArrayInputStream; import java.io.File; import java.io.FileInputStream; -import java.io.FileNotFoundException; import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URI; -import java.net.URISyntaxException; import java.util.List; import org.apache.commons.io.IOUtils; @@ -39,7 +37,7 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; @@ -70,7 +68,7 @@ public class LoginFormBuilder { InputStream input = null; try { - String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); + String rootconfigdir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; File file = new File(new URI(pathLocation)); input = new FileInputStream(file); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java index 1e2a4700d..eeca78e60 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java @@ -51,7 +51,7 @@ import java.security.MessageDigest; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; @@ -94,7 +94,7 @@ public class SAMLArtifactBuilder { MessageDigest md = MessageDigest.getInstance("SHA-1"); byte[] sourceID; // alternative sourceId - String alternativeSourceID = AuthConfigurationProvider.getInstance().getAlternativeSourceID(); + String alternativeSourceID = AuthConfigurationProviderFactory.getInstance().getAlternativeSourceID(); // if sourceID is given in GET/POST param - use this as source id if (!ParepUtils.isEmpty(sourceIdParam)) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java index 24b848176..253125fe9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java @@ -33,12 +33,11 @@ import java.net.URI; import org.apache.commons.io.IOUtils; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; public class SendAssertionFormBuilder { @@ -63,7 +62,7 @@ public class SendAssertionFormBuilder { String pathLocation; InputStream input = null; try { - String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); + String rootconfigdir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java index 9a8372a2d..5c1b12e0d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java @@ -30,10 +30,7 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.StringUtils; public class StartAuthenticationBuilder { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java index 479775dd5..8909564c3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationInvoker.java @@ -59,7 +59,8 @@ import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.spss.api.SignatureVerificationService; import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser; @@ -106,7 +107,7 @@ public class SignatureVerificationInvoker { SOAPBodyElement response; String endPoint; - AuthConfigurationProvider authConfigProvider = AuthConfigurationProvider.getInstance(); + AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance(); authConnParam = authConfigProvider.getMoaSpConnectionParameter(); //If the ConnectionParameter do NOT exist, we try to get the api to work.... if (authConnParam != null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java index 4ff5672bd..d30dfd562 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java @@ -24,7 +24,8 @@ import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.moduls.ModulUtils; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; @@ -89,12 +90,12 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask { String misSessionID = session.getMISSessionID(); - AuthConfigurationProvider authConf = AuthConfigurationProvider + AuthConfiguration authConf = AuthConfigurationProviderFactory .getInstance(); ConnectionParameter connectionParameters = authConf .getOnlineMandatesConnectionParameter(); SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory( - AuthConfigurationProvider.getInstance(), + AuthConfigurationProviderFactory.getInstance(), connectionParameters); List list = MISSimpleClient.sendGetMandatesRequest( diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java index 3ae35bc24..fc5fb6c58 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java @@ -14,7 +14,8 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; @@ -75,9 +76,9 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask { // TODO[branch]: Default behaviour; respond with CXSR for authblock signature, dataURL "/VerifyAuthBlock" - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter( session.getPublicOAURLPrefix()); - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance(); String createXMLSignatureRequest = AuthenticationServer.getInstance() .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java index 64dcb0f41..d9c4c3c4e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java @@ -29,7 +29,8 @@ import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.ModulUtils; import at.gv.egovernment.moa.id.process.api.ExecutionContext; @@ -122,9 +123,9 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask { if (authenticatedMOASessionId == null) { //mandate Mode - AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance(); + AuthConfiguration authConf= AuthConfigurationProviderFactory.getInstance(); ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter(); - SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters); + SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProviderFactory.getInstance(), connectionParameters); // get identitity link as byte[] Element elem = session.getIdentityLink().getSamlAssertion(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index a123569d5..89e2eac14 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -22,12 +22,10 @@ ******************************************************************************/ package at.gv.egovernment.moa.id.auth.parser; -import java.io.UnsupportedEncodingException; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringEscapeUtils; @@ -37,18 +35,15 @@ import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.BoolUtils; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; -import at.gv.egovernment.moa.util.URLEncoder; public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ @@ -110,7 +105,7 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ OAAuthParameter oaParam; if (moasession.getPublicOAURLPrefix() != null) { Logger.debug("Loading OA parameters for PublicURLPrefix: " + moasession.getPublicOAURLPrefix()); - oaParam = AuthConfigurationProvider.getInstance() + oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter( moasession.getPublicOAURLPrefix()); @@ -119,7 +114,7 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ new Object[] { moasession.getPublicOAURLPrefix() }); } else { - oaParam = AuthConfigurationProvider.getInstance() + oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(oaURL); if (oaParam == null) @@ -170,7 +165,7 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ //Validate BKU URI List allowedbkus = oaParam.getBKUURL(); - allowedbkus.addAll(AuthConfigurationProvider.getInstance().getDefaultBKUURLs()); + allowedbkus.addAll(AuthConfigurationProviderFactory.getInstance().getDefaultBKUURLs()); if (!ParamValidatorUtils.isValidBKUURI(bkuURL, allowedbkus)) throw new WrongParametersException("StartAuthentication", PARAM_BKU, "auth.12"); @@ -218,7 +213,7 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ new Object[] { authURL + "*" }); //set Auth URL from configuration - moasession.setAuthURL(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/"); + moasession.setAuthURL(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/"); //check and set SourceID if (oaParam.getSAML1Parameter() != null) { @@ -231,19 +226,19 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ List templateURLList = oaParam.getTemplateURL(); List defaulTemplateURLList = - AuthConfigurationProvider.getInstance().getSLRequestTemplates(); + AuthConfigurationProviderFactory.getInstance().getSLRequestTemplates(); if ( templateURLList != null && templateURLList.size() > 0 && MiscUtil.isNotEmpty(templateURLList.get(0).getURL()) ) { templateURL = FileUtils.makeAbsoluteURL( oaParam.getTemplateURL().get(0).getURL(), - AuthConfigurationProvider.getInstance().getRootConfigFileDir()); + AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); Logger.info("No SL-Template in request, load SL-Template from OA configuration (URL: " + templateURL + ")"); } else if ( (defaulTemplateURLList.size() > 0) && MiscUtil.isNotEmpty(defaulTemplateURLList.get(0))) { templateURL = FileUtils.makeAbsoluteURL( defaulTemplateURLList.get(0), - AuthConfigurationProvider.getInstance().getRootConfigFileDir()); + AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); Logger.info("No SL-Template in request, load SL-Template from general configuration (URL: " + templateURL + ")"); } else { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index ad4776a45..d0c7118ca 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -40,7 +40,7 @@ import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IRequest; @@ -98,7 +98,7 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { } //load OA Config - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(moasession.getOAURLRequested()); if (oaParam == null) @@ -118,7 +118,7 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { String bkuURL = oaParam.getBKUURL(bkuid); if (MiscUtil.isEmpty(bkuURL)) { Logger.info("No OA specific BKU defined. Use BKU from default configuration"); - bkuURL = AuthConfigurationProvider.getInstance().getDefaultBKUURL(bkuid); + bkuURL = AuthConfigurationProviderFactory.getInstance().getDefaultBKUURL(bkuid); } //search for OA specific template @@ -129,13 +129,13 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { templateURL = oaTemplateURLList.get(0).getURL(); } else { - templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid); + templateURL = AuthConfigurationProviderFactory.getInstance().getSLRequestTemplates(bkuid); } //make url absolut if it is a local url if (MiscUtil.isNotEmpty(templateURL)) templateURL = FileUtils.makeAbsoluteURL(templateURL, - AuthConfigurationProvider.getInstance().getRootConfigFileDir()); + AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); if (oaParam.isOnlyMandateAllowed()) useMandate = "true"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java index 043b660c1..f2b788e26 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java @@ -70,7 +70,8 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.moduls.ModulUtils; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; @@ -181,12 +182,12 @@ public class GetMISSessionIDServlet extends AuthServlet { String misSessionID = session.getMISSessionID(); - AuthConfigurationProvider authConf = AuthConfigurationProvider + AuthConfiguration authConf = AuthConfigurationProviderFactory .getInstance(); ConnectionParameter connectionParameters = authConf .getOnlineMandatesConnectionParameter(); SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory( - AuthConfigurationProvider.getInstance(), + AuthConfigurationProviderFactory.getInstance(), connectionParameters); List list = MISSimpleClient.sendGetMandatesRequest( diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index c08d77f12..626c95b19 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -35,7 +35,7 @@ import org.opensaml.saml2.metadata.SingleLogoutService; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.data.SLOInformationContainer; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.moduls.SSOManager; @@ -141,7 +141,7 @@ public class IDPSingleLogOutServlet extends AuthServlet { } else { //print SLO information directly - redirectURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/idpSingleLogout"; + redirectURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/idpSingleLogout"; String artifact = Random.nextRandom(); @@ -157,7 +157,7 @@ public class IDPSingleLogOutServlet extends AuthServlet { } //redirect to Redirect Servlet - String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/RedirectServlet"; + String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(redirectURL, "UTF-8")); url = resp.encodeRedirectURL(url); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index d7de985a4..8981566eb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -56,7 +56,7 @@ import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; @@ -86,14 +86,14 @@ public class LogOutServlet extends AuthServlet { if (MiscUtil.isEmpty(redirectUrl)) { //set default redirect Target Logger.debug("Set default RedirectURL back to MOA-ID-Auth"); - redirectUrl = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + redirectUrl = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); } else { //return an error if RedirectURL is not a active Online-Applikation OnlineApplication oa = ConfigurationDBRead.getActiveOnlineApplication(redirectUrl); if (oa == null) { Logger.info("RedirctURL does not match to OA configuration. Set default RedirectURL back to MOA-ID-Auth"); - redirectUrl = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + redirectUrl = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java index 24daa76a3..ed4ef1f5a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java @@ -64,7 +64,9 @@ import at.gv.egovernment.moa.id.auth.stork.STORKException; import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.ModulUtils; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; @@ -122,7 +124,7 @@ public class PEPSConnectorServlet extends AuthServlet { super(); try { - AuthConfigurationProvider authConfigurationProvider = AuthConfigurationProvider.getInstance(); + AuthConfiguration authConfigurationProvider = AuthConfigurationProviderFactory.getInstance(); dtlUrl = authConfigurationProvider.getDocumentServiceUrl(); Logger.info ("PEPSConnectorServlet, using dtlUrl:"+dtlUrl); } catch (Exception e) { @@ -277,7 +279,7 @@ public class PEPSConnectorServlet extends AuthServlet { throw new MOAIDException("stork.07", null); } - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()); if (oaParam == null) throw new AuthenticationException("auth.00", new Object[] { moaSession.getPublicOAURLPrefix() }); //================== Check QAA level start ==================== @@ -456,7 +458,7 @@ public class PEPSConnectorServlet extends AuthServlet { IdentityLink identityLink = null; try { - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) { // create fake IdL // - fetch IdL template from resources diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java index 337a9ed31..ff3330491 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java @@ -72,7 +72,7 @@ import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.ModulUtils; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; @@ -461,7 +461,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { //set return url to PEPSConnectorWithLocalSigningServlet and add newMOASessionID //signRequest - String issuerValue = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); String acsURL = issuerValue + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN; String url = acsURL+"?moaSessionID="+newMOASessionID; @@ -469,7 +469,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { boolean found = false; try{ - List aps = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs(); + List aps = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs(); Logger.info("Found AttributeProviderPlugins:"+aps.size()); for(AttributeProviderPlugin ap : aps) { @@ -667,7 +667,7 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { Logger.debug("fetching OAParameters from database"); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()); if (oaParam == null) throw new AuthenticationException("auth.00", new Object[] { moaSession.getPublicOAURLPrefix() }); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java index 532ccb7ba..3609925a0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java @@ -33,7 +33,7 @@ import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -64,7 +64,7 @@ public class RedirectServlet extends AuthServlet{ String redirectTarget = DEFAULT_REDIRECTTARGET; try { oa = ConfigurationDBRead.getActiveOnlineApplication(url); - if (oa == null && !url.startsWith(AuthConfigurationProvider.getInstance().getPublicURLPrefix())) { + if (oa == null && !url.startsWith(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix())) { resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid"); return; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java index a8fe71485..28d3caba0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java @@ -75,7 +75,8 @@ import at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyAuthentication import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.ModulUtils; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; @@ -201,9 +202,9 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { if (samlArtifactBase64 == null) { //mandate Mode - AuthConfigurationProvider authConf= AuthConfigurationProvider.getInstance(); + AuthConfiguration authConf= AuthConfigurationProviderFactory.getInstance(); ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter(); - SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters); + SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProviderFactory.getInstance(), connectionParameters); // get identitity link as byte[] Element elem = session.getIdentityLink().getSamlAssertion(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java index b8e57ed43..d2c63a8b3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java @@ -67,7 +67,8 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyIdentityLinkTask; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; @@ -239,9 +240,9 @@ public class VerifyIdentityLinkServlet extends AuthServlet { else { Logger.info("Normal"); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - AuthConfigurationProvider authConf = AuthConfigurationProvider + AuthConfiguration authConf = AuthConfigurationProviderFactory .getInstance(); createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance() diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index 547a86bd9..34613e658 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -65,7 +65,7 @@ import at.gv.egovernment.moa.id.auth.data.SAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; @@ -292,7 +292,7 @@ public class CreateXMLSignatureResponseValidator { String text = ""; try { - OAAuthParameter oaparam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + OAAuthParameter oaparam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); if (MiscUtil.isNotEmpty(text = oaparam.getAditionalAuthBlockText())) Logger.info("Use addional AuthBlock Text from OA=" + oaparam.getPublicURLPrefix()); } catch (ConfigurationException e) { @@ -418,7 +418,7 @@ public class CreateXMLSignatureResponseValidator { String oaURL; try { - oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); } catch (ConfigurationException e1) { oaURL = new String(); } @@ -521,7 +521,7 @@ public class CreateXMLSignatureResponseValidator { String text = ""; try { - if (MiscUtil.isNotEmpty(text = AuthConfigurationProvider.getInstance().getSSOSpecialText())) + if (MiscUtil.isNotEmpty(text = AuthConfigurationProviderFactory.getInstance().getSSOSpecialText())) Logger.info("Use addional AuthBlock Text from SSO=" +text); else text = new String(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java index 284a77126..ac528c89d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java @@ -66,7 +66,7 @@ import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -141,7 +141,7 @@ public class VerifyXMLSignatureResponseValidator { } //check QC - if (AuthConfigurationProvider.getInstance().isCertifiacteQCActive() && + if (AuthConfigurationProviderFactory.getInstance().isCertifiacteQCActive() && !whatToCheck.equals(CHECK_IDENTITY_LINK) && !verifyXMLSignatureResponse.isQualifiedCertificate()) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClient.java index 9e4f3fa36..672d2a35e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClient.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/client/SZRGWClient.java @@ -29,7 +29,7 @@ import javax.net.ssl.SSLSocketFactory; import javax.xml.namespace.QName; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.util.SSLUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -104,7 +104,7 @@ public class SZRGWClient { private void initial(ConnectionParameter szrgwconnection) throws at.gv.egovernment.moa.id.client.SZRGWClientException{ try { sslContext = SSLUtils.getSSLSocketFactory( - AuthConfigurationProvider.getInstance(), + AuthConfigurationProviderFactory.getInstance(), szrgwconnection); } catch (Exception e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java deleted file mode 100644 index f24f4e646..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java +++ /dev/null @@ -1,173 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config; - -import java.util.Map; - -import at.gv.egovernment.moa.id.data.IssuerAndSerial; - -import com.fasterxml.jackson.annotation.JsonProperty; - -/** - * Base class for AuthConfigurationProvider and ProxyConfigurationProvider, - * providing functions common to both of them. - * - * @author Paul Ivancsics - * @version $Id$ - */ -public class ConfigurationProvider { - - /** - * Constructor - */ - public ConfigurationProvider() { - super(); - } - - /** - * The name of the system property which contains the file name of the - * configuration file. - */ - public static final String CONFIG_PROPERTY_NAME = - "moa.id.configuration"; - - /** - * The name of the system property which contains the file name of the - * configuration file. - */ - public static final String PROXY_CONFIG_PROPERTY_NAME = - "moa.id.proxy.configuration"; - - /** - * The name of the generic configuration property giving the certstore directory path. - */ - public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY = - "DirectoryCertStoreParameters.RootDir"; - - /** - * The name of the generic configuration property switching the ssl revocation checking on/off - */ - public static final String TRUST_MANAGER_REVOCATION_CHECKING = - "TrustManager.RevocationChecking"; - - - /** - * A Map which contains generic configuration information. Maps a - * configuration name (a String) to a configuration value (also a - * String). - */ - protected Map genericConfiguration; - - /** The default chaining mode. */ - protected String defaultChainingMode; - - /** - * A Map which contains the IssuerAndSerial to - * chaining mode (a String) mapping. - */ - protected Map chainingModes; - - /** - * the URL for the trusted CA Certificates - */ - protected String trustedCACertificates; - - /** - * main configuration file directory name used to configure MOA-ID - */ - protected String rootConfigFileDir; - - protected String certstoreDirectory; - - protected boolean trustmanagerrevoationchecking = true; - - /** - * Returns the main configuration file directory used to configure MOA-ID - * - * @return the directory - */ - @JsonProperty("getRootConfigFileDir") - public String getRootConfigFileDir() { - return rootConfigFileDir; - } - - @JsonProperty("getDefaultChainingMode") - public String getDefaultChainingMode() { - return defaultChainingMode; - } - - - /** - * Returns the trustedCACertificates. - * @return String - */ - @JsonProperty("getTrustedCACertificates") - public String getTrustedCACertificates() { - - return trustedCACertificates; - } - -/** - * @return the certstoreDirectory - */ -@JsonProperty("getCertstoreDirectory") -public String getCertstoreDirectory() { - return certstoreDirectory; -} - -/** - * @return the trustmanagerrevoationchecking - */ -@JsonProperty("isTrustmanagerrevoationchecking") -public boolean isTrustmanagerrevoationchecking() { - return trustmanagerrevoationchecking; -} - - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java new file mode 100644 index 000000000..d7f503454 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java @@ -0,0 +1,173 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + ******************************************************************************/ +/* + * Copyright 2003 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ + + +package at.gv.egovernment.moa.id.config; + +import java.util.Map; + +import at.gv.egovernment.moa.id.data.IssuerAndSerial; + +import com.fasterxml.jackson.annotation.JsonProperty; + +/** + * Base class for AuthConfigurationProvider and ProxyConfigurationProvider, + * providing functions common to both of them. + * + * @author Paul Ivancsics + * @version $Id$ + */ +public class ConfigurationProviderImpl implements ConfigurationProvider{ + + /** + * Constructor + */ + public ConfigurationProviderImpl() { + super(); + } + + /** + * The name of the system property which contains the file name of the + * configuration file. + */ + public static final String CONFIG_PROPERTY_NAME = + "moa.id.configuration"; + + /** + * The name of the system property which contains the file name of the + * configuration file. + */ + public static final String PROXY_CONFIG_PROPERTY_NAME = + "moa.id.proxy.configuration"; + + /** + * The name of the generic configuration property giving the certstore directory path. + */ + public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY = + "DirectoryCertStoreParameters.RootDir"; + + /** + * The name of the generic configuration property switching the ssl revocation checking on/off + */ + public static final String TRUST_MANAGER_REVOCATION_CHECKING = + "TrustManager.RevocationChecking"; + + + /** + * A Map which contains generic configuration information. Maps a + * configuration name (a String) to a configuration value (also a + * String). + */ + protected Map genericConfiguration; + + /** The default chaining mode. */ + protected String defaultChainingMode; + + /** + * A Map which contains the IssuerAndSerial to + * chaining mode (a String) mapping. + */ + protected Map chainingModes; + + /** + * the URL for the trusted CA Certificates + */ + protected String trustedCACertificates; + + /** + * main configuration file directory name used to configure MOA-ID + */ + protected String rootConfigFileDir; + + protected String certstoreDirectory; + + protected boolean trustmanagerrevoationchecking = true; + + /** + * Returns the main configuration file directory used to configure MOA-ID + * + * @return the directory + */ + @JsonProperty("getRootConfigFileDir") + public String getRootConfigFileDir() { + return rootConfigFileDir; + } + + @JsonProperty("getDefaultChainingMode") + public String getDefaultChainingMode() { + return defaultChainingMode; + } + + + /** + * Returns the trustedCACertificates. + * @return String + */ + @JsonProperty("getTrustedCACertificates") + public String getTrustedCACertificates() { + + return trustedCACertificates; + } + +/** + * @return the certstoreDirectory + */ +@JsonProperty("getCertstoreDirectory") +public String getCertstoreDirectory() { + return certstoreDirectory; +} + +/** + * @return the trustmanagerrevoationchecking + */ +@JsonProperty("isTrustmanagerrevoationchecking") +public boolean isTrustmanagerrevoationchecking() { + return trustmanagerrevoationchecking; +} + + + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java index 828bf99ca..f5009f99f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java @@ -47,10 +47,10 @@ public class AuthConfigLoader implements Runnable { Date dbdate = moaidconfig.getTimestampItem(); Date pvprefresh = moaidconfig.getPvp2RefreshItem(); - Date date = AuthConfigurationProvider.getTimeStamp(); + Date date = AuthConfigurationProviderFactory.getInstance().getTimeStamp(); if (dbdate != null && dbdate.after(date)) { - AuthConfigurationProvider instance = AuthConfigurationProvider.getInstance(); + AuthConfiguration instance = AuthConfigurationProviderFactory.getInstance(); instance.reloadDataBaseConfig(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java index 760b2cd0a..cba80d536 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java @@ -1,16 +1,19 @@ package at.gv.egovernment.moa.id.config.auth; +import java.util.Hashtable; import java.util.List; import java.util.Properties; import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; import at.gv.egovernment.moa.id.config.stork.STORKConfig; +import at.gv.util.config.EgovUtilPropertiesConfiguration; -public interface AuthConfiguration { +public interface AuthConfiguration extends ConfigurationProvider{ public Properties getGeneralPVP2ProperiesConfig(); @@ -82,4 +85,16 @@ public interface AuthConfiguration { public STORKConfig getStorkConfig() throws ConfigurationException; + public EgovUtilPropertiesConfiguration geteGovUtilsConfig(); + + public String getDocumentServiceUrl(); + + public boolean isStorkFakeIdLActive(); + + public List getStorkFakeIdLCountries(); + + public String getStorkFakeIdLResigningKey(); + + public boolean isPVPSchemaValidationActive(); + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index 087b331b5..81a3dad8f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -67,10 +67,11 @@ import org.hibernate.cfg.Configuration; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBWrite; -import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; @@ -105,6 +106,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; import at.gv.egovernment.moa.id.config.ConfigurationUtils; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; @@ -139,8 +141,10 @@ import com.fasterxml.jackson.annotation.JsonIgnore; * @author Stefan Knirsch * * @version $Id$ + * + *@deprecated Use {@link AuthConfigProviderFactory} instead */ -public class AuthConfigurationProvider extends ConfigurationProvider implements AuthConfiguration { +public class AuthConfigurationProvider extends ConfigurationProviderImpl implements AuthConfiguration { // /** DEFAULT_ENCODING is "UTF-8" */ // private static final String DEFAULT_ENCODING="UTF-8"; @@ -419,78 +423,79 @@ public class AuthConfigurationProvider extends ConfigurationProvider implements } - //check if XML config should be used - if (MiscUtil.isNotEmpty(legacyconfig) || MiscUtil.isNotEmpty(xmlconfig)) { - Logger.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); - //moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); - moaidconfig = NewConfigurationDBRead.getMOAIDConfiguration(); - if (moaidconfig.getAuthComponentGeneral()!= null || moaidconfig.getChainingModes() != null || moaidconfig.getTrustedCACertificates() != null || moaidconfig.getDefaultBKUs() != null - || moaidconfig.getSLRequestTemplates() != null || moaidconfig.getTimestampItem() != null || moaidconfig.getPvp2RefreshItem() != null) { - - // ConfigurationDBUtils.delete(moaidconfig); - for(String key : MOAIDConfigurationConstants.getMOAIDConfigurationKeys()){ - NewConfigurationDBWrite.delete(key); - } - } - - - //List oas = ConfigurationDBRead.getAllOnlineApplications(); - List oas = NewConfigurationDBRead.getAllOnlineApplications(); - if (oas != null && oas.size() > 0) { - // for (OnlineApplication oa : oas) - // ConfigurationDBUtils.delete(oa); - NewConfigurationDBWrite.delete(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY); - } - } - - //load legacy config if it is configured - if (MiscUtil.isNotEmpty(legacyconfig)) { - Logger.warn("WARNING! MOA-ID 2.0 is started with legacy configuration. This setup is not recommended!"); - - MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir, null); - - List oas = moaconfig.getOnlineApplication(); - // for (OnlineApplication oa : oas) - // ConfigurationDBUtils.save(oa); - NewConfigurationDBWrite.saveOnlineApplications(oas); - - moaconfig.setOnlineApplication(null); - // ConfigurationDBUtils.save(moaconfig); - NewConfigurationDBWrite.save(moaconfig); - - Logger.info("Legacy Configuration load is completed."); - - - } - - //load MOA-ID 2.x config from XML - if (MiscUtil.isNotEmpty(xmlconfig)) { - Logger.warn("Load configuration from MOA-ID 2.x XML configuration"); - - try { - JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); - Unmarshaller m = jc.createUnmarshaller(); - File file = new File(xmlconfig); - MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(file); - //ConfigurationDBUtils.save(moaconfig); - - List importoas = moaconfig.getOnlineApplication(); - // for (OnlineApplication importoa : importoas) { - // ConfigurationDBUtils.saveOrUpdate(importoa); - // } - - NewConfigurationDBWrite.saveOnlineApplications(importoas); - - moaconfig.setOnlineApplication(null); - //ConfigurationDBUtils.saveOrUpdate(moaconfig); - NewConfigurationDBWrite.save(moaconfig); - - } catch (Exception e) { - Logger.warn("MOA-ID XML configuration can not be loaded from File.", e); - throw new ConfigurationException("config.02", null); - } - Logger.info("XML Configuration load is completed."); - } + //TODO: removed in MOA-ID 3.x +// //check if XML config should be used +// if (MiscUtil.isNotEmpty(legacyconfig) || MiscUtil.isNotEmpty(xmlconfig)) { +// Logger.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); +// //moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); +// moaidconfig = NewConfigurationDBRead.getMOAIDConfiguration(); +// if (moaidconfig.getAuthComponentGeneral()!= null || moaidconfig.getChainingModes() != null || moaidconfig.getTrustedCACertificates() != null || moaidconfig.getDefaultBKUs() != null +// || moaidconfig.getSLRequestTemplates() != null || moaidconfig.getTimestampItem() != null || moaidconfig.getPvp2RefreshItem() != null) { +// +// // ConfigurationDBUtils.delete(moaidconfig); +// for(String key : MOAIDConfigurationConstants.getMOAIDConfigurationKeys()){ +// NewConfigurationDBWrite.delete(key); +// } +// } +// +// +// //List oas = ConfigurationDBRead.getAllOnlineApplications(); +// List oas = NewConfigurationDBRead.getAllOnlineApplications(); +// if (oas != null && oas.size() > 0) { +// // for (OnlineApplication oa : oas) +// // ConfigurationDBUtils.delete(oa); +// NewConfigurationDBWrite.delete(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY); +// } +// } +// +// //load legacy config if it is configured +// if (MiscUtil.isNotEmpty(legacyconfig)) { +// Logger.warn("WARNING! MOA-ID 2.0 is started with legacy configuration. This setup is not recommended!"); +// +// MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir, null); +// +// List oas = moaconfig.getOnlineApplication(); +// // for (OnlineApplication oa : oas) +// // ConfigurationDBUtils.save(oa); +// NewConfigurationDBWrite.saveOnlineApplications(oas); +// +// moaconfig.setOnlineApplication(null); +// // ConfigurationDBUtils.save(moaconfig); +// NewConfigurationDBWrite.save(moaconfig); +// +// Logger.info("Legacy Configuration load is completed."); +// +// +// } +// +// //load MOA-ID 2.x config from XML +// if (MiscUtil.isNotEmpty(xmlconfig)) { +// Logger.warn("Load configuration from MOA-ID 2.x XML configuration"); +// +// try { +// JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); +// Unmarshaller m = jc.createUnmarshaller(); +// File file = new File(xmlconfig); +// MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(file); +// //ConfigurationDBUtils.save(moaconfig); +// +// List importoas = moaconfig.getOnlineApplication(); +// // for (OnlineApplication importoa : importoas) { +// // ConfigurationDBUtils.saveOrUpdate(importoa); +// // } +// +// NewConfigurationDBWrite.saveOnlineApplications(importoas); +// +// moaconfig.setOnlineApplication(null); +// //ConfigurationDBUtils.saveOrUpdate(moaconfig); +// NewConfigurationDBWrite.save(moaconfig); +// +// } catch (Exception e) { +// Logger.warn("MOA-ID XML configuration can not be loaded from File.", e); +// throw new ConfigurationException("config.02", null); +// } +// Logger.info("XML Configuration load is completed."); +// } reloadDataBaseConfig(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java index 6f2c771ec..cdd112a43 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/ConfigurationToJSONConverter.java @@ -13,7 +13,7 @@ import org.springframework.beans.factory.config.AutowireCapableBeanFactory; import org.springframework.context.ApplicationContext; import org.springframework.context.support.ClassPathXmlApplicationContext; -import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; @@ -27,7 +27,7 @@ public class ConfigurationToJSONConverter { NewAuthConfigurationProvider configProvider; @Autowired - Configuration configDataBase; + MOAIDConfiguration configDataBase; public static void main(String[] args) { @@ -41,7 +41,7 @@ public class ConfigurationToJSONConverter { System.out.println("====================================="); // otherwise the database connection is not initialized - AuthConfigurationProvider.getInstance(); + JaxBAuthConfigurationProvider.getInstance(); List methodNames = Arrays.asList("getAllOnlineApplications", "getAllUsers", "getMOAIDConfiguration"); converter.extractDataViaConfigurationDBRead(methodNames); converter.readExtractedConfigurationDBReadData(methodNames); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java deleted file mode 100644 index d8d368a76..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/NewAuthConfigurationProvider.java +++ /dev/null @@ -1,982 +0,0 @@ -package at.gv.egovernment.moa.id.config.auth; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.math.BigInteger; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Collections; -import java.util.Date; -import java.util.List; -import java.util.Properties; - -import org.springframework.beans.factory.annotation.Autowired; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; -import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; -import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; -import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; -import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; -import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; -import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; -import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; -import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; -import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; -import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; -import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1; -import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; -import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; -import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; -import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; -import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; -import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.ConfigurationUtils; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; -import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; -import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; -import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; -import at.gv.egovernment.moa.id.config.stork.STORKConfig; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; - -/** - * A class providing access to the Auth Part of the MOA-ID configuration data. - */ -public class NewAuthConfigurationProvider extends ConfigurationProvider implements AuthConfiguration { - - - private static final boolean TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT = true; - - private Configuration configuration; - - private final Properties properties = new Properties(); - - public NewAuthConfigurationProvider() { - } - - /** - * The constructor with path to a properties file as argument. - * - * @param fileName the path to the properties file - * @throws ConfigurationException if an error occurs during loading the properties file. - */ - public NewAuthConfigurationProvider(String fileName) throws ConfigurationException { - File propertiesFile = new File(fileName); - rootConfigFileDir = propertiesFile.getParent(); - - try (FileInputStream in = new FileInputStream(propertiesFile);) { - properties.load(in); - } catch (FileNotFoundException e) { - throw new ConfigurationException("config.03", null, e); - } catch (IOException e) { - throw new ConfigurationException("config.03", null, e); - } - } - - /** - * Set the {@link Configuration} for this class. - * @param configuration the configuration - */ - @Autowired - public void setConfiguration(Configuration configuration) { - this.configuration = configuration; - } - - /** - * Get the properties. - * @return the properties - */ - private Properties getProperties() { - return properties; - } - - /** - * Method that avoids iterating over a {@link Collection} of type {@code T} which is actual {@code null}. - * @param item the collection - * @return the given {@link Collection} {@code item} if it is not {@code null}, or an empty {@link List} otherwise. - */ - @SuppressWarnings("unchecked") - public static > T nullGuard(T item) { - if (item == null) { - return (T) Collections.emptyList(); - } else { - return item; - } - } - - /** - * Returns the general pvp2 properties config. NOTE: may be empty but never {@code null}. - * @return the general pvp2 properties config. - */ - public Properties getGeneralPVP2ProperiesConfig() { - return this.getGeneralProperiesConfig("protocols.pvp2."); - } - - /** - * Returns the general oauth20 properties config. NOTE: may be empty but never {@code null}. - * @return the general oauth20 properties config. - */ - public Properties getGeneralOAuth20ProperiesConfig() { - return this.getGeneralProperiesConfig("protocols.oauth20."); - } - - /** - * Returns the allowed protocols. NOTE: may return {@code null}. - * - * @return the allowed protocols or {@code null}. - */ - public ProtocolAllowed getAllowedProtocols() { - - AuthComponentGeneral authComponentGeneral; - try { - authComponentGeneral = getAuthComponentGeneral(); - } catch (ConfigurationException e) { - return null; - } - Protocols protocols = authComponentGeneral.getProtocols(); - if (protocols != null) { - ProtocolAllowed allowedProtcols = new ProtocolAllowed(); - if (protocols.getSAML1() != null) { - allowedProtcols.setSAML1Active(protocols.getSAML1().isIsActive()); - } - - if (protocols.getOAuth() != null) { - allowedProtcols.setOAUTHActive(protocols.getOAuth().isIsActive()); - } - - if (protocols.getPVP2() != null) { - allowedProtcols.setPVP21Active(protocols.getPVP2().isIsActive()); - } - return allowedProtcols; - } else { - Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); - return null; - } - } - - /** - * Returns the general PVP2 configuration. NOTE: may return {@code null}. - * - * @return the general PVP2 configuration or {@code null}. - */ - public PVP2 getGeneralPVP2DBConfig() { - - AuthComponentGeneral authComponentGeneral; - try { - authComponentGeneral = getAuthComponentGeneral(); - } catch (ConfigurationException e) { - return null; - } - Protocols protocols = authComponentGeneral.getProtocols(); - PVP2 result = null; - if (protocols != null) { - PVP2 pvp2 = protocols.getPVP2(); - if (pvp2 != null) { - result = new PVP2(); - result.setIssuerName(pvp2.getIssuerName()); - result.setPublicURLPrefix(pvp2.getPublicURLPrefix()); - - if (pvp2.getOrganization() != null) { - Organization org = new Organization(); - result.setOrganization(org); - org.setDisplayName(pvp2.getOrganization().getDisplayName()); - org.setName(pvp2.getOrganization().getName()); - org.setURL(pvp2.getOrganization().getURL()); - } - - if (pvp2.getContact() != null) { - List cont = new ArrayList(); - result.setContact(cont); - for (Contact e : pvp2.getContact()) { - Contact c = new Contact(); - c.setCompany(e.getCompany()); - c.setGivenName(e.getGivenName()); - c.getMail().addAll(e.getMail()); - c.getPhone().addAll(e.getPhone()); - c.setSurName(e.getSurName()); - c.setType(e.getType()); - cont.add(c); - } - } - } - - } else { - Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); - } - return result; - } - - /** - * Returns the configured timeouts, or a default timeout. - * - * @return the configured timeout, or the default (never {@code null}). - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. - */ - public TimeOuts getTimeOuts() throws ConfigurationException { - - TimeOuts timeouts = new TimeOuts(); - - // set default timeouts - timeouts.setAssertion(new BigInteger("300")); - timeouts.setMOASessionCreated(new BigInteger("2700")); - timeouts.setMOASessionUpdated(new BigInteger("1200")); - - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - // search timeouts in config - GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); - if (generalConfiguration != null) { - if (generalConfiguration.getTimeOuts() != null) { - if (generalConfiguration.getTimeOuts().getAssertion() != null) { - timeouts.setAssertion(generalConfiguration.getTimeOuts().getAssertion()); - } - - if (generalConfiguration.getTimeOuts().getMOASessionCreated() != null) { - timeouts.setMOASessionCreated(generalConfiguration.getTimeOuts().getMOASessionCreated()); - } - - if (generalConfiguration.getTimeOuts().getMOASessionUpdated() != null) { - timeouts.setMOASessionUpdated(generalConfiguration.getTimeOuts().getMOASessionUpdated()); - } - - } else { - Logger.info("No TimeOuts defined. Use default values"); - } - } - return timeouts; - } - - /** - * Returns an alternative source ID. NOTE: may return {@code null}. - * - * @return an alternative source ID or {@code null}. - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} - */ - public String getAlternativeSourceID() throws ConfigurationException { - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - String alternativeSourceId = null; - Protocols protocols = authComponentGeneral.getProtocols(); - if (protocols != null) { - SAML1 saml1 = protocols.getSAML1(); - if (saml1 != null && MiscUtil.isNotEmpty(saml1.getSourceID())) { - alternativeSourceId = saml1.getSourceID(); - } - } - GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); - if (generalConfiguration != null && MiscUtil.isEmpty(alternativeSourceId)) { - alternativeSourceId = generalConfiguration.getAlternativeSourceID(); - } - return alternativeSourceId; - } - - /** - * Returns a list of legacy allowed protocols. NOTE: may return an empty list but never {@code null}. - * - * @return the list of protocols. - */ - public List getLegacyAllowedProtocols() { - - try { - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - - if (authComponentGeneral.getProtocols() != null) { - Protocols procols = authComponentGeneral.getProtocols(); - if (procols.getLegacyAllowed() != null) { - LegacyAllowed legacy = procols.getLegacyAllowed(); - return legacy.getProtocolName(); - } - } - - return new ArrayList(); - - } catch (NullPointerException e) { - Logger.info("No protocols found with legacy allowed flag!"); - return new ArrayList(); - } catch (ConfigurationException e) { - return new ArrayList(); - } - - } - - /** - * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component. - * - * @param oaURL URL requested for an online application - * @return an OAAuthParameter, or null if none is applicable - */ - public OAAuthParameter getOnlineApplicationParameter(String oaURL) { - - OnlineApplication oa = getActiveOnlineApplication(oaURL); - if (oa == null) { - Logger.warn("Online application with identifier " + oaURL + " is not found."); - return null; - } - - return new OAAuthParameter(oa); - } - - /** - * Returns a string with a url-reference to the VerifyAuthBlock trust profile id within the moa-sp part of the authentication component. - * - * @return a string with a url-reference to the VerifyAuthBlock trust profile ID. - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. - */ - public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException { - return getVerifyAuthBlock().getTrustProfileID(); - } - - /** - * Returns a list of strings with references to all verify transform info IDs within the moa-sp part of the authentication component. - * - * @return a list of strings containing all urls to the verify transform info IDs. - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. - */ - public List getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { - return getVerifyAuthBlock().getVerifyTransformsInfoProfileID(); - } - - /** - * Returns a ConnectionParameter bean containing all information of the authentication component moa-sp element. - * - * @return ConnectionParameter of the authentication component moa-sp element. - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. - */ - public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { - ConnectionParameter result = null; - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - MOASP moasp = authComponentGeneral.getMOASP(); - if (moasp != null) { - ConnectionParameterClientAuthType connectionParameter = moasp.getConnectionParameter(); - if (connectionParameter != null) { - result = new ConnectionParameterMOASP(moasp.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); - } - } - return result; - } - - /** - * Returns the {@link ConnectionParameter} for the ForeignID. NOTE: may return {@code null}. - * - * @return the connection parameter. - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. - */ - public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { - - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - ForeignIdentities foreign = authComponentGeneral.getForeignIdentities(); - if (foreign != null) { - return new ConnectionParameterForeign(foreign.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); - } else { - Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to SZRGW Service found"); - return null; - } - } - - /** - * Returns the {@link ConnectionParameter} for the OnlineMandates. NOTE: may return {@code null}. - * - * @return the connection parameter. - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} - */ - public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { - - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - OnlineMandates ovs = authComponentGeneral.getOnlineMandates(); - if (ovs != null) { - return new ConnectionParameterMandate(ovs.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); - } - return null; - } - - /** - * Returns a string with a url-reference to the VerifyIdentityLink trust profile id within the moa-sp part of the authentication component - * - * @return String with a url-reference to the VerifyIdentityLink trust profile ID - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link VerifyIdentityLink}. - */ - public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException { - - String result = null; - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - MOASP moasp = authComponentGeneral.getMOASP(); - if (moasp != null) { - VerifyIdentityLink verifyIdentityLink = moasp.getVerifyIdentityLink(); - if (verifyIdentityLink != null) { - result = verifyIdentityLink.getTrustProfileID(); - } else { - Logger.warn("Error in MOA-ID Configuration. No Trustprofile for IdentityLink validation."); - throw new ConfigurationException("config.02", null); - } - } - return result; - } - - /** - * Returns a non-empty list of transform infos. NOTE: list is never {@code empty} or {@code null}. - * - * @return a list of transform infos. - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link SecurityLayer}. - */ - public List getTransformsInfos() throws ConfigurationException { - - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - SecurityLayer securityLayer = authComponentGeneral.getSecurityLayer(); - if (securityLayer != null) { - - List result = ConfigurationUtils.getTransformInfos(securityLayer.getTransformsInfo()); - - if (result == null || result.isEmpty()) { - Logger.error("No Security-Layer Transformation found."); - throw new ConfigurationException("config.05", new Object[] { "Security-Layer Transformation" }); - } - return result; - - } else { - Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration->SecurityLayer found"); - throw new ConfigurationException("config.02", null); - } - } - - /** - * Returns a list of IdentityLinkX509SubjectNames. NOTE: may return an empty list but never {@code null}. - * - * @return the list of IdentityLinkX509SubjectNames. - * - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} - */ - public List getIdentityLinkX509SubjectNames() throws ConfigurationException { - - ArrayList identityLinkX509SubjectNames = new ArrayList(); - - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - - IdentityLinkSigners idlsigners = authComponentGeneral.getIdentityLinkSigners(); - if (idlsigners != null) { - Logger.debug("Load own IdentityLinkX509SubjectNames"); - identityLinkX509SubjectNames.addAll(new ArrayList(idlsigners.getX509SubjectName())); - } - - String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; - for (int i = 0; i < identityLinkSignersWithoutOID.length; i++) { - String identityLinkSigner = identityLinkSignersWithoutOID[i]; - if (!identityLinkX509SubjectNames.contains(identityLinkSigner)) { - identityLinkX509SubjectNames.add(identityLinkSigner); - } - } - - return identityLinkX509SubjectNames; - } - - /** - * Returns a list of default SLRequestTemplates. NOTE: may return an empty list but never {@code null}. - * - * @return list of default SLRequestTemplates. - * @throws ConfigurationException is never thrown - */ - public List getSLRequestTemplates() throws ConfigurationException { - - SLRequestTemplates templates = configuration.get(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, SLRequestTemplates.class); - List templatesList = new ArrayList(); - - if (templates != null) { - templatesList.add(templates.getOnlineBKU()); - templatesList.add(templates.getLocalBKU()); - templatesList.add(templates.getHandyBKU()); - } - return templatesList; - } - - /** - * Returns the type's default SLRequestTemplate. NOTE: may return {@code null}. - * - * @param type the type of BKU. - * @return the default SLRequestTemplate for the given type. - * - * @throws ConfigurationException is never thrown - */ - public String getSLRequestTemplates(String type) throws ConfigurationException { - - SLRequestTemplates templates = configuration.get(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, SLRequestTemplates.class); - String slRequestTemplate = null; - - if (templates != null) { - switch (type) { - case IOAAuthParameters.ONLINEBKU: - slRequestTemplate = templates.getOnlineBKU(); - break; - case IOAAuthParameters.LOCALBKU: - slRequestTemplate = templates.getLocalBKU(); - break; - case IOAAuthParameters.HANDYBKU: - slRequestTemplate = templates.getHandyBKU(); - break; - default: - Logger.warn("getSLRequestTemplates: BKU Type does not match: " + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " - + IOAAuthParameters.LOCALBKU); - } - } - return slRequestTemplate; - } - - /** - * Returns a list of default BKUURLs. NOTE: may return an empty list but never {@code null}. - * - * @return list of default BKUURLs. - * @throws ConfigurationException is never thrown - */ - public List getDefaultBKUURLs() throws ConfigurationException { - - DefaultBKUs bkuurls = configuration.get(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, DefaultBKUs.class); - List bkuurlsList = new ArrayList(); - - if (bkuurls != null) { - bkuurlsList.add(bkuurls.getOnlineBKU()); - bkuurlsList.add(bkuurls.getLocalBKU()); - bkuurlsList.add(bkuurls.getHandyBKU()); - } - return bkuurlsList; - } - - /** - * Returns the type's default BKUURL. NOTE: may return {@code null}. - * - * @param type the type of BKU. - * @return the default BKUURL for the given type. - * - * @throws ConfigurationException is never thrown - */ - public String getDefaultBKUURL(String type) throws ConfigurationException { - - DefaultBKUs bkuurls = configuration.get(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, DefaultBKUs.class); - String defaultBKUUrl = null; - - if (bkuurls != null) { - switch (type) { - case IOAAuthParameters.ONLINEBKU: - defaultBKUUrl = bkuurls.getOnlineBKU(); - break; - case IOAAuthParameters.LOCALBKU: - defaultBKUUrl = bkuurls.getLocalBKU(); - break; - case IOAAuthParameters.HANDYBKU: - defaultBKUUrl = bkuurls.getHandyBKU(); - break; - default: - Logger.warn("getDefaultBKUURL: BKU Type does not match: " + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " - + IOAAuthParameters.LOCALBKU); - } - } - return defaultBKUUrl; - } - - /** - * Returns the SSOTagetIdentifier. NOTE: returns {@code null} if no SSOTargetIdentifier is set. - * - * @return the SSOTagetIdentifier or {@code null} - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} - */ - public String getSSOTagetIdentifier() throws ConfigurationException { - - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - - SSO sso = authComponentGeneral.getSSO(); - if (sso != null) { - return sso.getTarget(); - } - return null; - } - - /** - * Returns the SSOFriendlyName. NOTE: never returns {@code null}, if no SSOFriendlyName is set, a default String is returned. - * - * @return the SSOFriendlyName or a default String - */ - public String getSSOFriendlyName() { - - AuthComponentGeneral authComponentGeneral; - String defaultValue = "Default MOA-ID friendly name for SSO"; - try { - authComponentGeneral = getAuthComponentGeneral(); - } catch (ConfigurationException e) { - return defaultValue; - } - - SSO sso = authComponentGeneral.getSSO(); - if (sso != null) { - if (MiscUtil.isEmpty(sso.getFriendlyName())) { - return sso.getFriendlyName(); - } - } - return defaultValue; - } - - /** - * Returns the SSOSpecialText. NOTE: never returns {@code null}, if no SSOSpecialText is set, an empty String is returned. - * - * @return the SSOSpecialText or an empty String - */ - public String getSSOSpecialText() { - - AuthComponentGeneral authComponentGeneral; - try { - authComponentGeneral = getAuthComponentGeneral(); - } catch (ConfigurationException e) { - return new String(); - } - - SSO sso = authComponentGeneral.getSSO(); - if (sso != null) { - String text = sso.getSpecialText(); - return MiscUtil.isEmpty(text) ? new String() : text; - } - return new String(); - } - - /** - * Returns the MOASessionEncryptionKey NOTE: returns {@code null} if no MOASessionEncryptionKey is set. - * - * @return the MOASessionEncryptionKey or {@code null} - */ - public String getMOASessionEncryptionKey() { - String prop = properties.getProperty("configuration.moasession.key"); - return MiscUtil.isNotEmpty(prop) ? prop : null; - } - - /** - * Returns the MOAConfigurationEncryptionKey NOTE: returns {@code null} if no MOAConfigurationEncryptionKey is set. - * - * @return the MOAConfigurationEncryptionKey or {@code null} - */ - public String getMOAConfigurationEncryptionKey() { - String prop = properties.getProperty("configuration.moaconfig.key"); - return MiscUtil.isNotEmpty(prop) ? prop : null; - } - - /** - * @return {@code true} if IdentityLinkResigning is set, {@code false} otherwise. - */ - public boolean isIdentityLinkResigning() { - String prop = properties.getProperty("configuration.resignidentitylink.active", "false"); - return Boolean.valueOf(prop); - } - - /** - * Returns the IdentityLinkResigningKey. NOTE: returns {@code null} if no IdentityLinkResigningKey is set. - * - * @return the IdentityLinkResigningKey or {@code null} - */ - public String getIdentityLinkResigningKey() { - String prop = properties.getProperty("configuration.resignidentitylink.keygroup"); - return MiscUtil.isNotEmpty(prop) ? prop : null; - } - - /** - * @return {@code true} if MonitoringActive is set, {@code false} otherwise. - */ - public boolean isMonitoringActive() { - String prop = properties.getProperty("configuration.monitoring.active", "false"); - return Boolean.valueOf(prop); - } - - /** - * Returns the MonitoringTestIdentityLinkURL. NOTE: returns {@code null} if no MonitoringTestIdentityLinkURL is set. - * - * @return the MonitoringTestIdentityLinkURL or {@code null} - */ - public String getMonitoringTestIdentityLinkURL() { - String prop = properties.getProperty("configuration.monitoring.test.identitylink.url"); - return MiscUtil.isNotEmpty(prop) ? prop : null; - } - - /** - * Returns the MonitoringMessageSuccess. NOTE: returns {@code null} if no MonitoringMessageSuccess is set. - * - * @return the MonitoringMessageSuccess or {@code null} - */ - public String getMonitoringMessageSuccess() { - String prop = properties.getProperty("configuration.monitoring.message.success"); - return MiscUtil.isNotEmpty(prop) ? prop : null; - } - - /** - * @return {@code true} if AdvancedLoggingActive is set, {@code false} otherwise. - */ - public boolean isAdvancedLoggingActive() { - String prop = properties.getProperty("configuration.advancedlogging.active", "false"); - return Boolean.valueOf(prop); - } - - /** - * Returns the PublicURLPrefix. NOTE: returns {@code null} if no PublicURLPrefix is set. - * - * @return the PublicURLPrefix or {@code null} - */ - public String getPublicURLPrefix() { - - AuthComponentGeneral authComponentGeneral; - try { - authComponentGeneral = getAuthComponentGeneral(); - } catch (ConfigurationException e) { - return null; - } - - String publicURLPreFix = null; - GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); - if (generalConfiguration != null && MiscUtil.isNotEmpty(generalConfiguration.getPublicURLPreFix())) { - publicURLPreFix = generalConfiguration.getPublicURLPreFix(); - } else { - Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); - } - return publicURLPreFix; - } - - /** - * @return {@code true} if PVP2AssertionEncryptionActive is set, {@code false} otherwise. - */ - public boolean isPVP2AssertionEncryptionActive() { - String prop = this.getProperties().getProperty("protocols.pvp2.assertion.encryption.active", "true"); - return Boolean.valueOf(prop); - } - - /** - * @return {@code true} if CertifiacteQCActive is set, {@code false} otherwise. - */ - public boolean isCertifiacteQCActive() { - String prop = this.getProperties().getProperty("configuration.validation.certificate.QC.ignore", "false"); - return !Boolean.valueOf(prop); - } - - /** - * Returns a STORK Configuration, NOTE: may return {@code null}. - * - * @return a new STORK Configuration or {@code null} - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} - */ - public STORKConfig getStorkConfig() throws ConfigurationException { - - STORKConfig result = null; - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - ForeignIdentities foreign = authComponentGeneral.getForeignIdentities(); - if (foreign == null) { - Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); - } else { - result = new STORKConfig(foreign.getSTORK(), this.getProperties(), this.getRootConfigFileDir()); - } - return result; - } - - /** - * Small helper method. - * - * @return the {@link AuthComponentGeneral} from the database - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} - */ - private AuthComponentGeneral getAuthComponentGeneral() throws ConfigurationException { - - AuthComponentGeneral authComponentGeneral = configuration.get(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, AuthComponentGeneral.class); - if (authComponentGeneral == null) { - Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration found"); - throw new ConfigurationException("config.02", null); - } - return authComponentGeneral; - } - - /** - * Returns the {@link VerifyAuthBlock}. - * - * @return the {@link VerifyAuthBlock}. - * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. - */ - private VerifyAuthBlock getVerifyAuthBlock() throws ConfigurationException { - - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - MOASP moasp = authComponentGeneral.getMOASP(); - if (moasp != null) { - VerifyAuthBlock vab = moasp.getVerifyAuthBlock(); - if (vab != null) { - VerifyAuthBlock verifyIdl = new VerifyAuthBlock(); - verifyIdl.setTrustProfileID(vab.getTrustProfileID()); - verifyIdl.setVerifyTransformsInfoProfileID(new ArrayList(vab.getVerifyTransformsInfoProfileID())); - return verifyIdl; - } else { - Logger.warn("Error in MOA-ID Configuration. No Trustprofile for AuthBlock validation."); - throw new ConfigurationException("config.02", null); - } - } else { - Logger.warn("Error in MOA-ID Configuration. No MOASP configuration found"); - throw new ConfigurationException("config.02", null); - } - } - - /** - * Small helper method. NOTE: may return empty properties, but never {@code null}. - * @param propPrefix the prefix of the desired property. - * @return the {@link Properties} - */ - private Properties getGeneralProperiesConfig(final String propPrefix) { - - Properties configProp = new Properties(); - for (Object key : this.getProperties().keySet()) { - if (key.toString().startsWith(propPrefix)) { - String propertyName = key.toString().substring(propPrefix.length()); - configProp.put(propertyName, this.getProperties().get(key.toString())); - } - } - return configProp; - } - - /** - * Returns whether the trust-manager revocation checking is enabled or not. - * - * @return {@code true} if enable, {@code false} if disabled - */ - @Override - public boolean isTrustmanagerrevoationchecking() { - - try { - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); - if (generalConfiguration != null && generalConfiguration.isTrustManagerRevocationChecking() != null) { - - return generalConfiguration.isTrustManagerRevocationChecking(); - - } else { - Logger.warn("No TrustMangerRevoationChecking defined. Use default value = " - + String.valueOf(TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT).toUpperCase()); - return TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT; - } - - } catch (ConfigurationException e) { - return TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT; - } - } - - /** - * Returns the path to the certificate-store directory or {@code null} if there is no certificate-store directory defined. - * - * @return the path to the certstore directory or {@code null} - */ - @Override - public String getCertstoreDirectory() { - - try { - AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); - GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); - if (generalConfiguration != null) { - return (rootConfigFileDir + generalConfiguration.getCertStoreDirectory()); - } else { - Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined."); - return null; - } - - } catch (ConfigurationException e) { - return null; - } - } - - @Override - public String getTrustedCACertificates() { - return (String) configuration.get(MOAIDConfigurationConstants.TRUSTED_CERTIFICATES_KEY, String.class); - } - - /** - * Returns the default chaining mode or {@code null} if there is no chaining mode defined. - * - * @return the default chaining mode or {@code null} - */ - @Override - public String getDefaultChainingMode() { - - ChainingModes chainingModes = (ChainingModes) configuration.get(MOAIDConfigurationConstants.CHAINING_MODES_KEY, ChainingModes.class); - if (chainingModes != null) { - return chainingModes.getSystemDefaultMode().value(); - } - - Logger.warn("Error in MOA-ID Configuration. No ChainingMode configuration found."); - return null; - } - - /** - * Returns the current time. - * @return the time stamp - */ - public static Date getTimeStamp() { - - return new Date(); - } - - /** - * Returns a list of all {@link OnlineApplication}. - * - * @return list of all OnlineApplications - */ - public List getAllOnlineApplications() { - Logger.trace("Get all OnlineApplications from database."); - - return configuration.getList(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY, OnlineApplication.class); - } - - /** - * Returns a list of all active {@link OnlineApplication} or {@code null} if no active online application was found. - * - * @return list of all active OnlineApplications or {@code null}. - */ - public List getAllActiveOnlineApplications() { - Logger.debug("Get all new OnlineApplications from database."); - - List result = new ArrayList(); - List allOAs = getAllOnlineApplications(); - - for (OnlineApplication oa : nullGuard(allOAs)) { - if (oa.isIsActive()) { - result.add(oa); - } - } - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return result; - } - - /** - * Returns the active {@link OnlineApplication} with the given ID or {@code null} if either no matching online application is found or if the {@code id} - * matches more than one entry. - * - * @param id the id of the requested online application - * @return the requested online application or {@code null} - */ - public OnlineApplication getActiveOnlineApplication(String id) { - Logger.trace("Get active OnlineApplication with ID " + id + " from database."); - - OnlineApplication result = null; - List allActiveOAs = getAllActiveOnlineApplications(); - - for (OnlineApplication oa : nullGuard(allActiveOAs)) { - String publicUrlPrefix = oa.getPublicURLPrefix(); - if (publicUrlPrefix != null && publicUrlPrefix.length() <= id.length()) { - if ((id.substring(1, publicUrlPrefix.length()).equals(publicUrlPrefix))) { - if (result != null) { - Logger.warn("OAIdentifier matches more than one DB-entry!"); - return null; - } else { - result = oa; - } - } - } - } - return result; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java new file mode 100644 index 000000000..38af90ade --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -0,0 +1,983 @@ +package at.gv.egovernment.moa.id.config.auth; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.math.BigInteger; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.Date; +import java.util.List; +import java.util.Properties; + +import org.springframework.beans.factory.annotation.Autowired; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; +import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; +import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; +import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; +import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; +import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; +import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; +import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; +import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; +import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1; +import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; +import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; +import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; +import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; +import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.ConfigurationProvider; +import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; +import at.gv.egovernment.moa.id.config.ConfigurationUtils; +import at.gv.egovernment.moa.id.config.ConnectionParameter; +import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; +import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; +import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; +import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; +import at.gv.egovernment.moa.id.config.stork.STORKConfig; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * A class providing access to the Auth Part of the MOA-ID configuration data. + */ +public class PropertyBasedAuthConfigurationProvider extends ConfigurationProviderImpl implements AuthConfiguration { + + + private static final boolean TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT = true; + + private MOAIDConfiguration configuration; + + private final Properties properties = new Properties(); + + public PropertyBasedAuthConfigurationProvider() { + } + + /** + * The constructor with path to a properties file as argument. + * + * @param fileName the path to the properties file + * @throws ConfigurationException if an error occurs during loading the properties file. + */ + public PropertyBasedAuthConfigurationProvider(String fileName) throws ConfigurationException { + File propertiesFile = new File(fileName); + rootConfigFileDir = propertiesFile.getParent(); + + try (FileInputStream in = new FileInputStream(propertiesFile);) { + properties.load(in); + } catch (FileNotFoundException e) { + throw new ConfigurationException("config.03", null, e); + } catch (IOException e) { + throw new ConfigurationException("config.03", null, e); + } + } + + /** + * Set the {@link Configuration} for this class. + * @param configuration the configuration + */ + @Autowired + public void setConfiguration(MOAIDConfiguration configuration) { + this.configuration = configuration; + } + + /** + * Get the properties. + * @return the properties + */ + private Properties getProperties() { + return properties; + } + + /** + * Method that avoids iterating over a {@link Collection} of type {@code T} which is actual {@code null}. + * @param item the collection + * @return the given {@link Collection} {@code item} if it is not {@code null}, or an empty {@link List} otherwise. + */ + @SuppressWarnings("unchecked") + public static > T nullGuard(T item) { + if (item == null) { + return (T) Collections.emptyList(); + } else { + return item; + } + } + + /** + * Returns the general pvp2 properties config. NOTE: may be empty but never {@code null}. + * @return the general pvp2 properties config. + */ + public Properties getGeneralPVP2ProperiesConfig() { + return this.getGeneralProperiesConfig("protocols.pvp2."); + } + + /** + * Returns the general oauth20 properties config. NOTE: may be empty but never {@code null}. + * @return the general oauth20 properties config. + */ + public Properties getGeneralOAuth20ProperiesConfig() { + return this.getGeneralProperiesConfig("protocols.oauth20."); + } + + /** + * Returns the allowed protocols. NOTE: may return {@code null}. + * + * @return the allowed protocols or {@code null}. + */ + public ProtocolAllowed getAllowedProtocols() { + + AuthComponentGeneral authComponentGeneral; + try { + authComponentGeneral = getAuthComponentGeneral(); + } catch (ConfigurationException e) { + return null; + } + Protocols protocols = authComponentGeneral.getProtocols(); + if (protocols != null) { + ProtocolAllowed allowedProtcols = new ProtocolAllowed(); + if (protocols.getSAML1() != null) { + allowedProtcols.setSAML1Active(protocols.getSAML1().isIsActive()); + } + + if (protocols.getOAuth() != null) { + allowedProtcols.setOAUTHActive(protocols.getOAuth().isIsActive()); + } + + if (protocols.getPVP2() != null) { + allowedProtcols.setPVP21Active(protocols.getPVP2().isIsActive()); + } + return allowedProtcols; + } else { + Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); + return null; + } + } + + /** + * Returns the general PVP2 configuration. NOTE: may return {@code null}. + * + * @return the general PVP2 configuration or {@code null}. + */ + public PVP2 getGeneralPVP2DBConfig() { + + AuthComponentGeneral authComponentGeneral; + try { + authComponentGeneral = getAuthComponentGeneral(); + } catch (ConfigurationException e) { + return null; + } + Protocols protocols = authComponentGeneral.getProtocols(); + PVP2 result = null; + if (protocols != null) { + PVP2 pvp2 = protocols.getPVP2(); + if (pvp2 != null) { + result = new PVP2(); + result.setIssuerName(pvp2.getIssuerName()); + result.setPublicURLPrefix(pvp2.getPublicURLPrefix()); + + if (pvp2.getOrganization() != null) { + Organization org = new Organization(); + result.setOrganization(org); + org.setDisplayName(pvp2.getOrganization().getDisplayName()); + org.setName(pvp2.getOrganization().getName()); + org.setURL(pvp2.getOrganization().getURL()); + } + + if (pvp2.getContact() != null) { + List cont = new ArrayList(); + result.setContact(cont); + for (Contact e : pvp2.getContact()) { + Contact c = new Contact(); + c.setCompany(e.getCompany()); + c.setGivenName(e.getGivenName()); + c.getMail().addAll(e.getMail()); + c.getPhone().addAll(e.getPhone()); + c.setSurName(e.getSurName()); + c.setType(e.getType()); + cont.add(c); + } + } + } + + } else { + Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); + } + return result; + } + + /** + * Returns the configured timeouts, or a default timeout. + * + * @return the configured timeout, or the default (never {@code null}). + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. + */ + public TimeOuts getTimeOuts() throws ConfigurationException { + + TimeOuts timeouts = new TimeOuts(); + + // set default timeouts + timeouts.setAssertion(new BigInteger("300")); + timeouts.setMOASessionCreated(new BigInteger("2700")); + timeouts.setMOASessionUpdated(new BigInteger("1200")); + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + // search timeouts in config + GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); + if (generalConfiguration != null) { + if (generalConfiguration.getTimeOuts() != null) { + if (generalConfiguration.getTimeOuts().getAssertion() != null) { + timeouts.setAssertion(generalConfiguration.getTimeOuts().getAssertion()); + } + + if (generalConfiguration.getTimeOuts().getMOASessionCreated() != null) { + timeouts.setMOASessionCreated(generalConfiguration.getTimeOuts().getMOASessionCreated()); + } + + if (generalConfiguration.getTimeOuts().getMOASessionUpdated() != null) { + timeouts.setMOASessionUpdated(generalConfiguration.getTimeOuts().getMOASessionUpdated()); + } + + } else { + Logger.info("No TimeOuts defined. Use default values"); + } + } + return timeouts; + } + + /** + * Returns an alternative source ID. NOTE: may return {@code null}. + * + * @return an alternative source ID or {@code null}. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + public String getAlternativeSourceID() throws ConfigurationException { + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + String alternativeSourceId = null; + Protocols protocols = authComponentGeneral.getProtocols(); + if (protocols != null) { + SAML1 saml1 = protocols.getSAML1(); + if (saml1 != null && MiscUtil.isNotEmpty(saml1.getSourceID())) { + alternativeSourceId = saml1.getSourceID(); + } + } + GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); + if (generalConfiguration != null && MiscUtil.isEmpty(alternativeSourceId)) { + alternativeSourceId = generalConfiguration.getAlternativeSourceID(); + } + return alternativeSourceId; + } + + /** + * Returns a list of legacy allowed protocols. NOTE: may return an empty list but never {@code null}. + * + * @return the list of protocols. + */ + public List getLegacyAllowedProtocols() { + + try { + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + + if (authComponentGeneral.getProtocols() != null) { + Protocols procols = authComponentGeneral.getProtocols(); + if (procols.getLegacyAllowed() != null) { + LegacyAllowed legacy = procols.getLegacyAllowed(); + return legacy.getProtocolName(); + } + } + + return new ArrayList(); + + } catch (NullPointerException e) { + Logger.info("No protocols found with legacy allowed flag!"); + return new ArrayList(); + } catch (ConfigurationException e) { + return new ArrayList(); + } + + } + + /** + * Provides configuration information regarding the online application behind the given URL, relevant to the MOA-ID Auth component. + * + * @param oaURL URL requested for an online application + * @return an OAAuthParameter, or null if none is applicable + */ + public OAAuthParameter getOnlineApplicationParameter(String oaURL) { + + OnlineApplication oa = getActiveOnlineApplication(oaURL); + if (oa == null) { + Logger.warn("Online application with identifier " + oaURL + " is not found."); + return null; + } + + return new OAAuthParameter(oa); + } + + /** + * Returns a string with a url-reference to the VerifyAuthBlock trust profile id within the moa-sp part of the authentication component. + * + * @return a string with a url-reference to the VerifyAuthBlock trust profile ID. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. + */ + public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException { + return getVerifyAuthBlock().getTrustProfileID(); + } + + /** + * Returns a list of strings with references to all verify transform info IDs within the moa-sp part of the authentication component. + * + * @return a list of strings containing all urls to the verify transform info IDs. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. + */ + public List getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { + return getVerifyAuthBlock().getVerifyTransformsInfoProfileID(); + } + + /** + * Returns a ConnectionParameter bean containing all information of the authentication component moa-sp element. + * + * @return ConnectionParameter of the authentication component moa-sp element. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. + */ + public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { + ConnectionParameter result = null; + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + MOASP moasp = authComponentGeneral.getMOASP(); + if (moasp != null) { + ConnectionParameterClientAuthType connectionParameter = moasp.getConnectionParameter(); + if (connectionParameter != null) { + result = new ConnectionParameterMOASP(moasp.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); + } + } + return result; + } + + /** + * Returns the {@link ConnectionParameter} for the ForeignID. NOTE: may return {@code null}. + * + * @return the connection parameter. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral}. + */ + public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + ForeignIdentities foreign = authComponentGeneral.getForeignIdentities(); + if (foreign != null) { + return new ConnectionParameterForeign(foreign.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); + } else { + Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to SZRGW Service found"); + return null; + } + } + + /** + * Returns the {@link ConnectionParameter} for the OnlineMandates. NOTE: may return {@code null}. + * + * @return the connection parameter. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + OnlineMandates ovs = authComponentGeneral.getOnlineMandates(); + if (ovs != null) { + return new ConnectionParameterMandate(ovs.getConnectionParameter(), this.getProperties(), this.getRootConfigFileDir()); + } + return null; + } + + /** + * Returns a string with a url-reference to the VerifyIdentityLink trust profile id within the moa-sp part of the authentication component + * + * @return String with a url-reference to the VerifyIdentityLink trust profile ID + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link VerifyIdentityLink}. + */ + public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException { + + String result = null; + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + MOASP moasp = authComponentGeneral.getMOASP(); + if (moasp != null) { + VerifyIdentityLink verifyIdentityLink = moasp.getVerifyIdentityLink(); + if (verifyIdentityLink != null) { + result = verifyIdentityLink.getTrustProfileID(); + } else { + Logger.warn("Error in MOA-ID Configuration. No Trustprofile for IdentityLink validation."); + throw new ConfigurationException("config.02", null); + } + } + return result; + } + + /** + * Returns a non-empty list of transform infos. NOTE: list is never {@code empty} or {@code null}. + * + * @return a list of transform infos. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link SecurityLayer}. + */ + public List getTransformsInfos() throws ConfigurationException { + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + SecurityLayer securityLayer = authComponentGeneral.getSecurityLayer(); + if (securityLayer != null) { + + List result = ConfigurationUtils.getTransformInfos(securityLayer.getTransformsInfo()); + + if (result == null || result.isEmpty()) { + Logger.error("No Security-Layer Transformation found."); + throw new ConfigurationException("config.05", new Object[] { "Security-Layer Transformation" }); + } + return result; + + } else { + Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration->SecurityLayer found"); + throw new ConfigurationException("config.02", null); + } + } + + /** + * Returns a list of IdentityLinkX509SubjectNames. NOTE: may return an empty list but never {@code null}. + * + * @return the list of IdentityLinkX509SubjectNames. + * + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + public List getIdentityLinkX509SubjectNames() throws ConfigurationException { + + ArrayList identityLinkX509SubjectNames = new ArrayList(); + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + + IdentityLinkSigners idlsigners = authComponentGeneral.getIdentityLinkSigners(); + if (idlsigners != null) { + Logger.debug("Load own IdentityLinkX509SubjectNames"); + identityLinkX509SubjectNames.addAll(new ArrayList(idlsigners.getX509SubjectName())); + } + + String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; + for (int i = 0; i < identityLinkSignersWithoutOID.length; i++) { + String identityLinkSigner = identityLinkSignersWithoutOID[i]; + if (!identityLinkX509SubjectNames.contains(identityLinkSigner)) { + identityLinkX509SubjectNames.add(identityLinkSigner); + } + } + + return identityLinkX509SubjectNames; + } + + /** + * Returns a list of default SLRequestTemplates. NOTE: may return an empty list but never {@code null}. + * + * @return list of default SLRequestTemplates. + * @throws ConfigurationException is never thrown + */ + public List getSLRequestTemplates() throws ConfigurationException { + + SLRequestTemplates templates = configuration.get(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, SLRequestTemplates.class); + List templatesList = new ArrayList(); + + if (templates != null) { + templatesList.add(templates.getOnlineBKU()); + templatesList.add(templates.getLocalBKU()); + templatesList.add(templates.getHandyBKU()); + } + return templatesList; + } + + /** + * Returns the type's default SLRequestTemplate. NOTE: may return {@code null}. + * + * @param type the type of BKU. + * @return the default SLRequestTemplate for the given type. + * + * @throws ConfigurationException is never thrown + */ + public String getSLRequestTemplates(String type) throws ConfigurationException { + + SLRequestTemplates templates = configuration.get(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, SLRequestTemplates.class); + String slRequestTemplate = null; + + if (templates != null) { + switch (type) { + case IOAAuthParameters.ONLINEBKU: + slRequestTemplate = templates.getOnlineBKU(); + break; + case IOAAuthParameters.LOCALBKU: + slRequestTemplate = templates.getLocalBKU(); + break; + case IOAAuthParameters.HANDYBKU: + slRequestTemplate = templates.getHandyBKU(); + break; + default: + Logger.warn("getSLRequestTemplates: BKU Type does not match: " + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + + IOAAuthParameters.LOCALBKU); + } + } + return slRequestTemplate; + } + + /** + * Returns a list of default BKUURLs. NOTE: may return an empty list but never {@code null}. + * + * @return list of default BKUURLs. + * @throws ConfigurationException is never thrown + */ + public List getDefaultBKUURLs() throws ConfigurationException { + + DefaultBKUs bkuurls = configuration.get(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, DefaultBKUs.class); + List bkuurlsList = new ArrayList(); + + if (bkuurls != null) { + bkuurlsList.add(bkuurls.getOnlineBKU()); + bkuurlsList.add(bkuurls.getLocalBKU()); + bkuurlsList.add(bkuurls.getHandyBKU()); + } + return bkuurlsList; + } + + /** + * Returns the type's default BKUURL. NOTE: may return {@code null}. + * + * @param type the type of BKU. + * @return the default BKUURL for the given type. + * + * @throws ConfigurationException is never thrown + */ + public String getDefaultBKUURL(String type) throws ConfigurationException { + + DefaultBKUs bkuurls = configuration.get(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, DefaultBKUs.class); + String defaultBKUUrl = null; + + if (bkuurls != null) { + switch (type) { + case IOAAuthParameters.ONLINEBKU: + defaultBKUUrl = bkuurls.getOnlineBKU(); + break; + case IOAAuthParameters.LOCALBKU: + defaultBKUUrl = bkuurls.getLocalBKU(); + break; + case IOAAuthParameters.HANDYBKU: + defaultBKUUrl = bkuurls.getHandyBKU(); + break; + default: + Logger.warn("getDefaultBKUURL: BKU Type does not match: " + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + + IOAAuthParameters.LOCALBKU); + } + } + return defaultBKUUrl; + } + + /** + * Returns the SSOTagetIdentifier. NOTE: returns {@code null} if no SSOTargetIdentifier is set. + * + * @return the SSOTagetIdentifier or {@code null} + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + public String getSSOTagetIdentifier() throws ConfigurationException { + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + + SSO sso = authComponentGeneral.getSSO(); + if (sso != null) { + return sso.getTarget(); + } + return null; + } + + /** + * Returns the SSOFriendlyName. NOTE: never returns {@code null}, if no SSOFriendlyName is set, a default String is returned. + * + * @return the SSOFriendlyName or a default String + */ + public String getSSOFriendlyName() { + + AuthComponentGeneral authComponentGeneral; + String defaultValue = "Default MOA-ID friendly name for SSO"; + try { + authComponentGeneral = getAuthComponentGeneral(); + } catch (ConfigurationException e) { + return defaultValue; + } + + SSO sso = authComponentGeneral.getSSO(); + if (sso != null) { + if (MiscUtil.isEmpty(sso.getFriendlyName())) { + return sso.getFriendlyName(); + } + } + return defaultValue; + } + + /** + * Returns the SSOSpecialText. NOTE: never returns {@code null}, if no SSOSpecialText is set, an empty String is returned. + * + * @return the SSOSpecialText or an empty String + */ + public String getSSOSpecialText() { + + AuthComponentGeneral authComponentGeneral; + try { + authComponentGeneral = getAuthComponentGeneral(); + } catch (ConfigurationException e) { + return new String(); + } + + SSO sso = authComponentGeneral.getSSO(); + if (sso != null) { + String text = sso.getSpecialText(); + return MiscUtil.isEmpty(text) ? new String() : text; + } + return new String(); + } + + /** + * Returns the MOASessionEncryptionKey NOTE: returns {@code null} if no MOASessionEncryptionKey is set. + * + * @return the MOASessionEncryptionKey or {@code null} + */ + public String getMOASessionEncryptionKey() { + String prop = properties.getProperty("configuration.moasession.key"); + return MiscUtil.isNotEmpty(prop) ? prop : null; + } + + /** + * Returns the MOAConfigurationEncryptionKey NOTE: returns {@code null} if no MOAConfigurationEncryptionKey is set. + * + * @return the MOAConfigurationEncryptionKey or {@code null} + */ + public String getMOAConfigurationEncryptionKey() { + String prop = properties.getProperty("configuration.moaconfig.key"); + return MiscUtil.isNotEmpty(prop) ? prop : null; + } + + /** + * @return {@code true} if IdentityLinkResigning is set, {@code false} otherwise. + */ + public boolean isIdentityLinkResigning() { + String prop = properties.getProperty("configuration.resignidentitylink.active", "false"); + return Boolean.valueOf(prop); + } + + /** + * Returns the IdentityLinkResigningKey. NOTE: returns {@code null} if no IdentityLinkResigningKey is set. + * + * @return the IdentityLinkResigningKey or {@code null} + */ + public String getIdentityLinkResigningKey() { + String prop = properties.getProperty("configuration.resignidentitylink.keygroup"); + return MiscUtil.isNotEmpty(prop) ? prop : null; + } + + /** + * @return {@code true} if MonitoringActive is set, {@code false} otherwise. + */ + public boolean isMonitoringActive() { + String prop = properties.getProperty("configuration.monitoring.active", "false"); + return Boolean.valueOf(prop); + } + + /** + * Returns the MonitoringTestIdentityLinkURL. NOTE: returns {@code null} if no MonitoringTestIdentityLinkURL is set. + * + * @return the MonitoringTestIdentityLinkURL or {@code null} + */ + public String getMonitoringTestIdentityLinkURL() { + String prop = properties.getProperty("configuration.monitoring.test.identitylink.url"); + return MiscUtil.isNotEmpty(prop) ? prop : null; + } + + /** + * Returns the MonitoringMessageSuccess. NOTE: returns {@code null} if no MonitoringMessageSuccess is set. + * + * @return the MonitoringMessageSuccess or {@code null} + */ + public String getMonitoringMessageSuccess() { + String prop = properties.getProperty("configuration.monitoring.message.success"); + return MiscUtil.isNotEmpty(prop) ? prop : null; + } + + /** + * @return {@code true} if AdvancedLoggingActive is set, {@code false} otherwise. + */ + public boolean isAdvancedLoggingActive() { + String prop = properties.getProperty("configuration.advancedlogging.active", "false"); + return Boolean.valueOf(prop); + } + + /** + * Returns the PublicURLPrefix. NOTE: returns {@code null} if no PublicURLPrefix is set. + * + * @return the PublicURLPrefix or {@code null} + */ + public String getPublicURLPrefix() { + + AuthComponentGeneral authComponentGeneral; + try { + authComponentGeneral = getAuthComponentGeneral(); + } catch (ConfigurationException e) { + return null; + } + + String publicURLPreFix = null; + GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); + if (generalConfiguration != null && MiscUtil.isNotEmpty(generalConfiguration.getPublicURLPreFix())) { + publicURLPreFix = generalConfiguration.getPublicURLPreFix(); + } else { + Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); + } + return publicURLPreFix; + } + + /** + * @return {@code true} if PVP2AssertionEncryptionActive is set, {@code false} otherwise. + */ + public boolean isPVP2AssertionEncryptionActive() { + String prop = this.getProperties().getProperty("protocols.pvp2.assertion.encryption.active", "true"); + return Boolean.valueOf(prop); + } + + /** + * @return {@code true} if CertifiacteQCActive is set, {@code false} otherwise. + */ + public boolean isCertifiacteQCActive() { + String prop = this.getProperties().getProperty("configuration.validation.certificate.QC.ignore", "false"); + return !Boolean.valueOf(prop); + } + + /** + * Returns a STORK Configuration, NOTE: may return {@code null}. + * + * @return a new STORK Configuration or {@code null} + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} + */ + public STORKConfig getStorkConfig() throws ConfigurationException { + + STORKConfig result = null; + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + ForeignIdentities foreign = authComponentGeneral.getForeignIdentities(); + if (foreign == null) { + Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); + } else { + result = new STORKConfig(foreign.getSTORK(), this.getProperties(), this.getRootConfigFileDir()); + } + return result; + } + +// /** +// * Small helper method. +// * +// * @return the {@link AuthComponentGeneral} from the database +// * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} +// */ +// private AuthComponentGeneral getAuthComponentGeneral() throws ConfigurationException { +// +// AuthComponentGeneral authComponentGeneral = configuration.get(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, AuthComponentGeneral.class); +// if (authComponentGeneral == null) { +// Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration found"); +// throw new ConfigurationException("config.02", null); +// } +// return authComponentGeneral; +// } + + /** + * Returns the {@link VerifyAuthBlock}. + * + * @return the {@link VerifyAuthBlock}. + * @throws ConfigurationException is thrown in case of missing {@link AuthComponentGeneral} or in case of missing {@link MOASP}. + */ + private VerifyAuthBlock getVerifyAuthBlock() throws ConfigurationException { + + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + MOASP moasp = authComponentGeneral.getMOASP(); + if (moasp != null) { + VerifyAuthBlock vab = moasp.getVerifyAuthBlock(); + if (vab != null) { + VerifyAuthBlock verifyIdl = new VerifyAuthBlock(); + verifyIdl.setTrustProfileID(vab.getTrustProfileID()); + verifyIdl.setVerifyTransformsInfoProfileID(new ArrayList(vab.getVerifyTransformsInfoProfileID())); + return verifyIdl; + } else { + Logger.warn("Error in MOA-ID Configuration. No Trustprofile for AuthBlock validation."); + throw new ConfigurationException("config.02", null); + } + } else { + Logger.warn("Error in MOA-ID Configuration. No MOASP configuration found"); + throw new ConfigurationException("config.02", null); + } + } + + /** + * Small helper method. NOTE: may return empty properties, but never {@code null}. + * @param propPrefix the prefix of the desired property. + * @return the {@link Properties} + */ + private Properties getGeneralProperiesConfig(final String propPrefix) { + + Properties configProp = new Properties(); + for (Object key : this.getProperties().keySet()) { + if (key.toString().startsWith(propPrefix)) { + String propertyName = key.toString().substring(propPrefix.length()); + configProp.put(propertyName, this.getProperties().get(key.toString())); + } + } + return configProp; + } + + /** + * Returns whether the trust-manager revocation checking is enabled or not. + * + * @return {@code true} if enable, {@code false} if disabled + */ + @Override + public boolean isTrustmanagerrevoationchecking() { + + try { + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); + if (generalConfiguration != null && generalConfiguration.isTrustManagerRevocationChecking() != null) { + + return generalConfiguration.isTrustManagerRevocationChecking(); + + } else { + Logger.warn("No TrustMangerRevoationChecking defined. Use default value = " + + String.valueOf(TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT).toUpperCase()); + return TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT; + } + + } catch (ConfigurationException e) { + return TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT; + } + } + + /** + * Returns the path to the certificate-store directory or {@code null} if there is no certificate-store directory defined. + * + * @return the path to the certstore directory or {@code null} + */ + @Override + public String getCertstoreDirectory() { + + try { + AuthComponentGeneral authComponentGeneral = getAuthComponentGeneral(); + GeneralConfiguration generalConfiguration = authComponentGeneral.getGeneralConfiguration(); + if (generalConfiguration != null) { + return (rootConfigFileDir + generalConfiguration.getCertStoreDirectory()); + } else { + Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined."); + return null; + } + + } catch (ConfigurationException e) { + return null; + } + } + + @Override + public String getTrustedCACertificates() { + return (String) configuration.get(MOAIDConfigurationConstants.TRUSTED_CERTIFICATES_KEY, String.class); + } + + /** + * Returns the default chaining mode or {@code null} if there is no chaining mode defined. + * + * @return the default chaining mode or {@code null} + */ + @Override + public String getDefaultChainingMode() { + + ChainingModes chainingModes = (ChainingModes) configuration.get(MOAIDConfigurationConstants.CHAINING_MODES_KEY, ChainingModes.class); + if (chainingModes != null) { + return chainingModes.getSystemDefaultMode().value(); + } + + Logger.warn("Error in MOA-ID Configuration. No ChainingMode configuration found."); + return null; + } + + /** + * Returns the current time. + * @return the time stamp + */ + public static Date getTimeStamp() { + + return new Date(); + } + + /** + * Returns a list of all {@link OnlineApplication}. + * + * @return list of all OnlineApplications + */ + public List getAllOnlineApplications() { + Logger.trace("Get all OnlineApplications from database."); + + return configuration.getList(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY, OnlineApplication.class); + } + + /** + * Returns a list of all active {@link OnlineApplication} or {@code null} if no active online application was found. + * + * @return list of all active OnlineApplications or {@code null}. + */ + public List getAllActiveOnlineApplications() { + Logger.debug("Get all new OnlineApplications from database."); + + List result = new ArrayList(); + List allOAs = getAllOnlineApplications(); + + for (OnlineApplication oa : nullGuard(allOAs)) { + if (oa.isIsActive()) { + result.add(oa); + } + } + if (result.size() == 0) { + Logger.trace("No entries found."); + return null; + } + return result; + } + + /** + * Returns the active {@link OnlineApplication} with the given ID or {@code null} if either no matching online application is found or if the {@code id} + * matches more than one entry. + * + * @param id the id of the requested online application + * @return the requested online application or {@code null} + */ + public OnlineApplication getActiveOnlineApplication(String id) { + Logger.trace("Get active OnlineApplication with ID " + id + " from database."); + + OnlineApplication result = null; + List allActiveOAs = getAllActiveOnlineApplications(); + + for (OnlineApplication oa : nullGuard(allActiveOAs)) { + String publicUrlPrefix = oa.getPublicURLPrefix(); + if (publicUrlPrefix != null && publicUrlPrefix.length() <= id.length()) { + if ((id.substring(1, publicUrlPrefix.length()).equals(publicUrlPrefix))) { + if (result != null) { + Logger.warn("OAIdentifier matches more than one DB-entry!"); + return null; + } else { + result = oa; + } + } + } + } + return result; + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index e3b7524ae..2e0aa5486 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -41,7 +41,7 @@ import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; @@ -287,7 +287,7 @@ public class DispatcherServlet extends AuthServlet{ } else if (protocolRequest != null && MiscUtil.isNotEmpty(protocolRequest.getRequestID())) { - OAAuthParameter oaParams = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL()); + OAAuthParameter oaParams = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL()); if (oaParams.isSTORKPVPGateway() || !oaParams.isPerformLocalAuthenticationOnInterfederationError()) { // -> send end error to service provider Logger.info("Federated authentication for entity " + protocolRequest.getOAURL() @@ -397,7 +397,7 @@ public class DispatcherServlet extends AuthServlet{ } //load Parameters from OnlineApplicationConfiguration - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(protocolRequest.getOAURL()); if (oaParam == null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 49f3df25c..e4a358cdb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -73,7 +73,7 @@ import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.SLOInformationContainer; import at.gv.egovernment.moa.id.data.SLOInformationImpl; @@ -191,7 +191,7 @@ public class AuthenticationManager implements MOAIDAuthConstants { } catch (MOADatabaseException e) { Logger.warn("Delete MOASession FAILED."); - sloContainer.putFailedOA(AuthConfigurationProvider.getInstance().getPublicURLPrefix()); + sloContainer.putFailedOA(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()); } @@ -254,7 +254,7 @@ public class AuthenticationManager implements MOAIDAuthConstants { AssertionStorage.getInstance().put(relayState, sloContainer); - String timeOutURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + String timeOutURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/idpSingleLogout" + "?restart=" + relayState; @@ -369,7 +369,7 @@ public class AuthenticationManager implements MOAIDAuthConstants { String form = SendAssertionFormBuilder.buildForm(target.requestedModule(), target.requestedAction(), target.getRequestID(), oaParam, - AuthConfigurationProvider.getInstance().getPublicURLPrefix()); + AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()); response.setContentType("text/html;charset=UTF-8"); PrintWriter out = new PrintWriter(response.getOutputStream()); @@ -387,8 +387,8 @@ public class AuthenticationManager implements MOAIDAuthConstants { //get IDP metadata try { - OAAuthParameter idp = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(target.getRequestedIDP()); - OAAuthParameter sp = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(target.getOAURL()); + OAAuthParameter idp = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(target.getRequestedIDP()); + OAAuthParameter sp = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(target.getOAURL()); if (!idp.isInderfederationIDP() || !idp.isInboundSSOInterfederationAllowed()) { Logger.info("Requested interfederation IDP " + target.getRequestedIDP() + " is not valid for interfederation."); @@ -557,7 +557,7 @@ public class AuthenticationManager implements MOAIDAuthConstants { response.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); response.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - List legacyallowed_prot = AuthConfigurationProvider.getInstance().getLegacyAllowedProtocols(); + List legacyallowed_prot = AuthConfigurationProviderFactory.getInstance().getLegacyAllowedProtocols(); //is legacy allowed boolean legacyallowed = legacyallowed_prot.contains(target.requestedModule()); @@ -621,7 +621,7 @@ public class AuthenticationManager implements MOAIDAuthConstants { } else { //load Parameters from OnlineApplicationConfiguration - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(target.getOAURL()); if (oaParam == null) { @@ -642,7 +642,7 @@ public class AuthenticationManager implements MOAIDAuthConstants { //Build authentication form - String publicURLPreFix = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + String publicURLPreFix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(), target.requestedAction(), oaParam, publicURLPreFix, moasession.getSessionID()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index 68545e1c2..621426ff1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -53,7 +53,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.Random; @@ -81,7 +81,7 @@ public class SSOManager { instance = new SSOManager(); try { - sso_timeout = (int) AuthConfigurationProvider.getInstance().getTimeOuts().getMOASessionUpdated().longValue(); + sso_timeout = (int) AuthConfigurationProviderFactory.getInstance().getTimeOuts().getMOASessionUpdated().longValue(); } catch (ConfigurationException e) { @@ -151,7 +151,7 @@ public class SSOManager { //check if session is out of lifetime Date now = new Date(); - long maxSSOSessionTime = AuthConfigurationProvider.getInstance().getTimeOuts().getMOASessionCreated().longValue() * 1000; + long maxSSOSessionTime = AuthConfigurationProviderFactory.getInstance().getTimeOuts().getMOASessionCreated().longValue() * 1000; Date ssoSessionValidTo = new Date(storedSession.getCreated().getTime() + maxSSOSessionTime); if (now.after(ssoSessionValidTo)) { Logger.info("Found outdated SSO session information. Start reauthentication process ... "); @@ -305,7 +305,7 @@ public class SSOManager { InputStream is = null; String pathLocation = null; try { - String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); + String rootconfigdir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; File file = new File(new URI(pathLocation)); is = new FileInputStream(file); @@ -347,7 +347,7 @@ public class SSOManager { BufferedReader reader = new BufferedReader(new InputStreamReader(is )); //set default elements to velocity context - context.put("contextpath", AuthConfigurationProvider.getInstance().getPublicURLPrefix()); + context.put("contextpath", AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()); StringWriter writer = new StringWriter(); //velocityEngine.evaluate(context, writer, "SLO_Template", reader); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java index 93a2f7d6d..8eddd7833 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java @@ -25,7 +25,7 @@ package at.gv.egovernment.moa.id.protocols.oauth20; import java.util.Properties; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.util.FileUtils; public class OAuth20Configuration { @@ -49,8 +49,8 @@ public class OAuth20Configuration { private OAuth20Configuration() { try { - props = AuthConfigurationProvider.getInstance().getGeneralOAuth20ProperiesConfig(); - rootDir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); + props = AuthConfigurationProviderFactory.getInstance().getGeneralOAuth20ProperiesConfig(); + rootDir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); } catch (ConfigurationException e) { e.printStackTrace(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java index 4c70ce995..2a0d3b30f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java @@ -31,7 +31,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; @@ -142,7 +142,7 @@ class OAuth20AuthAction implements IAction { private Pair buildIdToken(String scope, OAuth20AuthRequest oAuthRequest, IAuthData authData) throws MOAIDException, SignatureException { - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oAuthRequest.getOAURL()); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oAuthRequest.getOAURL()); OAuthSigner signer = OAuth20SignatureUtil.loadSigner(authData.getIssuer()); OAuthJsonToken token = new OAuthJsonToken(signer); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java index c47e366a1..4879942ae 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java @@ -32,7 +32,7 @@ import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; @@ -152,7 +152,7 @@ class OAuth20AuthRequest extends OAuth20BaseRequest { // check if client id and redirect uri are ok try { // OAOAUTH20 cannot be null at this point. check was done in base request - OAOAUTH20 oAuthConfig = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(this.getOAURL()) + OAOAUTH20 oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()) .getoAuth20Config(); if (!this.getClientID().equals(oAuthConfig.getOAuthClientId()) @@ -176,7 +176,7 @@ class OAuth20AuthRequest extends OAuth20BaseRequest { reqAttr.put(el, ""); try { - OAAuthParameter oa = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(getOAURL()); + OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); for (String s : scope.split(" ")) { if (s.equalsIgnoreCase("profile")) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java index d08bd593a..9a7e44f70 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java @@ -33,7 +33,7 @@ import org.apache.commons.lang.StringUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; @@ -77,7 +77,7 @@ abstract class OAuth20BaseRequest extends RequestImpl { throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID); } this.setOAURL(oaURL); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaURL); if (oaParam == null) { throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java index 182f07675..98d46d424 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java @@ -11,7 +11,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; @@ -103,7 +103,7 @@ public class OAuth20Protocol implements IModulInfo { // get error code and description String errorCode; String errorDescription; - String errorUri = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + String errorUri = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() +"/" + OAuth20Constants.ERRORPAGE; String moaError = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java index 3c90a5773..5cb5108ed 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java @@ -30,7 +30,7 @@ import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; @@ -121,7 +121,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest { // check if client id and secret are ok try { // OAOAUTH20 cannot be null at this point. check was done in base request - OAOAUTH20 oAuthConfig = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(this.getOAURL()) + OAOAUTH20 oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()) .getoAuth20Config(); if (!this.getClientID().equals(oAuthConfig.getOAuthClientId())) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index cf20db7d9..6b5e6a0f3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -62,7 +62,7 @@ import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; @@ -197,7 +197,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { HttpServletResponse response, String action) throws MOAIDException { - if (!AuthConfigurationProvider.getInstance().getAllowedProtocols().isPVP21Active()) { + if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isPVP21Active()) { Logger.info("PVP2.1 is deaktivated!"); throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME }); @@ -524,7 +524,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { throw new WrongParametersException("StartAuthentication", PARAM_OA, "auth.12"); - OAAuthParameter oa = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moaRequest.getEntityID()); + OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moaRequest.getEntityID()); if (!oa.isInderfederationIDP()) { Logger.warn("AttributeQuery requests are only allowed for interfederation IDPs."); throw new AttributQueryException("AttributeQuery requests are only allowed for interfederation IDPs.", null); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java index 65da23565..74b20356e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPTargetConfiguration.java @@ -34,7 +34,7 @@ import org.opensaml.saml2.metadata.RequestedAttribute; import org.opensaml.saml2.metadata.SPSSODescriptor; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder; @@ -88,7 +88,7 @@ public class PVPTargetConfiguration extends RequestImpl { reqAttr.put(el, ""); try { - OAAuthParameter oa = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(getOAURL()); + OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); SPSSODescriptor spSSODescriptor = getRequest().getEntityMetadata().getSPSSODescriptor(SAMLConstants.SAML20P_NS); if (spSSODescriptor.getAttributeConsumingServices() != null && diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java index aa154b84b..9884d2a8a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java @@ -69,7 +69,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationContainer; import at.gv.egovernment.moa.id.data.SLOInformationImpl; @@ -258,7 +258,7 @@ public class SingleLogOutAction implements IAction { } else { //print SLO information directly - redirectURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/idpSingleLogout"; + redirectURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/idpSingleLogout"; String artifact = Random.nextRandom(); @@ -274,7 +274,7 @@ public class SingleLogOutAction implements IAction { } //redirect to Redirect Servlet - String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/RedirectServlet"; + String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(redirectURL, "UTF-8")); url = httpResp.encodeRedirectURL(url); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java index 4ef09184d..4959df16c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/AuthResponseBuilder.java @@ -52,7 +52,7 @@ import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; import org.opensaml.xml.security.x509.X509Credential; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.InvalidAssertionEncryptionException; @@ -106,7 +106,7 @@ public class AuthResponseBuilder { } - boolean isEncryptionActive = AuthConfigurationProvider.getInstance().isPVP2AssertionEncryptionActive(); + boolean isEncryptionActive = AuthConfigurationProviderFactory.getInstance().isPVP2AssertionEncryptionActive(); if (encryptionCredentials != null && isEncryptionActive) { //encrypt SAML2 assertion diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java index b301b6e5e..a1b4932d4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java @@ -64,7 +64,7 @@ import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; @@ -153,7 +153,7 @@ public class PVP2AssertionBuilder implements PVPConstants { AuthnContextClassRef authnContextClassRef = SAML2Utils .createSAMLObject(AuthnContextClassRef.class); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter( peerEntity.getEntityID()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java index d3a9ad3e7..d6f6308fd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java @@ -49,7 +49,7 @@ import org.opensaml.saml2.metadata.TelephoneNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; @@ -57,6 +57,8 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; +//TODO!!!!! + public class PVPConfiguration { private static PVPConfiguration instance; @@ -124,8 +126,8 @@ public class PVPConfiguration { private PVPConfiguration() { try { //generalpvpconfigdb = AuthConfigurationProvider.getInstance().getGeneralPVP2DBConfig(); - props = AuthConfigurationProvider.getInstance().getGeneralPVP2ProperiesConfig(); - rootDir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); + props = AuthConfigurationProviderFactory.getInstance().getGeneralPVP2ProperiesConfig(); + rootDir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); } catch (ConfigurationException e) { e.printStackTrace(); @@ -133,7 +135,7 @@ public class PVPConfiguration { } public String getIDPPublicPath() throws ConfigurationException { - String publicPath = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + String publicPath = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); if(publicPath != null) { if(publicPath.endsWith("/")) { int length = publicPath.length(); @@ -209,7 +211,7 @@ public class PVPConfiguration { moaIDVersion = parseMOAIDVersionFromManifest(); } - return AuthConfigurationProvider.getInstance().getGeneralPVP2DBConfig().getIssuerName() + moaIDVersion; + return AuthConfigurationProviderFactory.getInstance().getGeneralPVP2DBConfig().getIssuerName() + moaIDVersion; } public List getMetadataFiles() { @@ -237,7 +239,7 @@ public class PVPConfiguration { public String getTargetForSP(String sp) { try { - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(sp); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(sp); if (oaParam != null) return oaParam.getTarget(); @@ -256,7 +258,7 @@ public class PVPConfiguration { public iaik.x509.X509Certificate getTrustEntityCertificate(String entityID) { try { - IOAAuthParameters oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(entityID); + IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(entityID); if (oaParam == null) { Logger.warn("Online Application with ID " + entityID + " not found!"); @@ -285,7 +287,7 @@ public class PVPConfiguration { public List getIDPContacts() throws ConfigurationException { List list = new ArrayList(); - List contacts = AuthConfigurationProvider.getInstance().getGeneralPVP2DBConfig().getContact(); + List contacts = AuthConfigurationProviderFactory.getInstance().getGeneralPVP2DBConfig().getContact(); if (contacts != null) { @@ -379,7 +381,7 @@ public class PVPConfiguration { public Organization getIDPOrganisation() throws ConfigurationException { Organization org = SAML2Utils.createSAMLObject(Organization.class); - at.gv.egovernment.moa.id.commons.db.dao.config.Organization organisation = AuthConfigurationProvider.getInstance().getGeneralPVP2DBConfig().getOrganization(); + at.gv.egovernment.moa.id.commons.db.dao.config.Organization organisation = AuthConfigurationProviderFactory.getInstance().getGeneralPVP2DBConfig().getOrganization(); String org_name = null; String org_dispname = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index d493ef9e0..0ec79c79a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -53,7 +53,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; @@ -349,11 +349,11 @@ public class MOAMetadataProvider implements MetadataProvider { try { MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( PVPConstants.SSLSOCKETFACTORYNAME, - AuthConfigurationProvider.getInstance().getCertstoreDirectory(), - AuthConfigurationProvider.getInstance().getTrustedCACertificates(), + AuthConfigurationProviderFactory.getInstance().getCertstoreDirectory(), + AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(), null, - ChainingModeType.fromValue(AuthConfigurationProvider.getInstance().getDefaultChainingMode()), - AuthConfigurationProvider.getInstance().isTrustmanagerrevoationchecking()); + ChainingModeType.fromValue(AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode()), + AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking()); httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java index 12de97a3f..5dad3771d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java @@ -39,7 +39,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.logging.Logger; @@ -65,11 +65,11 @@ public class MOASAMLSOAPClient { SecureProtocolSocketFactory sslprotocolsocketfactory = new MOAHttpProtocolSocketFactory( PVPConstants.SSLSOCKETFACTORYNAME, - AuthConfigurationProvider.getInstance().getCertstoreDirectory(), - AuthConfigurationProvider.getInstance().getTrustedCACertificates(), + AuthConfigurationProviderFactory.getInstance().getCertstoreDirectory(), + AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(), null, - ChainingModeType.fromValue(AuthConfigurationProvider.getInstance().getDefaultChainingMode()), - AuthConfigurationProvider.getInstance().isTrustmanagerrevoationchecking()); + ChainingModeType.fromValue(AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode()), + AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking()); clientBuilder.setHttpsProtocolSocketFactory(sslprotocolsocketfactory ); } catch (MOAHttpProtocolSocketFactoryException e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java index 885de6805..942fab4f3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerifierMOASP.java @@ -38,7 +38,7 @@ import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.util.XMLUtil; import at.gv.egovernment.moa.logging.Logger; @@ -52,7 +52,7 @@ public class SAMLVerifierMOASP implements ISAMLVerifier { try { if (request.isSigned()) { - String trustProfileID = AuthConfigurationProvider.getInstance() + String trustProfileID = AuthConfigurationProviderFactory.getInstance() .getStorkConfig().getSignatureVerificationParameter() .getTrustProfileID(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java index f73b541bf..1aca587c9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java @@ -35,7 +35,7 @@ import org.opensaml.common.xml.SAMLSchemaBuilder; import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; import at.gv.egovernment.moa.logging.Logger; @@ -49,7 +49,7 @@ public class SchemaValidationFilter implements MetadataFilter { public SchemaValidationFilter() { try { - isActive = AuthConfigurationProvider.getInstance().isPVPSchemaValidationActive(); + isActive = AuthConfigurationProviderFactory.getInstance().isPVPSchemaValidationActive(); } catch (ConfigurationException e) { e.printStackTrace(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index 4cdd1db01..5b1f49411 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -31,7 +31,7 @@ import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; @@ -65,7 +65,7 @@ public class GetArtifactAction implements IAction { } try { - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(oaURL); SAML1AuthenticationServer saml1server = SAML1AuthenticationServer.getInstace(); @@ -80,7 +80,7 @@ public class GetArtifactAction implements IAction { String samlArtifactBase64 = saml1server.BuildSAMLArtifact(oaParam, authData, sourceID); if (authData.isSsoSession()) { - String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/RedirectServlet"; + String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8")); if (!oaParam.getBusinessService()) url = addURLParameter(url, PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8")); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index 9934c339d..f86d5f769 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -39,7 +39,7 @@ import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; @@ -101,7 +101,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { HttpServletResponse response, String action) throws MOAIDException { SAML1RequestImpl config = new SAML1RequestImpl(); - if (!AuthConfigurationProvider.getInstance().getAllowedProtocols().isSAML1Active()) { + if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isSAML1Active()) { Logger.info("SAML1 is deaktivated!"); throw new ProtocolNotActiveException("auth.22", new Object[] { "SAML 1" }); @@ -142,7 +142,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { //load Target only from OA config - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(oaURL); if (oaParam == null) @@ -172,7 +172,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { IRequest protocolRequest) throws Throwable{ - OAAuthParameter oa = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL()); + OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL()); if (!oa.getSAML1Parameter().isProvideAllErrors()) return false; @@ -180,7 +180,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { SAML1AuthenticationServer saml1authentication = SAML1AuthenticationServer.getInstace(); String samlArtifactBase64 = saml1authentication.BuildErrorAssertion(e, protocolRequest); - String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/RedirectServlet"; + String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getOAURL(), "UTF-8")); url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); url = response.encodeRedirectURL(url); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java index 9bf88534f..f73726890 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java @@ -29,7 +29,7 @@ import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; @@ -70,7 +70,7 @@ public class SAML1RequestImpl extends RequestImpl { reqAttr.addAll(SAML1Protocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION); try { - OAAuthParameter oa = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(getOAURL()); + OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); OASAML1 saml1 = oa.getSAML1Parameter(); if (saml1 != null) { if (saml1.isProvideAUTHBlock()) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 1e6cf6910..27b9cd849 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -33,7 +33,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationImpl; @@ -130,7 +130,7 @@ public class AttributeCollector implements IAction { // read configuration parameters of OA - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL()); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL()); if (oaParam == null) throw new AuthenticationException("stork.12", new Object[]{container.getRequest().getAssertionConsumerServiceURL()}); @@ -278,7 +278,7 @@ public class AttributeCollector implements IAction { Logger.info(e.getAp().getClass().getSimpleName() + " is going to ask an external service provider for the requested attributes"); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam); + e.getAp().performRedirect(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 859f4900b..48502e9e9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -25,7 +25,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; @@ -81,7 +81,7 @@ public class AuthenticationRequest implements IAction { httpResp.reset(); //TODO: CHECK: req.getOAURL() should return the unique OA identifier - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(req.getOAURL()); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(req.getOAURL()); if (oaParam == null) throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()}); @@ -200,7 +200,7 @@ public class AuthenticationRequest implements IAction { //TODO: in case of Single LogOut -> SLO information has to be stored // check if citizen country is configured in the system - if (!(AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode))) { + if (!(AuthConfigurationProviderFactory.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode))) { Logger.error("Citizen country PEPS not configured in MOA instance: " + citizenCountryCode); throw new MOAIDException("stork.05", null); // TODO } @@ -212,12 +212,12 @@ public class AuthenticationRequest implements IAction { String destinationURL = null; try { - issuer = new URL(AuthConfigurationProvider.getInstance().getPublicURLPrefix()).toString(); - destinationURL = AuthConfigurationProvider.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString(); - publicURLPrefix = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + issuer = new URL(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()).toString(); + destinationURL = AuthConfigurationProviderFactory.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString(); + publicURLPrefix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest"; } catch (MalformedURLException ex) { - Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix(), ex); + Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(), ex); throw new MOAIDException("stork.05", null); // TODO } catch (Exception ex) { Logger.error("Problem with PEPS configuration of MOA instance.", ex); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java index 2c5728798..9377d045b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java @@ -28,7 +28,7 @@ import java.util.HashMap; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; @@ -130,7 +130,7 @@ public class ConsentEvaluator implements IAction { Template template = velocityEngine.getTemplate("/resources/templates/stork2_consent.html"); VelocityContext context = new VelocityContext(); - context.put("action", AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/CompleteAuthentication?" + ARTIFACT_ID + "=" + newArtifactId); + context.put("action", AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/stork2/CompleteAuthentication?" + ARTIFACT_ID + "=" + newArtifactId); // assemble table String table = ""; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index a92d02e08..e9a1c2f1d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -30,7 +30,7 @@ import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.auth.builder.DynamicOAAuthParameterBuilder; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; @@ -235,7 +235,7 @@ public class MOASTORKRequest extends RequestImpl { //TODO: only for testing with MOA-ID as PVP Stammportal IOAAuthParameters oa; try { - oa = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(getOAURL()); + oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); oa = DynamicOAAuthParameterBuilder.buildFromAuthnRequest(oa, this); DynamicOAAuthParameters tmp = (DynamicOAAuthParameters) oa; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index ed8480ccb..b48a5acef 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -27,7 +27,7 @@ import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; @@ -84,7 +84,7 @@ public class MandateRetrievalRequest implements IAction { Logger.debug("Removing personal identification value and type from original mandate "); originalContent = StringUtils.getBytesUtf8(originalMandate); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(req.getOAURL()); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(req.getOAURL()); if (oaParam == null) throw new AuthenticationException("stork.12", new Object[]{req.getOAURL()}); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 57531992d..9eab99c52 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -25,7 +25,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; @@ -187,7 +187,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { STORK2Request.setSTORKAttrRequest(attrRequest); //check if OA is instance of VIDP or STORKPVPGateway - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(STORK2Request.getOAURL()); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(STORK2Request.getOAURL()); if (oaParam == null) throw new AuthenticationException("stork.12", new Object[]{STORK2Request.getOAURL()}); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java index 2c77db94e..ea0062620 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/attributeproviders/SignedDocAttributeRequestProvider.java @@ -56,7 +56,8 @@ import org.apache.velocity.app.VelocityEngine; import org.bouncycastle.util.encoders.UrlBase64; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.protocols.stork2.ExternalAttributeRequestRequiredException; @@ -110,7 +111,7 @@ public class SignedDocAttributeRequestProvider extends AttributeProvider { this.oasisDssWebFormURL = oasisDssWebFormURL; try { - AuthConfigurationProvider authConfigurationProvider = AuthConfigurationProvider.getInstance(); + AuthConfiguration authConfigurationProvider = AuthConfigurationProviderFactory.getInstance(); dtlUrl = authConfigurationProvider.getDocumentServiceUrl(); Logger.info ("SignedDocAttributeRequestProvider, using dtlUrl:"+dtlUrl); } catch (Exception e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java index 4288f48ad..1ca5dcce4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java @@ -43,7 +43,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.EncryptedData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; @@ -750,7 +750,7 @@ public class AuthenticationSessionStoreage { idp.setIdpurlprefix(req.getInterfederationResponse().getEntityID()); try { - OAAuthParameter oa = AuthConfigurationProvider.getInstance(). + OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance(). getOnlineApplicationParameter(idp.getIdpurlprefix()); idp.setStoreSSOInformation(oa.isInterfederationSSOStorageAllowed()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java index f246c55e1..b0d166951 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java @@ -42,7 +42,6 @@ import javax.crypto.spec.SecretKeySpec; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.DatabaseEncryptionException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.data.EncryptedData; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ConfigurationEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ConfigurationEncrytionUtil.java index 10221604c..19da7ed9e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ConfigurationEncrytionUtil.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ConfigurationEncrytionUtil.java @@ -23,7 +23,7 @@ package at.gv.egovernment.moa.id.util; import at.gv.egovernment.moa.id.auth.exception.DatabaseEncryptionException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; public class ConfigurationEncrytionUtil extends AbstractEncrytionUtil { @@ -34,7 +34,7 @@ public class ConfigurationEncrytionUtil extends AbstractEncrytionUtil { public static ConfigurationEncrytionUtil getInstance() { if (instance == null) { try { - key = AuthConfigurationProvider.getInstance().getMOAConfigurationEncryptionKey(); + key = AuthConfigurationProviderFactory.getInstance().getMOAConfigurationEncryptionKey(); instance = new ConfigurationEncrytionUtil(); } catch (Exception e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java index 520b81b17..0b517e783 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/IdentityLinkReSigner.java @@ -37,7 +37,7 @@ import org.w3c.dom.NodeList; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.spss.MOAException; import at.gv.egovernment.moa.spss.api.SPSSFactory; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java index 5eb55317a..b55dea250 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java @@ -66,7 +66,8 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; @@ -289,7 +290,7 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{ } else { //check against configured trustet template urls - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance(); List trustedTemplateURLs = authConf.getSLRequestTemplates(); //get OA specific template URLs diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java index 81abe3f5a..af3424881 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java @@ -70,7 +70,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.ConnectionParameterInterface; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; /** @@ -132,8 +132,8 @@ public class SSLUtils { conf.getCertstoreDirectory(), trustStoreURL, acceptedServerCertURL, - AuthConfigurationProvider.getInstance().getDefaultChainingMode(), - AuthConfigurationProvider.getInstance().isTrustmanagerrevoationchecking(), + AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode(), + AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(), connParam.getClientKeyStore(), connParam.getClientKeyStorePassword(), "pkcs12"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java index 8660f7c09..498f8408b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java @@ -23,7 +23,7 @@ package at.gv.egovernment.moa.id.util; import at.gv.egovernment.moa.id.auth.exception.DatabaseEncryptionException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; public class SessionEncrytionUtil extends AbstractEncrytionUtil { @@ -34,7 +34,7 @@ public class SessionEncrytionUtil extends AbstractEncrytionUtil { public static SessionEncrytionUtil getInstance() { if (instance == null) { try { - key = AuthConfigurationProvider.getInstance().getMOASessionEncryptionKey(); + key = AuthConfigurationProviderFactory.getInstance().getMOASessionEncryptionKey(); instance = new SessionEncrytionUtil(); } catch (Exception e) { diff --git a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java index 7606bc9bf..313038e08 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java @@ -10,8 +10,8 @@ import java.util.Collections; import org.junit.Test; import org.unitils.reflectionassert.ReflectionAssert; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; -import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; diff --git a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java index 39c8ef310..483731179 100644 --- a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java @@ -2,10 +2,10 @@ package at.gv.egovnerment.moa.id.config.auth; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.JaxBAuthConfigurationProvider; public class TestLegacyAuthConfigurationProvider extends - AuthConfigurationProvider { + JaxBAuthConfigurationProvider { private final MOAIDConfiguration moaidConfiguration; diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java index 0aa1ffab9..df21e17bf 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java @@ -59,7 +59,7 @@ import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.JaxBAuthConfigurationProvider; @@ -107,7 +107,7 @@ public class VerifyXMLSignatureRequestBuilderTest extends MOASPSSTestCase { InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); IdentityLink idl = irrp.parseIdentityLink(); VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + JaxBAuthConfigurationProvider authConf = JaxBAuthConfigurationProvider.getInstance(); Element requestBuild = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID()); @@ -128,7 +128,7 @@ public class VerifyXMLSignatureRequestBuilderTest extends MOASPSSTestCase { VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + JaxBAuthConfigurationProvider authConf = JaxBAuthConfigurationProvider.getInstance(); Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID()); diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java index 0876cfac6..c5c17f623 100644 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java +++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java @@ -60,7 +60,7 @@ import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.JaxBAuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; import at.gv.egovernment.moa.util.DOMUtils; @@ -118,7 +118,7 @@ System.setProperty( IdentityLink idl = irrp.parseIdentityLink(); VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + JaxBAuthConfigurationProvider authConf = JaxBAuthConfigurationProvider.getInstance(); Element request = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID()); s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithInfoboxReadResponse.xml","rw"); @@ -159,7 +159,7 @@ System.setProperty( VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + JaxBAuthConfigurationProvider authConf = JaxBAuthConfigurationProvider.getInstance(); Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID()); // Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement(); diff --git a/id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java b/id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java index 4a89f031e..74e89c833 100644 --- a/id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java +++ b/id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java @@ -56,7 +56,7 @@ import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.JaxBAuthConfigurationProvider; import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.StreamUtils; @@ -108,7 +108,7 @@ public class LasttestClient { System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, TESTDATA_ROOT + "xmldata/L000/Configuration.xml"); - AuthConfigurationProvider.reload(); + JaxBAuthConfigurationProvider.reload(); this.turns = turns; diff --git a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java index 549eb4f2b..6e1f612c8 100644 --- a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java +++ b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java @@ -1,5 +1,8 @@ package test.tlenz; +import iaik.asn1.structures.Name; +import iaik.utils.RFC2253NameParser; +import iaik.utils.RFC2253NameParserException; import at.gv.egovernment.moa.id.data.AuthenticationRole; import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; @@ -47,11 +50,24 @@ public class simpletest { // public static void main(String[] args) { - AuthenticationRole test = AuthenticationRoleFactory.buildFormPVPole("ecas-demo-EUROPEAN_COMMISSION(key=A\\,B)"); + String subjectName = "serialNumber=896929130327, givenName=OCSP, SN=Responder 03-1, CN=OCSP Responder 03-1, C=AT"; - test = AuthenticationRoleFactory.buildFormPVPole("ecas-demo-EUROPEAN_COMMISSION"); - test = AuthenticationRoleFactory.buildFormPVPole("ecas-demo-EUROPEAN_COMMISSION(key=A)"); - test = AuthenticationRoleFactory.buildFormPVPole("ecas-demo-EUROPEAN_COMMISSION(keyA=A,keyB=B)"); + try { + Name test = new RFC2253NameParser(subjectName).parse(); + + System.out.println(test.getRFC2253String()); + + } catch (RFC2253NameParserException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + +// AuthenticationRole test = AuthenticationRoleFactory.buildFormPVPole("ecas-demo-EUROPEAN_COMMISSION(key=A\\,B)"); +// +// test = AuthenticationRoleFactory.buildFormPVPole("ecas-demo-EUROPEAN_COMMISSION"); +// test = AuthenticationRoleFactory.buildFormPVPole("ecas-demo-EUROPEAN_COMMISSION(key=A)"); +// test = AuthenticationRoleFactory.buildFormPVPole("ecas-demo-EUROPEAN_COMMISSION(keyA=A,keyB=B)"); // // System.setProperty("mandates.configuration", "D:/Projekte/svn/moa-id/moa-id.properties"); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java index d8fde7eee..e794951d7 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java @@ -18,7 +18,6 @@ import org.springframework.context.support.ClassPathXmlApplicationContext; import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; import at.gv.egovernment.moa.id.commons.config.persistence.JsonMapper; -import at.gv.egovernment.moa.id.commons.db.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import com.fasterxml.jackson.core.JsonProcessingException; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java new file mode 100644 index 000000000..6217c6c68 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java @@ -0,0 +1,246 @@ +package at.gv.egovernment.moa.id.commons.config; + +/** + * + * + */ +public final class MOAIDConfigurationConstants { + + private MOAIDConfigurationConstants() { + // restrict instantiation + } + + //Basic key namespaces + public static final String PREFIX_MOAID = "moa.id"; + public static final String PREFIX_GENERAL = "general"; + public static final String PREFIX_SERVICES = "services"; + public static final String PREFIX_OA = "oa"; + public static final String PREFIX_VIDP = "vidp"; + public static final String PREFIX_IIDP = "iidp"; + public static final String PREFIX_GATEWAY = "gateway"; + + public static final String PREFIX_MOAID_GENERAL = PREFIX_MOAID + "." + PREFIX_GENERAL; + public static final String PREFIX_MOAID_SERVICES = PREFIX_MOAID + "." + PREFIX_SERVICES; + public static final String PREFIX_MOAID_SERVICES_OA = PREFIX_MOAID_SERVICES + "." + PREFIX_OA; + public static final String PREFIX_MOAID_SERVICES_VIDP = PREFIX_MOAID_SERVICES + "." + PREFIX_VIDP; + public static final String PREFIX_MOAID_SERVICES_IIDP = PREFIX_MOAID_SERVICES + "." + PREFIX_IIDP; + public static final String PREFIX_MOAID_SERVICES_GATEWAY = PREFIX_MOAID_SERVICES + "." + PREFIX_GATEWAY; + + //Namespaces for online applications + public static final String SERVICE_UNIQUEIDENTIFIER = "uniqueID"; //publicURLPrefix + public static final String SERVICE_FRIENDLYNAME = "friendlyName"; //friendlyName + public static final String SERVICE_TYPE = "type"; //type + public static final String SERVICE_ISACTIVE = "isActive"; //isActive + + //service authentication keys + private static final String AUTH = "auth"; + private static final String TARGET = "target"; + private static final String BKU = "bku"; + private static final String TESTCREDENTIALS = "testcredentials"; + private static final String MANDATES = "mandates"; + private static final String FOREIGNBPK = "foreignbPK"; + private static final String SSO = "sso"; + private static final String STORK = "stork"; + private static final String TEMPLATES = "templates"; + private static final String INTERFEDERATION = "interfederation"; + + private static final String PROTOCOLS = "protocols"; + private static final String SAML1 = "saml1"; + private static final String PVP2X = "pvp2x"; + private static final String OPENID = "openID"; + + public static final String SERVICE_AUTH_TARGET = AUTH + "." + TARGET; + public static final String SERVICE_AUTH_TARGET_TYPE = SERVICE_AUTH_TARGET + ".type"; //targetFriendlyName or IdentificationType + public static final String SERVICE_AUTH_TARGET_VALUE = SERVICE_AUTH_TARGET + ".value"; //target or IdentificationValue + + private static final String SERVICE_AUTH_BKU = AUTH + "." + BKU; + public static final String SERVICE_AUTH_BKU_ONLINE = SERVICE_AUTH_BKU + ".onlineBKU"; + public static final String SERVICE_AUTH_BKU_LOCAL = SERVICE_AUTH_BKU + ".localBKU"; + public static final String SERVICE_AUTH_BKU_HANDY = SERVICE_AUTH_BKU + ".handyBKU"; + public static final String SERVICE_AUTH_BKU_KEYBOXIDENTIFIER = SERVICE_AUTH_BKU + ".keyBoxIdentifier"; + public static final String SERVICE_AUTH_BKU_TEMPLATE_LIST = SERVICE_AUTH_BKU + ".template"; //SecurityLayer Templates + public static final String SERVICE_AUTH_BKU_TEMPLATE_LIST_VALUE = "url"; + public static final String SERVICE_AUTH_BKU_AUTHBLOCKTEXT = SERVICE_AUTH_BKU + "authblock.additionaltext"; + public static final String SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK = SERVICE_AUTH_BKU + "authblock.removebPK"; + + private static final String SERVICE_AUTH_TEMPLATES = AUTH + "." + TEMPLATES; + public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION = SERVICE_AUTH_TEMPLATES + ".bkuselection"; + public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION = SERVICE_AUTH_TEMPLATES + ".sendAssertion"; + private static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION = SERVICE_AUTH_TEMPLATES + ".customize"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".fonttype"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".color.back"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".color.front"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".header.color.back"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".header.color.front"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".header.text"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".button.color.back"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".button.color.back.focus"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".button.color.front"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".applet.redirecttarget"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".applet.hight"; + public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".applet.width"; + + private static final String SERVICE_AUTH_TESTCREDENTIALS = AUTH + "." + TESTCREDENTIALS; + public static final String SERVICE_AUTH_TESTCREDENTIALS_ENABLED = SERVICE_AUTH_TESTCREDENTIALS + ".enabled"; + public static final String SERVICE_AUTH_TESTCREDENTIALS_OIDs = SERVICE_AUTH_TESTCREDENTIALS + ".oids"; + + private static final String SERVICE_AUTH_MANDATES = AUTH + "." + MANDATES; + public static final String SERVICE_AUTH_MANDATES_ONLY = SERVICE_AUTH_MANDATES + "only"; + public static final String SERVICE_AUTH_MANDATES_PROFILES = SERVICE_AUTH_MANDATES + "profiles"; + + public static final String SERVICE_AUTH_FOREIGNBPK = AUTH + "." + FOREIGNBPK; //complex attribute + + private static final String SERVICE_AUTH_SSO = AUTH + "." + SSO; + public static final String SERVICE_AUTH_SSO_ENABLED = SERVICE_AUTH_SSO + ".enabled"; + public static final String SERVICE_AUTH_SSO_USERREQUEST = SERVICE_AUTH_SSO + ".userRequest"; + + private static final String SERVICE_AUTH_STORK = AUTH + "." + STORK; + public static final String SERVICE_AUTH_STORK_ENABLED = SERVICE_AUTH_STORK + ".enabled"; + public static final String SERVICE_AUTH_STORK_COUNTRIES_LIST = SERVICE_AUTH_STORK + ".countries"; + public static final String SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED = "enabled"; + public static final String SERVICE_AUTH_STORK_ATTRIBUTES_LIST = SERVICE_AUTH_STORK + ".attributes"; + public static final String SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME = "name"; + public static final String SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY = "mandatory"; + public static final String SERVICE_AUTH_STORK_REQUIRECONSENT = SERVICE_AUTH_STORK + ".requireConsent"; + public static final String SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST = SERVICE_AUTH_STORK + ".attributeprovider"; + public static final String SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME = "name"; + public static final String SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL = "url"; + public static final String SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES = "attributes"; + + private static final String SERVICE_PROTOCOLS_SAML1 = PROTOCOLS + "." + SAML1; + public static final String SERVICE_PROTOCOLS_SAML1_ENABLED = SERVICE_PROTOCOLS_SAML1 + ".enabled"; + public static final String SERVICE_PROTOCOLS_SAML1_IDL = SERVICE_PROTOCOLS_SAML1 + ".idl"; + public static final String SERVICE_PROTOCOLS_SAML1_BASEID = SERVICE_PROTOCOLS_SAML1 + ".baseid"; + public static final String SERVICE_PROTOCOLS_SAML1_AUTHBLOCK = SERVICE_PROTOCOLS_SAML1 + ".authblock"; + public static final String SERVICE_PROTOCOLS_SAML1_CERTIFICATE = SERVICE_PROTOCOLS_SAML1 + ".certificate"; + public static final String SERVICE_PROTOCOLS_SAML1_MANDATE = SERVICE_PROTOCOLS_SAML1 + ".mandate"; + public static final String SERVICE_PROTOCOLS_SAML1_RETURNERROR = SERVICE_PROTOCOLS_SAML1 + ".returnError"; + + private static final String SERVICE_PROTOCOLS_PVP2X = PROTOCOLS + "." + PVP2X; + public static final String SERVICE_PROTOCOLS_PVP2X_RELOAD = SERVICE_PROTOCOLS_PVP2X + ".reload"; + public static final String SERVICE_PROTOCOLS_PVP2X_URL = SERVICE_PROTOCOLS_PVP2X + ".URL"; + public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE = SERVICE_PROTOCOLS_PVP2X + ".certificate"; + + private static final String SERVICE_PROTOCOLS_OPENID = PROTOCOLS + "." + OPENID; + public static final String SERVICE_PROTOCOLS_OPENID_CLIENTID = SERVICE_PROTOCOLS_OPENID + ".clientID"; + public static final String SERVICE_PROTOCOLS_OPENID_CLIENTSECRET = SERVICE_PROTOCOLS_OPENID + ".secret"; + public static final String SERVICE_PROTOCOLS_OPENID_REDIRECTURL = SERVICE_PROTOCOLS_OPENID + ".redirectURL"; + + public static final String SERVICE_INTERFEDERATION_SSO_INBOUND = INTERFEDERATION + ".SSO.inbound"; + public static final String SERVICE_INTERFEDERATION_SSO_OUTBOUND = INTERFEDERATION + ".SSO.outbound"; + public static final String SERVICE_INTERFEDERATION_SSO_STORE = INTERFEDERATION + ".SSO.store"; + public static final String SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL = INTERFEDERATION + ".attributequery.url"; + + public static final String SERVICE_INTERFEDERATION_PASSIVEREQUEST = INTERFEDERATION + ".passiveReqeust"; + public static final String SERVICE_INTERFEDERATION_LOCALAUTHONERROR = INTERFEDERATION + ".localAuthOnError"; + public static final String SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER = INTERFEDERATION + ".forward.IDP"; + public static final String SERVICE_INTERFEDERATION_FORWARD_PROTOCOL = INTERFEDERATION + ".forward.protocol"; + + + + //Namespaces for general MOA-ID config + public static final String GENERAL_PUBLICURLPREFIX = "publicURLPrefix"; + + private static final String GENERAL_DEFAULTS = "defaults"; + private static final String GENERAL_DEFAULTS_BKU = GENERAL_DEFAULTS + "." + BKU; + public static final String GENERAL_DEFAULTS_BKU_ONLINE = GENERAL_DEFAULTS_BKU + ".onlineBKU"; + public static final String GENERAL_DEFAULTS_BKU_HANDY = GENERAL_DEFAULTS_BKU + ".handyBKU"; + public static final String GENERAL_DEFAULTS_BKU_LOCAL = GENERAL_DEFAULTS_BKU + ".localBKU"; + private static final String GENERAL_DEFAULTS_TEMPLATES = GENERAL_DEFAULTS + "." + TEMPLATES; + public static final String GENERAL_DEFAULTS_TEMPLATES_LOCAL = GENERAL_DEFAULTS_TEMPLATES + ".localBKU"; + public static final String GENERAL_DEFAULTS_TEMPLATES_HANDY = GENERAL_DEFAULTS_TEMPLATES + ".handyBKU"; + public static final String GENERAL_DEFAULTS_TEMPLATES_ONLINE = GENERAL_DEFAULTS_TEMPLATES + ".onlineBKU"; + + private static final String GENERAL_AUTH = "auth"; + public static final String GENERAL_AUTH_CERTSTORE_URL = GENERAL_AUTH + ".certstore.url"; + public static final String GENERAL_AUTH_TRUSTSTORE_URL = GENERAL_AUTH + ".truststore.url"; + public static final String GENERAL_AUTH_REVOCATIONCHECKING = GENERAL_AUTH + ".revocationchecking"; + + public static final String GENERAL_AUTH_TIMEOUTS_TRANSACTION = GENERAL_AUTH + ".timeouts.transaction"; //Anmeldedaten + public static final String GENERAL_AUTH_TIMEOUS_SSO_CREATE = GENERAL_AUTH + ".timeouts.sso.create"; + public static final String GENERAL_AUTH_TIMEOUS_SSO_UPDATE = GENERAL_AUTH + ".timeouts.sso.update"; + + public static final String GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_PROD = GENERAL_AUTH + ".moasp.trustprofile.idl.prod"; + public static final String GENERAL_AUTH_MOASP_TRUSTPROFILE_IDL_TEST = GENERAL_AUTH + ".moasp.trustprofile.idl.test"; + public static final String GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_PROD = GENERAL_AUTH + ".moasp.trustprofile.authblock.prod"; + public static final String GENERAL_AUTH_MOASP_TRUSTPROFILE_AUTHBLOCK_TEST = GENERAL_AUTH + ".moasp.trustprofile.authblock.test"; + public static final String GENERAL_AUTH_MOASP_AUTHBLOCK_TRANSFORM = GENERAL_AUTH + ".moasp.authblock.transform"; + public static final String GENERAL_AUTH_MOASP_URL = GENERAL_AUTH + ".moasp.url"; + + public static final String GENERAL_AUTH_SERVICES_OVS_URL = GENERAL_AUTH + ".services.ovs.url"; + public static final String GENERAL_AUTH_SERVICES_SZRGW_URL = GENERAL_AUTH + ".services.szrgw.url"; + + + public static final String GENERAL_AUTH_SSO_SERVICENAME = GENERAL_AUTH + "." + SSO + ".servicename"; + public static final String GENERAL_AUTH_SSO_TARGET = GENERAL_AUTH + "." + SSO + ".target"; + public static final String GENERAL_AUTH_SSO_AUTHBLOCK_TEXT = GENERAL_AUTH + "." + SSO + ".authblock.text"; + + private static final String GENERAL_PROTOCOLS = PROTOCOLS; + private static final String GENERAL_PROTOCOLS_SAML1 = GENERAL_PROTOCOLS + "." + SAML1; + private static final String GENERAL_PROTOCOLS_PVP2X = GENERAL_PROTOCOLS + "." + PVP2X; + private static final String GENERAL_PROTOCOLS_OPENID = GENERAL_PROTOCOLS + "." + OPENID; + public static final String GENERAL_PROTOCOLS_SAML1_ENABLED = GENERAL_PROTOCOLS_SAML1 + ".enabled"; + public static final String GENERAL_PROTOCOLS_SAML1_LEGACY = GENERAL_PROTOCOLS_SAML1 + ".legacy"; + public static final String GENERAL_PROTOCOLS_SAML1_SOURCEID = GENERAL_PROTOCOLS_SAML1 + ".sourceID"; + public static final String GENERAL_PROTOCOLS_OPENID_ENABLED = GENERAL_PROTOCOLS_OPENID + ".enabled"; + public static final String GENERAL_PROTOCOLS_OPENID_LEGACY = GENERAL_PROTOCOLS_OPENID + ".legacy"; + + public static final String GENERAL_PROTOCOLS_PVP2X_ENABLED = GENERAL_PROTOCOLS_PVP2X + ".enabled"; + public static final String GENERAL_PROTOCOLS_PVP2X_LEGACY = GENERAL_PROTOCOLS_PVP2X + ".legacy"; + public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME = GENERAL_PROTOCOLS_PVP2X + ".metadata.servicename"; + public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_SHORTNAME = GENERAL_PROTOCOLS_PVP2X + ".metadata.org.name.short"; + public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_FULLNAME = GENERAL_PROTOCOLS_PVP2X + ".metadata.org.name.full"; + public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_ORG_URL = GENERAL_PROTOCOLS_PVP2X + ".metadata.org.url"; + + public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_FAMLIYNAME = GENERAL_PROTOCOLS_PVP2X + ".metadata.contact.familyname"; + public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_GIVENNAME = GENERAL_PROTOCOLS_PVP2X + ".metadata.contact.givenname"; + public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_MAIL = GENERAL_PROTOCOLS_PVP2X + ".metadata.contact.mail"; + public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_PHONE = GENERAL_PROTOCOLS_PVP2X + ".metadata.contact.phone"; + public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_COMPANY = GENERAL_PROTOCOLS_PVP2X + ".metadata.contact.company"; + public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_TYPE = GENERAL_PROTOCOLS_PVP2X + ".metadata.contact.type"; + + public static final String GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_NAME = GENERAL_AUTH + ".authblock.transformation.name"; + public static final String GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64 = GENERAL_AUTH + ".authblock.transformation.base64"; + + public static final String GENERAL_AUTH_STORK = GENERAL_AUTH + "." + STORK; + public static final String GENERAL_AUTH_STORK_QAA = GENERAL_AUTH + "." + STORK + ".qaa"; + public static final String GENERAL_AUTH_STORK_CPEPS_LIST = GENERAL_AUTH + "." + STORK + ".cpeps"; + public static final String GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY = "countrycode"; + public static final String GENERAL_AUTH_STORK_CPEPS_LIST_URL = "url"; + public static final String GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG = "support.xmldsig"; + + public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST = GENERAL_AUTH + "." + STORK + ".attributes"; + public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME = "friendlyname"; + public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY = "mandatory"; + +// // old!!!!!!!!!!! // +// // keys for the object in the key-value database +// public static final String ONLINE_APPLICATIONS_KEY = "OnlineApplications"; +// public static final String AUTH_COMPONENT_GENERAL_KEY = "AuthComponentGeneral"; +// public static final String CHAINING_MODES_KEY = "ChainingModes"; +// public static final String TRUSTED_CERTIFICATES_KEY = "TruestedCertificates"; +// public static final String DEFAULT_BKUS_KEY = "DefaultBKUs"; +// public static final String SLREQUEST_TEMPLATES_KEY = "SLRequestTemplates"; +// public static final String TIMESTAMP_ITEM_KEY = "TimestampItem"; +// public static final String PVP2REFRESH_ITEM_KEY = "Pvp2RefreshItem"; +// public static final String GENERIC_CONFIGURATION_KEY = "GenericConfiguration"; +// +// /** +// * Returns all relevant (database-) keys that {@link MOAIDConfiguration} contains. +// * @return the keys as {@code String[]} +// */ +// public static final String[] getMOAIDConfigurationKeys() { +// return new String[] { AUTH_COMPONENT_GENERAL_KEY, CHAINING_MODES_KEY, TRUSTED_CERTIFICATES_KEY, +// DEFAULT_BKUS_KEY, SLREQUEST_TEMPLATES_KEY, TIMESTAMP_ITEM_KEY, PVP2REFRESH_ITEM_KEY }; +// } +// +// /** +// * Returns all (database-) keys that {@link MOAIDConfiguration} contains. +// * @return the keys as {@code String[]} +// */ +// public static final String[] getAllMOAIDConfigurationKeys() { +// return new String[] { ONLINE_APPLICATIONS_KEY, AUTH_COMPONENT_GENERAL_KEY, CHAINING_MODES_KEY, +// TRUSTED_CERTIFICATES_KEY, DEFAULT_BKUS_KEY, SLREQUEST_TEMPLATES_KEY, TIMESTAMP_ITEM_KEY, +// PVP2REFRESH_ITEM_KEY }; +// } +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/Configuration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/Configuration.java deleted file mode 100644 index f357fc570..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/Configuration.java +++ /dev/null @@ -1,60 +0,0 @@ -package at.gv.egovernment.moa.id.commons.config.persistence; - -import java.util.List; - -/** - * An interface for a key-value configuration. - */ -public interface Configuration { - - /** - * Gets all keys in the database. NOTE: may return an empty list or {@code null}. - * @return a List containing all keys in the database or {@code null}. - */ - List getAllKeys(); - - /** - * Get the value associated with the given key as {@link Object}. - * @param key the key - * @return the object associated with the given key or {@code null} if the key does not exist or does not have a value. - */ - Object get(String key); - - /** - * Get the object of type {@code T} associated with the given key. - * - * @param key the key - * @param clazz the type of the requested object - * @return the object associated with the given key or {@code null} if the key does not exist or does not have a value. - */ - T get(String key, Class clazz); - - /** - * Store an object associated with a key. If the given object is set to {@code null} then the entry associated with the key is deleted. - * - * @param key the key under which the value is stored, respectively key determining the entry to be deleted. - * @param value the object to store. if value is set to {@code null} then the entry associated with key {@code key} is deleted. - * @return {@code true} if the operation was carried out successfully, {@code false} otherwise. - */ - boolean set(String key, Object value); - - /** - * Get the object of type {@code T} associated with the given key from the database. If the key does not exist or does not have a value, the given default - * value is returned. - * - * @param key the key - * @param clazz the type of the requested object - * @param defaultValue the default value to return - * @return the object associated with the given key or {@code defaultValue} if the key does not exist or does not have a value. - */ - T get(String key, Class clazz, Object defaultValue); - - /** - * Get a list of objects associated with the given key. The list may be empty or contain only a single object. - * @param key the key - * @param clazz the type of the requested object - * @return a list containing objects of type {@code T} or an empty list if no objects are associated with the key. - */ - List getList(String key, Class clazz); - -} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/ConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/ConfigurationImpl.java deleted file mode 100644 index c90b60440..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/ConfigurationImpl.java +++ /dev/null @@ -1,161 +0,0 @@ -package at.gv.egovernment.moa.id.commons.config.persistence; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; - -import javax.persistence.EntityExistsException; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Required; -import org.springframework.stereotype.Component; - -import at.gv.egovernment.moa.id.commons.db.dao.config.ConfigProperty; -import at.gv.egovernment.moa.id.commons.db.dao.config.ConfigPropertyDao; - -import com.fasterxml.jackson.core.JsonProcessingException; -import com.fasterxml.jackson.databind.JsonMappingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.type.CollectionType; -import com.fasterxml.jackson.databind.type.TypeFactory; - -/** - * The implementation of a key-value configuration implementing the {@link Configuration} interface. - * It employs the {@link ConfigPropertyDao} to persist configuration data. - */ -@Component -public class ConfigurationImpl implements Configuration { - - private final Logger log = LoggerFactory.getLogger(getClass()); - - ConfigPropertyDao configPropertyDao; - private JsonMapper mapper = new JsonMapper(); - - /** - * Sets the {@link ConfigPropertyDao}. - * @param configPropertyDao the ConfigPropertyDao - */ - @Required - public void setConfigPropertyDao(ConfigPropertyDao configPropertyDao) { - this.configPropertyDao = configPropertyDao; - } - - @Override - public List getAllKeys(){ - try { - return this.configPropertyDao.getAllKeys(); - } catch (Exception e) { - log.debug("Error while retrieving a list of all keys in the database."); - return null; - } - } - - @Override - public Object get(String key) { - // return null if key does not exist - try { - ConfigProperty property = configPropertyDao.getProperty(key); - if (property != null && property.getValue() != null) { - return mapper.deserialize(property.getValue(), null); - } else { - return null; - } - } catch (IllegalArgumentException e) { - log.debug("Error while searching for key '{}' in the database.", key); - return null; - } catch (Exception e) { - log.debug("Error while deserializing value of key '{}' to object.", key); - return null; - } - } - - @Override - public T get(String key, Class clazz) { - // return null if key does not exist - try { - ConfigProperty property = configPropertyDao.getProperty(key); - if (property != null && property.getValue() != null) { - return clazz.cast(mapper.deserialize(property.getValue(), clazz)); - } else { - return null; - } - } catch (IllegalArgumentException e) { - log.debug("Error while searching for key '{}' in the database.", key); - return null; - } catch (Exception e) { - log.debug("Error while deserializing value of key '{}' to object of type {}.", key, clazz.getClass()); - return null; - } - } - - @Override - public boolean set(String key, Object value) { - - try { - if (value == null) { - configPropertyDao.delete(key); - return true; - } else { - - ConfigProperty keyValue = new ConfigProperty(); - keyValue.setKey(key); - - keyValue.setValue(mapper.serialize(value)); - configPropertyDao.saveProperty(keyValue); - return true; - } - } catch (JsonProcessingException e) { - log.debug("Error while serializing object for key '{}'.", key); - return false; - } catch (EntityExistsException e) { - log.debug("Property '{}' already exists!", key); - return false; - } catch (Exception e) { - log.debug("Error while setting value for key '{}' in the database.", key); - return false; - } - } - - @Override - public T get(String key, Class clazz, Object defaultValue) { - - T value = get(key, clazz); - if (value != null) { - return value; - } else { - return clazz.cast(defaultValue); - } - } - - @SuppressWarnings("unchecked") - @Override - public List getList(String key, Class clazz) { - - CollectionType listType = TypeFactory.defaultInstance().constructCollectionType(List.class, clazz); - try { - if ((configPropertyDao.getProperty(key) == null) - || (configPropertyDao.getProperty(key).getValue() == null)) { - return new ArrayList(); - } - String json = configPropertyDao.getProperty(key).getValue(); - ObjectMapper mapper = new ObjectMapper(); - - return (List) mapper.readValue(json, listType); - } catch (JsonMappingException e) { - ArrayList tmp = new ArrayList(); - T value = get(key, clazz); - if (value != null) { - tmp.add(value); - } - return tmp; - } catch (IOException e) { - log.debug("Error while deserializing value for key '{}' to List<{}>.", key, clazz.getClass()); - return new ArrayList(); - } catch (Exception e){ - log.debug("Error while searching key '{}' in the database.", key); - return new ArrayList(); - } - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfiguration.java new file mode 100644 index 000000000..45f37ef97 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfiguration.java @@ -0,0 +1,62 @@ +package at.gv.egovernment.moa.id.commons.config.persistence; + +import java.util.List; + +import at.gv.egiz.components.configuration.api.Configuration; + +/** + * An interface for a key-value configuration. + */ +public interface MOAIDConfiguration { + + /** + * Gets all keys in the database. NOTE: may return an empty list or {@code null}. + * @return a List containing all keys in the database or {@code null}. + */ + List getAllKeys(); + + /** + * Get the value associated with the given key as {@link Object}. + * @param key the key + * @return the String associated with the given key or {@code null} if the key does not exist or does not have a value. + */ + String get(String key); + + /** + * Get the object of type {@code T} associated with the given key. + * + * @param key the key + * @param clazz the type of the requested object + * @return the object associated with the given key or {@code null} if the key does not exist or does not have a value. + */ + T get(String key, Class clazz); + + /** + * Store an object associated with a key. If the given object is set to {@code null} then the entry associated with the key is deleted. + * + * @param key the key under which the value is stored, respectively key determining the entry to be deleted. + * @param value the String to store. if value is set to {@code null} then the entry associated with key {@code key} is deleted. + * @return {@code true} if the operation was carried out successfully, {@code false} otherwise. + */ + boolean set(String key, String value); +// +// /** +// * Get the object of type {@code T} associated with the given key from the database. If the key does not exist or does not have a value, the given default +// * value is returned. +// * +// * @param key the key +// * @param clazz the type of the requested object +// * @param defaultValue the default value to return +// * @return the object associated with the given key or {@code defaultValue} if the key does not exist or does not have a value. +// */ +// T get(String key, Class clazz, Object defaultValue); +// +// /** +// * Get a list of objects associated with the given key. The list may be empty or contain only a single object. +// * @param key the key +// * @param clazz the type of the requested object +// * @return a list containing objects of type {@code T} or an empty list if no objects are associated with the key. +// */ +// List getList(String key, Class clazz); + +} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java new file mode 100644 index 000000000..10ed19f83 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java @@ -0,0 +1,136 @@ +package at.gv.egovernment.moa.id.commons.config.persistence; + +import java.util.Arrays; +import java.util.List; + +import javax.persistence.EntityExistsException; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Required; +import org.springframework.stereotype.Component; + +import at.gv.egiz.components.configuration.api.Configuration; + +/** + * The implementation of a key-value configuration implementing the {@link Configuration} interface. + * It employs the {@link ConfigPropertyDao} to persist configuration data. + */ +@Component +public class MOAIDConfigurationImpl implements MOAIDConfiguration { + + private final Logger log = LoggerFactory.getLogger(getClass()); + + Configuration configPropertyDao; +// private JsonMapper mapper = new JsonMapper(); + + /** + * Sets the {@link ConfigPropertyDao}. + * @param configPropertyDao the ConfigPropertyDao + */ + @Required + public void setConfigPropertyDao(Configuration configPropertyDao) { + this.configPropertyDao = configPropertyDao; + } + + @Override + public List getAllKeys(){ + try { + return Arrays.asList(this.configPropertyDao.getConfigurationIds()); + } catch (Exception e) { + log.debug("Error while retrieving a list of all keys in the database."); + return null; + } + } + + @Override + public String get(String key) { + // return null if key does not exist + try { + return configPropertyDao.getStringValue(key); + + } catch (Exception e) { + log.debug("Error while searching value of key '{}' to object.", key); + return null; + } + } + + @Override + public T get(String key, Class clazz) { + // return null if key does not exist + try { + T property = configPropertyDao.getObjectValue(key, clazz); + return property; + + } catch (IllegalArgumentException e) { + log.debug("Error while searching for key '{}' in the database.", key); + return null; + } catch (Exception e) { + log.debug("Error while deserializing value of key '{}' to object of type {}.", key, clazz.getClass()); + return null; + } + } + + @Override + public boolean set(String key, String value) { + + try { + //TODO: add delete + if (value == null) { + //configPropertyDao.delete(key); + return true; + } else { + configPropertyDao.setStringValue(key, value); + return true; + } + } catch (EntityExistsException e) { + log.debug("Property '{}' already exists!", key); + return false; + } catch (Exception e) { + log.debug("Error while setting value for key '{}' in the database.", key); + return false; + } + } + +// @Override +// public T get(String key, Class clazz, Object defaultValue) { +// +// T value = get(key, clazz); +// if (value != null) { +// return value; +// } else { +// return clazz.cast(defaultValue); +// } +// } +// +// @SuppressWarnings("unchecked") +// @Override +// public List getList(String key, Class clazz) { +// +// CollectionType listType = TypeFactory.defaultInstance().constructCollectionType(List.class, clazz); +// try { +// if ((configPropertyDao.getProperty(key) == null) +// || (configPropertyDao.getProperty(key).getValue() == null)) { +// return new ArrayList(); +// } +// String json = configPropertyDao.getProperty(key).getValue(); +// ObjectMapper mapper = new ObjectMapper(); +// +// return (List) mapper.readValue(json, listType); +// } catch (JsonMappingException e) { +// ArrayList tmp = new ArrayList(); +// T value = get(key, clazz); +// if (value != null) { +// tmp.add(value); +// } +// return tmp; +// } catch (IOException e) { +// log.debug("Error while deserializing value for key '{}' to List<{}>.", key, clazz.getClass()); +// return new ArrayList(); +// } catch (Exception e){ +// log.debug("Error while searching key '{}' in the database.", key); +// return new ArrayList(); +// } +// } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationFromDBExtractor.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationFromDBExtractor.java index 394c9cdeb..f6066d68f 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationFromDBExtractor.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationFromDBExtractor.java @@ -7,6 +7,7 @@ import java.util.List; import javax.persistence.EntityManager; import javax.persistence.TypedQuery; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOAIDConfigurationConstants.java deleted file mode 100644 index 30897bc1d..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/MOAIDConfigurationConstants.java +++ /dev/null @@ -1,44 +0,0 @@ -package at.gv.egovernment.moa.id.commons.db; - -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; - -/** - * - * - */ -public final class MOAIDConfigurationConstants { - - private MOAIDConfigurationConstants() { - // restrict instantiation - } - - // keys for the object in the key-value database - public static final String ONLINE_APPLICATIONS_KEY = "OnlineApplications"; - public static final String AUTH_COMPONENT_GENERAL_KEY = "AuthComponentGeneral"; - public static final String CHAINING_MODES_KEY = "ChainingModes"; - public static final String TRUSTED_CERTIFICATES_KEY = "TruestedCertificates"; - public static final String DEFAULT_BKUS_KEY = "DefaultBKUs"; - public static final String SLREQUEST_TEMPLATES_KEY = "SLRequestTemplates"; - public static final String TIMESTAMP_ITEM_KEY = "TimestampItem"; - public static final String PVP2REFRESH_ITEM_KEY = "Pvp2RefreshItem"; - public static final String GENERIC_CONFIGURATION_KEY = "GenericConfiguration"; - - /** - * Returns all relevant (database-) keys that {@link MOAIDConfiguration} contains. - * @return the keys as {@code String[]} - */ - public static final String[] getMOAIDConfigurationKeys() { - return new String[] { AUTH_COMPONENT_GENERAL_KEY, CHAINING_MODES_KEY, TRUSTED_CERTIFICATES_KEY, - DEFAULT_BKUS_KEY, SLREQUEST_TEMPLATES_KEY, TIMESTAMP_ITEM_KEY, PVP2REFRESH_ITEM_KEY }; - } - - /** - * Returns all (database-) keys that {@link MOAIDConfiguration} contains. - * @return the keys as {@code String[]} - */ - public static final String[] getAllMOAIDConfigurationKeys() { - return new String[] { ONLINE_APPLICATIONS_KEY, AUTH_COMPONENT_GENERAL_KEY, CHAINING_MODES_KEY, - TRUSTED_CERTIFICATES_KEY, DEFAULT_BKUS_KEY, SLREQUEST_TEMPLATES_KEY, TIMESTAMP_ITEM_KEY, - PVP2REFRESH_ITEM_KEY }; - } -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java index 28363a1eb..64d8e9d80 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBRead.java @@ -7,12 +7,12 @@ import java.util.List; import org.springframework.beans.factory.annotation.Autowired; -import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; import at.gv.egovernment.moa.id.commons.db.dao.config.GenericConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; @@ -24,10 +24,10 @@ import at.gv.egovernment.moa.logging.Logger; */ public class NewConfigurationDBRead { - private static Configuration conf; + private static MOAIDConfiguration conf; @Autowired(required = true) - public void setConfiguration(Configuration conf) { + public void setConfiguration(MOAIDConfiguration conf) { // https://jira.spring.io/browse/SPR-3845 NewConfigurationDBRead.conf = conf; } @@ -100,7 +100,7 @@ public class NewConfigurationDBRead { * * @return */ - public static MOAIDConfiguration getMOAIDConfiguration() { + public static at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration getMOAIDConfiguration() { Logger.trace("Load MOAID Configuration from database."); AuthComponentGeneral authComponent = (AuthComponentGeneral) conf.get(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, @@ -126,7 +126,7 @@ public class NewConfigurationDBRead { // } // select moaidconfiguration from MOAIDConfiguration moaidconfiguration - MOAIDConfiguration result = new MOAIDConfiguration(); + at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration result = new at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration(); result.setAuthComponentGeneral(authComponent); result.setChainingModes(chainingModes); result.setGenericConfiguration(genericConfigurations); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java index de4a1789e..69e03db28 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/NewConfigurationDBWrite.java @@ -6,12 +6,12 @@ import java.util.List; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; -import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; import at.gv.egovernment.moa.id.commons.db.dao.config.GenericConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; @@ -22,10 +22,10 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; @Component public class NewConfigurationDBWrite { - private static Configuration conf; + private static MOAIDConfiguration conf; @Autowired(required = true) - public void setConfiguration(Configuration conf) { + public void setConfiguration(MOAIDConfiguration conf) { // https://jira.spring.io/browse/SPR-3845 NewConfigurationDBWrite.conf = conf; } @@ -106,7 +106,8 @@ public class NewConfigurationDBWrite { } else if (dbo instanceof MOAIDConfiguration) { - MOAIDConfiguration moaconfig = (MOAIDConfiguration) dbo; + at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration moaconfig = + (at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration) dbo; result = true; result &= saveAuthComponentGeneral(moaconfig.getAuthComponentGeneral()); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDao.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDao.java deleted file mode 100644 index db35ba1df..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDao.java +++ /dev/null @@ -1,58 +0,0 @@ -package at.gv.egovernment.moa.id.commons.db.dao.config; - -import java.util.List; -import java.util.Set; - -/** - * DAO interface providing means for accessing MOAID configuration properties. - * - */ -public interface ConfigPropertyDao { - - /** - * Gets all keys in the database. - * @return a List containing all keys in the database. - */ - List getAllKeys(); - - /** - * Returns the {@link ConfigProperty} associated with {@code key} or {@code null} if the entry does not exist. - * - * @param key The configuration key. - * @return The configuration property value or {@code null}. - */ - ConfigProperty getProperty(String key); - - /** - * Persists a given {@link ConfigProperty}. - * @param property The property to be persisted. - */ - void saveProperty(ConfigProperty property); - - /** - * Returns a {@link List} containing all stored {@linkplain ConfigProperty ConfigProperties}. - * @return The list with the properties. - */ - List getProperties(); - - /** - * Returns the value for the configuration property associated with {@code key} or {@code null} if the entry does not exist or its value is {@code null}. - * - * @param key The configuration key. - * @return The configuration property value or {@code null}. - */ - String getPropertyValue(String key); - - /** - * Persists a {@link List} of {@linkplain ConfigProperty ConfigProperties}. - * @param properties The list containing all the properties to be persisted. - */ - void saveProperties(Set properties); - - /** - * Deletes the object associated with the given key. - * @param key the key - */ - void delete(String key); - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java index 6a76c1d17..24195b0cf 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java @@ -1,10 +1,8 @@ package at.gv.egovernment.moa.id.commons.db.dao.config; import java.util.List; -import java.util.Set; import javax.persistence.EntityManager; -import javax.persistence.NoResultException; import javax.persistence.PersistenceContext; import javax.persistence.TypedQuery; @@ -12,20 +10,25 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.transaction.annotation.Transactional; +import at.gv.egiz.components.configuration.api.AbstractConfigurationImpl; +import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egovernment.moa.util.MiscUtil; + /** * Database backed implementation of the DAO interface * */ @Transactional("transactionManager") -public class ConfigPropertyDaoImpl implements ConfigPropertyDao { +public class ConfigPropertyDaoImpl extends AbstractConfigurationImpl { private Logger log = LoggerFactory.getLogger(getClass()); @PersistenceContext(unitName = "moaidconf") private EntityManager em; + @Override - public List getAllKeys() { + protected List getAllKeys() { if (null == em) { log.error("No EntityManager set!"); return null; @@ -35,70 +38,150 @@ public class ConfigPropertyDaoImpl implements ConfigPropertyDao { return result; } + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#getValue(java.lang.String) + */ + @Override + protected String getValue(String key) throws ConfigurationException { + ConfigProperty property = getProperty(key); + if (property == null) + return null; + + else { + if (MiscUtil.isEmpty(property.getValue())) + return new String(); + else + return property.getValue(); + + } + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#containsKey(java.lang.String) + */ + @Override + protected boolean containsKey(String key) throws ConfigurationException { + ConfigProperty property = getProperty(key); + if (property == null) + return false; + else + return true; + + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#storeKey(java.lang.String, java.lang.String) + */ @Override - public void saveProperty(ConfigProperty property) { + protected void storeKey(String key, String value) throws ConfigurationException { if (null == em) { log.error("No EntityManager set!"); return; + } - + ConfigProperty property = new ConfigProperty(); + property.setKey(key); + property.setValue(value); log.debug("Storing '{}'.", property.toString()); em.persist(property); + } - @Override - public ConfigProperty getProperty(String key) { - log.debug("Looking for configuration property for key '{}'.", key); - ConfigProperty result = em.find(ConfigProperty.class, key); - if (result != null) { - log.debug("Found configuration property {}.", result); - } else { - log.debug("Unable to find configuration property for key '{}'.", key); - } - return result; + protected void deleteKey(String key) { + log.debug("Deleting entry with key '{}'.", key); + em.remove(em.find(ConfigProperty.class, key)); } - + + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#findConfigurationId(java.lang.String) + */ @Override - public String getPropertyValue(String key) { - ConfigProperty property = getProperty(key); - if (property == null) { + public String[] findConfigurationId(String searchString) + throws ConfigurationException { + if (null == em) { + log.error("No EntityManager set!"); return null; } - return property.getValue(); + + TypedQuery query = em.createQuery("select * from ConfigProperty dbconfig where dbconfig.key like :key", String.class); + query.setParameter("key", searchString.replace("*", "%")); + List result = query.getResultList(); + return result.toArray(new String[result.size()]); } + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#findByValue(java.lang.String) + */ @Override - public List getProperties() { - + public String[] findByValue(String searchString) + throws ConfigurationException { if (null == em) { log.error("No EntityManager set!"); return null; } - - log.debug("Retrieving all properties from database."); - TypedQuery query = em.createQuery("select mc from ConfigProperty mc", ConfigProperty.class); - try { - List propertiesList = query.getResultList(); - return propertiesList; - } catch (NoResultException e) { - log.debug("No property found in database."); - return null; - } + + TypedQuery query = em.createQuery("select * from ConfigProperty dbconfig where dbconfig.value like :value", String.class); + query.setParameter("value", searchString.replace("*", "%")); + List result = query.getResultList(); + return result.toArray(new String[result.size()]); } + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#synchronize() + */ @Override - public void saveProperties(Set properties) { - log.debug("Storing {} properties to database.", properties.size()); - for (ConfigProperty cp : properties) { - saveProperty(cp); - } - em.flush(); + public void synchronize() throws ConfigurationException { + //INFO: no implementation required + } + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#getName() + */ @Override - public void delete(String key) { - log.debug("Deleting entry with key '{}'.", key); - em.remove(em.find(ConfigProperty.class, key)); + public String getName() { + return "DatabaseConfiguration"; + } + + + private ConfigProperty getProperty(String key) { + log.debug("Looking for configuration property for key '{}'.", key); + ConfigProperty result = em.find(ConfigProperty.class, key); + if (result != null) { + log.debug("Found configuration property {}.", result); + } else { + log.debug("Unable to find configuration property for key '{}'.", key); + } + return result; } -} + +// @Override +// public String getPropertyValue(String key) { +// ConfigProperty property = getProperty(key); +// if (property == null) { +// return null; +// } +// return property.getValue(); +// } +// +// @Override +// public List getProperties() { +// +// if (null == em) { +// log.error("No EntityManager set!"); +// return null; +// } +// +// log.debug("Retrieving all properties from database."); +// TypedQuery query = em.createQuery("select mc from ConfigProperty mc", ConfigProperty.class); +// try { +// List propertiesList = query.getResultList(); +// return propertiesList; +// } catch (NoResultException e) { +// log.debug("No property found in database."); +// return null; +// } +// } + +} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/test/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBReadTest.java b/id/server/moa-id-commons/src/test/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBReadTest.java index 7b596fab8..c8a234565 100644 --- a/id/server/moa-id-commons/src/test/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBReadTest.java +++ b/id/server/moa-id-commons/src/test/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBReadTest.java @@ -20,9 +20,8 @@ import org.springframework.test.annotation.IfProfileValue; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; -import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import com.fasterxml.jackson.annotation.JsonProperty; @@ -33,7 +32,7 @@ import com.fasterxml.jackson.annotation.JsonProperty; public class ConfigurationDBReadTest { @Autowired - Configuration configDataBase; + MOAIDConfiguration configDataBase; private Properties getHibernateProperties() throws FileNotFoundException, IOException { @@ -93,11 +92,11 @@ public class ConfigurationDBReadTest { SecurityException { // get the old moaid configuration - MOAIDConfiguration oldConfig = ConfigurationDBRead.getMOAIDConfiguration(); + at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration oldConfig = ConfigurationDBRead.getMOAIDConfiguration(); // get the a new moaid configuration from the data in the key value // database - MOAIDConfiguration newConfig = NewConfigurationDBRead.getMOAIDConfiguration(); + at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration newConfig = NewConfigurationDBRead.getMOAIDConfiguration(); // check if both configurations yield a similar MOAIDConfiguration // object @@ -111,14 +110,14 @@ public class ConfigurationDBReadTest { SecurityException { // get the old moaid configuration - MOAIDConfiguration oldConfig = ConfigurationDBRead.getMOAIDConfiguration(); + at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration oldConfig = ConfigurationDBRead.getMOAIDConfiguration(); // delete part of the configuration oldConfig.setAuthComponentGeneral(new AuthComponentGeneral()); // get the a new moaid configuration from the data in the key value // database - MOAIDConfiguration newConfig = NewConfigurationDBRead.getMOAIDConfiguration(); + at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration newConfig = NewConfigurationDBRead.getMOAIDConfiguration(); // check if both configurations yield a similar MOAIDConfiguration // object diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java index 1c1cbb723..a7d7b9759 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java @@ -33,7 +33,8 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.monitoring.TestManager; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -53,7 +54,7 @@ public class MonitoringServlet extends AuthServlet { throws ServletException, IOException { try { - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); if (config.isMonitoringActive()) { Logger.debug("Monitoring Servlet received request"); diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java index a08ef5f0c..5f0ffd4e2 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java @@ -36,7 +36,8 @@ import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -47,7 +48,7 @@ public class DatabaseTestModule implements TestModuleInterface{ List errors = new ArrayList(); - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); String error = testMOAConfigurationDatabase(); if (MiscUtil.isNotEmpty(error)) diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java index b5220914c..de6c0fed0 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java @@ -37,7 +37,8 @@ import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; import at.gv.egovernment.moa.logging.Logger; @@ -61,7 +62,7 @@ public class IdentityLinkTestModule implements TestModuleInterface { public List performTests() throws Exception{ Logger.trace("Start MOA-ID IdentityLink Test"); - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); IdentityLinkValidator.getInstance().validate(identityLink); // builds a for a call of MOA-SP diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java index 84581abe8..3c2b143b3 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java @@ -28,7 +28,8 @@ import java.util.List; import java.util.Map; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.FileUtils; @@ -47,7 +48,7 @@ public class TestManager { private TestManager() throws ConfigurationException { - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); //add Database test DatabaseTestModule test1 = new DatabaseTestModule(); diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java index 702e62fa0..6f5cf0700 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java @@ -32,7 +32,7 @@ import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.stork.STORKException; import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.logging.Logger; @@ -77,7 +77,7 @@ public abstract class AbstractPepsConnectorWithLocalSigningTask extends Abstract Logger.debug("fetching OAParameters from database"); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter( moaSession.getPublicOAURLPrefix()); if (oaParam == null) throw new AuthenticationException("auth.00", new Object[] { moaSession.getPublicOAURLPrefix() }); diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java index 021ee62cf..11051ceec 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java @@ -17,7 +17,7 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.stork.CPEPS; import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.process.api.ExecutionContext; @@ -83,7 +83,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { // illegal state; task should not have been executed without a selected country throw new AuthenticationException("stork.22", new Object[] { sessionID }); } - STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig(); + STORKConfig storkConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig(); if (!storkConfig.isSTORKAuthentication(moasession.getCcc())) { throw new AuthenticationException("stork.23", new Object[] { moasession.getCcc(), sessionID }); } diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java index 08da21460..84570141e 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java @@ -31,7 +31,7 @@ import at.gv.egovernment.moa.id.auth.stork.STORKException; import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.moduls.ModulUtils; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; @@ -288,7 +288,7 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep // set return url to PEPSConnectorWithLocalSigningServlet and add newMOASessionID // signRequest - String issuerValue = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); String acsURL = issuerValue + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN; @@ -297,7 +297,7 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep boolean found = false; try { - List aps = AuthConfigurationProvider.getInstance() + List aps = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs(); Logger.info("Found AttributeProviderPlugins:" + aps.size()); for (AttributeProviderPlugin ap : aps) { diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index 81c7c3a7b..748b7df5d 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -47,7 +47,8 @@ import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet; import at.gv.egovernment.moa.id.auth.stork.STORKException; import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.ModulUtils; import at.gv.egovernment.moa.id.process.api.ExecutionContext; @@ -245,7 +246,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask { throw new MOAIDException("stork.07", null); } - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()); if (oaParam == null) throw new AuthenticationException("auth.00", new Object[] { moaSession.getPublicOAURLPrefix() }); @@ -455,6 +456,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask { IdentityLink identityLink = null; executionContext.put("identityLinkAvailable", false); try { + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) { // create fake IdL // - fetch IdL template from resources @@ -734,7 +736,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask { private String getdtlUrl() { String dtlUrl; try { - AuthConfigurationProvider authConfigurationProvider = AuthConfigurationProvider.getInstance(); + AuthConfiguration authConfigurationProvider = AuthConfigurationProviderFactory.getInstance(); dtlUrl = authConfigurationProvider.getDocumentServiceUrl(); Logger.info ("PEPSConnectorServlet, using dtlUrl:"+dtlUrl); -- cgit v1.2.3 From 5bc01dab26425144a41dbece04b642fb963e1315 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 2 Jul 2015 07:26:30 +0200 Subject: devel --- .../config/ConfigurationProvider.java | 2 +- .../id/configuration/data/GeneralStorkConfig.java | 2 + .../id/configuration/data/oa/OASAML1Config.java | 3 +- id/pom.xml | 2 +- .../moa/id/advancedlogging/StatisticLogger.java | 99 +- .../moa/id/auth/AuthenticationServer.java | 317 --- .../moa/id/auth/builder/LoginFormBuilder.java | 38 +- .../StartAuthentificationParameterParser.java | 7 +- .../servlet/GenerateIFrameTemplateServlet.java | 8 +- .../moa/id/auth/servlet/GetForeignIDServlet.java | 325 --- .../id/auth/servlet/GetMISSessionIDServlet.java | 272 --- .../moa/id/auth/servlet/LogOutServlet.java | 5 +- .../moa/id/auth/servlet/PEPSConnectorServlet.java | 776 ------- .../PEPSConnectorWithLocalSigningServlet.java | 816 ------- .../moa/id/auth/servlet/RedirectServlet.java | 10 +- .../servlet/VerifyAuthenticationBlockServlet.java | 343 --- .../id/auth/servlet/VerifyCertificateServlet.java | 235 -- .../id/auth/servlet/VerifyIdentityLinkServlet.java | 279 --- .../moa/id/config/ConfigurationProviderImpl.java | 165 +- .../gv/egovernment/moa/id/config/OAParameter.java | 172 -- .../moa/id/config/auth/AuthConfigLoader.java | 46 +- .../moa/id/config/auth/AuthConfiguration.java | 41 +- .../id/config/auth/AuthConfigurationProvider.java | 2400 ++++++++++---------- .../moa/id/config/auth/IOAAuthParameters.java | 94 +- .../moa/id/config/auth/OAAuthParameter.java | 790 ++++--- .../PropertyBasedAuthConfigurationProvider.java | 204 +- .../config/auth/data/DynamicOAAuthParameters.java | 151 +- .../id/config/legacy/BuildFromLegacyConfig.java | 18 +- .../moa/id/config/stork/STORKConfig.java | 22 +- .../oauth20/protocol/OAuth20AuthRequest.java | 11 +- .../oauth20/protocol/OAuth20BaseRequest.java | 12 +- .../oauth20/protocol/OAuth20TokenRequest.java | 10 +- .../protocols/pvp2x/binding/RedirectBinding.java | 31 +- .../protocols/pvp2x/config/PVPConfiguration.java | 101 +- .../pvp2x/metadata/MOAMetadataProvider.java | 348 +-- .../pvp2x/verification/EntityVerifier.java | 40 +- .../pvp2x/verification/SAMLVerificationEngine.java | 50 +- .../InterfederatedIDPPublicServiceFilter.java | 8 +- .../protocols/saml1/SAML1AuthenticationServer.java | 6 +- .../moa/id/protocols/saml1/SAML1Protocol.java | 5 +- .../moa/id/protocols/saml1/SAML1RequestImpl.java | 4 +- .../id/protocols/stork2/AttributeCollector.java | 4 - .../protocols/stork2/AttributeProviderFactory.java | 8 +- .../moa/id/util/ParamValidatorUtils.java | 10 +- .../resources/properties/id_messages_de.properties | 3 +- ...nfigurationProviderLegacyCompatibilityTest.java | 109 - .../auth/TestLegacyAuthConfigurationProvider.java | 31 - .../VerifyXMLSignatureRequestBuilderTest.java | 139 -- .../id/auth/invoke/SignatureVerificationTest.java | 216 -- .../at/gv/egovernment/moa/id/proxy/AllTests.java | 77 - .../moa/id/proxy/builder/DOMTreeCompare.java | 508 ----- .../id/proxy/builder/SAMLRequestBuilderTest.java | 78 - .../moa/id/proxy/builder/SAMLRequestCompare.java | 65 - .../id/proxy/parser/SAMLResponseParserTest.java | 227 -- .../src/test/java/test/lasttest/Dispatcher.java | 110 - .../java/test/lasttest/HostnameVerifierHack.java | 59 - .../test/java/test/lasttest/LasttestClient.java | 264 --- .../src/test/java/test/lasttest/TestThread.java | 297 --- .../moa/id/commons/config/ConfigurationUtil.java | 479 ++-- .../config/MOAIDConfigurationConstants.java | 86 +- .../id/commons/config/MigrateConfiguration.java | 206 +- .../config/persistence/MOAIDConfiguration.java | 84 +- .../config/persistence/MOAIDConfigurationImpl.java | 273 ++- .../moa/id/commons/db/ConfigurationDBRead.java | 658 +++--- .../moa/id/commons/db/ConfigurationDBUtils.java | 310 +-- .../commons/db/ConfigurationFromDBExtractor.java | 182 -- .../db/dao/config/ConfigPropertyDaoImpl.java | 195 -- .../db/dao/config/DatabaseConfigPropertyImpl.java | 201 ++ .../src/main/resources/META-INF/persistence.xml | 2 +- .../src/main/resources/configuration.beans.xml | 56 - .../src/main/resources/configuration.beans.xml_old | 59 + .../src/main/resources/persistence_template.xml | 2 +- .../moa/id/monitoring/DatabaseTestModule.java | 10 +- .../AbstractPepsConnectorWithLocalSigningTask.java | 2 + .../tasks/CreateStorkAuthRequestFormTask.java | 323 ++- ...onnectorHandleResponseWithoutSignatureTask.java | 10 +- .../modules/stork/tasks/PepsConnectorTask.java | 9 +- 77 files changed, 4308 insertions(+), 9312 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java delete mode 100644 id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java delete mode 100644 id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java delete mode 100644 id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java delete mode 100644 id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java delete mode 100644 id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/AllTests.java delete mode 100644 id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java delete mode 100644 id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java delete mode 100644 id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java delete mode 100644 id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java delete mode 100644 id/server/idserverlib/src/test/java/test/lasttest/Dispatcher.java delete mode 100644 id/server/idserverlib/src/test/java/test/lasttest/HostnameVerifierHack.java delete mode 100644 id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java delete mode 100644 id/server/idserverlib/src/test/java/test/lasttest/TestThread.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationFromDBExtractor.java delete mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java delete mode 100644 id/server/moa-id-commons/src/main/resources/configuration.beans.xml create mode 100644 id/server/moa-id-commons/src/main/resources/configuration.beans.xml_old (limited to 'id/server/idserverlib/src/test/java') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java index 8ac7b40d4..b89f52835 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/config/ConfigurationProvider.java @@ -499,7 +499,7 @@ public class ConfigurationProvider { ConfigurationProvider.getInstance().getCertStoreDirectory(), ConfigurationProvider.getInstance().getTrustStoreDirectory(), null, - ChainingModeType.PKIX, + "pkix", true); httpClient.setCustomSSLTrustStore(metadataurl, protoSocketFactory); diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java index 975f627d4..c830e682d 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/GeneralStorkConfig.java @@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.configuration.data; import java.util.ArrayList; import java.util.List; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfigurationImpl; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; @@ -49,6 +50,7 @@ public class GeneralStorkConfig { * */ public GeneralStorkConfig() { + dbconfig = ConfigurationDBRead.getMOAIDConfiguration(); } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java index 7b5575a90..446f9350e 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OASAML1Config.java @@ -28,6 +28,7 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; +import at.gv.egovernment.moa.id.commons.db.dao.config.ISAML1OA; import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; @@ -64,7 +65,7 @@ public class OASAML1Config implements IOnlineApplicationData{ public List parse(OnlineApplication dbOA, AuthenticatedUser authUser, HttpServletRequest request) { AuthComponentOA authdata = dbOA.getAuthComponentOA(); if (authdata != null) { - OASAML1 saml1 = authdata.getOASAML1(); + ISAML1OA saml1 = authdata.getOASAML1(); if (saml1 != null) { provideAuthBlock = saml1.isProvideAUTHBlock(); provideCertificate = saml1.isProvideCertificate(); diff --git a/id/pom.xml b/id/pom.xml index 6b296e84a..75972b549 100644 --- a/id/pom.xml +++ b/id/pom.xml @@ -15,7 +15,7 @@ oa server - ConfigWebTool + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java index cd1acaa8c..67547d8a2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java @@ -26,6 +26,7 @@ import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.util.Date; +import java.util.List; import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; @@ -43,18 +44,15 @@ import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.client.SZRGWClientException; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; -import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; @@ -106,20 +104,27 @@ public class StatisticLogger { if ( isAktive && protocolRequest != null && authData != null) { - OnlineApplication dbOA = ConfigurationDBRead.getOnlineApplication(protocolRequest.getOAURL()); - - if (dbOA == null) { - Logger.warn("Advanced logging failed: OA can not be found in database."); + OAAuthParameter dbOA = null; + try { + dbOA = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL()); + + if (dbOA == null) { + Logger.warn("Advanced logging failed: OA can not be found in database."); + return; + } + + } catch (ConfigurationException e1) { + Logger.error("Access MOA-ID configuration FAILED.", e1); return; } - + StatisticLog dblog = new StatisticLog(); //set actual date and time dblog.setTimestamp(new Date()); //set OA databaseID - dblog.setOaID(dbOA.getHjid()); + //dblog.setOaID(dbOA.getHjid()); //log basic AuthInformation dblog.setOaurlprefix(protocolRequest.getOAURL()); @@ -258,40 +263,46 @@ public class StatisticLogger { dblog.setProtocoltype(errorRequest.requestedModule()); dblog.setProtocolsubtype(errorRequest.requestedAction()); - OnlineApplication dbOA = ConfigurationDBRead.getOnlineApplication(errorRequest.getOAURL()); - if (dbOA != null) { - dblog.setOafriendlyName(dbOA.getFriendlyName()); - dblog.setOatarget(dbOA.getTarget()); - dblog.setOaID(dbOA.getHjid()); - dblog.setBusinessservice(isBusinessService(dbOA)); - } + try { + OAAuthParameter dbOA = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(errorRequest.getOAURL()); + if (dbOA != null) { + dblog.setOafriendlyName(dbOA.getFriendlyName()); + dblog.setOatarget(dbOA.getTarget()); + //dblog.setOaID(dbOA.getHjid()); + dblog.setBusinessservice(isBusinessService(dbOA)); + - AuthenticationSession moasession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(errorRequest.getRequestID()); - if (moasession != null) { - if (MiscUtil.isNotEmpty(moasession.getBkuURL())) { - dblog.setBkuurl(moasession.getBkuURL()); - dblog.setBkutype(findBKUType(moasession.getBkuURL(), dbOA)); - } + AuthenticationSession moasession = AuthenticationSessionStoreage.getSessionWithPendingRequestID(errorRequest.getRequestID()); + if (moasession != null) { + if (MiscUtil.isNotEmpty(moasession.getBkuURL())) { + dblog.setBkuurl(moasession.getBkuURL()); + dblog.setBkutype(findBKUType(moasession.getBkuURL(), dbOA)); + } - dblog.setMandatelogin(moasession.getUseMandate()); - } + dblog.setMandatelogin(moasession.getUseMandate()); + } - generateErrorLogFormThrowable(throwable, dblog); - - ConfigurationDBUtils.closeSession(); + generateErrorLogFormThrowable(throwable, dblog); + + ConfigurationDBUtils.closeSession(); - try { - StatisticLogDBUtils.saveOrUpdate(dblog); + try { + StatisticLogDBUtils.saveOrUpdate(dblog); - } catch (MOADatabaseException e) { - Logger.warn("Statistic Log can not be stored into Database", e); + } catch (MOADatabaseException e) { + Logger.warn("Statistic Log can not be stored into Database", e); + } + } + } catch (ConfigurationException e) { + Logger.error("Access MOA-ID configuration FAILED.", e); + return; } } } - private boolean isBusinessService(OnlineApplication oa) { + private boolean isBusinessService(OAAuthParameter dbOA) { - if (oa.getType().equals("businessService")) + if (dbOA.getOaType().equals("businessService")) return true; else return false; @@ -352,23 +363,17 @@ public class StatisticLogger { } - private String findBKUType(String bkuURL, OnlineApplication dbOA) { + private String findBKUType(String bkuURL, OAAuthParameter dbOA) { if (dbOA != null) { - AuthComponentOA oaAuth = dbOA.getAuthComponentOA(); - if (oaAuth != null) { - BKUURLS bkuurls = oaAuth.getBKUURLS(); - if (bkuurls != null) { - if (bkuURL.equals(bkuurls.getHandyBKU())) - return IOAAuthParameters.HANDYBKU; + if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameter.HANDYBKU))) + return IOAAuthParameters.HANDYBKU; - if (bkuURL.equals(bkuurls.getLocalBKU())) - return IOAAuthParameters.LOCALBKU; + if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameter.LOCALBKU))) + return IOAAuthParameters.LOCALBKU; - if (bkuURL.equals(bkuurls.getOnlineBKU())) - return IOAAuthParameters.ONLINEBKU; - } - } + if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameter.ONLINEBKU))) + return IOAAuthParameters.ONLINEBKU; } Logger.trace("Staticic Log search BKUType from DefaultBKUs"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 90e094a03..f62c21ed9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -8,16 +8,9 @@ import iaik.x509.X509ExtensionInitException; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; -import java.io.StringWriter; import java.io.UnsupportedEncodingException; -import java.math.BigInteger; -import java.net.URL; -import java.security.NoSuchAlgorithmException; import java.security.Principal; import java.security.cert.CertificateException; -import java.text.SimpleDateFormat; -import java.util.ArrayList; -//import java.security.cert.CertificateFactory; import java.util.Calendar; import java.util.Date; import java.util.List; @@ -25,22 +18,13 @@ import java.util.Map; import java.util.Vector; import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; -import org.apache.commons.io.IOUtils; import org.apache.commons.lang.StringEscapeUtils; -import org.apache.commons.lang3.BooleanUtils; -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; import org.apache.xpath.XPathAPI; -import org.opensaml.common.IdentifierGenerator; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.opensaml.xml.util.Base64; import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.DOMException; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.NodeList; @@ -71,8 +55,6 @@ import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet; -import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet; import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator; import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; @@ -86,14 +68,11 @@ import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.stork.CPEPS; -import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.id.util.XMLUtil; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.LogMsg; @@ -111,21 +90,6 @@ import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData; import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; import at.gv.util.xsd.srzgw.MISType; import at.gv.util.xsd.srzgw.MISType.Filters; -import eu.stork.oasisdss.api.AdditionalProfiles; -import eu.stork.oasisdss.api.ApiUtils; -import eu.stork.oasisdss.api.exceptions.ApiUtilsException; -import eu.stork.oasisdss.api.Profiles; -import eu.stork.oasisdss.api.QualityLevels; -import eu.stork.oasisdss.api.SignatureTypes; -import eu.stork.oasisdss.profile.AnyType; -import eu.stork.oasisdss.profile.DocumentType; -import eu.stork.oasisdss.profile.SignRequest; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; /** * API for MOA ID Authentication Service.
{@link AuthenticationSession} is @@ -1668,287 +1632,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { } - /** - * Starts a MOA-ID authentication process using STORK - * - * @param req HttpServletRequest - * @param resp HttpServletResponse - * @param ccc Citizen country code - * @param oaURL URL of the online application - * @param target Target parameter - * @param targetFriendlyName Friendly Name of Target - * @param authURL Authentication URL - * @param sourceID SourceID parameter - * @throws MOAIDException - * @throws AuthenticationException - * @throws WrongParametersException - * @throws ConfigurationException - */ - public static void startSTORKAuthentication( - HttpServletRequest req, - HttpServletResponse resp, - AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException { - - if (moasession == null) { - throw new AuthenticationException("auth.18", new Object[]{}); - } - - //read configuration paramters of OA - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("auth.00", new Object[]{moasession.getPublicOAURLPrefix()}); - - //Start of STORK Processing - STORKConfig storkConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig(); - - CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc()); - - Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:"); - String destination = cpeps.getPepsURL().toExternalForm(); - Logger.debug("C-PEPS URL: " + destination); - - - String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); - // String acsURL = new DataURLBuilder().buildDataURL(issuerValue, - // PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID()); - - - String providerName = oaParam.getFriendlyName(); - Logger.debug("Issuer value: " + issuerValue); - - // prepare collection of required attributes - // - attributes for online application - List attributesFromConfig = oaParam.getRequestedAttributes(); - - // - prepare attribute list - PersonalAttributeList attributeList = new PersonalAttributeList(); - - // - fill container - for (OAStorkAttribute current : attributesFromConfig) { - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName(current.getName()); - - boolean globallyMandatory = false; - for (StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes()) - if (current.getName().equals(currentGlobalAttribute.getName())) { - globallyMandatory = BooleanUtils.isTrue(currentGlobalAttribute.isMandatory()); - break; - } - - newAttribute.setIsRequired(current.isMandatory() || globallyMandatory); - attributeList.add(newAttribute); - } - - // add sign request - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName("signedDoc"); - newAttribute.setIsRequired(true); - List value = new ArrayList(); - - Logger.debug("PEPS supports XMLSignatures:"+cpeps.isXMLSignatureSupported()); - String acsURL; - if(cpeps.isXMLSignatureSupported())//Send SignRequest to PEPS - { - //solve Problem with sessionIDs - acsURL = issuerValue + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN; - - value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession), - "application/xhtml+xml", moasession.getCcc())); - newAttribute.setValue(value); - attributeList.add(newAttribute); - - // TODO[branch]: STORK AuthReq CPEPS acsURL "/PEPSConnector" - } - else//Process SignRequest locally with MOCCA - { - String target = moasession.getTarget(); - moasession.setTarget("AT"); - String signedDoc = (generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession), - "application/xhtml+xml", "AT"));//moasession.getCcc() - moasession.setTarget(target); - Logger.warn("signedDoc to store:"+signedDoc); - //attributeList.add(newAttribute); - - //store SignRequest for later... - moasession.setSignedDoc(signedDoc); - - acsURL = issuerValue + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN; - // TODO[branch]: STORK AuthReq acsURL "/PEPSConnectorWithLocalSigning" - try { - AuthenticationSessionStoreage.storeSession(moasession); - } catch (MOADatabaseException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - - } - Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL); - - if (Logger.isDebugEnabled()) { - Logger.debug("The following attributes are requested for this OA:"); - for (OAStorkAttribute logReqAttr : attributesFromConfig) - Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.isMandatory()); - } - - //TODO: check Target in case of SSO!! - String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget(); - String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); - String spApplication = spInstitution; - String spCountry = "AT"; // intentionally set AT - the flow is limited on that use case only - - //generate AuthnRquest - STORKAuthnRequest authnRequest = new STORKAuthnRequest(); - authnRequest.setDestination(destination); - authnRequest.setAssertionConsumerServiceURL(acsURL);//PEPSConnectorWithLocalSigning - authnRequest.setProviderName(providerName); - authnRequest.setIssuer(issuerValue); - authnRequest.setQaa(oaParam.getQaaLevel()); - authnRequest.setSpInstitution(spInstitution); - authnRequest.setSpCountry(spCountry); - authnRequest.setSpApplication(spApplication); - authnRequest.setSpSector(spSector); - authnRequest.setPersonalAttributeList(attributeList); - - //TODO change - authnRequest.setEIDCrossBorderShare(true); - authnRequest.setEIDCrossSectorShare(true); - authnRequest.setEIDSectorShare(true); - - authnRequest.setCitizenCountryCode(moasession.getCcc()); - - Logger.debug("STORK AuthnRequest succesfully assembled."); - - STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing"); - - if (samlEngine == null) { - Logger.error("Could not initalize STORK SAML engine."); - throw new MOAIDException("stork.00", null); - } - - try { - authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest); - } catch (STORKSAMLEngineException e) { - Logger.error("Could not sign STORK SAML AuthnRequest.", e); - throw new MOAIDException("stork.00", null); - } - - Logger.info("STORK AuthnRequest successfully signed!"); - - //validate AuthnRequest - try { - samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml()); - } catch (STORKSAMLEngineException e) { - Logger.error("STORK SAML AuthnRequest not valid.", e); - throw new MOAIDException("stork.01", null); - } - - Logger.debug("STORK AuthnRequest successfully internally validated."); - - //send - moasession.setStorkAuthnRequest(authnRequest); - - // do PEPS-conform logging for easier evaluation - try { - // 2015-03-12 16:44:27.144#S-PEPS receives request from SP#spurl#spepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1# - Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives request from SP#" + - moasession.getPublicOAURLPrefix() + "#" + issuerValue + "#" + spApplication + "#" + - new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() + - "#_hash_#" + moasession.getProcessInstanceId() + "#"); - } catch (Exception e1) { - Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); - } - - AuthenticationSessionStoreage.changeSessionID(moasession, authnRequest.getSamlId()); - - - Logger.info("Preparing to send STORK AuthnRequest."); - Logger.info("prepared STORKAuthnRequest: "); - Logger.info(new String(authnRequest.getTokenSaml())); - - try { - Logger.trace("Initialize VelocityEngine..."); - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); - VelocityContext context = new VelocityContext(); - context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml())); - context.put("RelayState", moasession.getSessionID()); - context.put("action", destination); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - // TODO[branch]: SAML2 Form Submit to CPEPS, response to acsURL Servlet - - resp.setContentType("text/html;charset=UTF-8"); - resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); - - } catch (Exception e) { - Logger.error("Error sending STORK SAML AuthnRequest.", e); - throw new MOAIDException("stork.02", new Object[]{destination}); - - } - - Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination()); - - // do PEPS-conform logging for easier evaluation - try { - // 2015-03-12 16:44:27.144#S-PEPS generates request to C-PEPS#spepsurl#cpepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1#id2# - Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates request to C-PEPS#" + - issuerValue + "#" + destination + "#" + spApplication + "#" + - new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() + - "#_hash_#" + moasession.getProcessInstanceId() + "#" + authnRequest.getSamlId() + "#"); - } catch (Exception e1) { - Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); - } - } - - private static String generateDssSignRequest(String text, String mimeType, String citizenCountry) { - IdentifierGenerator idGenerator; - try { - idGenerator = new SecureRandomIdentifierGenerator(); - - DocumentType doc = new DocumentType(); - doc.setBase64XML(text.getBytes("UTF-8")); - doc.setID(idGenerator.generateIdentifier()); - - SignRequest request = new SignRequest(); - request.setInputDocuments(ApiUtils.createInputDocuments(doc)); - - String id = idGenerator.generateIdentifier(); - request.setRequestID(id); - request.setDocUI(id); - - request.setProfile(Profiles.XADES_BES.toString()); - request.setNumberOfSigners(BigInteger.ONE); - request.setTargetCountry(citizenCountry); - - // no, no todo. PEPS will alter this value anyhow. - request.setReturnURL("http://invalid_return"); - - AnyType required = new AnyType(); - required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString())); - required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString())); - required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG)); - required.getAny().add(ApiUtils.createIncludeObject(doc)); - request.setOptionalInputs(required); - - return IOUtils.toString(ApiUtils.marshalToInputStream(request)); - } catch (NoSuchAlgorithmException e) { - Logger.error("Cannot generate id", e); - throw new RuntimeException(e); - } catch (ApiUtilsException e) { - Logger.error("Could not create SignRequest", e); - throw new RuntimeException(e); - } catch (DOMException e) { - Logger.error("Could not create SignRequest", e); - throw new RuntimeException(e); - } catch (IOException e) { - Logger.error("Could not create SignRequest", e); - throw new RuntimeException(e); - } - } - /** * Extracts an X509 Certificate out of an XML signagture element * diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java index a8e5a4253..35717af4d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java @@ -29,17 +29,15 @@ import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URI; -import java.util.List; import org.apache.commons.io.IOUtils; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; -import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.config.stork.CPEPS; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; @@ -153,26 +151,20 @@ public class LoginFormBuilder { if (oaParam.isShowStorkLogin()) { String pepslist = ""; - List cpepsList = null; - try { - cpepsList = ConfigurationDBRead.getMOAIDConfiguration().getAuthComponentGeneral().getForeignIdentities().getSTORK().getCPEPS(); - - for (CPEPS current : oaParam.getPepsList()) - // check if master config has changed... - if(cpepsList != null && cpepsList.contains(current)) { - String countryName = null; - if (MiscUtil.isNotEmpty(MOAIDAuthConstants.COUNTRYCODE_XX_TO_NAME.get(current.getCountryCode().toUpperCase()))) - countryName = MOAIDAuthConstants.COUNTRYCODE_XX_TO_NAME.get(current.getCountryCode().toUpperCase()); - else - countryName = current.getCountryCode().toUpperCase(); - - pepslist += "\n"; - - } - - value = value.replace(PEPSLIST, pepslist); + try { + for (CPEPS current : oaParam.getPepsList()) { + String countryName = null; + if (MiscUtil.isNotEmpty(MOAIDAuthConstants.COUNTRYCODE_XX_TO_NAME.get(current.getCountryCode().toUpperCase()))) + countryName = MOAIDAuthConstants.COUNTRYCODE_XX_TO_NAME.get(current.getCountryCode().toUpperCase()); + else + countryName = current.getCountryCode().toUpperCase(); + + pepslist += "\n"; + + value = value.replace(PEPSLIST, pepslist); + } } catch (NullPointerException e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index 89e2eac14..a26dec969 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -34,7 +34,6 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IRequest; @@ -224,14 +223,14 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ if (MiscUtil.isEmpty(templateURL)) { - List templateURLList = oaParam.getTemplateURL(); + List templateURLList = oaParam.getTemplateURL(); List defaulTemplateURLList = AuthConfigurationProviderFactory.getInstance().getSLRequestTemplates(); if ( templateURLList != null && templateURLList.size() > 0 - && MiscUtil.isNotEmpty(templateURLList.get(0).getURL()) ) { + && MiscUtil.isNotEmpty(templateURLList.get(0)) ) { templateURL = FileUtils.makeAbsoluteURL( - oaParam.getTemplateURL().get(0).getURL(), + oaParam.getTemplateURL().get(0), AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir()); Logger.info("No SL-Template in request, load SL-Template from OA configuration (URL: " + templateURL + ")"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index d0c7118ca..5802ce3b9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -38,7 +38,6 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.registration.ModuleRegistration; import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -48,7 +47,6 @@ import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.id.process.ExecutionContextImpl; -import at.gv.egovernment.moa.id.process.ProcessInstance; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; @@ -123,10 +121,10 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { //search for OA specific template String templateURL = null; - List oaTemplateURLList = oaParam.getTemplateURL(); + List oaTemplateURLList = oaParam.getTemplateURL(); if ( oaTemplateURLList != null && oaTemplateURLList.size() > 0 - && MiscUtil.isNotEmpty(oaTemplateURLList.get(0).getURL()) ) { - templateURL = oaTemplateURLList.get(0).getURL(); + && MiscUtil.isNotEmpty(oaTemplateURLList.get(0)) ) { + templateURL = oaTemplateURLList.get(0); } else { templateURL = AuthConfigurationProviderFactory.getInstance().getSLRequestTemplates(bkuid); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java deleted file mode 100644 index 41c2a9c6a..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java +++ /dev/null @@ -1,325 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.security.cert.CertificateException; -import java.util.Map; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.transform.TransformerException; - -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.lang.StringEscapeUtils; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.ParseException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetForeignIDTask; -import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.client.SZRGWClientException; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; - -/** - * Servlet requested for getting the foreign eID - * provided by the security layer implementation. - * Utilizes the {@link AuthenticationServer}. - * @deprecated Use {@link GetForeignIDTask} instead. - * - */ -public class GetForeignIDServlet extends AuthServlet { - - /** - * - */ - private static final long serialVersionUID = -3415644214702379483L; - -/** - * Constructor for GetForeignIDServlet. - */ - public GetForeignIDServlet() { - super(); - } - - /** - * GET requested by security layer implementation to verify - * that data URL resource is available. - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) - */ - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - super.doGet(req, resp); - } - - /** - * Verifies the identity link and responds with a new - * CreateXMLSignatureRequest. - *
- * Request parameters: - *
    - *
  • MOASessionID: ID of associated authentication session
    • - *
  • XMLResponse: <InfoboxReadResponse>
    • - *
- * Response: - *
    - *
  • Content type: "text/xml"
    • - *
  • Content: see return value of {@link AuthenticationServer#verifyIdentityLink}
    • - *
  • Error status: 500 - *
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) - */ - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("POST GetForeignIDServlet"); - - Logger.warn(getClass().getName() + " is deprecated and should not be used any more."); - - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - Map parameters; - - String pendingRequestID = null; - - try - { - parameters = getParameters(req); - } catch (FileUploadException e) - { - Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); - throw new IOException(e.getMessage()); - } - String sessionID = req.getParameter(PARAM_SESSIONID); - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); - - // escape parameter strings - sessionID = StringEscapeUtils.escapeHtml(sessionID); - - String redirectURL = null; - AuthenticationSession session = null; - try { - String xmlCreateXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE); - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) - throw new WrongParametersException("GetForeignID", PARAM_SESSIONID, "auth.12"); - if (!ParamValidatorUtils.isValidXMLDocument(xmlCreateXMLSignatureResponse)) - throw new WrongParametersException("GetForeignID", PARAM_XMLRESPONSE, "auth.12"); - - session = AuthenticationServer.getSession(sessionID); - - //change MOASessionID - sessionID = AuthenticationSessionStoreage.changeSessionID(session); - - Logger.debug(xmlCreateXMLSignatureResponse); - - CreateXMLSignatureResponse csresp = - new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse).parseResponseDsig(); - - try { - String serializedAssertion = DOMUtils.serializeNode(csresp - .getDsigSignature()); - session.setAuthBlock(serializedAssertion); - - } catch (TransformerException e) { - throw new ParseException("parser.04", new Object[] { - REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE }); - - } catch (IOException e) { - throw new ParseException("parser.04", new Object[] { - REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE }); - - } - - Element signature = csresp.getDsigSignature(); - - try { - session.setSignerCertificate(AuthenticationServer.getCertificateFromXML(signature)); - } catch (CertificateException e) { - Logger.error("Could not extract certificate from CreateXMLSignatureResponse"); - throw new MOAIDException("auth.14", null); - } - - // make SZR request to the identity link - CreateIdentityLinkResponse response = AuthenticationServer.getInstance().getIdentityLink(signature); - - - if (null != response.getErrorResponse()){ - // TODO fix exception parameter - throw new SZRGWClientException("service.08", (String)response.getErrorResponse().getErrorCode(), - (String)response.getErrorResponse().getInfo()); - } - else { - IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(response.getIdentityLink())); - IdentityLink identitylink = ilParser.parseIdentityLink(); - session.setIdentityLink(identitylink); - - //set QAA Level four in case of card authentifcation - session.setQAALevel(PVPConstants.STORK_QAA_1_4); - - String samlArtifactBase64 = - AuthenticationServer.getInstance().getForeignAuthenticationData(session); - - - //session is implicit stored in changeSessionID!!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); - - Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID); - Logger.info("Daten angelegt zu MOASession " + newMOASessionID); - - if (!samlArtifactBase64.equals("Redirect to Input Processor")) { - /*redirectURL = session.getOAURLRequested(); - if (!session.getBusinessService()) { - redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8")); - } - redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); - redirectURL = resp.encodeRedirectURL(redirectURL);*/ - - redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), - ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), newMOASessionID); - redirectURL = resp.encodeRedirectURL(redirectURL); - - } else { - redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, newMOASessionID); - - } - - try { - AuthenticationSessionStoreage.storeSession(session); - } catch (MOADatabaseException e) { - throw new MOAIDException("Session store error", null); - } - - - resp.setContentType("text/html"); - resp.setStatus(302); - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); - } - - } - catch (MOAIDException ex) { - handleError(null, ex, req, resp, pendingRequestID); - - } catch (Exception e) { - Logger.error("GetForeignIDServlet has an interal Error.", e); - - } - } - - - - - - /** - * Builds the szrgw:GetIdentityLinkRequest fuer the SZR-GW - * @param givenname - * @param familyname - * @param birthday - * @return - */ -// private static Document buildGetIdentityLinkRequest(X509Certificate cert) { -// -// try { -// byte[] certbyte = cert.getEncoded(); -// String certstring = Base64.encode(certbyte); -// -// DocumentBuilderFactory factory =DocumentBuilderFactory.newInstance(); -// factory.setNamespaceAware(true); -// DocumentBuilder builder = factory.newDocumentBuilder(); -// Document doc = builder.newDocument(); -// -// Element getIdentityLink = doc.createElementNS(SZRGWConstants.SZRGW_REQUEST_NS, "szrgw:GetIdentityLinkRequest"); -// getIdentityLink.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:szrgw", SZRGWConstants.SZRGW_REQUEST_NS); -// doc.appendChild(getIdentityLink); -// -// Element x509certificate = doc.createElementNS(SZRGWConstants.SZRGW_REQUEST_NS, "szrgw:X509Certificate"); -// getIdentityLink.appendChild(x509certificate); -// Text certbase64 = doc.createTextNode(certstring); -// x509certificate.appendChild(certbase64); -// -// return doc; -// } catch (ParserConfigurationException e) { -// e.printStackTrace(); -// } catch (CertificateEncodingException e) { -// e.printStackTrace(); -// } -// return null; -// -// } -// -// /** -// * Checks a parameter. -// * @param param parameter -// * @return true if the parameter is null or empty -// */ -// private boolean isEmpty(String param) { -// return param == null || param.length() == 0; -// } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java deleted file mode 100644 index f2b788e26..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java +++ /dev/null @@ -1,272 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.gv.egovernment.moa.id.auth.servlet; - -import iaik.pki.PKIException; - -import java.io.IOException; -import java.security.GeneralSecurityException; -import java.util.List; - -import javax.net.ssl.SSLSocketFactory; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.lang.StringEscapeUtils; -import org.xml.sax.SAXException; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.id.util.SSLUtils; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; - -/** - * Servlet requested for getting the foreign eID provided by the security layer - * implementation. Utilizes the {@link AuthenticationServer}. - * @deprecated Use {@link GetMISSessionIDTask} instead. - */ -public class GetMISSessionIDServlet extends AuthServlet { - - /** - * - */ - private static final long serialVersionUID = 4666952867085392597L; - - /** - * Constructor for GetMISSessionIDServlet. - */ - public GetMISSessionIDServlet() { - super(); - } - - /** - * GET requested by security layer implementation to verify that data URL - * resource is available. - * - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, - * HttpServletResponse) - */ - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - doPost(req, resp); - - // Logger.debug("GET GetMISSessionIDServlet"); - // - // resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - // resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - // resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - // resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - } - - /** - * Gets the signer certificate from the InfoboxReadRequest and responds with - * a new CreateXMLSignatureRequest.
- * Request parameters: - *
    - *
  • MOASessionID: ID of associated authentication session
    • - *
  • XMLResponse: <InfoboxReadResponse>
    • - *
- * - * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, - * HttpServletResponse) - */ - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("POST GetMISSessionIDServlet"); - - Logger.warn(getClass().getName() + " is deprecated and should not be used any more."); - - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, - MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, - MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, - MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, - MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - // Map parameters; - // try - // { - // parameters = getParameters(req); - // } catch (FileUploadException e) - // { - // Logger.error("Parsing mulitpart/form-data request parameters failed: " - // + e.getMessage()); - // throw new IOException(e.getMessage()); - // } - - String sessionID = req.getParameter(PARAM_SESSIONID); - - // escape parameter strings - sessionID = StringEscapeUtils.escapeHtml(sessionID); - - AuthenticationSession session = null; - String pendingRequestID = null; - try { - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) - throw new WrongParametersException("VerifyCertificate", - PARAM_SESSIONID, "auth.12"); - - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); - - session = AuthenticationServer.getSession(sessionID); - - //change MOASessionID - sessionID = AuthenticationSessionStoreage.changeSessionID(session); - - String misSessionID = session.getMISSessionID(); - - AuthConfiguration authConf = AuthConfigurationProviderFactory - .getInstance(); - ConnectionParameter connectionParameters = authConf - .getOnlineMandatesConnectionParameter(); - SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory( - AuthConfigurationProviderFactory.getInstance(), - connectionParameters); - - List list = MISSimpleClient.sendGetMandatesRequest( - connectionParameters.getUrl(), misSessionID, sslFactory); - - if (list == null || list.size() == 0) { - Logger.error("Keine Vollmacht gefunden."); - throw new AuthenticationException("auth.15", null); - } - - // for now: list contains only one element - MISMandate mandate = (MISMandate) list.get(0); - - // TODO[tlenz]: UTF-8 ? - String sMandate = new String(mandate.getMandate()); - if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) { - Logger.error("Mandate is empty."); - throw new AuthenticationException("auth.15", - new Object[] { GET_MIS_SESSIONID }); - } - - //check if it is a parsable XML - byte[] byteMandate = mandate.getMandate(); - // TODO[tlenz]: UTF-8 ? - String stringMandate = new String(byteMandate); - DOMUtils.parseDocument(stringMandate, false, - null, null).getDocumentElement(); - - // extract RepresentationType - AuthenticationServer.getInstance().verifyMandate(session, mandate); - - session.setMISMandate(mandate); - session.setAuthenticatedUsed(false); - session.setAuthenticated(true); - - //set QAA Level four in case of card authentifcation - session.setQAALevel(PVPConstants.STORK_QAA_1_4); - - String oldsessionID = session.getSessionID(); - - //Session is implicite stored in changeSessionID!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); - - Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID); - Logger.info("Daten angelegt zu MOASession " + newMOASessionID); - - String redirectURL = new DataURLBuilder().buildDataURL( - session.getAuthURL(), - ModulUtils.buildAuthURL(session.getModul(), - session.getAction(), pendingRequestID), newMOASessionID); - redirectURL = resp.encodeRedirectURL(redirectURL); - - resp.setContentType("text/html"); - resp.setStatus(302); - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); - - } catch (MOAIDException ex) { - handleError(null, ex, req, resp, pendingRequestID); - - } catch (GeneralSecurityException ex) { - handleError(null, ex, req, resp, pendingRequestID); - - } catch (PKIException e) { - handleError(null, e, req, resp, pendingRequestID); - - } catch (SAXException e) { - handleError(null, e, req, resp, pendingRequestID); - - } catch (ParserConfigurationException e) { - handleError(null, e, req, resp, pendingRequestID); - - } catch (Exception e) { - Logger.error("MISMandateValidation has an interal Error.", e); - - } - finally { - ConfigurationDBUtils.closeSession(); - } - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index 8981566eb..77675175e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -53,10 +53,9 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; @@ -90,7 +89,7 @@ public class LogOutServlet extends AuthServlet { } else { //return an error if RedirectURL is not a active Online-Applikation - OnlineApplication oa = ConfigurationDBRead.getActiveOnlineApplication(redirectUrl); + OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(redirectUrl); if (oa == null) { Logger.info("RedirctURL does not match to OA configuration. Set default RedirectURL back to MOA-ID-Auth"); redirectUrl = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java deleted file mode 100644 index ed4ef1f5a..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ /dev/null @@ -1,776 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -package at.gv.egovernment.moa.id.auth.servlet; - -import iaik.x509.X509Certificate; - -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.net.URL; -import java.text.SimpleDateFormat; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Date; -import java.util.List; -import java.util.Properties; - -import javax.activation.DataSource; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; -import javax.xml.transform.stream.StreamSource; - -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringEscapeUtils; -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; -import org.opensaml.saml2.core.StatusCode; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.auth.stork.STORKException; -import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.HTTPUtils; -import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; -import at.gv.egovernment.moa.id.util.VelocityProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.StringUtils; -import at.gv.egovernment.moa.util.XPathUtils; -import at.gv.util.xsd.xmldsig.SignatureType; -import at.gv.util.xsd.xmldsig.X509DataType; -import eu.stork.oasisdss.api.ApiUtils; -import eu.stork.oasisdss.api.LightweightSourceResolver; -import eu.stork.oasisdss.api.exceptions.ApiUtilsException; -import eu.stork.oasisdss.api.utils.ByteArrayDataSource; -import eu.stork.oasisdss.profile.DocumentType; -import eu.stork.oasisdss.profile.DocumentWithSignature; -import eu.stork.oasisdss.profile.SignRequest; -import eu.stork.oasisdss.profile.SignResponse; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; - -import eu.stork.documentservice.DocumentService; -import eu.stork.documentservice.data.DatabaseConnectorMySQLImpl; -import javax.xml.namespace.QName; -import javax.xml.ws.Service; -import javax.xml.ws.soap.SOAPBinding; -import javax.xml.ws.BindingProvider; - - -/** - * Endpoint for receiving STORK response messages - * @deprecated Use {@link at.gv.egovernment.moa.id.auth.modules.stork.tasks.PepsConnectorTask} instead. - */ -public class PEPSConnectorServlet extends AuthServlet { - - private static final long serialVersionUID = 1L; - - public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnector"; - - private String dtlUrl = null; - - - public PEPSConnectorServlet() - { - super(); - - try { - AuthConfiguration authConfigurationProvider = AuthConfigurationProviderFactory.getInstance(); - dtlUrl = authConfigurationProvider.getDocumentServiceUrl(); - Logger.info ("PEPSConnectorServlet, using dtlUrl:"+dtlUrl); - } catch (Exception e) { - dtlUrl = "http://testvidp.buergerkarte.at/DocumentService/DocumentService"; - e.printStackTrace(); - Logger.error("Loading documentservice url failed, using default value:"+dtlUrl); - } - -// Properties props = new Properties(); -// try { -// props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); -// dtlUrl = props.getProperty("docservice.url"); -// } catch (IOException e) { -// dtlUrl = "http://testvidp.buergerkarte.at/DocumentService/DocumentService"; -// Logger.error("Loading DTL config failed, using default value:"+dtlUrl); -// e.printStackTrace(); -// } - } - /** - * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) - */ - protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - super.doGet(request, response); - } - - /** - * Handles the reception of a STORK response message - * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) - */ - protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - - String pendingRequestID = null; - - try { - - Logger.warn(getClass().getName() + " is deprecated and should not be used any more."); - - Logger.info("PEPSConnector Servlet invoked, expecting C-PEPS message."); - Logger.debug("This ACS endpoint is: " + HTTPUtils.getBaseURL(request)); - - super.setNoCachingHeadersInHttpRespone(request, response); - Logger.trace("No Caching headers set for HTTP response"); - - //check if https or only http - super.checkIfHTTPisAllowed(request.getRequestURL().toString()); - - Logger.debug("Beginning to extract SAMLResponse out of HTTP Request"); - - //extract STORK Response from HTTP Request - //Decodes SAML Response - byte[] decSamlToken; - try { - decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse")); - Logger.debug("SAMLResponse: " + new String(decSamlToken)); - - } catch(NullPointerException e) { - Logger.error("Unable to retrieve STORK Response", e); - throw new MOAIDException("stork.04", null); - } - - - - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing"); - - STORKAuthnResponse authnResponse = null; - try { - //validate SAML Token - Logger.debug("Starting validation of SAML response"); - authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, (String) request.getRemoteHost()); - Logger.info("SAML response succesfully verified!"); - }catch(STORKSAMLEngineException e){ - Logger.error("Failed to verify STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } - - Logger.info("STORK SAML Response message succesfully extracted"); - Logger.debug("STORK response: "); - Logger.debug(authnResponse.toString()); - - // do PEPS-conform logging for easier evaluation - try { - // 2015-03-12 16:44:27.144#S-PEPS receives response from C-PEPS#orig_msg_id id2 (in response to)#orig_msg_id id1 (in response to)#status#msghash#msg_id id3# - Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives response from C-PEPS#" + - authnResponse.getInResponseTo() + "#NA#" + authnResponse.getMessage() + "#_hash_#" + authnResponse.getSamlId() + "#"); - } catch (Exception e1) { - Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); - } - - Logger.debug("Trying to find MOA Session-ID ..."); - //String moaSessionID = request.getParameter(PARAM_SESSIONID); - //first use SAML2 relayState - String moaSessionID = request.getParameter("RelayState"); - - // escape parameter strings - moaSessionID= StringEscapeUtils.escapeHtml(moaSessionID); - - //check if SAML2 relaystate includes a MOA sessionID - if (StringUtils.isEmpty(moaSessionID)) { - //if relaystate is emtpty, use SAML response -> inResponseTo element as session identifier - - moaSessionID = authnResponse.getInResponseTo(); - moaSessionID= StringEscapeUtils.escapeHtml(moaSessionID); - - if (StringUtils.isEmpty(moaSessionID)) { - //No authentication session has been started before - Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started"); - Logger.debug("PEPSConnectorURL was: " + request.getRequestURL()); - throw new AuthenticationException("auth.02", new Object[] { moaSessionID }); - - } else - Logger.trace("Use MOA SessionID " + moaSessionID + " from AuthnResponse->inResponseTo attribute."); - - } else - //Logger.trace("MOA SessionID " + moaSessionID + " is found in http GET parameter."); - Logger.trace("MOA SessionID " + moaSessionID + " is found in SAML2 relayState."); - - /*INFO!!!! - * SAML message IDs has an different format then MOASessionIDs - * This is only a workaround because many PEPS does not support SAML2 relayState or - * MOASessionID as AttributConsumerServiceURL GET parameter - */ -// if (!ParamValidatorUtils.isValidSessionID(moaSessionID)) -// throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12"); - - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID); - - //load MOASession from database - AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID); - //change MOASessionID - moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); - - Logger.info("Found MOA sessionID: " + moaSessionID); - - - - String statusCodeValue = authnResponse.getStatusCode(); - - if (!statusCodeValue.equals(StatusCode.SUCCESS_URI)) { - Logger.error("Received ErrorResponse from PEPS: " + statusCodeValue); - throw new MOAIDException("stork.06", new Object[] { statusCodeValue }); - } - - Logger.info("Got SAML response with authentication success message."); - - Logger.debug("MOA session is still valid"); - - STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest(); - - if (storkAuthnRequest == null) { - Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID); - throw new MOAIDException("stork.07", null); - } - - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("auth.00", new Object[] { moaSession.getPublicOAURLPrefix() }); - //================== Check QAA level start ==================== - int reqQaa = -1; - int authQaa = -1; - String authQaaStr = null; - try { - reqQaa = storkAuthnRequest.getQaa(); - - //TODO: found better solution, but QAA Level in response could be not supported yet - try { - - authQaaStr = authnResponse.getAssertions().get(0). - getAuthnStatements().get(0).getAuthnContext(). - getAuthnContextClassRef().getAuthnContextClassRef(); - moaSession.setQAALevel(authQaaStr); - - } catch (Throwable e) { - Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level"); - moaSession.setQAALevel(PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel()); - authQaaStr = PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel(); - } - if(authQaaStr != null)//Check value only if set - { - authQaa = Integer.valueOf(authQaaStr.substring(PVPConstants.STORK_QAA_PREFIX.length())); -// authQaa = Integer.valueOf(authQaaStr); - if (reqQaa > authQaa) { - Logger.warn("Requested QAA level does not match to authenticated QAA level"); - throw new MOAIDException("stork.21", new Object[]{reqQaa, authQaa}); - - } - } - } catch (MOAIDException e) { - throw e; - - } catch (Exception e) { - if (Logger.isDebugEnabled()) - Logger.warn("STORK QAA Level evaluation error", e); - - else - Logger.warn("STORK QAA Level evaluation error (ErrorMessage=" - + e.getMessage() + ")"); - - throw new MOAIDException("stork.21", new Object[]{reqQaa, authQaa}); - - } - //================== Check QAA level end ==================== - - Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID); - - ////////////// incorporate gender from parameters if not in stork response - - IPersonalAttributeList attributeList = authnResponse.getPersonalAttributeList(); - - // but first, check if we have a representation case - if(STORKResponseProcessor.hasAttribute("mandateContent", attributeList) || STORKResponseProcessor.hasAttribute("representative", attributeList) || STORKResponseProcessor.hasAttribute("represented", attributeList)) { - // in a representation case... - moaSession.setUseMandate("true"); - - // and check if we have the gender value - PersonalAttribute gender = attributeList.get("gender"); // TODO Do we need to check gender value if there is no representation case? - if(null == gender) { - String gendervalue = (String) request.getParameter("gender"); - if(null != gendervalue) { - gender = new PersonalAttribute(); - gender.setName("gender"); - ArrayList tmp = new ArrayList(); - tmp.add(gendervalue); - gender.setValue(tmp); - - authnResponse.getPersonalAttributeList().add(gender); - } - } - } - - ////////////////////////////////////////////////////////////////////////// - - Logger.debug("Starting extraction of signedDoc attribute"); - //extract signed doc element and citizen signature - String citizenSignature = null; - try { - String signatureInfo = authnResponse.getPersonalAttributeList().get("signedDoc").getValue().get(0); // TODO ERROR HANDLING - - Logger.debug("signatureInfo:"+signatureInfo); - - SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo))); - - // fetch signed doc - DataSource ds = null; - try{ - ds = LightweightSourceResolver.getDataSource(dssSignResponse); - }catch(Exception e) - { - e.printStackTrace(); - } - if(ds == null){ - //Normal DocumentServices return a http-page, but the SI DocumentService returns HTTP error 500 - //which results in an exception and ds==null - - //try to load document from documentservice - citizenSignature = loadDocumentFromDocumentService(dssSignResponse); - //throw new ApiUtilsException("No datasource found in response"); - } - else - { - InputStream incoming = ds.getInputStream(); - citizenSignature = IOUtils.toString(incoming); - incoming.close(); - - Logger.debug("citizenSignature:"+citizenSignature); - if(isDocumentServiceUsed(citizenSignature)==true) - { - citizenSignature = loadDocumentFromDocumentService(dssSignResponse); - // Logger.debug("Loading document from DocumentService."); - // String url = getDtlUrlFromResponse(dssSignResponse); - // //get Transferrequest - // String transferRequest = getDocTransferRequest(dssSignResponse.getDocUI(), url); - // //Load document from DocumentService - // byte[] data = getDocumentFromDtl(transferRequest, url); - // citizenSignature = new String(data, "UTF-8"); - // Logger.debug("Overridung citizenSignature with:"+citizenSignature); - } - } - JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName()); - SignatureType root = ((JAXBElement) ctx.createUnmarshaller().unmarshal(IOUtils.toInputStream(citizenSignature))).getValue(); - - // memorize signature into authblock - moaSession.setAuthBlock(citizenSignature); - - // extract certificate - for(Object current : root.getKeyInfo().getContent()) - if(((JAXBElement) current).getValue() instanceof X509DataType) { - for(Object currentX509Data : ((JAXBElement) current).getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()) { - JAXBElement casted = ((JAXBElement) currentX509Data); - if(casted.getName().getLocalPart().equals("X509Certificate")) { - moaSession.setSignerCertificate(new X509Certificate(((String)casted.getValue()).getBytes("UTF-8"))); - break; - } - } - } - - - } catch (Throwable e) { - Logger.error("Could not extract citizen signature from C-PEPS", e); - throw new MOAIDException("stork.09", null); - } - Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)"); - Logger.debug("Citizen signature will be verified by SZR Gateway!"); - - Logger.debug("fetching OAParameters from database"); - -// //read configuration paramters of OA -// AuthenticationSession moasession; -// try { -// moasession = AuthenticationSessionStoreage.getSession(moaSessionID); -// } catch (MOADatabaseException e2) { -// Logger.error("could not retrieve moa session"); -// throw new AuthenticationException("auth.01", null); -// } -// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()); -// if (oaParam == null) -// throw new AuthenticationException("auth.00", new Object[] { moaSession.getPublicOAURLPrefix() }); - - // retrieve target - //TODO: check in case of SSO!!! - String targetType = null; - if(oaParam.getBusinessService()) { - String id = oaParam.getIdentityLinkDomainIdentifier(); - if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) - targetType = id; - else - targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_ + moaSession.getDomainIdentifier(); - } else { - targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget(); - } - - IdentityLink identityLink = null; - try { - AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); - if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) { - // create fake IdL - // - fetch IdL template from resources - InputStream s = PEPSConnectorServlet.class.getResourceAsStream("/resources/xmldata/fakeIdL_IdL_template.xml"); - Element idlTemplate = DOMUtils.parseXmlValidating(s); - - identityLink = new IdentityLinkAssertionParser(idlTemplate).parseIdentityLink(); - - // replace data - Element idlassertion = identityLink.getSamlAssertion(); - // - set bpk/wpbk; - Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); - if(!STORKResponseProcessor.hasAttribute("eIdentifier", attributeList)) - throw new STORKException("eIdentifier is missing"); - String eIdentifier = STORKResponseProcessor.getAttributeValue("eIdentifier", attributeList, false); - prIdentification.getFirstChild().setNodeValue(eIdentifier); - - // - set last name - Node prFamilyName = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH); - if(!STORKResponseProcessor.hasAttribute("surname", attributeList)) - throw new STORKException("surname is missing"); - String familyName = STORKResponseProcessor.getAttributeValue("surname", attributeList, false); - prFamilyName.getFirstChild().setNodeValue(familyName); - - // - set first name - Node prGivenName = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH); - if(!STORKResponseProcessor.hasAttribute("givenName", attributeList)) - throw new STORKException("givenName is missing"); - String givenName = STORKResponseProcessor.getAttributeValue("givenName", attributeList, false); - prGivenName.getFirstChild().setNodeValue(givenName); - - // - set date of birth - Node prDateOfBirth = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH); - if(!STORKResponseProcessor.hasAttribute("dateOfBirth", attributeList)) - throw new STORKException("dateOfBirth is missing"); - String dateOfBirth = STORKResponseProcessor.getAttributeValue("dateOfBirth", attributeList, false); - prDateOfBirth.getFirstChild().setNodeValue(dateOfBirth); - - identityLink = new IdentityLinkAssertionParser(idlassertion).parseIdentityLink(); - - //resign IDL - IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); - Element resignedilAssertion = identitylinkresigner.resignIdentityLink(identityLink.getSamlAssertion(), config.getStorkFakeIdLResigningKey()); - identityLink = new IdentityLinkAssertionParser(resignedilAssertion).parseIdentityLink(); - } else { - //contact SZR Gateway - Logger.debug("Starting connecting SZR Gateway"); - identityLink = STORKResponseProcessor.connectToSZRGateway(authnResponse.getPersonalAttributeList(), - oaParam.getFriendlyName(), - targetType, null, - oaParam.getMandateProfiles(), citizenSignature); - } - } catch (STORKException e) { - // this is really nasty but we work against the system here. We are supposed to get the gender attribute from - // stork. If we do not, we cannot register the person in the ERnP - we have to have the - // gender for the represented person. So here comes the dirty hack. - if(e.getCause() instanceof STORKException && e.getCause().getMessage().equals("gender not found in response")) { - try { - Logger.trace("Initialize VelocityEngine..."); - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html"); - VelocityContext context = new VelocityContext(); - context.put("SAMLResponse", request.getParameter("SAMLResponse")); - context.put("action", request.getRequestURL()); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - response.getOutputStream().write(writer.toString().getBytes("UTF-8")); - } catch (Exception e1) { - Logger.error("Error sending gender retrival form.", e1); -// httpSession.invalidate(); - throw new MOAIDException("stork.10", null); - } - - return; - } - - Logger.error("Error connecting SZR Gateway", e); - throw new MOAIDException("stork.10", null); - } - Logger.debug("SZR communication was successfull"); - - if (identityLink == null) { - Logger.error("SZR Gateway did not return an identity link."); - throw new MOAIDException("stork.10", null); - } - moaSession.setForeigner(true); - - Logger.info("Received Identity Link from SZR Gateway"); - moaSession.setIdentityLink(identityLink); - - Logger.debug("Adding addtional STORK attributes to MOA session"); - moaSession.setStorkAttributes(authnResponse.getPersonalAttributeList()); - - Logger.debug("Add full STORK AuthnResponse to MOA session"); - moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse")); - - //We don't have BKUURL, setting from null to "Not applicable" - moaSession.setBkuURL("Not applicable (STORK Authentication)"); - - // free for single use - moaSession.setAuthenticatedUsed(false); - - // stork did the authentication step - moaSession.setAuthenticated(true); - - // do PEPS-conform logging for easier evaluation - try { - // 2015-03-12 16:44:27.144#S-PEPS generates response to SP#orig_msg_id id1 (in response to)#status#msghash#msg_id id4# - Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates response to SP#" + - "#NA#" + authnResponse.getMessage() + "#_hash_#" + moaSession.getProcessInstanceId() + "#"); - } catch (Exception e1) { - Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); - } - -// //TODO: found better solution, but QAA Level in response could be not supported yet -// try { -// -// moaSession.setQAALevel(authnResponse.getAssertions().get(0). -// getAuthnStatements().get(0).getAuthnContext(). -// getAuthnContextClassRef().getAuthnContextClassRef()); -// -// } catch (Throwable e) { -// Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level"); -// moaSession.setQAALevel(PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel()); -// -// } - - //session is implicit stored in changeSessionID!!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); - - Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID); - - //redirect - String redirectURL = null; - redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), - ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID); - redirectURL = response.encodeRedirectURL(redirectURL); - -// response.setContentType("text/html"); -// response.setStatus(302); -// response.addHeader("Location", redirectURL); - response.sendRedirect(redirectURL); - Logger.info("REDIRECT TO: " + redirectURL); - - - - } catch (AuthenticationException e) { - handleError(null, e, request, response, pendingRequestID); - - } catch (MOAIDException e) { - handleError(null, e, request, response, pendingRequestID); - - } catch (Exception e) { - Logger.error("PEPSConnector has an interal Error.", e); - } - - - finally { - ConfigurationDBUtils.closeSession(); - } - - } - - private String loadDocumentFromDocumentService(SignResponse dssSignResponse) throws Exception - { - Logger.debug("Loading document from DocumentService."); - String url = getDtlUrlFromResponse(dssSignResponse); - Logger.debug("Loading document from DocumentService, url:"+url); - //get Transferrequest - String transferRequest = getDocTransferRequest(dssSignResponse.getDocUI(), url); - //Load document from DocumentService - byte[] data = getDocumentFromDtl(transferRequest, url); - String citizenSignature = new String(data, "UTF-8"); - Logger.debug("Overridung citizenSignature with:"+citizenSignature); - return citizenSignature; - } - - private boolean isDocumentServiceUsed(String citizenSignature) //TODo add better check - { - if(citizenSignature.contains("
Service Name:{http://stork.eu}DocumentService
Port Name:{http://stork.eu}DocumentServicePort
")) - { - Logger.trace("isDocumentServiceUsed => true"); - return true; - } - Logger.trace("isDocumentServiceUsed => false"); - return false; - } - - /** - * Get DTL uril from the oasis sign response - * @param signRequest The signature response - * @return The URL of DTL service - * @throws SimpleException - */ - private String getDtlUrlFromResponse(SignResponse dssSignResponse) { - List documents = ApiUtils.findNamedElement(dssSignResponse.getOptionalOutputs(), - ApiUtils.OPTIONAL_OUTPUT_DOCUMENTWITHSIGNATURE, DocumentWithSignature.class); - DocumentType sourceDocument = documents.get(0).getDocument(); - - if (sourceDocument.getDocumentURL() != null) - return sourceDocument.getDocumentURL(); - else - return null;//throw new Exception("No document url found"); - } - -//From DTLPEPSUTIL - - - - /** - * Get document from DTL - * @param transferRequest The transfer request (attribute query) - * @param eDtlUrl The DTL url of external DTL - * @return the document data - * @throws SimpleException - */ - private byte[] getDocumentFromDtl(String transferRequest, String eDtlUrl) throws Exception - { - URL url = null; - try - { - Logger.debug("getDocumentFromDtl, dtlUrl:'"+dtlUrl+"' eDtlUrl:'"+eDtlUrl+"'"); - url = new URL(dtlUrl); - QName qname = new QName("http://stork.eu", - "DocumentService"); - - Service service = Service.create(url, qname); - DocumentService docservice = service.getPort(DocumentService.class); - - BindingProvider bp = (BindingProvider) docservice; - SOAPBinding binding = (SOAPBinding) bp.getBinding(); - binding.setMTOMEnabled(true); - - if (eDtlUrl.equalsIgnoreCase(dtlUrl)) - return docservice.getDocument(transferRequest, ""); - else - return docservice.getDocument(transferRequest, eDtlUrl); - } - catch (Exception e) - { - e.printStackTrace(); - throw new Exception("Error in getDocumentFromDtl", e); - } - } - - /** - * Get a document transfer request (attribute query) - * @param docId - * @return - * @throws SimpleException - */ - private String getDocTransferRequest(String docId, String destinationUrl) throws Exception - { - String spCountry = docId.substring(0, docId.indexOf("/")); - final STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - STORKAttrQueryRequest req = new STORKAttrQueryRequest(); - req.setAssertionConsumerServiceURL(dtlUrl); - req.setDestination(destinationUrl); - req.setSpCountry(spCountry); - req.setQaa(3);//TODO - PersonalAttributeList pal = new PersonalAttributeList(); - PersonalAttribute attr = new PersonalAttribute(); - attr.setName("docRequest"); - attr.setIsRequired(true); - attr.setValue(Arrays.asList(docId)); - pal.add(attr); - req.setPersonalAttributeList(pal); - - STORKAttrQueryRequest req1; - try { - req1 = engine.generateSTORKAttrQueryRequest(req); - return PEPSUtil.encodeSAMLTokenUrlSafe(req1.getTokenSaml()); - } catch (STORKSAMLEngineException e) { - e.printStackTrace(); - throw new Exception("Error in doc request attribute query generation", e); - } - } - - /** - * Get mime type of document from DTL - * @param docId The document id - * @param dtlUrl The url of dtl - * @return The mime type - */ -// private String getDocumentMimeFromDtl(String docId, String eDtlUrl) throws Exception -// { -// URL url = null; -// try -// { -// url = new URL(dtlUrl); -// QName qname = new QName("http://stork.eu", -// "DocumentService"); -// -// Service service = Service.create(url, qname); -// DocumentService docservice = service.getPort(DocumentService.class); -// -// BindingProvider bp = (BindingProvider) docservice; -// SOAPBinding binding = (SOAPBinding) bp.getBinding(); -// binding.setMTOMEnabled(true); -// -// if (eDtlUrl.equalsIgnoreCase(dtlUrl)) -// return docservice.getDocumentMime(docId, ""); -// else -// return docservice.getDocumentMime(docId, eDtlUrl); -// } -// catch (Exception e) -// { -// e.printStackTrace(); -// throw new Exception("Error in getDocumentFromDtl", e); -// } -// } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java deleted file mode 100644 index ff3330491..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java +++ /dev/null @@ -1,816 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -package at.gv.egovernment.moa.id.auth.servlet; - -import iaik.x509.X509Certificate; - -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.io.UnsupportedEncodingException; -import java.security.cert.CertificateException; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; - -import javax.activation.DataSource; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServlet; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.bind.JAXBContext; -import javax.xml.bind.JAXBElement; -import javax.xml.bind.JAXBException; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.Source; -import javax.xml.transform.TransformerConfigurationException; -import javax.xml.transform.TransformerException; -import javax.xml.transform.TransformerFactoryConfigurationError; -import javax.xml.transform.stream.StreamSource; - -import org.apache.commons.codec.binary.Base64; -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringEscapeUtils; -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; -import org.opensaml.saml2.core.StatusCode; -import org.xml.sax.SAXException; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.BKUException; -import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.ParseException; -import at.gv.egovernment.moa.id.auth.exception.ServiceException; -import at.gv.egovernment.moa.id.auth.stork.STORKException; -import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.HTTPUtils; -import at.gv.egovernment.moa.id.util.VelocityProvider; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.spss.MOAException; -import at.gv.egovernment.moa.spss.api.SPSSFactory; -import at.gv.egovernment.moa.spss.api.SignatureVerificationService; -import at.gv.egovernment.moa.spss.api.common.Content; - -import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest; -import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.util.StringUtils; -import at.gv.util.xsd.xmldsig.SignatureType; -import at.gv.util.xsd.xmldsig.X509DataType; -import eu.stork.oasisdss.api.ApiUtils; -import eu.stork.oasisdss.api.LightweightSourceResolver; -import eu.stork.oasisdss.api.exceptions.ApiUtilsException; -import eu.stork.oasisdss.api.exceptions.UtilsException; -import eu.stork.oasisdss.profile.SignRequest; -import eu.stork.oasisdss.profile.SignResponse; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -//import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; - -/** - * Endpoint for receiving STORK response messages - * @deprecated Use {@link at.gv.egovernment.moa.id.auth.modules.stork.tasks.PepsConnectorHandleResponseWithoutSignatureTask} instead. - */ -public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { - private static final long serialVersionUID = 1L; - - public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnectorWithLocalSigning"; - - private String oasisDssWebFormURL = "https://testvidp.buergerkarte.at/oasis-dss/DSSWebFormServlet";//load from config below - - - /** - * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) - */ - protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { - super.doGet(request, response); - } - - /** - * Handles the reception of a STORK response message - * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) - */ - protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException - { - Logger.warn(getClass().getName() + " is deprecated and should not be used any more."); - - String moaSessionID1 = request.getParameter("moaSessionID"); - String signResponse = request.getParameter("signresponse"); - Logger.info("moaSessionID1:"+moaSessionID1); - Logger.info("signResponse:"+signResponse); - if(moaSessionID1!=null) - { - if(signResponse!=null) - { - //redirect from oasis with signresponse - handleSignResponse(request, response); - } - else - { - //should not occur - throw new IOException("should not occur"); - } - } - else - { - if(signResponse!=null) - { - //should not occur - throw new IOException("should not occur"); - } - else - { - //normal saml response - handleSAMLResponse(request, response); - } - } - return; - } - - private void handleSignResponse(HttpServletRequest request, HttpServletResponse response) { - Logger.info("handleSignResponse started"); - String moaSessionID = request.getParameter("moaSessionID"); - String signResponse = request.getParameter("signresponse"); - Logger.info("moaSessionID:"+moaSessionID); - Logger.info("signResponse:"+signResponse); - String pendingRequestID = null; - try{ - - - //load MOASession from database - AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID); - //change MOASessionID - moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); - - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID); - Logger.info("pendingRequestID:"+pendingRequestID); - String signResponseString = new String(Base64.decodeBase64(signResponse), "UTF8"); - Logger.info("RECEIVED signresponse:"+signResponseString); - //create SignResponse object - Source response1 = new StreamSource(new java.io.StringReader(signResponseString)); - SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class); - - // SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(Base64.signResponse))); - - String citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse); - - // memorize signature into authblock - moaSession.setAuthBlock(citizenSignature); - - X509Certificate cert = getSignerCertificate(citizenSignature); - moaSession.setSignerCertificate(cert); - VerifyXMLSignatureResponse xMLVerifySignatureResponse = verifyXMLSignature(citizenSignature); - at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse tmp = convert(xMLVerifySignatureResponse); - - - moaSession.setXMLVerifySignatureResponse(tmp); - try{ - IPersonalAttributeList personalAttributeList = moaSession.getAuthnResponseGetPersonalAttributeList(); - //Add SignResponse TODO Add signature (extracted from signResponse)? - List values = new ArrayList(); - values.add(signResponseString); -// values.add(citizenSignature); - Logger.debug("Assembling signedDoc attribute"); - PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values, - "Available"); - personalAttributeList.add(signedDocAttribute); - - String authnContextClassRef = moaSession.getAuthnContextClassRef(); - SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef, citizenSignature); - } catch (STORKException e) { - // this is really nasty but we work against the system here. We are supposed to get the gender attribute from - // stork. If we do not, we cannot register the person in the ERnP - we have to have the - // gender for the represented person. So here comes the dirty hack. - if(e.getCause() instanceof STORKException && e.getCause().getMessage().equals("gender not found in response")) { - try { - Logger.trace("Initialize VelocityEngine..."); - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html"); - VelocityContext context = new VelocityContext(); - context.put("SAMLResponse", request.getParameter("SAMLResponse")); - context.put("action", request.getRequestURL()); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - response.getOutputStream().write(writer.toString().getBytes("UTF-8")); - } catch (Exception e1) { - Logger.error("Error sending gender retrival form.", e1); - // httpSession.invalidate(); - throw new MOAIDException("stork.10", null); - } - - return; - } - - Logger.error("Error connecting SZR Gateway", e); - throw new MOAIDException("stork.10", null); - } - - Logger.debug("Add full STORK AuthnResponse to MOA session"); - moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));//TODO ask Florian/Thomas authnResponse? - moaSession.setForeigner(true); - - //session is implicit stored in changeSessionID!!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); - - Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID); - - //redirect - String redirectURL = null; - redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), - ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID); - redirectURL = response.encodeRedirectURL(redirectURL); - - response.sendRedirect(redirectURL); - Logger.info("REDIRECT TO: " + redirectURL); - - } catch (AuthenticationException e) { - handleError(null, e, request, response, pendingRequestID); - - } catch (MOAIDException e) { - handleError(null, e, request, response, pendingRequestID); - - } catch (Exception e) { - Logger.error("PEPSConnector has an interal Error.", e); - } - - finally { - ConfigurationDBUtils.closeSession(); - } - } - - private void handleSAMLResponse(HttpServletRequest request, HttpServletResponse response) { - Logger.info("handleSAMLResponse started"); - String pendingRequestID = null; - - try { - Logger.info("PEPSConnector Servlet invoked, expecting C-PEPS message."); - Logger.debug("This ACS endpoint is: " + HTTPUtils.getBaseURL(request)); - - super.setNoCachingHeadersInHttpRespone(request, response); - Logger.trace("No Caching headers set for HTTP response"); - - //check if https or only http - super.checkIfHTTPisAllowed(request.getRequestURL().toString()); - - Logger.debug("Beginning to extract SAMLResponse out of HTTP Request"); - - //extract STORK Response from HTTP Request - //Decodes SAML Response - byte[] decSamlToken; - try { - decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse")); - Logger.debug("SAMLResponse: " + new String(decSamlToken)); - - } catch(NullPointerException e) { - Logger.error("Unable to retrieve STORK Response", e); - throw new MOAIDException("stork.04", null); - } - - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("outgoing"); - - STORKAuthnResponse authnResponse = null; - try { - //validate SAML Token - Logger.debug("Starting validation of SAML response"); - authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, (String) request.getRemoteHost()); - Logger.info("SAML response succesfully verified!"); - }catch(STORKSAMLEngineException e){ - Logger.error("Failed to verify STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } - - Logger.info("STORK SAML Response message succesfully extracted"); - Logger.debug("STORK response: "); - Logger.debug(authnResponse.toString()); - - Logger.debug("Trying to find MOA Session-ID ..."); - //String moaSessionID = request.getParameter(PARAM_SESSIONID); - //first use SAML2 relayState - String moaSessionID = request.getParameter("RelayState"); - - // escape parameter strings - moaSessionID= StringEscapeUtils.escapeHtml(moaSessionID); - - //check if SAML2 relaystate includes a MOA sessionID - if (StringUtils.isEmpty(moaSessionID)) { - //if relaystate is emtpty, use SAML response -> inResponseTo element as session identifier - - moaSessionID = authnResponse.getInResponseTo(); - moaSessionID= StringEscapeUtils.escapeHtml(moaSessionID); - - if (StringUtils.isEmpty(moaSessionID)) { - //No authentication session has been started before - Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started"); - Logger.debug("PEPSConnectorURL was: " + request.getRequestURL()); - throw new AuthenticationException("auth.02", new Object[] { moaSessionID }); - - } else - Logger.trace("Use MOA SessionID " + moaSessionID + " from AuthnResponse->inResponseTo attribute."); - - } else - //Logger.trace("MOA SessionID " + moaSessionID + " is found in http GET parameter."); - Logger.trace("MOA SessionID " + moaSessionID + " is found in SAML2 relayState."); - - /*INFO!!!! - * SAML message IDs has an different format then MOASessionIDs - * This is only a workaround because many PEPS does not support SAML2 relayState or - * MOASessionID as AttributConsumerServiceURL GET parameter - */ - // if (!ParamValidatorUtils.isValidSessionID(moaSessionID)) - // throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12"); - - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID); - - //load MOASession from database - AuthenticationSession moaSession = AuthenticationServer.getSession(moaSessionID); - //change MOASessionID - moaSessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); - - Logger.info("Found MOA sessionID: " + moaSessionID); - - - - String statusCodeValue = authnResponse.getStatusCode(); - - if (!statusCodeValue.equals(StatusCode.SUCCESS_URI)) { - Logger.error("Received ErrorResponse from PEPS: " + statusCodeValue); - throw new MOAIDException("stork.06", new Object[] { statusCodeValue }); - } - - Logger.info("Got SAML response with authentication success message."); - - Logger.debug("MOA session is still valid"); - - STORKAuthnRequest storkAuthnRequest = moaSession.getStorkAuthnRequest(); - - if (storkAuthnRequest == null) { - Logger.error("Could not find any preceeding STORK AuthnRequest to this MOA session: " + moaSessionID); - throw new MOAIDException("stork.07", null); - } - - Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID); - - ////////////// incorporate gender from parameters if not in stork response - - IPersonalAttributeList attributeList = authnResponse.getPersonalAttributeList(); - - // but first, check if we have a representation case - if(STORKResponseProcessor.hasAttribute("mandateContent", attributeList) || STORKResponseProcessor.hasAttribute("representative", attributeList) || STORKResponseProcessor.hasAttribute("represented", attributeList)) { - // in a representation case... - moaSession.setUseMandate("true"); - - // and check if we have the gender value - PersonalAttribute gender = attributeList.get("gender"); - if(null == gender) { - String gendervalue = (String) request.getParameter("gender"); - if(null != gendervalue) { - gender = new PersonalAttribute(); - gender.setName("gender"); - ArrayList tmp = new ArrayList(); - tmp.add(gendervalue); - gender.setValue(tmp); - - authnResponse.getPersonalAttributeList().add(gender); - } - } - } - - ////////////////////////////////////////////////////////////////////////// - - Logger.debug("Starting extraction of signedDoc attribute"); - //extract signed doc element and citizen signature - String citizenSignature = null; - try { - PersonalAttribute signedDoc = authnResponse.getPersonalAttributeList().get("signedDoc"); - String signatureInfo = null; - if(signedDoc!=null) - { - signatureInfo = signedDoc.getValue().get(0); - //should not occur - } - else - { - - //store SAMLResponse - moaSession.setSAMLResponse(request.getParameter("SAMLResponse")); - //store authnResponse - - //moaSession.setAuthnResponse(authnResponse);//not serializable - moaSession.setAuthnResponseGetPersonalAttributeList(authnResponse.getPersonalAttributeList()); - - String authnContextClassRef = null; - try { - authnContextClassRef = authnResponse.getAssertions().get(0).getAuthnStatements().get(0).getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef(); - } catch (Throwable e) { - Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level"); - } - - moaSession.setAuthnContextClassRef(authnContextClassRef); - moaSession.setReturnURL(request.getRequestURL()); - - //load signedDoc - String signRequest = moaSession.getSignedDoc(); - - //session is implicit stored in changeSessionID!!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); - - //set return url to PEPSConnectorWithLocalSigningServlet and add newMOASessionID - //signRequest - - String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); - String acsURL = issuerValue + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN; - - String url = acsURL+"?moaSessionID="+newMOASessionID; - //redirect to OASIS module and sign there - - boolean found = false; - try{ - List aps = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs(); - Logger.info("Found AttributeProviderPlugins:"+aps.size()); - for(AttributeProviderPlugin ap : aps) - { - Logger.info("Found AttributeProviderPlugin attribute:"+ap.getAttributes()); - if(ap.getAttributes().equalsIgnoreCase("signedDoc")) - { - // FIXME[tlenz]: A servlet's class field is not thread safe. - oasisDssWebFormURL = ap.getUrl(); - found = true; - Logger.info("Loaded signedDoc attribute provider url from config:"+oasisDssWebFormURL); - break; - } - } - }catch(Exception e) - { - e.printStackTrace(); - Logger.error("Loading the signedDoc attribute provider url from config failed"); - } - if(!found) - { - Logger.error("Failed to load the signedDoc attribute provider url from config"); - } - performRedirect(url,request,response,signRequest); - - return; - } - SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo))); - - citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse); - - // memorize signature into authblock - moaSession.setAuthBlock(citizenSignature); - - X509Certificate cert = getSignerCertificate(citizenSignature); - moaSession.setSignerCertificate(cert); - moaSession.setForeigner(true); - - - } catch (Throwable e) { - Logger.error("Could not extract citizen signature from C-PEPS", e); - throw new MOAIDException("stork.09", null); - } - - try{ - SZRGInsertion(moaSession, authnResponse.getPersonalAttributeList(), authnResponse.getAssertions().get(0).getAuthnStatements().get(0).getAuthnContext().getAuthnContextClassRef().getAuthnContextClassRef(),citizenSignature); - } catch (STORKException e) { - // this is really nasty but we work against the system here. We are supposed to get the gender attribute from - // stork. If we do not, we cannot register the person in the ERnP - we have to have the - // gender for the represented person. So here comes the dirty hack. - if(e.getCause() instanceof STORKException && e.getCause().getMessage().equals("gender not found in response")) { - try { - Logger.trace("Initialize VelocityEngine..."); - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/fetchGender.html"); - VelocityContext context = new VelocityContext(); - context.put("SAMLResponse", request.getParameter("SAMLResponse")); - context.put("action", request.getRequestURL()); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - response.getOutputStream().write(writer.toString().getBytes("UTF-8")); - } catch (Exception e1) { - Logger.error("Error sending gender retrival form.", e1); - // httpSession.invalidate(); - throw new MOAIDException("stork.10", null); - } - - return; - } - - Logger.error("Error connecting SZR Gateway", e); - throw new MOAIDException("stork.10", null); - } - - Logger.debug("Add full STORK AuthnResponse to MOA session"); - moaSession.setStorkAuthnResponse(request.getParameter("SAMLResponse"));//TODO ask Florian/Thomas authnResponse? - - //session is implicit stored in changeSessionID!!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession); - - Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID); - - //redirect - String redirectURL = null; - redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), - ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID); - redirectURL = response.encodeRedirectURL(redirectURL); - - response.setContentType("text/html"); - response.setStatus(302); - response.addHeader("Location", redirectURL); - Logger.info("REDIRECT TO: " + redirectURL); - - } catch (AuthenticationException e) { - handleError(null, e, request, response, pendingRequestID); - - } catch (MOAIDException e) { - handleError(null, e, request, response, pendingRequestID); - - } catch (Exception e) { - Logger.error("PEPSConnector has an interal Error.", e); - } - - finally { - ConfigurationDBUtils.closeSession(); - } - - } - - private void performRedirect(String url, HttpServletRequest req, HttpServletResponse resp, String signRequestString) - throws MOAIDException { - - try { - Logger.trace("Initialize VelocityEngine..."); - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/oasis_dss_webform_binding.vm"); - VelocityContext context = new VelocityContext(); - - Logger.debug("performRedirect, signrequest:"+signRequestString); - Source signDoc = new StreamSource(new java.io.StringReader(signRequestString)); - SignRequest signRequest = ApiUtils.unmarshal(signDoc, SignRequest.class); - signRequest.setReturnURL("TODO"); - signRequestString = IOUtils.toString(ApiUtils.marshalToInputStream(signRequest)); - context.put("signrequest", Base64.encodeBase64String(signRequestString.getBytes("UTF8"))); - context.put("clienturl", url); - context.put("action", oasisDssWebFormURL ); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); - } catch (Exception e) { - Logger.error("Error sending DSS signrequest.", e); - throw new MOAIDException("stork.11", null); - } - } - - private String getCitizienSignatureFromSignResponseFromSAML(STORKAuthnResponse authnResponse) throws ApiUtilsException, IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, MOAIDException - { - PersonalAttribute signedDoc = authnResponse.getPersonalAttributeList().get("signedDoc"); - String signatureInfo = null; - if(signedDoc==null) - { - Logger.error("SignedDoc = null, failed to extract Signresponse from authnResponse"); - throw new MOAIDException("stork.09", null); - } - signatureInfo = signedDoc.getValue().get(0); - - SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo))); - String citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse); - return citizenSignature; - - } - - private String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, ApiUtilsException - { - // fetch signed doc - DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse); - if(ds == null){ - throw new ApiUtilsException("No datasource found in response"); - } - - InputStream incoming = ds.getInputStream(); - String citizenSignature = IOUtils.toString(incoming); - incoming.close(); - - return citizenSignature; - } - - private X509Certificate getSignerCertificate(String citizenSignature) throws CertificateException, JAXBException, UnsupportedEncodingException - { - JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName()); - SignatureType root = ((JAXBElement) ctx.createUnmarshaller().unmarshal(IOUtils.toInputStream(citizenSignature))).getValue(); - - // extract certificate - for(Object current : root.getKeyInfo().getContent()) - if(((JAXBElement) current).getValue() instanceof X509DataType) { - for(Object currentX509Data : ((JAXBElement) current).getValue().getX509IssuerSerialOrX509SKIOrX509SubjectName()) { - JAXBElement casted = ((JAXBElement) currentX509Data); - if(casted.getName().getLocalPart().equals("X509Certificate")) { - return new X509Certificate(((String)casted.getValue()).getBytes("UTF-8")); - } - } - } - return null; - } - - private void SZRGInsertion(AuthenticationSession moaSession, IPersonalAttributeList personalAttributeList, String authnContextClassRef, String citizenSignature) throws STORKException, MOAIDException - { - Logger.debug("Foregin Citizen signature successfully extracted from STORK Assertion (signedDoc)"); - Logger.debug("Citizen signature will be verified by SZR Gateway!"); - - Logger.debug("fetching OAParameters from database"); - - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("auth.00", new Object[] { moaSession.getPublicOAURLPrefix() }); - - // retrieve target - //TODO: check in case of SSO!!! - String targetType = null; - if(oaParam.getBusinessService()) { - String id = oaParam.getIdentityLinkDomainIdentifier(); - if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) - targetType = id; - else - targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_ + moaSession.getDomainIdentifier(); - } else { - targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget(); - } - - - - Logger.debug("Starting connecting SZR Gateway"); - //contact SZR Gateway - IdentityLink identityLink = null; - - identityLink = STORKResponseProcessor.connectToSZRGateway(personalAttributeList, - oaParam.getFriendlyName(), - targetType, null, - oaParam.getMandateProfiles(),citizenSignature); - Logger.debug("SZR communication was successfull"); - - if (identityLink == null) { - Logger.error("SZR Gateway did not return an identity link."); - throw new MOAIDException("stork.10", null); - } - Logger.info("Received Identity Link from SZR Gateway"); - moaSession.setIdentityLink(identityLink); - - Logger.debug("Adding addtional STORK attributes to MOA session"); - moaSession.setStorkAttributes(personalAttributeList); - - //We don't have BKUURL, setting from null to "Not applicable" - moaSession.setBkuURL("Not applicable (STORK Authentication)"); - - // free for single use - moaSession.setAuthenticatedUsed(false); - - // stork did the authentication step - moaSession.setAuthenticated(true); - - //TODO: found better solution, but QAA Level in response could be not supported yet - try { - if(authnContextClassRef==null) - authnContextClassRef = PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel(); - moaSession.setQAALevel(authnContextClassRef); - - } catch (Throwable e) { - Logger.warn("STORK QAA-Level is not found in AuthnResponse. Set QAA Level to requested level"); - moaSession.setQAALevel(PVPConstants.STORK_QAA_PREFIX + oaParam.getQaaLevel()); - - } - - } - - private VerifyXMLSignatureResponse verifyXMLSignature(String signature) throws AuthenticationException, ParseException, BKUException, BuildException, ConfigurationException, ServiceException, UnsupportedEncodingException, SAXException, IOException, ParserConfigurationException, MOAException - { - //Based on MOA demo client - // Factory und Service instanzieren - SPSSFactory spssFac = SPSSFactory.getInstance(); - SignatureVerificationService sigVerifyService = SignatureVerificationService.getInstance(); - - Content sigDocContent1 = spssFac.createContent(IOUtils.toInputStream(signature, "UTF-8"), null); - - // Position der zu prüfenden Signatur im Dokument angeben - // (Nachdem im XPath-Ausdruck ein NS-Präfix verwendet wird, muss in einer Lookup-Tabelle - // der damit bezeichnete Namenraum mitgegeben werden) - HashMap nSMap = new HashMap(); - nSMap.put("dsig", "http://www.w3.org/2000/09/xmldsig#"); - VerifySignatureLocation sigLocation = spssFac.createVerifySignatureLocation("//dsig:Signature", nSMap); - - // Zu prüfendes Dokument und Signaturposition zusammenfassen - - VerifySignatureInfo sigInfo = spssFac.createVerifySignatureInfo(sigDocContent1, sigLocation); - - // Prüfrequest zusammenstellen - VerifyXMLSignatureRequest verifyRequest = spssFac.createVerifyXMLSignatureRequest( - null, // Wird Prüfzeit nicht angegeben, wird aktuelle Zeit verwendet - sigInfo, - null, // Keine Ergänzungsobjekte notwendig - null, // Signaturmanifest-Prüfung soll nicht durchgeführt werden - false, // Hash-Inputdaten, d.h. tatsächlich signierte Daten werden nicht zurückgeliefert - "MOAIDBuergerkartePersonenbindungMitTestkarten");//TODO load from config - //"Test-Signaturdienste"); // ID des verwendeten Vertrauensprofils - - VerifyXMLSignatureResponse verifyResponse = null; - try - { - // Aufruf der Signaturprüfung - verifyResponse = sigVerifyService.verifyXMLSignature(verifyRequest); - } - catch (MOAException e) - { - // Service liefert Fehler - System.err.println("Die Signaturprüfung hat folgenden Fehler geliefert:"); - System.err.println("Fehlercode: " + e.getMessageId()); - System.err.println("Fehlernachricht: " + e.getMessage()); - throw e; - } - -// // Auswertung der Response -// System.out.println(); -// System.out.println("Ergebnisse der Signaturprüfung:"); -// System.out.println(); -// -// // Besondere Eigenschaften des Signatorzertifikats -// SignerInfo signerInfo = verifyResponse.getSignerInfo(); -// System.out.println("*** Ist Zertifikat des Signators qualifiziert? " + ((signerInfo.isQualifiedCertificate()) ? "ja" : "nein")); -// System.out.println("*** Ist Zertifikat des Signators von einer Behörde? " + ((signerInfo.isPublicAuthority()) ? "ja" : "nein")); -// -// // Ergebnisse von Signatur- und Zertifikatsprüfung -// System.out.println(); -// System.out.println("Ergebniscode der Signaturprüfung: " + verifyResponse.getSignatureCheck().getCode()); -// System.out.println("Ergebniscode der Zertifikatsprüfung: " + verifyResponse.getCertificateCheck().getCode()); -// -// // Signatorzertifikat -// System.out.println(); -// System.out.println("*** Zertifikat des Signators:"); -// System.out.println("Aussteller: " + signerInfo.getSignerCertificate().getIssuerDN()); -// System.out.println("Subject: " + signerInfo.getSignerCertificate().getSubjectDN()); -// System.out.println("Seriennummer: " + signerInfo.getSignerCertificate().getSerialNumber()); - return verifyResponse; - } - - private at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse convert(VerifyXMLSignatureResponse xMLVerifySignatureResponse) { - at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse response = new at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse(); - response.setCertificateCheckCode(xMLVerifySignatureResponse.getCertificateCheck().getCode()); - response.setPublicAuthority(xMLVerifySignatureResponse.getSignerInfo().isPublicAuthority()); -// response.setPublicAuthorityCode(publicAuthorityCode) - response.setQualifiedCertificate(xMLVerifySignatureResponse.getSignerInfo().isQualifiedCertificate()); - response.setSignatureCheckCode(xMLVerifySignatureResponse.getSignatureCheck().getCode()); - response.setSignatureManifestCheckCode(xMLVerifySignatureResponse.getSignatureManifestCheck().getCode()); -// response.setSigningDateTime() -// response.setX509certificate(x509certificate) - response.setXmlDSIGManifestCheckCode(xMLVerifySignatureResponse.getSignatureManifestCheck().getCode()); -// response.setXmlDSIGManigest(xMLVerifySignatureResponse.getSignatureManifestCheck()) -// response.setXmlDsigSubjectName(xmlDsigSubjectName) - return response; - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java index 3609925a0..7266a3302 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java @@ -30,11 +30,11 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.SSOManager; +import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.URLEncoder; @@ -60,10 +60,10 @@ public class RedirectServlet extends AuthServlet{ String interIDP = req.getParameter(INTERFEDERATION_IDP); Logger.debug("Check URL against online-applications"); - OnlineApplication oa = null; + OAAuthParameter oa = null; String redirectTarget = DEFAULT_REDIRECTTARGET; try { - oa = ConfigurationDBRead.getActiveOnlineApplication(url); + oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(url); if (oa == null && !url.startsWith(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix())) { resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid"); return; @@ -72,7 +72,7 @@ public class RedirectServlet extends AuthServlet{ //Redirect is a SAML1 send Artifact redirct if (MiscUtil.isNotEmpty(artifact)) { try { - String test = oa.getAuthComponentOA().getTemplates().getBKUSelectionCustomization().getAppletRedirectTarget(); + String test = oa.getFormCustomizaten().get(FormBuildUtils.REDIRECTTARGET); if (MiscUtil.isNotEmpty(test)) redirectTarget = test; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java deleted file mode 100644 index 28d3caba0..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ /dev/null @@ -1,343 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.servlet; - -import iaik.pki.PKIException; - -import java.io.IOException; -import java.security.GeneralSecurityException; -import java.util.List; -import java.util.Map; - -import javax.net.ssl.SSLSocketFactory; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.transform.TransformerException; - -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.lang.StringEscapeUtils; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyAuthenticationBlockTask; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.id.util.SSLUtils; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId; -import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; - -/** - * Servlet requested for verifying the signed authentication block - * provided by the security layer implementation. - * Utilizes the {@link AuthenticationServer}. - * - * @author Paul Ivancsics - * @version $Id$ - * @deprecated Use {@link VerifyAuthenticationBlockTask} instead. - */ -public class VerifyAuthenticationBlockServlet extends AuthServlet { - - - /** - * - */ - private static final long serialVersionUID = -2409629495345900542L; - -/** - * Constructor for VerifyAuthenticationBlockServlet. - */ - public VerifyAuthenticationBlockServlet() { - super(); - } - - /** - * GET requested by security layer implementation to verify - * that data URL resource is available. - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) - */ - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - //doPost(req, resp); - - Logger.debug("GET VerifyAuthenticationBlock"); - - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - } - - /** - * Verifies the signed authentication block and redirects the browser - * to the online application requested, adding a parameter needed for - * retrieving the authentication data. - *
- * Request parameters: - *
    - *
  • MOASessionID: ID of associated authentication session
    • - *
  • XMLResponse: <CreateXMLSignatureResponse>
    • - *
- * Response: - *
    - *
  • Status: 302
    • - *
  • Header "Location": URL of the online application requested, with - * parameters "Target"(only if the online application is - * a public service) and "SAMLArtifact" added
    • - *
  • Error status: 500 - *
- * @see AuthenticationServer#verifyAuthenticationBlock - * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) - */ - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("POST VerifyAuthenticationBlock"); - - Logger.warn(getClass().getName() + " is deprecated and should not be used any more."); - - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - String pendingRequestID = null; - - Map parameters; - try - { - parameters = getParameters(req); - } catch (FileUploadException e) - { - Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); - throw new IOException(e.getMessage()); - - } - String sessionID = req.getParameter(PARAM_SESSIONID); - String createXMLSignatureResponse = (String)parameters.get(PARAM_XMLRESPONSE); - - // escape parameter strings - sessionID = StringEscapeUtils.escapeHtml(sessionID); - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); - - String redirectURL = null; - try { - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) - throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_SESSIONID, "auth.12"); - if (!ParamValidatorUtils.isValidXMLDocument(createXMLSignatureResponse)) - throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12"); - - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - - //change MOASessionID - sessionID = AuthenticationSessionStoreage.changeSessionID(session); - - String samlArtifactBase64 = AuthenticationServer.getInstance().verifyAuthenticationBlock(session, createXMLSignatureResponse); - - - - if (samlArtifactBase64 == null) { - //mandate Mode - - AuthConfiguration authConf= AuthConfigurationProviderFactory.getInstance(); - ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter(); - SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProviderFactory.getInstance(), connectionParameters); - - // get identitity link as byte[] - Element elem = session.getIdentityLink().getSamlAssertion(); - String s = DOMUtils.serializeNode(elem); - - //System.out.println("IDL: " + s); - - byte[] idl = s.getBytes("UTF-8"); - - // redirect url - // build redirect(to the GetMISSessionIdSerlvet) - - //change MOASessionID before MIS request - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); - - redirectURL = - new DataURLBuilder().buildDataURL( - session.getAuthURL(), - GET_MIS_SESSIONID, - newMOASessionID); - - String oaURL = session.getOAURLRequested(); - OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL); - List profiles = oaParam.getMandateProfiles(); - - if (profiles == null) { - Logger.error("No Mandate/Profile for OA configured."); - throw new AuthenticationException("config.21", new Object[] { GET_MIS_SESSIONID}); - } - -// String profilesArray[] = profiles.split(","); -// for(int i = 0; i < profilesArray.length; i++) { -// profilesArray[i] = profilesArray[i].trim(); -// } - - String oaFriendlyName = oaParam.getFriendlyName(); - String mandateReferenceValue = session.getMandateReferenceValue(); - byte[] cert = session.getEncodedSignerCertificate(); - byte[] authBlock = session.getAuthBlock().getBytes("UTF-8"); - - //TODO: check in case of SSO!!! - String targetType = null; - if(oaParam.getBusinessService()) { - String id = oaParam.getIdentityLinkDomainIdentifier(); - if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) - targetType = id; - else - targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier(); - - } else { - targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget(); - } - - MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest( - connectionParameters.getUrl(), - idl, - cert, - oaFriendlyName, - redirectURL, - mandateReferenceValue, - profiles, - targetType, - authBlock, - sslFactory); - - if (misSessionID == null) { - Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null."); - throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service."); - } - - String redirectMISGUI = misSessionID.getRedirectURL(); - session.setMISSessionID(misSessionID.getSessiondId()); - - try { - AuthenticationSessionStoreage.storeSession(session); - } catch (MOADatabaseException e) { - throw new MOAIDException("Session store error", null); - } - - resp.setStatus(302); - resp.addHeader("Location", redirectMISGUI); - Logger.debug("REDIRECT TO: " + redirectURL); - } - else { - - if (!samlArtifactBase64.equals("Redirect to Input Processor")) { - /*redirectURL = session.getOAURLRequested(); - if (!session.getBusinessService()) { - redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(session.getTarget(), "UTF-8")); - - } - redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); - redirectURL = resp.encodeRedirectURL(redirectURL);*/ - - - redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), - ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), samlArtifactBase64); - - } else { - redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID()); - } - - resp.setContentType("text/html"); - resp.setStatus(302); - - resp.addHeader("Location", redirectURL); - Logger.debug("REDIRECT TO: " + redirectURL); - - } - - } - - catch (MOAIDException ex) { - handleError(null, ex, req, resp, pendingRequestID); - - } catch (GeneralSecurityException e) { - handleError(null, e, req, resp, pendingRequestID); - - } catch (PKIException e) { - handleError(null, e, req, resp, pendingRequestID); - - } catch (TransformerException e) { - handleError(null, e, req, resp, pendingRequestID); - - } catch (Exception e) { - Logger.error("AuthBlockValidation has an interal Error.", e); - } - - - finally { - ConfigurationDBUtils.closeSession(); - } - - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java deleted file mode 100644 index 2aa717a65..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java +++ /dev/null @@ -1,235 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.servlet; - -import iaik.x509.X509Certificate; - -import java.io.IOException; -import java.util.Map; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.lang.StringEscapeUtils; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyCertificateTask; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.id.util.ServletUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.spss.util.CertificateUtils; - -/** - * Servlet requested for getting the foreign eID - * provided by the security layer implementation. - * Utilizes the {@link AuthenticationServer}. - * @deprecated Use {@link VerifyCertificateTask} instead. - * - */ -public class VerifyCertificateServlet extends AuthServlet { - - /** - * - */ - private static final long serialVersionUID = -4110159749768152538L; - -/** - * Constructor for VerifyCertificateServlet. - */ - public VerifyCertificateServlet() { - super(); - } - - /** - * GET requested by security layer implementation to verify - * that data URL resource is available. - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) - */ - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("GET VerifyCertificateServlet"); - - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - } - - /** - * Gets the signer certificate from the InfoboxReadRequest and - * responds with a new - * CreateXMLSignatureRequest. - *
- * Request parameters: - *
    - *
  • MOASessionID: ID of associated authentication session
    • - *
  • XMLResponse: <InfoboxReadResponse>
    • - *
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) - */ - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("POST VerifyCertificateServlet"); - - Logger.warn(getClass().getName() + " is deprecated and should not be used any more."); - - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - String pendingRequestID = null; - - Map parameters; - try - { - parameters = getParameters(req); - } catch (FileUploadException e) - { - Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); - throw new IOException(e.getMessage()); - } - String sessionID = req.getParameter(PARAM_SESSIONID); - - // escape parameter strings - sessionID = StringEscapeUtils.escapeHtml(sessionID); - - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); - - AuthenticationSession session = null; - try { - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) - throw new WrongParametersException("VerifyCertificate", PARAM_SESSIONID, "auth.12"); - - session = AuthenticationServer.getSession(sessionID); - - //change MOASessionID - sessionID = AuthenticationSessionStoreage.changeSessionID(session); - - X509Certificate cert = AuthenticationServer.getInstance().getCertificate(sessionID, parameters); - if (cert == null) { - Logger.error("Certificate could not be read."); - throw new AuthenticationException("auth.14", null); - } - - boolean useMandate = session.getUseMandate(); - - - if (useMandate) { - - // verify certificate for OrganWalter - String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert); - - try { - AuthenticationSessionStoreage.storeSession(session); - } catch (MOADatabaseException e) { - throw new MOAIDException("session store error", null); - } - - ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate"); - - } - else { - - - String countrycode = CertificateUtils.getIssuerCountry(cert); - if (countrycode != null) { - if (countrycode.compareToIgnoreCase("AT") == 0) { - Logger.error("Certificate issuer country code is \"AT\". Login not support in foreign identities mode."); - throw new AuthenticationException("auth.22", null); - } - } - - // Foreign Identities Modus - String createXMLSignatureRequest = AuthenticationServer.getInstance().createXMLSignatureRequestForeignID(session, cert); - // build dataurl (to the GetForeignIDSerlvet) - String dataurl = - new DataURLBuilder().buildDataURL( - session.getAuthURL(), - REQ_GET_FOREIGN_ID, - session.getSessionID()); - - try { - AuthenticationSessionStoreage.storeSession(session); - } catch (MOADatabaseException e) { - throw new MOAIDException("session store error", null); - } - - ServletUtils.writeCreateXMLSignatureRequest(resp, createXMLSignatureRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "GetForeignID", dataurl); - - Logger.debug("Send CreateXMLSignatureRequest to BKU"); - } - } - catch (MOAIDException ex) { - handleError(null, ex, req, resp, pendingRequestID); - - } catch (Exception e) { - Logger.error("CertificateValidation has an interal Error.", e); - } - - - finally { - ConfigurationDBUtils.closeSession(); - } - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java deleted file mode 100644 index d2c63a8b3..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java +++ /dev/null @@ -1,279 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.IOException; -import java.util.Map; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang.StringEscapeUtils; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilderCertificate; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.ParseException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyIdentityLinkTask; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.id.util.ServletUtils; -import at.gv.egovernment.moa.logging.Logger; - -/** - * Servlet requested for verifying the identity link - * provided by the security layer implementation. - * Utilizes the {@link AuthenticationServer}. - * - * @author Paul Ivancsics - * @version $Id$ - * @deprecated Use {@link VerifyIdentityLinkTask} instead. - */ -public class VerifyIdentityLinkServlet extends AuthServlet { - - /** - * - */ - private static final long serialVersionUID = -7074476974026049958L; - -/** - * Constructor for VerifyIdentityLinkServlet. - */ - public VerifyIdentityLinkServlet() { - super(); - } - - /** - * GET requested by security layer implementation to verify - * that data URL resource is available. - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) - */ - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("GET VerifyIdentityLink"); - - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - } - - /** - * Verifies the identity link and responds with a new - * CreateXMLSignatureRequest or a new - * InfoboxReadRequest (in case of a foreign eID card). - *
- * Request parameters: - *
    - *
  • MOASessionID: ID of associated authentication session
    • - *
  • XMLResponse: <InfoboxReadResponse>
    • - *
- * Response: - *
    - *
  • Content type: "text/xml"
    • - *
  • Content: see return value of {@link AuthenticationServer#verifyIdentityLink}
    • - *
  • Error status: 500 - *
- * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) - */ - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("POST VerifyIdentityLink"); - - Logger.warn(getClass().getName() + " is deprecated and should not be used any more."); - - Map parameters; - String pendingRequestID = null; - - try - { - parameters = getParameters(req); - - } catch (Exception e) - { - Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); - throw new IOException(e.getMessage()); - } - String sessionID = req.getParameter(PARAM_SESSIONID); - - // escape parameter strings - sessionID = StringEscapeUtils.escapeHtml(sessionID); - - pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); - - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - - try { - // check parameter - if (!ParamValidatorUtils.isValidSessionID(sessionID)) - throw new WrongParametersException("VerifyIdentityLink", PARAM_SESSIONID, "auth.12"); - - - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - - //change MOASessionID - sessionID = AuthenticationSessionStoreage.changeSessionID(session); - - String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyIdentityLink(session, parameters); - - Logger.debug(createXMLSignatureRequestOrRedirect); - - - if (createXMLSignatureRequestOrRedirect == null) { - // no identity link found - - boolean useMandate = session.getUseMandate(); - if (useMandate) { - Logger.error("Online-Mandate Mode for foreign citizencs not supported."); - throw new AuthenticationException("auth.13", null); - } - - try { - - Logger.info("Send InfoboxReadRequest to BKU to get signer certificate."); - - // create the InfoboxReadRequest to get the certificate - String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true); - - // build dataurl (to the VerifyCertificateSerlvet) - String dataurl = - new DataURLBuilder().buildDataURL( - session.getAuthURL(), - REQ_VERIFY_CERTIFICATE, - session.getSessionID()); - - - ServletUtils.writeCreateXMLSignatureRequest(resp, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl); - - - } - catch(Exception e) { - handleError(null, e, req, resp, pendingRequestID); - } - - } - else { - boolean useMandate = session.getUseMandate(); - - if (useMandate) { // Mandate modus - // read certificate and set dataurl to - Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate."); - - - String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true); - - // build dataurl (to the GetForeignIDSerlvet) - String dataurl = - new DataURLBuilder().buildDataURL( - session.getAuthURL(), - REQ_VERIFY_CERTIFICATE, - session.getSessionID()); - - //Logger.debug("ContentType set to: application/x-www-form-urlencoded (ServletUtils)"); - //ServletUtils.writeCreateXMLSignatureRequestURLEncoded(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl); - - Logger.debug("ContentType set to: text/xml;charset=UTF-8 (ServletUtils)"); - ServletUtils.writeCreateXMLSignatureRequest(resp, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl); - - } - else { - Logger.info("Normal"); - - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - AuthConfiguration authConf = AuthConfigurationProviderFactory - .getInstance(); - - createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance() - .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, - authConf, oaParam); - - ServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, session, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink"); - } - } - - try { - AuthenticationSessionStoreage.storeSession(session); - - } catch (MOADatabaseException e) { - Logger.info("No valid MOA session found. Authentification process is abourted."); - throw new AuthenticationException("auth.20", null); - } - } - catch (ParseException ex) { - handleError(null, ex, req, resp, pendingRequestID); - - } catch (MOAIDException ex) { - handleError(null, ex, req, resp, pendingRequestID); - - } catch (Exception e) { - Logger.error("IdentityLinkValidation has an interal Error.", e); - } - - finally { - ConfigurationDBUtils.closeSession(); - } - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java index d7f503454..113e9cdda 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProviderImpl.java @@ -47,10 +47,25 @@ package at.gv.egovernment.moa.id.config; import java.util.Map; +import java.util.Properties; +import org.hibernate.cfg.Configuration; + +import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; +import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; +import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.ExceptionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; +import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.data.IssuerAndSerial; +import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore; +import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.util.config.EgovUtilPropertiesConfiguration; -import com.fasterxml.jackson.annotation.JsonProperty; /** * Base class for AuthConfigurationProvider and ProxyConfigurationProvider, @@ -59,15 +74,18 @@ import com.fasterxml.jackson.annotation.JsonProperty; * @author Paul Ivancsics * @version $Id$ */ -public class ConfigurationProviderImpl implements ConfigurationProvider{ +public abstract class ConfigurationProviderImpl implements ConfigurationProvider{ /** * Constructor */ public ConfigurationProviderImpl() { + super(); } + private EgovUtilPropertiesConfiguration eGovUtilsConfig = null; + /** * The name of the system property which contains the file name of the * configuration file. @@ -125,49 +143,140 @@ public class ConfigurationProviderImpl implements ConfigurationProvider{ protected boolean trustmanagerrevoationchecking = true; + protected Properties configProp = null; + /** * Returns the main configuration file directory used to configure MOA-ID * * @return the directory */ - @JsonProperty("getRootConfigFileDir") public String getRootConfigFileDir() { return rootConfigFileDir; } - @JsonProperty("getDefaultChainingMode") + public String getDefaultChainingMode() { return defaultChainingMode; } - - + /** - * Returns the trustedCACertificates. - * @return String + * Get the DB configuration properties from MOA-ID-Auth configuration file + * + * @return */ - @JsonProperty("getTrustedCACertificates") - public String getTrustedCACertificates() { - - return trustedCACertificates; + public Properties getDBConnectionConfiguration() { + return this.configProp; } -/** - * @return the certstoreDirectory - */ -@JsonProperty("getCertstoreDirectory") -public String getCertstoreDirectory() { - return certstoreDirectory; -} - -/** - * @return the trustmanagerrevoationchecking - */ -@JsonProperty("isTrustmanagerrevoationchecking") -public boolean isTrustmanagerrevoationchecking() { - return trustmanagerrevoationchecking; -} + /** + * @param properties + * @throws ConfigurationException + * @throws org.opensaml.xml.ConfigurationException + */ + public void initial(Properties props) throws ConfigurationException, org.opensaml.xml.ConfigurationException { + //Initial Hibernate Framework + Logger.trace("Initializing Hibernate framework."); + try { + // read MOAID Session Hibernate properties + Properties moaSessionProp = new Properties(); + for (Object key : props.keySet()) { + String propPrefix = "moasession."; + if (key.toString().startsWith(propPrefix+"hibernate")) { + String propertyName = key.toString().substring(propPrefix.length()); + moaSessionProp.put(propertyName, props.get(key.toString())); + } + } + + // read Config Hibernate properties + configProp = new Properties(); + for (Object key : props.keySet()) { + String propPrefix = "configuration."; + if (key.toString().startsWith(propPrefix+"hibernate")) { + String propertyName = key.toString().substring(propPrefix.length()); + configProp.put(propertyName, props.get(key.toString())); + } + } + + // read advanced logging properties + Properties statisticProps = new Properties(); + for (Object key : props.keySet()) { + String propPrefix = "advancedlogging."; + if (key.toString().startsWith(propPrefix+"hibernate")) { + String propertyName = key.toString().substring(propPrefix.length()); + statisticProps.put(propertyName, props.get(key.toString())); + } + } + + // initialize hibernate + synchronized (ConfigurationProviderImpl.class) { + + //Initial config Database + // ConfigurationDBUtils.initHibernate(configProp); + + //initial MOAID Session Database + Configuration config = new Configuration(); + config.addAnnotatedClass(AssertionStore.class); + config.addAnnotatedClass(AuthenticatedSessionStore.class); + config.addAnnotatedClass(OASessionStore.class); + config.addAnnotatedClass(OldSSOSessionIDStore.class); + config.addAnnotatedClass(ExceptionStore.class); + config.addAnnotatedClass(InterfederationSessionStore.class); + config.addAnnotatedClass(ProcessInstanceStore.class); + config.addProperties(moaSessionProp); + MOASessionDBUtils.initHibernate(config, moaSessionProp); + + //initial advanced logging + if (Boolean.valueOf(props.getProperty("configuration.advancedlogging.active", "false"))) { + Logger.info("Advanced statistic log is activated, starting initialization process ..."); + Configuration statisticconfig = new Configuration(); + statisticconfig.addAnnotatedClass(StatisticLog.class); + statisticconfig.addProperties(statisticProps); + StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps); + Logger.info("Advanced statistic log is initialized."); + } + + } + Logger.trace("Hibernate initialization finished."); + + } catch (ExceptionInInitializerError e) { + throw new ConfigurationException("config.17", null, e); + + } finally { + + + } + + + //Initialize OpenSAML for STORK + Logger.info("Starting initialization of OpenSAML..."); + MOADefaultBootstrap.bootstrap(); + //DefaultBootstrap.bootstrap(); + Logger.debug("OpenSAML successfully initialized"); + + + //read eGovUtils client configuration + Properties eGovUtilsConfigProp = new Properties(); + for (Object key : props.keySet()) { + String propPrefix = "service."; + if (key.toString().startsWith(propPrefix+"egovutil")) { + String propertyName = key.toString().substring(propPrefix.length()); + eGovUtilsConfigProp.put(propertyName, props.get(key.toString())); + } + } + if (!eGovUtilsConfigProp.isEmpty()) { + Logger.info("Start eGovUtils client implementation configuration ..."); + eGovUtilsConfig = + new EgovUtilPropertiesConfiguration(eGovUtilsConfigProp, rootConfigFileDir); + } + + } - + /** + * @return the eGovUtilsConfig + */ + public EgovUtilPropertiesConfiguration geteGovUtilsConfig() { + return eGovUtilsConfig; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java deleted file mode 100644 index a2e8bab9b..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java +++ /dev/null @@ -1,172 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria MOA-ID has been developed in a cooperation between - * BRZ, the Federal Chancellery Austria - ICT staff unit, and Graz University of Technology. - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by the European - * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in - * compliance with the Licence. You may obtain a copy of the Licence at: http://www.osor.eu/eupl/ - * Unless required by applicable law or agreed to in writing, software distributed under the Licence - * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express - * or implied. See the Licence for the specific language governing permissions and limitations under - * the Licence. This product combines work with different licenses. See the "NOTICE" text file for - * details on the various modules and licenses. The "NOTICE" text file is part of the distribution. - * Any derivative works that you distribute must include a readable copy of the "NOTICE" text file. - */ - -package at.gv.egovernment.moa.id.config; - -import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; - -/** - * Configuration parameters belonging to an online application, to be used within both, the MOA ID - * Auth and the MOA ID PROXY component. - * - * @author Harald Bratko - */ -public class OAParameter { - - public OAParameter() { } - - public OAParameter(OnlineApplication oa) { - - this.oaType = oa.getType(); - - if (this.oaType.equals("businessService")) - this.businessService = true; - else - this.businessService = false; - - this.publicURLPrefix = oa.getPublicURLPrefix(); - - this.friendlyName = oa.getFriendlyName(); - - this.target = oa.getTarget(); - - this.targetFriendlyName = oa.getTargetFriendlyName(); - - this.removePBKFromAuthblock = oa.isRemoveBPKFromAuthBlock(); - - this.oAuth20Config = oa.getAuthComponentOA().getOAOAUTH20(); - - this.isInderfederationIDP = oa.isIsInterfederationIDP(); - - this.isSTORKPVPGateway = oa.isIsInterfederationGateway(); - - } - - /** - * type of the online application (maybe "PublicService" or "BusinessService") - */ - private String oaType; - - /** - * specifies whether the online application is a business application or not (true - * if value of {@link #oaType} is "businessService" - */ - protected boolean businessService; - - - /** - * public URL prefix of the online application - */ - protected String publicURLPrefix; - - /** - * specifies a human readable name of the Online Application - */ - protected String friendlyName; - - /** - * specified a specific target for the Online Application (overwrites the target in der request) - */ - protected String target; - /** - * specifies a friendly name for the target - */ - protected String targetFriendlyName; - - protected boolean removePBKFromAuthblock; - - protected Boolean isInderfederationIDP; - - protected Boolean isSTORKPVPGateway; - - /** - * Contains the oAuth 2.0 configuration (client id, secret and redirect uri) - */ - private OAOAUTH20 oAuth20Config; - - public String getOaType() { - return oaType; - } - - public boolean getBusinessService() { - return businessService; - } - - public String getPublicURLPrefix() { - return publicURLPrefix; - } - - public String getFriendlyName() { - return friendlyName; - } - - public String getTarget() { - return target; - } - - public String getTargetFriendlyName() { - return targetFriendlyName; - } - - public boolean isRemovePBKFromAuthBlock() { - return removePBKFromAuthblock; - } - - public OAOAUTH20 getoAuth20Config() { - return oAuth20Config; - } - - /** - * @return the isInderfederationIDP - */ - public boolean isInderfederationIDP() { - if (isInderfederationIDP == null) - return false; - - return isInderfederationIDP; - } - - public boolean isSTORKPVPGateway() { - if (isSTORKPVPGateway == null) - return false; - - return isSTORKPVPGateway; - } - - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java index 80ecff2d2..87e40c1b3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java @@ -22,55 +22,25 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.config.auth; -import java.util.Date; - -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.logging.Logger; public class AuthConfigLoader implements Runnable { - private static final long INTERVAL = 60; // 60 sec + private static final long INTERVAL = 24 * 60 * 60; // 24 hours public void run() { while (true) { try { - Thread.sleep(INTERVAL * 1000); - - Logger.trace("check for new config."); - MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); - - if (moaidconfig != null) { - Date dbdate = moaidconfig.getTimestampItem(); - Date pvprefresh = moaidconfig.getPvp2RefreshItem(); - - //TODO: check!!!! - - //Date date = AuthConfigurationProviderFactory.getInstance().getTimeStamp(); - Date date = new Date(); - + Thread.sleep(INTERVAL * 1000); + Logger.trace("Check consistence of PVP2X metadata"); + MOAMetadataProvider.reInitialize(); - if (dbdate != null && dbdate.after(date)) { - AuthConfiguration instance = AuthConfigurationProviderFactory.getInstance(); -// instance.reloadDataBaseConfig(); - } - - Date pvpdate = MOAMetadataProvider.getTimeStamp(); - if (pvprefresh != null && pvpdate != null && pvprefresh.after(pvpdate)) { - MOAMetadataProvider.reInitialize(); - } - - } else { - Logger.warn("MOA-ID Configuration is actually not found. Reuse old configuration."); - - } - - + } catch (Throwable e) { - Logger.warn("MOA-ID Configuration is actually not loadable. Reuse old configuration.", e); + Logger.warn("MOA-ID Configuration validation is not possible, actually. Reuse old configuration.", e); } finally { ConfigurationDBUtils.closeSession(); @@ -81,8 +51,8 @@ public class AuthConfigLoader implements Runnable { public static void start() { // start the session cleanup thread - Thread configLoader = new Thread(new AuthConfigLoader(), "AuthConfigLoader"); - configLoader.setName("ConfigurationLoader"); + Thread configLoader = new Thread(new AuthConfigLoader(), "ConfigurationChecker"); + configLoader.setName("ConfigurationChecker"); configLoader.setDaemon(true); configLoader.setPriority(Thread.MIN_PRIORITY); configLoader.start(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java index b93312f78..e4072d0c5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfiguration.java @@ -1,6 +1,7 @@ package at.gv.egovernment.moa.id.config.auth; import java.util.List; +import java.util.Map; import java.util.Properties; import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; @@ -14,6 +15,8 @@ import at.gv.util.config.EgovUtilPropertiesConfiguration; public interface AuthConfiguration extends ConfigurationProvider{ + public static final String DEFAULT_X509_CHAININGMODE = "pkix"; + public Properties getGeneralPVP2ProperiesConfig(); public Properties getGeneralOAuth20ProperiesConfig(); @@ -23,7 +26,7 @@ public interface AuthConfiguration extends ConfigurationProvider{ @Deprecated public PVP2 getGeneralPVP2DBConfig(); - public Properties getConfigurationWithPrefix(final String Prefix); + public Map getConfigurationWithPrefix(final String Prefix); public String getConfigurationWithKey(final String key); @@ -98,12 +101,48 @@ public interface AuthConfiguration extends ConfigurationProvider{ public String getDocumentServiceUrl(); + /** + * Notify, if the STORK fake IdentityLink functionality is active + * + * @return true/false + */ public boolean isStorkFakeIdLActive(); + /** + * Get a list of all STORK countries for which a faked IdentityLink should be created + * + * @return {List} of country codes + */ public List getStorkFakeIdLCountries(); + /** + * Get a list of all STORK countries for which no signature is required + * + * @return {List} of country codes + */ + public List getStorkNoSignatureCountries(); + + /** + * Get the MOA-SS key-group identifier for fake IdentityLink signing + * + * @return MOA-SS key-group identifier {String} + */ public String getStorkFakeIdLResigningKey(); + + /** + * Notify, if the PVP2x metadata schema validation is active + * + * @return true/false + */ public boolean isPVPSchemaValidationActive(); + /** + * Get all configuration values with prefix and wildcard + * + * @param key: Search key. * and % can be used as wildcards + * @return Key/Value pairs {Map}, which key maps the search key + */ + Map getConfigurationWithWildCard(String key); + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index 7ebde05df..03f4a300a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -1,1221 +1,1221 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.auth; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.math.BigInteger; -import java.net.MalformedURLException; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Properties; - -import javax.xml.bind.JAXBContext; -import javax.xml.bind.Unmarshaller; - -import org.hibernate.cfg.Configuration; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask; -import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; -import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; -import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; -import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; -import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; -import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; -import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; -import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; -import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; -import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; -import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; -import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; -import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; -import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; -import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; -import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; -import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.ExceptionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; -import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; -import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; -import at.gv.egovernment.moa.id.config.ConfigurationUtils; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; -import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; -import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; -import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; -import at.gv.egovernment.moa.id.config.legacy.BuildFromLegacyConfig; -import at.gv.egovernment.moa.id.config.stork.STORKConfig; -import at.gv.egovernment.moa.id.data.IssuerAndSerial; -import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore; -import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.MiscUtil; -import at.gv.util.config.EgovUtilPropertiesConfiguration; - -import com.fasterxml.jackson.annotation.JsonIgnore; -import com.fasterxml.jackson.annotation.JsonProperty; - -/** - * A class providing access to the Auth Part of the MOA-ID configuration data. - * - *

Configuration data is read from an XML file, whose location is given by - * the moa.id.configuration system property.

- *

This class implements the Singleton pattern. The reload() - * method can be used to update the configuration data. Therefore, it is not - * guaranteed that consecutive calls to getInstance() will return - * the same AuthConfigurationProvider all the time. During the - * processing of a web service request, the current - * TransactionContext should be used to obtain the - * AuthConfigurationProvider local to that request.

- * - * @author Patrick Peck - * @author Stefan Knirsch - * - * @version $Id$ - * - *@deprecated Use {@link AuthConfigProviderFactory} instead - */ -public class AuthConfigurationProvider extends ConfigurationProviderImpl implements AuthConfiguration { - -// /** DEFAULT_ENCODING is "UTF-8" */ -// private static final String DEFAULT_ENCODING="UTF-8"; - /** - * The name of the generic configuration property giving the authentication session time out. - */ - public static final String AUTH_SESSION_TIMEOUT_PROPERTY = - "AuthenticationSession.TimeOut"; - /** - * The name of the generic configuration property giving the authentication data time out. - */ - public static final String AUTH_DATA_TIMEOUT_PROPERTY = - "AuthenticationData.TimeOut"; - - /** - * BKUSelectionType HTMLComplete, according to schema type BKUSelectionType - */ - public static final String BKU_SELECTION_TYPE_HTMLCOMPLETE = - "HTMLComplete"; - - /** - * BKUSelectionType HTMLSelect, according to schema type BKUSelectionType - */ - public static final String BKU_SELECTION_TYPE_HTMLSELECT = - "HTMLSelect"; - - /** - * The name of the generic configuration property allowing https connection to - * the user frontend servlets ("StartAuthentication" and "SelectBKU" servlets) - */ - public static final String FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY = - "FrontendServlets.EnableHTTPConnection"; - - /** - * The name of the generic configuration property allowing to set a individual - * DATA URL used to communicate with the BKU (SecurityLayer) - */ - public static final String INDIVIDUAL_DATA_URL_PREFIX = - "FrontendServlets.DataURLPrefix"; - - /** Singleton instance. null, if none has been created. */ - private static AuthConfigurationProvider instance; - - // - // configuration data - // - private static MOAIDConfiguration moaidconfig = null; - - private static Properties props = null; - - private static STORKConfig storkconfig = null; - - private static TimeOuts timeouts = null; - - private static PVP2 pvp2general = null; - - private static String alternativesourceid = null; - - private static List legacyallowedprotocols = new ArrayList(); - private static ProtocolAllowed allowedProtcols = null; - - private static VerifyAuthBlock verifyidl = null; - - private static ConnectionParameter MoaSpConnectionParameter = null; - private static ConnectionParameter ForeignIDConnectionParameter = null; - private static ConnectionParameter OnlineMandatesConnectionParameter = null; - - private static String MoaSpIdentityLinkTrustProfileID = null; - - private static List TransformsInfos = null; - private static List IdentityLinkX509SubjectNames = new ArrayList(); - - private static Map SLRequestTemplates = new HashMap(); - private static Map DefaultBKUURLs = new HashMap(); - - private static SSO ssoconfig = null; - - private EgovUtilPropertiesConfiguration eGovUtilsConfig = null; - - private static Date date = null; - - private String publicURLPreFix = null; - - /** - * Return the single instance of configuration data. - * - * @return AuthConfigurationProvider The current configuration data. - * @throws ConfigurationException - */ - public static synchronized AuthConfigurationProvider getInstance() - throws ConfigurationException { - - if (instance == null) { - reload(); - } - return instance; - } - - public static Date getTimeStamp() { - return date; - } - - /** - * Reload the configuration data and set it if successful. - * - * @return AuthConfigurationProvider The loaded configuration data. - * @throws ConfigurationException Failure to load the configuration data. - */ - public static synchronized AuthConfigurationProvider reload() - throws ConfigurationException { - String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); - if (fileName == null) { - throw new ConfigurationException("config.01", null); - } - Logger.info("Loading MOA-ID-AUTH configuration " + fileName); - - instance = new AuthConfigurationProvider(fileName); - return instance; - } - - - /** - * Constructor for AuthConfigurationProvider. - * @param fileName - * @throws ConfigurationException - */ - public AuthConfigurationProvider(String fileName) - throws ConfigurationException { - - load(fileName); - } - - /** - * Protected constructor. Used by unit tests. - */ - protected AuthConfigurationProvider() { - } - - /** - * Load the configuration data from XML file with the given name and build - * the internal data structures representing the MOA ID configuration. - * - * @param fileName The name of the XML file to load. - * @throws ConfigurationException The MOA configuration could not be - * read/built. - */ - private void load(String fileName) throws ConfigurationException { - - try { - //Initial Hibernate Framework - Logger.trace("Initializing Hibernate framework."); - - //Load MOAID-2.0 properties file - File propertiesFile = new File(fileName); - FileInputStream fis = null; - props = new Properties(); - - // determine the directory of the root config file - rootConfigFileDir = new File(fileName).getParent(); - - try { - rootConfigFileDir = new File(rootConfigFileDir).toURL().toString(); - - } catch (MalformedURLException t) { - throw new ConfigurationException("config.03", null, t); - } - - try { - fis = new FileInputStream(propertiesFile); - props.load(fis); - - // read MOAID Session Hibernate properties - Properties moaSessionProp = new Properties(); - for (Object key : props.keySet()) { - String propPrefix = "moasession."; - if (key.toString().startsWith(propPrefix+"hibernate")) { - String propertyName = key.toString().substring(propPrefix.length()); - moaSessionProp.put(propertyName, props.get(key.toString())); - } - } - - // read Config Hibernate properties - Properties configProp = new Properties(); - for (Object key : props.keySet()) { - String propPrefix = "configuration."; - if (key.toString().startsWith(propPrefix+"hibernate")) { - String propertyName = key.toString().substring(propPrefix.length()); - configProp.put(propertyName, props.get(key.toString())); - } - } - - // read advanced logging properties - Properties statisticProps = new Properties(); - for (Object key : props.keySet()) { - String propPrefix = "advancedlogging."; - if (key.toString().startsWith(propPrefix+"hibernate")) { - String propertyName = key.toString().substring(propPrefix.length()); - statisticProps.put(propertyName, props.get(key.toString())); - } - } - - // initialize hibernate - synchronized (AuthConfigurationProvider.class) { - - //Initial config Database - // ConfigurationDBUtils.initHibernate(configProp); - - //initial MOAID Session Database - Configuration config = new Configuration(); - config.addAnnotatedClass(AssertionStore.class); - config.addAnnotatedClass(AuthenticatedSessionStore.class); - config.addAnnotatedClass(OASessionStore.class); - config.addAnnotatedClass(OldSSOSessionIDStore.class); - config.addAnnotatedClass(ExceptionStore.class); - config.addAnnotatedClass(InterfederationSessionStore.class); - config.addAnnotatedClass(ProcessInstanceStore.class); - config.addProperties(moaSessionProp); - MOASessionDBUtils.initHibernate(config, moaSessionProp); - - //initial advanced logging - if (isAdvancedLoggingActive()) { - Logger.info("Advanced statistic log is activated, starting initialization process ..."); - Configuration statisticconfig = new Configuration(); - statisticconfig.addAnnotatedClass(StatisticLog.class); - statisticconfig.addProperties(statisticProps); - StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps); - Logger.info("Advanced statistic log is initialized."); - } - - } - Logger.trace("Hibernate initialization finished."); - - } catch (FileNotFoundException e) { - throw new ConfigurationException("config.03", null, e); - - } catch (IOException e) { - throw new ConfigurationException("config.03", null, e); - - } catch (ExceptionInInitializerError e) { - throw new ConfigurationException("config.17", null, e); - - } finally { - if (fis != null) - fis.close(); - - } - - - //Initialize OpenSAML for STORK - Logger.info("Starting initialization of OpenSAML..."); - MOADefaultBootstrap.bootstrap(); - //DefaultBootstrap.bootstrap(); - Logger.debug("OpenSAML successfully initialized"); - - - String legacyconfig = props.getProperty("configuration.xml.legacy"); - String xmlconfig = props.getProperty("configuration.xml"); -// String xmlconfigout = props.getProperty("configuration.xml.out"); - - - //configure eGovUtils client implementations - - //read eGovUtils client configuration - Properties eGovUtilsConfigProp = new Properties(); - for (Object key : props.keySet()) { - String propPrefix = "service."; - if (key.toString().startsWith(propPrefix+"egovutil")) { - String propertyName = key.toString().substring(propPrefix.length()); - eGovUtilsConfigProp.put(propertyName, props.get(key.toString())); - } - } - if (!eGovUtilsConfigProp.isEmpty()) { - Logger.info("Start eGovUtils client implementation configuration ..."); - eGovUtilsConfig = - new EgovUtilPropertiesConfiguration(eGovUtilsConfigProp, rootConfigFileDir); - } - - - //TODO: removed in MOA-ID 3.x -// //check if XML config should be used -// if (MiscUtil.isNotEmpty(legacyconfig) || MiscUtil.isNotEmpty(xmlconfig)) { -// Logger.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); -// //moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); -// moaidconfig = NewConfigurationDBRead.getMOAIDConfiguration(); -// if (moaidconfig.getAuthComponentGeneral()!= null || moaidconfig.getChainingModes() != null || moaidconfig.getTrustedCACertificates() != null || moaidconfig.getDefaultBKUs() != null -// || moaidconfig.getSLRequestTemplates() != null || moaidconfig.getTimestampItem() != null || moaidconfig.getPvp2RefreshItem() != null) { +///******************************************************************************* +// * Copyright 2014 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// ******************************************************************************/ +///* +// * Copyright 2003 Federal Chancellery Austria +// * MOA-ID has been developed in a cooperation between BRZ, the Federal +// * Chancellery Austria - ICT staff unit, and Graz University of Technology. +// * +// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by +// * the European Commission - subsequent versions of the EUPL (the "Licence"); +// * You may not use this work except in compliance with the Licence. +// * You may obtain a copy of the Licence at: +// * http://www.osor.eu/eupl/ +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the Licence is distributed on an "AS IS" basis, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the Licence for the specific language governing permissions and +// * limitations under the Licence. +// * +// * This product combines work with different licenses. See the "NOTICE" text +// * file for details on the various modules and licenses. +// * The "NOTICE" text file is part of the distribution. Any derivative works +// * that you distribute must include a readable copy of the "NOTICE" text file. +// */ +// +// +//package at.gv.egovernment.moa.id.config.auth; +// +//import java.io.File; +//import java.io.FileInputStream; +//import java.io.FileNotFoundException; +//import java.io.IOException; +//import java.math.BigInteger; +//import java.net.MalformedURLException; +//import java.util.ArrayList; +//import java.util.Arrays; +//import java.util.Date; +//import java.util.HashMap; +//import java.util.List; +//import java.util.Map; +//import java.util.Properties; +// +//import javax.xml.bind.JAXBContext; +//import javax.xml.bind.Unmarshaller; +// +//import org.hibernate.cfg.Configuration; +// +//import at.gv.egovernment.moa.id.auth.AuthenticationServer; +//import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +//import at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask; +//import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +//import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; +//import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +//import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; +//import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; +//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; +//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; +//import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; +//import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; +//import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; +//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; +//import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; +//import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; +//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +//import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; +//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; +//import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; +//import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; +//import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; +//import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; +//import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; +//import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; +//import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; +//import at.gv.egovernment.moa.id.commons.db.dao.config.TrustAnchor; +//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; +//import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; +//import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; +//import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; +//import at.gv.egovernment.moa.id.commons.db.dao.session.ExceptionStore; +//import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; +//import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; +//import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; +//import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; +//import at.gv.egovernment.moa.id.config.ConfigurationException; +//import at.gv.egovernment.moa.id.config.ConfigurationProvider; +//import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; +//import at.gv.egovernment.moa.id.config.ConfigurationUtils; +//import at.gv.egovernment.moa.id.config.ConnectionParameter; +//import at.gv.egovernment.moa.id.config.ConnectionParameterForeign; +//import at.gv.egovernment.moa.id.config.ConnectionParameterMOASP; +//import at.gv.egovernment.moa.id.config.ConnectionParameterMandate; +//import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; +//import at.gv.egovernment.moa.id.config.legacy.BuildFromLegacyConfig; +//import at.gv.egovernment.moa.id.config.stork.STORKConfig; +//import at.gv.egovernment.moa.id.data.IssuerAndSerial; +//import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore; +//import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap; +//import at.gv.egovernment.moa.logging.Logger; +//import at.gv.egovernment.moa.util.MiscUtil; +//import at.gv.util.config.EgovUtilPropertiesConfiguration; +// +//import com.fasterxml.jackson.annotation.JsonIgnore; +//import com.fasterxml.jackson.annotation.JsonProperty; +// +///** +// * A class providing access to the Auth Part of the MOA-ID configuration data. +// * +// *

Configuration data is read from an XML file, whose location is given by +// * the moa.id.configuration system property.

+// *

This class implements the Singleton pattern. The reload() +// * method can be used to update the configuration data. Therefore, it is not +// * guaranteed that consecutive calls to getInstance() will return +// * the same AuthConfigurationProvider all the time. During the +// * processing of a web service request, the current +// * TransactionContext should be used to obtain the +// * AuthConfigurationProvider local to that request.

+// * +// * @author Patrick Peck +// * @author Stefan Knirsch +// * +// * @version $Id$ +// * +// *@deprecated Use {@link AuthConfigProviderFactory} instead +// */ +//public class AuthConfigurationProvider extends ConfigurationProviderImpl implements AuthConfiguration { +// +//// /** DEFAULT_ENCODING is "UTF-8" */ +//// private static final String DEFAULT_ENCODING="UTF-8"; +// /** +// * The name of the generic configuration property giving the authentication session time out. +// */ +// public static final String AUTH_SESSION_TIMEOUT_PROPERTY = +// "AuthenticationSession.TimeOut"; +// /** +// * The name of the generic configuration property giving the authentication data time out. +// */ +// public static final String AUTH_DATA_TIMEOUT_PROPERTY = +// "AuthenticationData.TimeOut"; +// +// /** +// * BKUSelectionType HTMLComplete, according to schema type BKUSelectionType +// */ +// public static final String BKU_SELECTION_TYPE_HTMLCOMPLETE = +// "HTMLComplete"; +// +// /** +// * BKUSelectionType HTMLSelect, according to schema type BKUSelectionType +// */ +// public static final String BKU_SELECTION_TYPE_HTMLSELECT = +// "HTMLSelect"; +// +// /** +// * The name of the generic configuration property allowing https connection to +// * the user frontend servlets ("StartAuthentication" and "SelectBKU" servlets) +// */ +// public static final String FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY = +// "FrontendServlets.EnableHTTPConnection"; +// +// /** +// * The name of the generic configuration property allowing to set a individual +// * DATA URL used to communicate with the BKU (SecurityLayer) +// */ +// public static final String INDIVIDUAL_DATA_URL_PREFIX = +// "FrontendServlets.DataURLPrefix"; +// +// /** Singleton instance. null, if none has been created. */ +// private static AuthConfigurationProvider instance; +// +// // +// // configuration data +// // +// private static MOAIDConfiguration moaidconfig = null; +// +// private static Properties props = null; +// +// private static STORKConfig storkconfig = null; +// +// private static TimeOuts timeouts = null; +// +// private static PVP2 pvp2general = null; +// +// private static String alternativesourceid = null; +// +// private static List legacyallowedprotocols = new ArrayList(); +// private static ProtocolAllowed allowedProtcols = null; +// +// private static VerifyAuthBlock verifyidl = null; +// +// private static ConnectionParameter MoaSpConnectionParameter = null; +// private static ConnectionParameter ForeignIDConnectionParameter = null; +// private static ConnectionParameter OnlineMandatesConnectionParameter = null; +// +// private static String MoaSpIdentityLinkTrustProfileID = null; +// +// private static List TransformsInfos = null; +// private static List IdentityLinkX509SubjectNames = new ArrayList(); +// +// private static Map SLRequestTemplates = new HashMap(); +// private static Map DefaultBKUURLs = new HashMap(); +// +// private static SSO ssoconfig = null; +// +// private EgovUtilPropertiesConfiguration eGovUtilsConfig = null; +// +// private static Date date = null; +// +// private String publicURLPreFix = null; +// +// /** +// * Return the single instance of configuration data. +// * +// * @return AuthConfigurationProvider The current configuration data. +// * @throws ConfigurationException +// */ +// public static synchronized AuthConfigurationProvider getInstance() +// throws ConfigurationException { +// +// if (instance == null) { +// reload(); +// } +// return instance; +// } +// +// public static Date getTimeStamp() { +// return date; +// } +// +// /** +// * Reload the configuration data and set it if successful. +// * +// * @return AuthConfigurationProvider The loaded configuration data. +// * @throws ConfigurationException Failure to load the configuration data. +// */ +// public static synchronized AuthConfigurationProvider reload() +// throws ConfigurationException { +// String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); +// if (fileName == null) { +// throw new ConfigurationException("config.01", null); +// } +// Logger.info("Loading MOA-ID-AUTH configuration " + fileName); +// +// instance = new AuthConfigurationProvider(fileName); +// return instance; +// } +// +// +// /** +// * Constructor for AuthConfigurationProvider. +// * @param fileName +// * @throws ConfigurationException +// */ +// public AuthConfigurationProvider(String fileName) +// throws ConfigurationException { +// +// load(fileName); +// } +// +// /** +// * Protected constructor. Used by unit tests. +// */ +// protected AuthConfigurationProvider() { +// } +// +// /** +// * Load the configuration data from XML file with the given name and build +// * the internal data structures representing the MOA ID configuration. +// * +// * @param fileName The name of the XML file to load. +// * @throws ConfigurationException The MOA configuration could not be +// * read/built. +// */ +// private void load(String fileName) throws ConfigurationException { +// +// try { +// //Initial Hibernate Framework +// Logger.trace("Initializing Hibernate framework."); +// +// //Load MOAID-2.0 properties file +// File propertiesFile = new File(fileName); +// FileInputStream fis = null; +// props = new Properties(); +// +// // determine the directory of the root config file +// rootConfigFileDir = new File(fileName).getParent(); +// +// try { +// rootConfigFileDir = new File(rootConfigFileDir).toURL().toString(); +// +// } catch (MalformedURLException t) { +// throw new ConfigurationException("config.03", null, t); +// } +// +// try { +// fis = new FileInputStream(propertiesFile); +// props.load(fis); +// +// // read MOAID Session Hibernate properties +// Properties moaSessionProp = new Properties(); +// for (Object key : props.keySet()) { +// String propPrefix = "moasession."; +// if (key.toString().startsWith(propPrefix+"hibernate")) { +// String propertyName = key.toString().substring(propPrefix.length()); +// moaSessionProp.put(propertyName, props.get(key.toString())); +// } +// } +// +// // read Config Hibernate properties +// Properties configProp = new Properties(); +// for (Object key : props.keySet()) { +// String propPrefix = "configuration."; +// if (key.toString().startsWith(propPrefix+"hibernate")) { +// String propertyName = key.toString().substring(propPrefix.length()); +// configProp.put(propertyName, props.get(key.toString())); +// } +// } +// +// // read advanced logging properties +// Properties statisticProps = new Properties(); +// for (Object key : props.keySet()) { +// String propPrefix = "advancedlogging."; +// if (key.toString().startsWith(propPrefix+"hibernate")) { +// String propertyName = key.toString().substring(propPrefix.length()); +// statisticProps.put(propertyName, props.get(key.toString())); +// } +// } +// +// // initialize hibernate +// synchronized (AuthConfigurationProvider.class) { +// +// //Initial config Database +// // ConfigurationDBUtils.initHibernate(configProp); +// +// //initial MOAID Session Database +// Configuration config = new Configuration(); +// config.addAnnotatedClass(AssertionStore.class); +// config.addAnnotatedClass(AuthenticatedSessionStore.class); +// config.addAnnotatedClass(OASessionStore.class); +// config.addAnnotatedClass(OldSSOSessionIDStore.class); +// config.addAnnotatedClass(ExceptionStore.class); +// config.addAnnotatedClass(InterfederationSessionStore.class); +// config.addAnnotatedClass(ProcessInstanceStore.class); +// config.addProperties(moaSessionProp); +// MOASessionDBUtils.initHibernate(config, moaSessionProp); // -// // ConfigurationDBUtils.delete(moaidconfig); -// for(String key : MOAIDConfigurationConstants.getMOAIDConfigurationKeys()){ -// NewConfigurationDBWrite.delete(key); +// //initial advanced logging +// if (isAdvancedLoggingActive()) { +// Logger.info("Advanced statistic log is activated, starting initialization process ..."); +// Configuration statisticconfig = new Configuration(); +// statisticconfig.addAnnotatedClass(StatisticLog.class); +// statisticconfig.addProperties(statisticProps); +// StatisticLogDBUtils.initHibernate(statisticconfig, statisticProps); +// Logger.info("Advanced statistic log is initialized."); // } -// } // +// } +// Logger.trace("Hibernate initialization finished."); // -// //List oas = ConfigurationDBRead.getAllOnlineApplications(); -// List oas = NewConfigurationDBRead.getAllOnlineApplications(); -// if (oas != null && oas.size() > 0) { -// // for (OnlineApplication oa : oas) -// // ConfigurationDBUtils.delete(oa); -// NewConfigurationDBWrite.delete(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY); -// } -// } -// -// //load legacy config if it is configured -// if (MiscUtil.isNotEmpty(legacyconfig)) { -// Logger.warn("WARNING! MOA-ID 2.0 is started with legacy configuration. This setup is not recommended!"); +// } catch (FileNotFoundException e) { +// throw new ConfigurationException("config.03", null, e); // -// MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir, null); +// } catch (IOException e) { +// throw new ConfigurationException("config.03", null, e); // -// List oas = moaconfig.getOnlineApplication(); -// // for (OnlineApplication oa : oas) -// // ConfigurationDBUtils.save(oa); -// NewConfigurationDBWrite.saveOnlineApplications(oas); -// -// moaconfig.setOnlineApplication(null); -// // ConfigurationDBUtils.save(moaconfig); -// NewConfigurationDBWrite.save(moaconfig); +// } catch (ExceptionInInitializerError e) { +// throw new ConfigurationException("config.17", null, e); // -// Logger.info("Legacy Configuration load is completed."); +// } finally { +// if (fis != null) +// fis.close(); // -// // } -// -// //load MOA-ID 2.x config from XML -// if (MiscUtil.isNotEmpty(xmlconfig)) { -// Logger.warn("Load configuration from MOA-ID 2.x XML configuration"); // -// try { -// JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); -// Unmarshaller m = jc.createUnmarshaller(); -// File file = new File(xmlconfig); -// MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(file); -// //ConfigurationDBUtils.save(moaconfig); // -// List importoas = moaconfig.getOnlineApplication(); -// // for (OnlineApplication importoa : importoas) { -// // ConfigurationDBUtils.saveOrUpdate(importoa); -// // } +// //Initialize OpenSAML for STORK +// Logger.info("Starting initialization of OpenSAML..."); +// MOADefaultBootstrap.bootstrap(); +// //DefaultBootstrap.bootstrap(); +// Logger.debug("OpenSAML successfully initialized"); +// // -// NewConfigurationDBWrite.saveOnlineApplications(importoas); +// String legacyconfig = props.getProperty("configuration.xml.legacy"); +// String xmlconfig = props.getProperty("configuration.xml"); +//// String xmlconfigout = props.getProperty("configuration.xml.out"); +// +// +// //configure eGovUtils client implementations +// +// //read eGovUtils client configuration +// Properties eGovUtilsConfigProp = new Properties(); +// for (Object key : props.keySet()) { +// String propPrefix = "service."; +// if (key.toString().startsWith(propPrefix+"egovutil")) { +// String propertyName = key.toString().substring(propPrefix.length()); +// eGovUtilsConfigProp.put(propertyName, props.get(key.toString())); +// } +// } +// if (!eGovUtilsConfigProp.isEmpty()) { +// Logger.info("Start eGovUtils client implementation configuration ..."); +// eGovUtilsConfig = +// new EgovUtilPropertiesConfiguration(eGovUtilsConfigProp, rootConfigFileDir); +// } +// +// +// //TODO: removed in MOA-ID 3.x +//// //check if XML config should be used +//// if (MiscUtil.isNotEmpty(legacyconfig) || MiscUtil.isNotEmpty(xmlconfig)) { +//// Logger.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!"); +//// //moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); +//// moaidconfig = NewConfigurationDBRead.getMOAIDConfiguration(); +//// if (moaidconfig.getAuthComponentGeneral()!= null || moaidconfig.getChainingModes() != null || moaidconfig.getTrustedCACertificates() != null || moaidconfig.getDefaultBKUs() != null +//// || moaidconfig.getSLRequestTemplates() != null || moaidconfig.getTimestampItem() != null || moaidconfig.getPvp2RefreshItem() != null) { +//// +//// // ConfigurationDBUtils.delete(moaidconfig); +//// for(String key : MOAIDConfigurationConstants.getMOAIDConfigurationKeys()){ +//// NewConfigurationDBWrite.delete(key); +//// } +//// } +//// +//// +//// //List oas = ConfigurationDBRead.getAllOnlineApplications(); +//// List oas = NewConfigurationDBRead.getAllOnlineApplications(); +//// if (oas != null && oas.size() > 0) { +//// // for (OnlineApplication oa : oas) +//// // ConfigurationDBUtils.delete(oa); +//// NewConfigurationDBWrite.delete(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY); +//// } +//// } +//// +//// //load legacy config if it is configured +//// if (MiscUtil.isNotEmpty(legacyconfig)) { +//// Logger.warn("WARNING! MOA-ID 2.0 is started with legacy configuration. This setup is not recommended!"); +//// +//// MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir, null); +//// +//// List oas = moaconfig.getOnlineApplication(); +//// // for (OnlineApplication oa : oas) +//// // ConfigurationDBUtils.save(oa); +//// NewConfigurationDBWrite.saveOnlineApplications(oas); +//// +//// moaconfig.setOnlineApplication(null); +//// // ConfigurationDBUtils.save(moaconfig); +//// NewConfigurationDBWrite.save(moaconfig); +//// +//// Logger.info("Legacy Configuration load is completed."); +//// +//// +//// } +//// +//// //load MOA-ID 2.x config from XML +//// if (MiscUtil.isNotEmpty(xmlconfig)) { +//// Logger.warn("Load configuration from MOA-ID 2.x XML configuration"); +//// +//// try { +//// JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); +//// Unmarshaller m = jc.createUnmarshaller(); +//// File file = new File(xmlconfig); +//// MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(file); +//// //ConfigurationDBUtils.save(moaconfig); +//// +//// List importoas = moaconfig.getOnlineApplication(); +//// // for (OnlineApplication importoa : importoas) { +//// // ConfigurationDBUtils.saveOrUpdate(importoa); +//// // } +//// +//// NewConfigurationDBWrite.saveOnlineApplications(importoas); +//// +//// moaconfig.setOnlineApplication(null); +//// //ConfigurationDBUtils.saveOrUpdate(moaconfig); +//// NewConfigurationDBWrite.save(moaconfig); +//// +//// } catch (Exception e) { +//// Logger.warn("MOA-ID XML configuration can not be loaded from File.", e); +//// throw new ConfigurationException("config.02", null); +//// } +//// Logger.info("XML Configuration load is completed."); +//// } +// +// reloadDataBaseConfig(); +// +// +// } catch (Throwable t) { +// throw new ConfigurationException("config.02", null, t); +// } +// } +// +// protected MOAIDConfiguration loadDataBaseConfig() { +// return ConfigurationDBRead.getMOAIDConfiguration(); +// } +// +// public synchronized void reloadDataBaseConfig() throws ConfigurationException { +// +// Logger.info("Read MOA-ID 2.0 configuration from database."); +// moaidconfig = loadDataBaseConfig(); +// Logger.info("MOA-ID 2.0 is loaded."); +// +// if (moaidconfig == null) { +// Logger.warn("NO MOA-ID configuration found."); +// throw new ConfigurationException("config.18", null); +// } +// +// //build STORK Config +// AuthComponentGeneral auth = getAuthComponentGeneral(); +// ForeignIdentities foreign = auth.getForeignIdentities(); +// if (foreign == null ) { +// Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); +// } else +// storkconfig = new STORKConfig(foreign.getSTORK(), props, rootConfigFileDir); +// +// //load Chaining modes +// ChainingModes cm = moaidconfig.getChainingModes(); +// if (cm != null) { +// defaultChainingMode = cm.getSystemDefaultMode().value(); +// +// List tas = cm.getTrustAnchor(); +// +// chainingModes = new HashMap(); +// for (TrustAnchor ta : tas) { +// IssuerAndSerial is = new IssuerAndSerial(ta.getX509IssuerName(), ta.getX509SerialNumber()); +// chainingModes.put(is, ta.getMode().value()); +// } +// } else { +// Logger.warn("Error in MOA-ID Configuration. No ChainingMode configuration found."); +// throw new ConfigurationException("config.02", null); +// } +// +// //set Trusted CA certs directory +// trustedCACertificates = rootConfigFileDir + moaidconfig.getTrustedCACertificates(); +// +// //set CertStoreDirectory +// setCertStoreDirectory(); +// +// //set TrustManagerRevocationChecking +// setTrustManagerRevocationChecking(); +// +// //set default timeouts +// timeouts = new TimeOuts(); +// timeouts.setAssertion(new BigInteger("300")); +// timeouts.setMOASessionCreated(new BigInteger("2700")); +// timeouts.setMOASessionUpdated(new BigInteger("1200")); +// +// //search timeouts in config +// if (auth.getGeneralConfiguration() != null) { +// if (auth.getGeneralConfiguration().getTimeOuts() != null) { +// if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() != null) +// timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion()); +// +// if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() != null) +// timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated()); +// +// if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() != null) +// timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated()); +// +// } else { +// Logger.info("No TimeOuts defined. Use default values"); +// } +// } +// +// // sets the authentication session and authentication data time outs +// AuthenticationServer.getInstance() +// .setSecondsSessionTimeOutCreated(timeouts.getMOASessionCreated().longValue()); +// +// AuthenticationServer.getInstance() +// .setSecondsSessionTimeOutUpdated(timeouts.getMOASessionUpdated().longValue()); +// +// AuthenticationServer.getInstance() +// .setSecondsAuthDataTimeOut(timeouts.getAssertion().longValue()); +// +// +// +// //set PVP2 general config +// Protocols protocols = auth.getProtocols(); +// if (protocols != null) { +// +// allowedProtcols = new ProtocolAllowed(); // -// moaconfig.setOnlineApplication(null); -// //ConfigurationDBUtils.saveOrUpdate(moaconfig); -// NewConfigurationDBWrite.save(moaconfig); +// if (protocols.getSAML1() != null) { +// allowedProtcols.setSAML1Active(protocols.getSAML1().isIsActive()); +// +// //load alternative sourceID +// if (MiscUtil.isNotEmpty(protocols.getSAML1().getSourceID())) +// alternativesourceid = protocols.getSAML1().getSourceID(); +// +// } +// +// if (protocols.getOAuth() != null) { +// allowedProtcols.setOAUTHActive(protocols.getOAuth().isIsActive()); +// } // -// } catch (Exception e) { -// Logger.warn("MOA-ID XML configuration can not be loaded from File.", e); -// throw new ConfigurationException("config.02", null); +// if (protocols.getPVP2() != null) { +// PVP2 el = protocols.getPVP2(); +// +// allowedProtcols.setPVP21Active(el.isIsActive()); +// +// pvp2general = new PVP2(); +// pvp2general.setIssuerName(el.getIssuerName()); +// pvp2general.setPublicURLPrefix(el.getPublicURLPrefix()); +// +// if (el.getOrganization() != null) { +// Organization org = new Organization(); +// pvp2general.setOrganization(org); +// org.setDisplayName(el.getOrganization().getDisplayName()); +// org.setName(el.getOrganization().getName()); +// org.setURL(el.getOrganization().getURL()); +// } +// +// if (el.getContact() != null) { +// List cont = new ArrayList(); +// pvp2general.setContact(cont); +// for (Contact e : el.getContact()) { +// Contact c = new Contact(); +// c.setCompany(e.getCompany()); +// c.setGivenName(e.getGivenName()); +// c.getMail().addAll(e.getMail()); +// c.getPhone().addAll(e.getPhone()); +// c.setSurName(e.getSurName()); +// c.setType(e.getType()); +// cont.add(c); +// } +// } +// } +// } else { +// Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); +// } +// +// //set alternativeSourceID +// if (auth.getGeneralConfiguration() != null) { +// +// //TODO: can be removed in a further version, because it is moved to SAML1 config +// if (MiscUtil.isEmpty(alternativesourceid)) +// alternativesourceid = auth.getGeneralConfiguration().getAlternativeSourceID(); +// +// if (MiscUtil.isNotEmpty(auth.getGeneralConfiguration().getPublicURLPreFix())) +// publicURLPreFix = auth.getGeneralConfiguration().getPublicURLPreFix(); +// +// else { +// Logger.error("No Public URL Prefix configured."); +// throw new ConfigurationException("config.05", new Object[]{"Public URL Prefix"}); // } -// Logger.info("XML Configuration load is completed."); +// +// } else { +// Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); +// throw new ConfigurationException("config.02", null); +// } +// +// //set LegacyAllowedProtocols +// try { +// if (auth.getProtocols() != null) { +// Protocols procols = auth.getProtocols(); +// if (procols.getLegacyAllowed() != null) { +// LegacyAllowed legacy = procols.getLegacyAllowed(); +// legacyallowedprotocols = new ArrayList(legacy.getProtocolName()); +// } +// } +// } catch (Exception e) { +// Logger.info("No protocols found with legacy allowed flag!"); +// } +// +// //set VerifyAuthBlockConfig +// MOASP moasp = getMOASPConfig(auth); +// +// VerifyAuthBlock el = moasp.getVerifyAuthBlock(); +// if (el != null) { +// verifyidl = new VerifyAuthBlock(); +// verifyidl.setTrustProfileID(el.getTrustProfileID()); +// verifyidl.setVerifyTransformsInfoProfileID(new ArrayList(el.getVerifyTransformsInfoProfileID())); +// } +// else { +// Logger.warn("Error in MOA-ID Configuration. No Trustprofile for AuthBlock validation."); +// throw new ConfigurationException("config.02", null); // } - - reloadDataBaseConfig(); - - - } catch (Throwable t) { - throw new ConfigurationException("config.02", null, t); - } - } - - protected MOAIDConfiguration loadDataBaseConfig() { - return ConfigurationDBRead.getMOAIDConfiguration(); - } - - public synchronized void reloadDataBaseConfig() throws ConfigurationException { - - Logger.info("Read MOA-ID 2.0 configuration from database."); - moaidconfig = loadDataBaseConfig(); - Logger.info("MOA-ID 2.0 is loaded."); - - if (moaidconfig == null) { - Logger.warn("NO MOA-ID configuration found."); - throw new ConfigurationException("config.18", null); - } - - //build STORK Config - AuthComponentGeneral auth = getAuthComponentGeneral(); - ForeignIdentities foreign = auth.getForeignIdentities(); - if (foreign == null ) { - Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); - } else - storkconfig = new STORKConfig(foreign.getSTORK(), props, rootConfigFileDir); - - //load Chaining modes - ChainingModes cm = moaidconfig.getChainingModes(); - if (cm != null) { - defaultChainingMode = cm.getSystemDefaultMode().value(); - - List tas = cm.getTrustAnchor(); - - chainingModes = new HashMap(); - for (TrustAnchor ta : tas) { - IssuerAndSerial is = new IssuerAndSerial(ta.getX509IssuerName(), ta.getX509SerialNumber()); - chainingModes.put(is, ta.getMode().value()); - } - } else { - Logger.warn("Error in MOA-ID Configuration. No ChainingMode configuration found."); - throw new ConfigurationException("config.02", null); - } - - //set Trusted CA certs directory - trustedCACertificates = rootConfigFileDir + moaidconfig.getTrustedCACertificates(); - - //set CertStoreDirectory - setCertStoreDirectory(); - - //set TrustManagerRevocationChecking - setTrustManagerRevocationChecking(); - - //set default timeouts - timeouts = new TimeOuts(); - timeouts.setAssertion(new BigInteger("300")); - timeouts.setMOASessionCreated(new BigInteger("2700")); - timeouts.setMOASessionUpdated(new BigInteger("1200")); - - //search timeouts in config - if (auth.getGeneralConfiguration() != null) { - if (auth.getGeneralConfiguration().getTimeOuts() != null) { - if (auth.getGeneralConfiguration().getTimeOuts().getAssertion() != null) - timeouts.setAssertion(auth.getGeneralConfiguration().getTimeOuts().getAssertion()); - - if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated() != null) - timeouts.setMOASessionCreated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated()); - - if (auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated() != null) - timeouts.setMOASessionUpdated(auth.getGeneralConfiguration().getTimeOuts().getMOASessionUpdated()); - - } else { - Logger.info("No TimeOuts defined. Use default values"); - } - } - - // sets the authentication session and authentication data time outs - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutCreated(timeouts.getMOASessionCreated().longValue()); - - AuthenticationServer.getInstance() - .setSecondsSessionTimeOutUpdated(timeouts.getMOASessionUpdated().longValue()); - - AuthenticationServer.getInstance() - .setSecondsAuthDataTimeOut(timeouts.getAssertion().longValue()); - - - - //set PVP2 general config - Protocols protocols = auth.getProtocols(); - if (protocols != null) { - - allowedProtcols = new ProtocolAllowed(); - - if (protocols.getSAML1() != null) { - allowedProtcols.setSAML1Active(protocols.getSAML1().isIsActive()); - - //load alternative sourceID - if (MiscUtil.isNotEmpty(protocols.getSAML1().getSourceID())) - alternativesourceid = protocols.getSAML1().getSourceID(); - - } - - if (protocols.getOAuth() != null) { - allowedProtcols.setOAUTHActive(protocols.getOAuth().isIsActive()); - } - - if (protocols.getPVP2() != null) { - PVP2 el = protocols.getPVP2(); - - allowedProtcols.setPVP21Active(el.isIsActive()); - - pvp2general = new PVP2(); - pvp2general.setIssuerName(el.getIssuerName()); - pvp2general.setPublicURLPrefix(el.getPublicURLPrefix()); - - if (el.getOrganization() != null) { - Organization org = new Organization(); - pvp2general.setOrganization(org); - org.setDisplayName(el.getOrganization().getDisplayName()); - org.setName(el.getOrganization().getName()); - org.setURL(el.getOrganization().getURL()); - } - - if (el.getContact() != null) { - List cont = new ArrayList(); - pvp2general.setContact(cont); - for (Contact e : el.getContact()) { - Contact c = new Contact(); - c.setCompany(e.getCompany()); - c.setGivenName(e.getGivenName()); - c.getMail().addAll(e.getMail()); - c.getPhone().addAll(e.getPhone()); - c.setSurName(e.getSurName()); - c.setType(e.getType()); - cont.add(c); - } - } - } - } else { - Logger.warn("Error in MOA-ID Configuration. No general Protcol configuration found."); - } - - //set alternativeSourceID - if (auth.getGeneralConfiguration() != null) { - - //TODO: can be removed in a further version, because it is moved to SAML1 config - if (MiscUtil.isEmpty(alternativesourceid)) - alternativesourceid = auth.getGeneralConfiguration().getAlternativeSourceID(); - - if (MiscUtil.isNotEmpty(auth.getGeneralConfiguration().getPublicURLPreFix())) - publicURLPreFix = auth.getGeneralConfiguration().getPublicURLPreFix(); - - else { - Logger.error("No Public URL Prefix configured."); - throw new ConfigurationException("config.05", new Object[]{"Public URL Prefix"}); - } - - } else { - Logger.warn("Error in MOA-ID Configuration. No GeneralConfig defined."); - throw new ConfigurationException("config.02", null); - } - - //set LegacyAllowedProtocols - try { - if (auth.getProtocols() != null) { - Protocols procols = auth.getProtocols(); - if (procols.getLegacyAllowed() != null) { - LegacyAllowed legacy = procols.getLegacyAllowed(); - legacyallowedprotocols = new ArrayList(legacy.getProtocolName()); - } - } - } catch (Exception e) { - Logger.info("No protocols found with legacy allowed flag!"); - } - - //set VerifyAuthBlockConfig - MOASP moasp = getMOASPConfig(auth); - - VerifyAuthBlock el = moasp.getVerifyAuthBlock(); - if (el != null) { - verifyidl = new VerifyAuthBlock(); - verifyidl.setTrustProfileID(el.getTrustProfileID()); - verifyidl.setVerifyTransformsInfoProfileID(new ArrayList(el.getVerifyTransformsInfoProfileID())); - } - else { - Logger.warn("Error in MOA-ID Configuration. No Trustprofile for AuthBlock validation."); - throw new ConfigurationException("config.02", null); - } - - //set MOASP connection parameters - if (moasp.getConnectionParameter() != null) - MoaSpConnectionParameter = new ConnectionParameterMOASP(moasp.getConnectionParameter(), props, this.rootConfigFileDir); - else - MoaSpConnectionParameter = null; - - //set ForeignIDConnectionParameters - if (foreign != null) { - ForeignIDConnectionParameter = new ConnectionParameterForeign(foreign.getConnectionParameter(), props, this.rootConfigFileDir); - } else { - Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to SZRGW Service found"); - } - - //set OnlineMandateConnectionParameters - OnlineMandates ovs = auth.getOnlineMandates(); - if (ovs != null) { - OnlineMandatesConnectionParameter = new ConnectionParameterMandate(ovs.getConnectionParameter(), props, this.rootConfigFileDir); - - } else { - Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to OVS Service found"); - } - - //set MOASP IdentityLink Trust-ProfileID - VerifyIdentityLink verifyidl = moasp.getVerifyIdentityLink(); - if (verifyidl != null) - MoaSpIdentityLinkTrustProfileID = verifyidl.getTrustProfileID(); - else { - Logger.warn("Error in MOA-ID Configuration. No Trustprofile for IdentityLink validation."); - throw new ConfigurationException("config.02", null); - } - - //set SL transformation infos - SecurityLayer seclayer = auth.getSecurityLayer(); - if (seclayer == null) { - Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration->SecurityLayer found"); - throw new ConfigurationException("config.02", null); - } else { - TransformsInfos = ConfigurationUtils.getTransformInfos(seclayer.getTransformsInfo()); - - if (TransformsInfos == null || TransformsInfos.size() == 0) { - Logger.error("No Security-Layer Transformation found."); - throw new ConfigurationException("config.05", new Object[]{"Security-Layer Transformation"}); - } - - } - - //set IdentityLinkSignerSubjectNames - IdentityLinkX509SubjectNames = new ArrayList(); - IdentityLinkSigners idlsigners = auth.getIdentityLinkSigners(); - if (idlsigners != null) { - Logger.debug("Load own IdentityLinkX509SubjectNames"); - IdentityLinkX509SubjectNames.addAll(new ArrayList(idlsigners.getX509SubjectName())); - } - - // now add the default identity link signers - String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; - for (int i=0; i getLegacyAllowedProtocols() { - return legacyallowedprotocols; - } - - - /** - * Provides configuration information regarding the online application behind - * the given URL, relevant to the MOA-ID Auth component. - * - * @param oaURL URL requested for an online application - * @return an OAAuthParameter, or null - * if none is applicable - */ - public OAAuthParameter getOnlineApplicationParameter(String oaURL) { - - OnlineApplication oa = ConfigurationDBRead.getActiveOnlineApplication(oaURL); - - if (oa == null) { - Logger.warn("Online application with identifier " + oaURL + " is not found."); - return null; - } - - return new OAAuthParameter(oa); - } - - - /** - * Return a string with a url-reference to the VerifyAuthBlock trust - * profile id within the moa-sp part of the authentication component - * - * @return String with a url-reference to the VerifyAuthBlock trust profile ID - * @throws ConfigurationException - */ - public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException { - return verifyidl.getTrustProfileID(); - } - - /** - * Return a string array with references to all verify transform info - * IDs within the moa-sp part of the authentication component - * @return A string array containing all urls to the - * verify transform info IDs - * @throws ConfigurationException - */ - public List getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { - return verifyidl.getVerifyTransformsInfoProfileID(); - } - - /** - * Return a ConnectionParameter bean containing all information - * of the authentication component moa-sp element - * @return ConnectionParameter of the authentication component moa-sp element - * @throws ConfigurationException - */ - public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { - return MoaSpConnectionParameter; - } - - /** - * Return a ConnectionParameter bean containing all information - * of the authentication component foreigid element - * @return ConnectionParameter of the authentication component foreignid element - * @throws ConfigurationException - */ - public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { - return ForeignIDConnectionParameter; - } - - /** - * Return a ConnectionParameter bean containing all information - * of the authentication component OnlineMandates element - * @return ConnectionParameter of the authentication component OnlineMandates element - * @throws ConfigurationException - */ - public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { - return OnlineMandatesConnectionParameter; - } - - /** - * Return a string with a url-reference to the VerifyIdentityLink trust - * profile id within the moa-sp part of the authentication component - * @return String with a url-reference to the VerifyIdentityLink trust profile ID - * @throws ConfigurationException - */ - public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException { - return MoaSpIdentityLinkTrustProfileID; - } - - /** - * Returns the transformsInfos. - * @return String[] - * @throws ConfigurationException - */ - public List getTransformsInfos() throws ConfigurationException { - return TransformsInfos; - } - - /** - * Returns the identityLinkX509SubjectNames. - * @return List - * @throws ConfigurationException - */ - public List getIdentityLinkX509SubjectNames() throws ConfigurationException { - return IdentityLinkX509SubjectNames; - } - - public List getSLRequestTemplates() throws ConfigurationException { - return new ArrayList(SLRequestTemplates.values()); - } - - public String getSLRequestTemplates(String type) throws ConfigurationException { - String el = SLRequestTemplates.get(type); - if (MiscUtil.isNotEmpty(el)) - return el; - else { - Logger.warn("getSLRequestTemplates: BKU Type does not match: " - + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + IOAAuthParameters.LOCALBKU); - return null; - } - } - - public List getDefaultBKUURLs() throws ConfigurationException { - return new ArrayList(DefaultBKUURLs.values()); - } - - public String getDefaultBKUURL(String type) throws ConfigurationException { - String el = DefaultBKUURLs.get(type); - if (MiscUtil.isNotEmpty(el)) - return el; - else { - Logger.warn("getSLRequestTemplates: BKU Type does not match: " - + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + IOAAuthParameters.LOCALBKU); - return null; - } - } - -// public boolean isSSOBusinessService() throws ConfigurationException { +// +// //set MOASP connection parameters +// if (moasp.getConnectionParameter() != null) +// MoaSpConnectionParameter = new ConnectionParameterMOASP(moasp.getConnectionParameter(), props, this.rootConfigFileDir); +// else +// MoaSpConnectionParameter = null; +// +// //set ForeignIDConnectionParameters +// if (foreign != null) { +// ForeignIDConnectionParameter = new ConnectionParameterForeign(foreign.getConnectionParameter(), props, this.rootConfigFileDir); +// } else { +// Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to SZRGW Service found"); +// } +// +// //set OnlineMandateConnectionParameters +// OnlineMandates ovs = auth.getOnlineMandates(); +// if (ovs != null) { +// OnlineMandatesConnectionParameter = new ConnectionParameterMandate(ovs.getConnectionParameter(), props, this.rootConfigFileDir); +// +// } else { +// Logger.warn("Error in MOA-ID Configuration. No Connectionconfiguration to OVS Service found"); +// } +// +// //set MOASP IdentityLink Trust-ProfileID +// VerifyIdentityLink verifyidl = moasp.getVerifyIdentityLink(); +// if (verifyidl != null) +// MoaSpIdentityLinkTrustProfileID = verifyidl.getTrustProfileID(); +// else { +// Logger.warn("Error in MOA-ID Configuration. No Trustprofile for IdentityLink validation."); +// throw new ConfigurationException("config.02", null); +// } +// +// //set SL transformation infos +// SecurityLayer seclayer = auth.getSecurityLayer(); +// if (seclayer == null) { +// Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration->SecurityLayer found"); +// throw new ConfigurationException("config.02", null); +// } else { +// TransformsInfos = ConfigurationUtils.getTransformInfos(seclayer.getTransformsInfo()); +// +// if (TransformsInfos == null || TransformsInfos.size() == 0) { +// Logger.error("No Security-Layer Transformation found."); +// throw new ConfigurationException("config.05", new Object[]{"Security-Layer Transformation"}); +// } +// +// } +// +// //set IdentityLinkSignerSubjectNames +// IdentityLinkX509SubjectNames = new ArrayList(); +// IdentityLinkSigners idlsigners = auth.getIdentityLinkSigners(); +// if (idlsigners != null) { +// Logger.debug("Load own IdentityLinkX509SubjectNames"); +// IdentityLinkX509SubjectNames.addAll(new ArrayList(idlsigners.getX509SubjectName())); +// } +// +// // now add the default identity link signers +// String[] identityLinkSignersWithoutOID = MOAIDAuthConstants.IDENTITY_LINK_SIGNERS_WITHOUT_OID; +// for (int i=0; i getLegacyAllowedProtocols() { +// return legacyallowedprotocols; +// } +// +// +// /** +// * Provides configuration information regarding the online application behind +// * the given URL, relevant to the MOA-ID Auth component. +// * +// * @param oaURL URL requested for an online application +// * @return an OAAuthParameter, or null +// * if none is applicable +// */ +// public OAAuthParameter getOnlineApplicationParameter(String oaURL) { +// +// OnlineApplication oa = ConfigurationDBRead.getActiveOnlineApplication(oaURL); +// +// if (oa == null) { +// Logger.warn("Online application with identifier " + oaURL + " is not found."); +// return null; +// } // -// if (ssoconfig != null && ssoconfig.getIdentificationNumber() != null) -// return true; -// else -// return false; +// return new OAAuthParameter(oa); +// } +// +// +// /** +// * Return a string with a url-reference to the VerifyAuthBlock trust +// * profile id within the moa-sp part of the authentication component +// * +// * @return String with a url-reference to the VerifyAuthBlock trust profile ID +// * @throws ConfigurationException +// */ +// public String getMoaSpAuthBlockTrustProfileID() throws ConfigurationException { +// return verifyidl.getTrustProfileID(); +// } +// +// /** +// * Return a string array with references to all verify transform info +// * IDs within the moa-sp part of the authentication component +// * @return A string array containing all urls to the +// * verify transform info IDs +// * @throws ConfigurationException +// */ +// public List getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException { +// return verifyidl.getVerifyTransformsInfoProfileID(); +// } +// +// /** +// * Return a ConnectionParameter bean containing all information +// * of the authentication component moa-sp element +// * @return ConnectionParameter of the authentication component moa-sp element +// * @throws ConfigurationException +// */ +// public ConnectionParameter getMoaSpConnectionParameter() throws ConfigurationException { +// return MoaSpConnectionParameter; +// } +// +// /** +// * Return a ConnectionParameter bean containing all information +// * of the authentication component foreigid element +// * @return ConnectionParameter of the authentication component foreignid element +// * @throws ConfigurationException +// */ +// public ConnectionParameter getForeignIDConnectionParameter() throws ConfigurationException { +// return ForeignIDConnectionParameter; +// } +// +// /** +// * Return a ConnectionParameter bean containing all information +// * of the authentication component OnlineMandates element +// * @return ConnectionParameter of the authentication component OnlineMandates element +// * @throws ConfigurationException +// */ +// public ConnectionParameter getOnlineMandatesConnectionParameter() throws ConfigurationException { +// return OnlineMandatesConnectionParameter; +// } +// +// /** +// * Return a string with a url-reference to the VerifyIdentityLink trust +// * profile id within the moa-sp part of the authentication component +// * @return String with a url-reference to the VerifyIdentityLink trust profile ID +// * @throws ConfigurationException +// */ +// public String getMoaSpIdentityLinkTrustProfileID() throws ConfigurationException { +// return MoaSpIdentityLinkTrustProfileID; +// } +// +// /** +// * Returns the transformsInfos. +// * @return String[] +// * @throws ConfigurationException +// */ +// public List getTransformsInfos() throws ConfigurationException { +// return TransformsInfos; +// } +// +// /** +// * Returns the identityLinkX509SubjectNames. +// * @return List +// * @throws ConfigurationException +// */ +// public List getIdentityLinkX509SubjectNames() throws ConfigurationException { +// return IdentityLinkX509SubjectNames; +// } +// +// public List getSLRequestTemplates() throws ConfigurationException { +// return new ArrayList(SLRequestTemplates.values()); +// } +// +// public String getSLRequestTemplates(String type) throws ConfigurationException { +// String el = SLRequestTemplates.get(type); +// if (MiscUtil.isNotEmpty(el)) +// return el; +// else { +// Logger.warn("getSLRequestTemplates: BKU Type does not match: " +// + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + IOAAuthParameters.LOCALBKU); +// return null; +// } // } - - public String getSSOTagetIdentifier() throws ConfigurationException { - if (ssoconfig != null) - return ssoconfig.getTarget(); - else - return null; - } - -// public String getSSOTarget() throws ConfigurationException { -// if (ssoconfig!= null) +// +// public List getDefaultBKUURLs() throws ConfigurationException { +// return new ArrayList(DefaultBKUURLs.values()); +// } +// +// public String getDefaultBKUURL(String type) throws ConfigurationException { +// String el = DefaultBKUURLs.get(type); +// if (MiscUtil.isNotEmpty(el)) +// return el; +// else { +// Logger.warn("getSLRequestTemplates: BKU Type does not match: " +// + IOAAuthParameters.ONLINEBKU + " or " + IOAAuthParameters.HANDYBKU + " or " + IOAAuthParameters.LOCALBKU); +// return null; +// } +// } +// +//// public boolean isSSOBusinessService() throws ConfigurationException { +//// +//// if (ssoconfig != null && ssoconfig.getIdentificationNumber() != null) +//// return true; +//// else +//// return false; +//// } +// +// public String getSSOTagetIdentifier() throws ConfigurationException { +// if (ssoconfig != null) // return ssoconfig.getTarget(); +// else +// return null; +// } +// +//// public String getSSOTarget() throws ConfigurationException { +//// if (ssoconfig!= null) +//// return ssoconfig.getTarget(); +//// +//// return null; +//// } +// +// public String getSSOFriendlyName() { +// if (ssoconfig!= null) { +// if (MiscUtil.isNotEmpty(ssoconfig.getFriendlyName())) +// return ssoconfig.getFriendlyName(); +// } +// +// return "Default MOA-ID friendly name for SSO"; +// } +// +// public String getSSOSpecialText() { +// if (ssoconfig!= null) { +// String text = ssoconfig.getSpecialText(); +// if (MiscUtil.isEmpty(text)) +// text = new String(); +// +// return text; +// } +// return new String(); +// } +// +// public String getMOASessionEncryptionKey() { +// +// String prop = props.getProperty("configuration.moasession.key"); +// if (MiscUtil.isEmpty(prop)) +// return null; +// else +// return prop; +// } +// +// /** +// * @return +// */ +// public String getMOAConfigurationEncryptionKey() { +// String prop = props.getProperty("configuration.moaconfig.key"); +// if (MiscUtil.isEmpty(prop)) +// return null; +// else +// return prop; +// } +// +// public boolean isIdentityLinkResigning() { +// String prop = props.getProperty("configuration.resignidentitylink.active", "false"); +// return Boolean.valueOf(prop); +// } +// +// public String getIdentityLinkResigningKey() { +// String prop = props.getProperty("configuration.resignidentitylink.keygroup"); +// if (MiscUtil.isNotEmpty(prop)) +// return prop; +// else +// return null; +// } +// +// /** +// * Checks if is fakeIdL is activated. +// * +// * @return true, if fake IdLs are available for stork +// */ +// public boolean isStorkFakeIdLActive() { +// String prop = props.getProperty("stork.fakeIdL.active", "false"); +// return Boolean.valueOf(prop); +// } +// +// /** +// * Gets the countries which will receive a fake IdL +// * +// * @return the countries +// */ +// public List getStorkFakeIdLCountries() { +// String prop = props.getProperty("stork.fakeIdL.countries", ""); +// return Arrays.asList(prop.replaceAll(" ", "").split(",")); +// } +// +// /** +// * Gets the resigning key (group) for the stork fake IdL. +// * +// * @return the resigning key +// */ +// public String getStorkFakeIdLResigningKey() { +// String prop = props.getProperty("stork.fakeIdL.keygroup"); +// if (MiscUtil.isNotEmpty(prop)) +// return prop; +// else +// return null; +// } +// +// /** +// * Gets the countries for which it is configured to require no signature +// * +// * @return the stork no signature countries +// */ +// public List getStorkNoSignatureCountries() { +// String prop = props.getProperty("stork.fakeIdL.noSignatureCountries", ""); +// return Arrays.asList(prop.replaceAll(" ", "").split(",")); +// } +// +// @JsonProperty("isMonitoringActive") +// public boolean isMonitoringActive() { +// String prop = props.getProperty("configuration.monitoring.active", "false"); +// return Boolean.valueOf(prop); +// } +// +// public String getMonitoringTestIdentityLinkURL() { +// String prop = props.getProperty("configuration.monitoring.test.identitylink.url"); +// if (MiscUtil.isNotEmpty(prop)) +// return prop; +// else +// return null; +// } +// +// public String getMonitoringMessageSuccess() { +// String prop = props.getProperty("configuration.monitoring.message.success"); +// if (MiscUtil.isNotEmpty(prop)) +// return prop; +// else +// return null; +// } +// +// public boolean isAdvancedLoggingActive() { +// String prop = props.getProperty("configuration.advancedlogging.active", "false"); +// return Boolean.valueOf(prop); +// } +// +// public String getPublicURLPrefix() { +// return publicURLPreFix; +// } +// +// public boolean isPVP2AssertionEncryptionActive() { +// String prop = props.getProperty("protocols.pvp2.assertion.encryption.active", "true"); +// return Boolean.valueOf(prop); +// } +// +// public boolean isCertifiacteQCActive() { +// String prop = props.getProperty("configuration.validation.certificate.QC.ignore", "false"); +// return !Boolean.valueOf(prop); +// } +// +// +// //Load document service url from moa properties +// public String getDocumentServiceUrl() { +// String prop = props.getProperty("stork.documentservice.url", "false"); +// return prop; +// } +// +// +// public boolean isPVPSchemaValidationActive() { +// String prop = props.getProperty("protocols.pvp2.schemavalidation", "true"); +// return Boolean.valueOf(prop); +// } +// +// /** +// * Returns the STORK Configuration +// * @return STORK Configuration +// * @throws ConfigurationException +// */ +// public STORKConfig getStorkConfig() throws ConfigurationException { +// +// return storkconfig; +// } +// +// /** +// * @return the eGovUtilsConfig +// */ +//@JsonIgnore +//public EgovUtilPropertiesConfiguration geteGovUtilsConfig() { +// return eGovUtilsConfig; +//} +// +//private void setCertStoreDirectory() throws ConfigurationException { +// AuthComponentGeneral auth = getAuthComponentGeneral(); +// +// if (auth.getGeneralConfiguration() != null) +// certstoreDirectory = rootConfigFileDir + auth.getGeneralConfiguration().getCertStoreDirectory(); +// else { +// Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined."); +// throw new ConfigurationException("config.02", null); +// } +// } +// +// private void setTrustManagerRevocationChecking() throws ConfigurationException { +// AuthComponentGeneral auth = getAuthComponentGeneral(); +// +// if (auth.getGeneralConfiguration() != null && +// auth.getGeneralConfiguration().isTrustManagerRevocationChecking() != null) +// trustmanagerrevoationchecking = auth.getGeneralConfiguration().isTrustManagerRevocationChecking(); +// else { +// Logger.warn("No TrustMangerRevoationChecking defined. Use default value = TRUE"); +// throw new ConfigurationException("config.02", null); +// } +// } +// +// private static AuthComponentGeneral getAuthComponentGeneral() throws ConfigurationException { +// AuthComponentGeneral authgeneral = moaidconfig.getAuthComponentGeneral(); +// if (authgeneral == null) { +// Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration found"); +// throw new ConfigurationException("config.02", null); +// } +// return authgeneral; +// } +// +// private static MOASP getMOASPConfig(AuthComponentGeneral authgeneral) throws ConfigurationException { +// MOASP moasp = authgeneral.getMOASP(); // -// return null; +// if (moasp == null) { +// Logger.warn("Error in MOA-ID Configuration. No MOASP configuration found"); +// throw new ConfigurationException("config.02", null); +// } +// return moasp; // } - - public String getSSOFriendlyName() { - if (ssoconfig!= null) { - if (MiscUtil.isNotEmpty(ssoconfig.getFriendlyName())) - return ssoconfig.getFriendlyName(); - } - - return "Default MOA-ID friendly name for SSO"; - } - - public String getSSOSpecialText() { - if (ssoconfig!= null) { - String text = ssoconfig.getSpecialText(); - if (MiscUtil.isEmpty(text)) - text = new String(); - - return text; - } - return new String(); - } - - public String getMOASessionEncryptionKey() { - - String prop = props.getProperty("configuration.moasession.key"); - if (MiscUtil.isEmpty(prop)) - return null; - else - return prop; - } - - /** - * @return - */ - public String getMOAConfigurationEncryptionKey() { - String prop = props.getProperty("configuration.moaconfig.key"); - if (MiscUtil.isEmpty(prop)) - return null; - else - return prop; - } - - public boolean isIdentityLinkResigning() { - String prop = props.getProperty("configuration.resignidentitylink.active", "false"); - return Boolean.valueOf(prop); - } - - public String getIdentityLinkResigningKey() { - String prop = props.getProperty("configuration.resignidentitylink.keygroup"); - if (MiscUtil.isNotEmpty(prop)) - return prop; - else - return null; - } - - /** - * Checks if is fakeIdL is activated. - * - * @return true, if fake IdLs are available for stork - */ - public boolean isStorkFakeIdLActive() { - String prop = props.getProperty("stork.fakeIdL.active", "false"); - return Boolean.valueOf(prop); - } - - /** - * Gets the countries which will receive a fake IdL - * - * @return the countries - */ - public List getStorkFakeIdLCountries() { - String prop = props.getProperty("stork.fakeIdL.countries", ""); - return Arrays.asList(prop.replaceAll(" ", "").split(",")); - } - - /** - * Gets the resigning key (group) for the stork fake IdL. - * - * @return the resigning key - */ - public String getStorkFakeIdLResigningKey() { - String prop = props.getProperty("stork.fakeIdL.keygroup"); - if (MiscUtil.isNotEmpty(prop)) - return prop; - else - return null; - } - - /** - * Gets the countries for which it is configured to require no signature - * - * @return the stork no signature countries - */ - public List getStorkNoSignatureCountries() { - String prop = props.getProperty("stork.fakeIdL.noSignatureCountries", ""); - return Arrays.asList(prop.replaceAll(" ", "").split(",")); - } - - @JsonProperty("isMonitoringActive") - public boolean isMonitoringActive() { - String prop = props.getProperty("configuration.monitoring.active", "false"); - return Boolean.valueOf(prop); - } - - public String getMonitoringTestIdentityLinkURL() { - String prop = props.getProperty("configuration.monitoring.test.identitylink.url"); - if (MiscUtil.isNotEmpty(prop)) - return prop; - else - return null; - } - - public String getMonitoringMessageSuccess() { - String prop = props.getProperty("configuration.monitoring.message.success"); - if (MiscUtil.isNotEmpty(prop)) - return prop; - else - return null; - } - - public boolean isAdvancedLoggingActive() { - String prop = props.getProperty("configuration.advancedlogging.active", "false"); - return Boolean.valueOf(prop); - } - - public String getPublicURLPrefix() { - return publicURLPreFix; - } - - public boolean isPVP2AssertionEncryptionActive() { - String prop = props.getProperty("protocols.pvp2.assertion.encryption.active", "true"); - return Boolean.valueOf(prop); - } - - public boolean isCertifiacteQCActive() { - String prop = props.getProperty("configuration.validation.certificate.QC.ignore", "false"); - return !Boolean.valueOf(prop); - } - - - //Load document service url from moa properties - public String getDocumentServiceUrl() { - String prop = props.getProperty("stork.documentservice.url", "false"); - return prop; - } - - - public boolean isPVPSchemaValidationActive() { - String prop = props.getProperty("protocols.pvp2.schemavalidation", "true"); - return Boolean.valueOf(prop); - } - - /** - * Returns the STORK Configuration - * @return STORK Configuration - * @throws ConfigurationException - */ - public STORKConfig getStorkConfig() throws ConfigurationException { - - return storkconfig; - } - - /** - * @return the eGovUtilsConfig - */ -@JsonIgnore -public EgovUtilPropertiesConfiguration geteGovUtilsConfig() { - return eGovUtilsConfig; -} - -private void setCertStoreDirectory() throws ConfigurationException { - AuthComponentGeneral auth = getAuthComponentGeneral(); - - if (auth.getGeneralConfiguration() != null) - certstoreDirectory = rootConfigFileDir + auth.getGeneralConfiguration().getCertStoreDirectory(); - else { - Logger.warn("Error in MOA-ID Configuration. No CertStoreDirectory defined."); - throw new ConfigurationException("config.02", null); - } - } - - private void setTrustManagerRevocationChecking() throws ConfigurationException { - AuthComponentGeneral auth = getAuthComponentGeneral(); - - if (auth.getGeneralConfiguration() != null && - auth.getGeneralConfiguration().isTrustManagerRevocationChecking() != null) - trustmanagerrevoationchecking = auth.getGeneralConfiguration().isTrustManagerRevocationChecking(); - else { - Logger.warn("No TrustMangerRevoationChecking defined. Use default value = TRUE"); - throw new ConfigurationException("config.02", null); - } - } - - private static AuthComponentGeneral getAuthComponentGeneral() throws ConfigurationException { - AuthComponentGeneral authgeneral = moaidconfig.getAuthComponentGeneral(); - if (authgeneral == null) { - Logger.warn("Error in MOA-ID Configuration. No generalAuthConfiguration found"); - throw new ConfigurationException("config.02", null); - } - return authgeneral; - } - - private static MOASP getMOASPConfig(AuthComponentGeneral authgeneral) throws ConfigurationException { - MOASP moasp = authgeneral.getMOASP(); - - if (moasp == null) { - Logger.warn("Error in MOA-ID Configuration. No MOASP configuration found"); - throw new ConfigurationException("config.02", null); - } - return moasp; - } - -/* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getConfigurationWithPrefix(java.lang.String) - */ -@Override -public Properties getConfigurationWithPrefix(String Prefix) { - // TODO Auto-generated method stub - return null; -} - -/* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getConfigurationWithKey(java.lang.String) - */ -@Override -public String getConfigurationWithKey(String key) { - // TODO Auto-generated method stub - return null; -} - -} +// +///* (non-Javadoc) +// * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getConfigurationWithPrefix(java.lang.String) +// */ +//@Override +//public Properties getConfigurationWithPrefix(String Prefix) { +// // TODO Auto-generated method stub +// return null; +//} +// +///* (non-Javadoc) +// * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getConfigurationWithKey(java.lang.String) +// */ +//@Override +//public String getConfigurationWithKey(String key) { +// // TODO Auto-generated method stub +// return null; +//} +// +//} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java index c336eb316..6bf9388dc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java @@ -23,16 +23,14 @@ package at.gv.egovernment.moa.id.config.auth; import java.security.PrivateKey; +import java.util.Collection; import java.util.List; import java.util.Map; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; -import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; -import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters; +import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.config.stork.CPEPS; +import at.gv.egovernment.moa.id.config.stork.StorkAttribute; +import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; /** * @author tlenz @@ -45,13 +43,33 @@ public interface IOAAuthParameters { public static final String LOCALBKU = "local"; public static final String INDERFEDERATEDIDP = "interfederated"; + /** + * Get the full key/value configuration for this online application + * + * @return an unmodifiable map of key/value pairs + */ + public Map getFullConfiguration(); + + /** + * Get a configuration value from online application key/value configuration + * + * @param key: The key identifier of a configuration value * + * @return The configuration value {String} or null if the key does not exist + */ + public String getConfigurationValue(String key); + + public String getFriendlyName(); public String getPublicURLPrefix(); + + public String getOaType(); public boolean getBusinessService(); public String getTarget(); + public String getTargetFriendlyName(); + public boolean isInderfederationIDP(); public boolean isSTORKPVPGateway(); @@ -66,34 +84,46 @@ public interface IOAAuthParameters { */ public String getKeyBoxIdentifier(); + public SAML1ConfigurationParameters getSAML1Parameter(); + /** - * @return the transformsInfos + * Get a list of online application specific trusted security layer templates + * + * @return a {List} with template URLs, maybe empty but never null */ - public List getTransformsInfos(); - - public OASAML1 getSAML1Parameter(); - - public OAPVP2 getPVP2Parameter(); + public List getTemplateURL(); + /** - * @return the templateURL + * Return the additional AuthBlock text for this online application + * + * @return authblock text {String} or null if no text is configured */ - public List getTemplateURL(); - public String getAditionalAuthBlockText(); + /** + * Return an online application specific BKU URL for a requested BKU type + * + * @param bkutype: defines the type of BKU + * @return BKU URL {String} or null if no BKU URL is configured + */ public String getBKUURL(String bkutype); + /** + * Return a list of all configured BKU URLs for this online application + * + * @return List of BKU URLs or an empty list if no BKU is configured + */ public List getBKUURL(); public boolean useSSO(); public boolean useSSOQuestion(); - public String getSingleLogOutURL(); - /** - * @return the mandateProfiles + * Return all mandate-profile types configured for this online application + * + * @return the mandateProfiles {List} or null if no profile is defined */ public List getMandateProfiles(); @@ -117,20 +147,25 @@ public interface IOAAuthParameters { public Integer getQaaLevel(); - /** - * @return the requestedAttributes - */ - public List getRequestedAttributes(); - public boolean isRequireConsentForStorkAttributes(); - public List getStorkAPs(); + /** + * Return a {Collection} of requested STORK attributes + * + * @return {Collection} maybe empty but never null + */ + public Collection getRequestedSTORKAttributes(); public byte[] getBKUSelectionTemplate(); public byte[] getSendAssertionTemplate(); - public List getPepsList(); + /** + * Return a {Collection} of configured STORK CPEPS + * + * @return {Collection} maybe empty but never null + */ + public Collection getPepsList(); public String getIDPAttributQueryServiceURL(); @@ -164,5 +199,12 @@ public interface IOAAuthParameters { * @return */ boolean isPerformLocalAuthenticationOnInterfederationError(); + + /** + * Get a {Collection} of configured STORK attribute provider plug-ins + * + * @return {Collection} maybe empty but never null + */ + public Collection getStorkAPs(); } \ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 933dddb31..dfe4a7448 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -49,134 +49,196 @@ package at.gv.egovernment.moa.id.config.auth; import java.io.IOException; import java.security.PrivateKey; import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Set; import org.apache.commons.lang.SerializationUtils; import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; -import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; -import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType; -import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; -import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; -import at.gv.egovernment.moa.id.commons.db.dao.config.InterfederationGatewayType; -import at.gv.egovernment.moa.id.commons.db.dao.config.InterfederationIDPType; -import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; -import at.gv.egovernment.moa.id.commons.db.dao.config.MandatesProfileNameItem; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; -import at.gv.egovernment.moa.id.commons.db.dao.config.TestCredentials; -import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; -import at.gv.egovernment.moa.id.config.ConfigurationUtils; -import at.gv.egovernment.moa.id.config.OAParameter; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; +import at.gv.egovernment.moa.id.commons.validation.TargetValidator; +import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.data.BPKDecryptionParameters; +import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; +import at.gv.egovernment.moa.id.config.stork.CPEPS; +import at.gv.egovernment.moa.id.config.stork.STORKConfig; +import at.gv.egovernment.moa.id.config.stork.StorkAttribute; +import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; import at.gv.egovernment.moa.id.data.EncryptedData; import at.gv.egovernment.moa.id.util.ConfigurationEncrytionUtil; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; + + /** * Configuration parameters belonging to an online application, * to use with the MOA ID Auth component. * - * @author Stefan Knirsch - * @version $Id$ + * @author Thomas Lenz */ -/** - * - * - * @author Harald Bratko - */ -public class OAAuthParameter extends OAParameter implements IOAAuthParameters { - - private AuthComponentOA oa_auth; - private String keyBoxIdentifier; - private InterfederationIDPType inderfederatedIDP = null; - private InterfederationGatewayType interfederatedGateway = null; +public class OAAuthParameter implements IOAAuthParameters { - public OAAuthParameter(OnlineApplication oa) { - super(oa); + final public static String DEFAULT_KEYBOXIDENTIFIER = "SECURE_SIGNATURE_KEYPAIR"; - this.oa_auth = oa.getAuthComponentOA(); + private Map oaConfiguration; - this.keyBoxIdentifier = oa.getKeyBoxIdentifier().value(); - this.inderfederatedIDP = oa.getInterfederationIDP(); - - this.interfederatedGateway = oa.getInterfederationGateway(); + public OAAuthParameter(final Map oa) { + this.oaConfiguration = oa; } + public Map getFullConfiguration() { + return Collections.unmodifiableMap(this.oaConfiguration); + } + + public String getConfigurationValue(String key) { + return this.oaConfiguration.get(key); + } + + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getIdentityLinkDomainIdentifier() */ @Override public String getIdentityLinkDomainIdentifier() { + String type = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE); + if (MiscUtil.isNotEmpty(type) && MiscUtil.isNotEmpty(value)) { + if (MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK.equals(type)) { + return MOAIDConfigurationConstants.PREFIX_STORK + "AT" + "+" + value; + + } else { + return MOAIDConfigurationConstants.PREFIX_WPBK + type + "+" + value; + + } + } - IdentificationNumber idnumber = oa_auth.getIdentificationNumber(); - if (idnumber != null) - return idnumber.getValue(); - return null; } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getKeyBoxIdentifier() + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getIdentityLinkDomainIdentifierType() */ @Override -public String getKeyBoxIdentifier() { +public String getIdentityLinkDomainIdentifierType() { + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE); + if (MiscUtil.isNotEmpty(value)) + return MOAIDConfigurationConstants.BUSINESSSERVICENAMES.get(value); - return keyBoxIdentifier; + else + return null; +} + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTarget() + */ +@Override +public String getTarget() { + if (Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN))) + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET); + + else { + if (Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_SUB))) { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET) + + "-" + + oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB); + + } else { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET); + } + } } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTransformsInfos() + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTargetFriendlyName() */ @Override -public List getTransformsInfos() { +public String getTargetFriendlyName() { + if (Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN))) + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME); + + else + return TargetValidator.getTargetFriendlyName(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET)); + +} + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getKeyBoxIdentifier() + */ +@Override +public String getKeyBoxIdentifier() { + String keyBoxId = oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_KEYBOXIDENTIFIER); + if (MiscUtil.isNotEmpty(keyBoxId)) + return keyBoxId; + else + return DEFAULT_KEYBOXIDENTIFIER; - List transformations = oa_auth.getTransformsInfo(); - return ConfigurationUtils.getTransformInfos(transformations); } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getSAML1Parameter() */ @Override - public OASAML1 getSAML1Parameter() { - return oa_auth.getOASAML1(); - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPVP2Parameter() - */ - @Override - public OAPVP2 getPVP2Parameter() { - return oa_auth.getOAPVP2(); + public SAML1ConfigurationParameters getSAML1Parameter() { + SAML1ConfigurationParameters returnValue = new SAML1ConfigurationParameters(); + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED)) + returnValue.setActive( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_ENABLED))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK)) + returnValue.setProvideAuthBlock( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_AUTHBLOCK))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL)) + returnValue.setProvideIdl( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_IDL))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID)) + returnValue.setProvideBaseId( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE)) + returnValue.setProvideCertificate( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_CERTIFICATE))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE)) + returnValue.setProvideMandate( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_MANDATE))); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR)) + returnValue.setProvideAllErrors( + Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_RETURNERROR))); + + return returnValue; } - + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTemplateURL() */ @Override - public List getTemplateURL() { - TemplatesType templates = oa_auth.getTemplates(); - - if (templates != null) { - if (templates.getTemplate() != null) { - return templates.getTemplate(); - } - } - return null; + public List getTemplateURL() { + List list = new ArrayList(); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE)); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE)); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE)); + + return list; } /* (non-Javadoc) @@ -184,12 +246,8 @@ public List getTransformsInfos() { */ @Override public String getAditionalAuthBlockText() { - TemplatesType templates = oa_auth.getTemplates(); - - if (templates != null) { - return templates.getAditionalAuthBlockText(); - } - return null; + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT); + } /* (non-Javadoc) @@ -197,16 +255,17 @@ public List getTransformsInfos() { */ @Override public String getBKUURL(String bkutype) { - BKUURLS bkuurls = oa_auth.getBKUURLS(); - if (bkuurls != null) { - if (bkutype.equals(ONLINEBKU)) - return bkuurls.getOnlineBKU(); - else if (bkutype.equals(HANDYBKU)) - return bkuurls.getHandyBKU(); - else if (bkutype.equals(LOCALBKU)) - return bkuurls.getLocalBKU(); + if (bkutype.equals(ONLINEBKU)) { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE); + + } else if (bkutype.equals(HANDYBKU)) { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY); + + } else if (bkutype.equals(LOCALBKU)) { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL); } + Logger.warn("BKU Type does not match: " + ONLINEBKU + " or " + HANDYBKU + " or " + LOCALBKU); return null; @@ -216,19 +275,18 @@ public List getTransformsInfos() { * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBKUURL() */ @Override - public List getBKUURL() { - BKUURLS bkuurls = oa_auth.getBKUURLS(); - + public List getBKUURL() { List list = new ArrayList(); - if (bkuurls == null) { - Logger.warn("BKU Type does not match: " - + ONLINEBKU + " or " + HANDYBKU + " or " + LOCALBKU); - } else { - list.add(bkuurls.getOnlineBKU()); - list.add(bkuurls.getHandyBKU()); - list.add(bkuurls.getLocalBKU()); - } + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE)); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY)); + + if (oaConfiguration.containsKey(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL)) + list.add(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL)); + return list; } @@ -238,11 +296,14 @@ public List getTransformsInfos() { */ @Override public boolean useSSO() { - OASSO sso = oa_auth.getOASSO(); - if (sso != null) - return sso.isUseSSO(); - else + try { + return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_ENABLED)); + + } catch (Exception e) { + Logger.warn("Use SSO configuration parameter is not parseable.", e); return false; + } + } /* (non-Javadoc) @@ -250,86 +311,48 @@ public List getTransformsInfos() { */ @Override public boolean useSSOQuestion() { - OASSO sso = oa_auth.getOASSO(); - if (sso != null) - return sso.isAuthDataFrame(); - else + try { + return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_USERREQUEST)); + + } catch (Exception e) { + Logger.warn("SSO user question configuration parameter is not parseable.", e); return true; - + } } - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getSingleLogOutURL() - */ - @Override - public String getSingleLogOutURL() { - OASSO sso = oa_auth.getOASSO(); - if (sso != null) - return sso.getSingleLogOutURL(); - else - return null; - } - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getMandateProfiles() */ @Override public List getMandateProfiles() { + String profileConfig = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_PROFILES); + + if (MiscUtil.isNotEmpty(profileConfig)) { + List list = new ArrayList(); + String profilesArray[] = profileConfig.split(","); + for(int i = 0; i < profilesArray.length; i++) { + list.add(profilesArray[i].trim()); + + } + return list; + + } - Mandates mandates = oa_auth.getMandates(); - - List list = new ArrayList(); - - if (mandates != null) { - String oldProfilList = mandates.getProfiles(); - - List profileList = mandates.getProfileNameItems(); - for (MandatesProfileNameItem el : profileList) { - list.add(el.getItem()); - - } - - //only for RC1 - if (MiscUtil.isNotEmpty(oldProfilList)) { - String profilesArray[] = oldProfilList.split(","); - for(int i = 0; i < profilesArray.length; i++) { - list.add(profilesArray[i].trim()); - } - } - - return list; - - } else - return null; -} - -/* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getIdentityLinkDomainIdentifierType() - */ -@Override -public String getIdentityLinkDomainIdentifierType() { - IdentificationNumber idnumber = oa_auth.getIdentificationNumber(); - if (idnumber != null) - return idnumber.getType(); - return null; } - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isShowMandateCheckBox() */ @Override public boolean isShowMandateCheckBox() { - TemplatesType templates = oa_auth.getTemplates(); - if (templates != null) { - BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization(); - if (bkuselection != null) { - if (bkuselection.isMandateLoginButton() != null) - return bkuselection.isMandateLoginButton(); - } + try { + return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_USE)); + + } catch (Exception e) { + Logger.warn("Enable mandates configuration parameter is not parseable.", e); + return true; } - return true; } /* (non-Javadoc) @@ -337,15 +360,13 @@ public boolean isShowMandateCheckBox() { */ @Override public boolean isOnlyMandateAllowed() { - TemplatesType templates = oa_auth.getTemplates(); - if (templates != null) { - BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization(); - if (bkuselection != null) { - if (bkuselection.isOnlyMandateLoginAllowed() != null) - return bkuselection.isOnlyMandateLoginAllowed(); - } + try { + return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_ONLY)); + + } catch (Exception e) { + Logger.warn("Use ONLY mandates configuration parameter is not parseable.", e); + return false; } - return false; } /* (non-Javadoc) @@ -354,9 +375,10 @@ public boolean isOnlyMandateAllowed() { @Override public boolean isShowStorkLogin() { try { - return oa_auth.getOASTORK().isStorkLogonEnabled(); - - } catch (NullPointerException e) { + return Boolean.valueOf(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ENABLED)); + + } catch (Exception e) { + Logger.warn("Enable STORK login configuration parameter is not parseable.", e); return false; } } @@ -365,54 +387,46 @@ public boolean isOnlyMandateAllowed() { * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFormCustomizaten() */ @Override -public Map getFormCustomizaten() { - TemplatesType templates = oa_auth.getTemplates(); - +public Map getFormCustomizaten() { Map map = new HashMap(); map.putAll(FormBuildUtils.getDefaultMap()); - if (templates != null) { - BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization(); - if (bkuselection != null) { - if (MiscUtil.isNotEmpty(bkuselection.getBackGroundColor())) - map.put(FormBuildUtils.MAIN_BACKGROUNDCOLOR, bkuselection.getBackGroundColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getButtonBackGroundColor())) - map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR, bkuselection.getButtonBackGroundColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getButtonBackGroundColorFocus())) - map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR_FOCUS, bkuselection.getButtonBackGroundColorFocus()); - - if (MiscUtil.isNotEmpty(bkuselection.getButtonFontColor())) - map.put(FormBuildUtils.BUTTON_COLOR, bkuselection.getButtonFontColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getFontType())) - map.put(FormBuildUtils.FONTFAMILY, bkuselection.getFontType()); - - if (MiscUtil.isNotEmpty(bkuselection.getFrontColor())) - map.put(FormBuildUtils.MAIN_COLOR, bkuselection.getFrontColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getHeaderBackGroundColor())) - map.put(FormBuildUtils.HEADER_BACKGROUNDCOLOR, bkuselection.getHeaderBackGroundColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getHeaderFrontColor())) - map.put(FormBuildUtils.HEADER_COLOR, bkuselection.getHeaderFrontColor()); - - if (MiscUtil.isNotEmpty(bkuselection.getHeaderText())) - map.put(FormBuildUtils.HEADER_TEXT, bkuselection.getHeaderText()); - - if (MiscUtil.isNotEmpty(bkuselection.getAppletRedirectTarget())) - map.put(FormBuildUtils.REDIRECTTARGET, bkuselection.getAppletRedirectTarget()); - - if (MiscUtil.isNotEmpty(bkuselection.getAppletHeight())) - map.put(FormBuildUtils.APPLET_HEIGHT, bkuselection.getAppletHeight()); - - if (MiscUtil.isNotEmpty(bkuselection.getAppletWidth())) - map.put(FormBuildUtils.APPLET_WIDTH, bkuselection.getAppletWidth()); - - } - } + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR))) + map.put(FormBuildUtils.MAIN_BACKGROUNDCOLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR))) + map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS))) + map.put(FormBuildUtils.BUTTON_BACKGROUNDCOLOR_FOCUS, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR))) + map.put(FormBuildUtils.BUTTON_COLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR)); + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE))) + map.put(FormBuildUtils.FONTFAMILY, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR))) + map.put(FormBuildUtils.MAIN_COLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR))) + map.put(FormBuildUtils.HEADER_BACKGROUNDCOLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR))) + map.put(FormBuildUtils.HEADER_COLOR, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT))) + map.put(FormBuildUtils.HEADER_TEXT, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET))) + map.put(FormBuildUtils.REDIRECTTARGET, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT))) + map.put(FormBuildUtils.APPLET_HEIGHT, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT)); + + if (MiscUtil.isNotEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH))) + map.put(FormBuildUtils.APPLET_WIDTH, oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH)); + return map; } @@ -421,21 +435,75 @@ public Map getFormCustomizaten() { */ @Override public Integer getQaaLevel() { - if (oa_auth.getOASTORK() != null && - oa_auth.getOASTORK().getQaa() != null && - oa_auth.getOASTORK().getQaa() >= 1 && - oa_auth.getOASTORK().getQaa() <= 4) - return oa_auth.getOASTORK().getQaa(); - else + try { + Integer storkQAALevel = Integer.parseInt(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL)); + + if (storkQAALevel >= 1 && + storkQAALevel <= 4) + return storkQAALevel; + + else { + Logger.info("STORK minimal QAA level is not in a valid range. Use minimal QAA 4"); + return 4; + + } + + } catch (NumberFormatException e) { + Logger.warn("STORK minimal QAA level is not a number.", e); return 4; + + } } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getRequestedAttributes() */ @Override -public List getRequestedAttributes() { - return oa_auth.getOASTORK().getOAAttributes(); +public Collection getRequestedSTORKAttributes() { + Map attrMap = new HashMap(); + Map resultMap = new HashMap(); + + Set configKeys = oaConfiguration.keySet(); + for (String el : configKeys) { + if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST); + if (!attrMap.containsKey(index)) { + String isRequested = oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED); + + if (MiscUtil.isNotEmpty(isRequested) && Boolean.parseBoolean(isRequested)) { + StorkAttribute attr = new StorkAttribute( + oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME), + Boolean.valueOf(oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY))); + attrMap.put(index, 0); + resultMap.put(attr.getName(), attr); + } + } + } + } + + //add mandatory attributes from general config + try { + for (StorkAttribute el : AuthConfigurationProviderFactory.getInstance().getStorkConfig().getStorkAttributes()) { + if (el.getMandatory()) + resultMap.put(el.getName(), el); + + } + + } catch (Exception e) { + Logger.warn("Mandatory STORK attributes can not added.", e); + + } + + return resultMap.values(); } /* (non-Javadoc) @@ -446,12 +514,17 @@ public boolean isRequireConsentForStorkAttributes() { try{ if (isSTORKPVPGateway()) return false; + + if (MiscUtil.isEmpty(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT))) { + Logger.info("isRequireConsentForStorkAttributes() is empty, returning default value 'true'"); + return true; + + } - return oa_auth.getOASTORK().isRequireConsent(); + return Boolean.parseBoolean(oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_REQUIRECONSENT)); }catch(Exception e) { - e.printStackTrace(); - Logger.warn("isRequireConsentForStorkAttributes() failed, returning default value 'true'"); + Logger.warn("isRequireConsentForStorkAttributes() failed, returning default value 'true'", e); return true; } } @@ -460,14 +533,32 @@ public boolean isRequireConsentForStorkAttributes() { * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getStorkAPs() */ @Override -public List getStorkAPs() { - if (oa_auth.getOASTORK() != null && - oa_auth.getOASTORK().getAttributeProviders() != null) - return oa_auth.getOASTORK().getAttributeProviders(); - - else - return new ArrayList(); - +public Collection getStorkAPs() { + Map pluginMap = new HashMap(); + Set configKeys = oaConfiguration.keySet(); + for (String el : configKeys) { + if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST); + if (!pluginMap.containsKey(index)) { + StorkAttributeProviderPlugin attr = new StorkAttributeProviderPlugin( + oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME), + oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL), + oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES)); + pluginMap.put(index, attr); + } + } + } + + return pluginMap.values(); } /* (non-Javadoc) @@ -475,11 +566,16 @@ public List getStorkAPs() { */ @Override public byte[] getBKUSelectionTemplate() { - - TemplatesType templates = oa_auth.getTemplates(); - if (templates != null && templates.getBKUSelectionTemplate() != null) { - return templates.getBKUSelectionTemplate().getTransformation(); - + try { + String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION); + if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) { + return Base64Utils.decode(bkuSelectionTemplateBase64, false); + + } + + } catch (Exception e) { + Logger.warn("OA specific BKU selection template is not decodeable", e); + } return null; @@ -490,11 +586,16 @@ public byte[] getBKUSelectionTemplate() { */ @Override public byte[] getSendAssertionTemplate() { - - TemplatesType templates = oa_auth.getTemplates(); - if (templates != null && templates.getSendAssertionTemplate() != null) { - return templates.getSendAssertionTemplate().getTransformation(); - + try { + String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION); + if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) { + return Base64Utils.decode(bkuSelectionTemplateBase64, false); + + } + + } catch (Exception e) { + Logger.warn("OA specific BKU selection template is not decodeable", e); + } return null; @@ -504,8 +605,41 @@ public byte[] getSendAssertionTemplate() { * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPepsList() */ @Override -public List getPepsList() { - return new ArrayList(oa_auth.getOASTORK().getCPEPS()); +public Collection getPepsList() { + Map cPEPSMap = new HashMap(); + try { + STORKConfig availableSTORKConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig(); + if (availableSTORKConfig != null) { + Set configKeys = oaConfiguration.keySet(); + + for (String el : configKeys) { + if (el.startsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST)) { + String index = KeyValueUtils.getFirstChildAfterPrefix(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST); + if (!cPEPSMap.containsKey(index)) { + if (Boolean.parseBoolean(oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED))) { + CPEPS availableCPEPS = availableSTORKConfig.getCPEPS( + oaConfiguration.get( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + index + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE)); + + if (availableCPEPS != null) + cPEPSMap.put(index, availableCPEPS); + } + } + } + } + } + + } catch (ConfigurationException e) { + Logger.error("MOA-ID configuration is not accessable.", e); + + } + + return cPEPSMap.values(); } /* (non-Javadoc) @@ -513,52 +647,53 @@ public List getPepsList() { */ @Override public String getIDPAttributQueryServiceURL() { - if (inderfederatedIDP != null) - return inderfederatedIDP.getAttributeQueryURL(); - - else - return null; - + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL); + } @Override public boolean isInboundSSOInterfederationAllowed() { - if (inderfederatedIDP != null) - return inderfederatedIDP.isInboundSSO(); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_INBOUND); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else return false; } @Override public boolean isOutboundSSOInterfederationAllowed() { - if (inderfederatedIDP != null) - return inderfederatedIDP.isOutboundSSO(); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_OUTBOUND); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else return false; } @Override public boolean isPassivRequestUsedForInterfederation() { - if (inderfederatedIDP != null) - return inderfederatedIDP.isPerformPassivRequest().booleanValue(); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_PASSIVEREQUEST); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else - return false; + return false; } @Override public boolean isPerformLocalAuthenticationOnInterfederationError() { - if (inderfederatedIDP != null) - return inderfederatedIDP.isPerformLocalAuthenticationOnError().booleanValue(); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_LOCALAUTHONERROR); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else return false; } @Override public boolean isInterfederationSSOStorageAllowed() { - if (inderfederatedIDP != null) - return inderfederatedIDP.isStoreSSOSession().booleanValue(); + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_STORE); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else - return false; + return false; } public boolean isIDPPublicService() { @@ -568,11 +703,7 @@ public boolean isIDPPublicService() { public String getSTORKPVPForwardEntity() { - if (interfederatedGateway != null) { - return interfederatedGateway.getForwardIDPIdentifier(); - - } else - return null; + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER); } @@ -581,11 +712,11 @@ public String getSTORKPVPForwardEntity() { */ @Override public boolean isTestCredentialEnabled() { - TestCredentials testing = oa_auth.getTestCredentials(); - if (testing != null && testing.isEnableTestCredentials()) - return true; + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); else - return false; + return false; } @@ -594,10 +725,17 @@ public boolean isTestCredentialEnabled() { */ @Override public List getTestCredentialOIDs() { - TestCredentials testing = oa_auth.getTestCredentials(); - if (testing != null && testing.getCredentialOID().size() > 0) - return testing.getCredentialOID(); - else + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED); + if (MiscUtil.isNotEmpty(value)) { + List list = new ArrayList(); + String profilesArray[] = value.split(","); + for(int i = 0; i < profilesArray.length; i++) { + list.add(profilesArray[i].trim()); + + } + return list; + + } else return null; } @@ -610,8 +748,11 @@ public PrivateKey getBPKDecBpkDecryptionKey() { try { EncryptedData encdata = new EncryptedData( - oa_auth.getEncBPKInformation().getBPKDecryption().getKeyInformation(), - oa_auth.getEncBPKInformation().getBPKDecryption().getIv()); + Base64Utils.decode( + oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_BLOB), false), + Base64Utils.decode( + oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_FOREIGNBPK_DECRYPT_IV), false)); + byte[] serializedData = ConfigurationEncrytionUtil.getInstance().decrypt(encdata); BPKDecryptionParameters data = (BPKDecryptionParameters) SerializationUtils.deserialize(serializedData); @@ -619,15 +760,96 @@ public PrivateKey getBPKDecBpkDecryptionKey() { return data.getPrivateKey(); } catch (BuildException e) { - // TODO Auto-generated catch block Logger.error("Can not decrypt key information for bPK decryption", e); } catch (NullPointerException e) { Logger.error("No keyInformation found for bPK decryption"); - } + } catch (IOException e) { + Logger.error("Can not decode key information for bPK decryption.", e); + } + return null; } + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPublicURLPrefix() + */ +@Override +public String getPublicURLPrefix() { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); +} + + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBusinessService() + */ +@Override +public boolean getBusinessService() { + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); + else + return true; +} + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isInderfederationIDP() + */ +@Override +public boolean isInderfederationIDP() { + String value = oaConfiguration.get(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); + return MOAIDConfigurationConstants.PREFIX_IIDP.equals(value); + +} + + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isSTORKPVPGateway() + */ +@Override +public boolean isSTORKPVPGateway() { + String value = oaConfiguration.get(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); + return MOAIDConfigurationConstants.PREFIX_GATEWAY.equals(value); +} + + + + + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFriendlyName() + */ +@Override +public String getFriendlyName() { + return oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME); +} + + +/* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getOaType() + */ +@Override +public String getOaType() { + if (getBusinessService()) + return "businessService"; + else + return "publicService"; +} + + +/** + * + * @return true/false if bPK or wbPK should not be visible in AuthBlock + */ +public boolean isRemovePBKFromAuthBlock() { + String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK); + if (MiscUtil.isNotEmpty(value)) + return Boolean.parseBoolean(value); + else + return false; +} + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index 2cd14e607..60ae3882e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -9,41 +9,22 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Collection; import java.util.Collections; -import java.util.Date; +import java.util.HashMap; import java.util.List; +import java.util.Map; import java.util.Properties; import org.springframework.beans.factory.annotation.Autowired; - -import com.fasterxml.jackson.annotation.JsonIgnore; +import org.springframework.beans.factory.config.AutowireCapableBeanFactory; +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; -import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; -import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; -import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; -import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; -import at.gv.egovernment.moa.id.commons.db.dao.config.ForeignIdentities; -import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentityLinkSigners; -import at.gv.egovernment.moa.id.commons.db.dao.config.LegacyAllowed; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; -import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; -import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1; -import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; -import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; -import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; import at.gv.egovernment.moa.id.commons.db.dao.config.TimeOuts; -import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; -import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl; import at.gv.egovernment.moa.id.config.ConfigurationUtils; import at.gv.egovernment.moa.id.config.ConnectionParameter; @@ -54,10 +35,8 @@ import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; -import at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import at.gv.util.config.EgovUtilPropertiesConfiguration; /** * A class providing access to the Auth Part of the MOA-ID configuration data. @@ -68,12 +47,11 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide private static final boolean TRUST_MANAGER_REVOCATION_CHECKING_DEFAULT = true; private MOAIDConfiguration configuration; - private final Properties properties = new Properties(); - private EgovUtilPropertiesConfiguration eGovUtilsConfig = null; - + private ApplicationContext context = null; public PropertyBasedAuthConfigurationProvider() { + } /** @@ -86,29 +64,39 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide File propertiesFile = new File(fileName); rootConfigFileDir = propertiesFile.getParent(); - try (FileInputStream in = new FileInputStream(propertiesFile);) { - properties.load(in); - - //read eGovUtils client configuration - Properties eGovUtilsConfigProp = new Properties(); - for (Object key : properties.keySet()) { - String propPrefix = "service."; - if (key.toString().startsWith(propPrefix+"egovutil")) { - String propertyName = key.toString().substring(propPrefix.length()); - eGovUtilsConfigProp.put(propertyName, properties.get(key.toString())); - } - } - if (!eGovUtilsConfigProp.isEmpty()) { - Logger.info("Start eGovUtils client implementation configuration ..."); - eGovUtilsConfig = - new EgovUtilPropertiesConfiguration(eGovUtilsConfigProp, rootConfigFileDir); - } - + System.getProperties().setProperty("location", "file:" + fileName); + context = new ClassPathXmlApplicationContext( + new String[] { "moaid.configuration.beans.xml", + "configuration.beans.xml" + }); + AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); + acbFactory.autowireBean(this); + + FileInputStream in = null; + try { + in = new FileInputStream(propertiesFile); + properties.load(in); + super.initial(properties); } catch (FileNotFoundException e) { throw new ConfigurationException("config.03", null, e); + } catch (IOException e) { throw new ConfigurationException("config.03", null, e); + + } catch (org.opensaml.xml.ConfigurationException e) { + Logger.error("OpenSAML initilalization FAILED. ", e); + throw new ConfigurationException("config.23", null, e); + + } finally { + if (in != null) + try { + in.close(); + + } catch (IOException e) { + Logger.warn("Close MOA-ID-Auth configuration file FAILED.", e); + + } } } @@ -147,17 +135,33 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertiesWithPrefix(java.lang.String) */ @Override - public Properties getConfigurationWithPrefix(String Prefix) { + public Map getConfigurationWithPrefix(String Prefix) { try { return configuration.getPropertySubset(Prefix); } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { Logger.warn("Loading property with Prefix " + Prefix + " FAILED.", e); - return new Properties(); + return new HashMap(); } } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertiesWithPrefix(java.lang.String) + */ + @Override + public Map getConfigurationWithWildCard(String key) { + try { + return configuration.searchPropertiesWithWildcard(key); + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.warn("Loading property with searchKey " + key + " FAILED.", e); + return new HashMap(); + + } + } + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getPropertyWithKey(java.lang.String) */ @@ -358,8 +362,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @return an OAAuthParameter, or null if none is applicable */ public OAAuthParameter getOnlineApplicationParameter(String oaURL) { - //TODO: update!!!!! - OnlineApplication oa = getActiveOnlineApplication(oaURL); + Map oa = getActiveOnlineApplication(oaURL); if (oa == null) { Logger.warn("Online application with identifier " + oaURL + " is not found."); return null; @@ -835,7 +838,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide public STORKConfig getStorkConfig() throws ConfigurationException { STORKConfig result = null; try { - Properties storkProps = configuration.getPropertySubset( + Map storkProps = configuration.getPropertySubset( MOAIDConfigurationConstants.GENERAL_AUTH_STORK); if (storkProps == null) { Logger.warn("Error in MOA-ID Configuration. No STORK configuration found."); @@ -975,50 +978,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide } } - /** - * Returns the default chaining mode or {@code null} if there is no chaining mode defined. - * - * @return the default chaining mode or {@code null} - */ - @Override - public String getDefaultChainingMode() { - return "pkix"; - } - - /** - * Returns a list of all {@link OnlineApplication}. - * - * @return list of all OnlineApplications - */ - public List getAllOnlineApplications() { - Logger.trace("Get all OnlineApplications from database."); - - return configuration.getList(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY, OnlineApplication.class); - } - - /** - * Returns a list of all active {@link OnlineApplication} or {@code null} if no active online application was found. - * - * @return list of all active OnlineApplications or {@code null}. - */ - public List getAllActiveOnlineApplications() { - Logger.debug("Get all new OnlineApplications from database."); - - List result = new ArrayList(); - List allOAs = getAllOnlineApplications(); - - for (OnlineApplication oa : nullGuard(allOAs)) { - if (oa.isIsActive()) { - result.add(oa); - } - } - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return result; - } - /** * Returns the active {@link OnlineApplication} with the given ID or {@code null} if either no matching online application is found or if the {@code id} * matches more than one entry. @@ -1026,26 +985,25 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @param id the id of the requested online application * @return the requested online application or {@code null} */ - public OnlineApplication getActiveOnlineApplication(String id) { - Logger.trace("Get active OnlineApplication with ID " + id + " from database."); - - OnlineApplication result = null; - List allActiveOAs = getAllActiveOnlineApplications(); - - for (OnlineApplication oa : nullGuard(allActiveOAs)) { - String publicUrlPrefix = oa.getPublicURLPrefix(); - if (publicUrlPrefix != null && publicUrlPrefix.length() <= id.length()) { - if ((id.substring(1, publicUrlPrefix.length()).equals(publicUrlPrefix))) { - if (result != null) { - Logger.warn("OAIdentifier matches more than one DB-entry!"); - return null; - } else { - result = oa; - } - } + public Map getActiveOnlineApplication(String id) { + Logger.trace("Get active OnlineApplication with ID " + id + " from database."); + try { + Map oaConfig = configuration.getOnlineApplication(id); + if (oaConfig != null) { + String isActiveString = oaConfig.get(MOAIDConfigurationConstants.SERVICE_ISACTIVE); + if (isActiveString != null && Boolean.valueOf(isActiveString)) + return oaConfig; + } - } - return result; + + + } catch (at.gv.egiz.components.configuration.api.ConfigurationException e) { + Logger.error("Error during OnlineApplication load operationen (oaId=." + + id + ")" , e); + + } + return null; + } //Load document service url from moa properties @@ -1093,12 +1051,14 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide return null; } - /** - * @return the eGovUtilsConfig - */ - @JsonIgnore - public EgovUtilPropertiesConfiguration geteGovUtilsConfig() { - return eGovUtilsConfig; - } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.AuthConfiguration#getStorkNoSignatureCountries() + */ + @Override + public List getStorkNoSignatureCountries() { + String prop = properties.getProperty("stork.fakeIdL.noSignatureCountries", ""); + return Arrays.asList(prop.replaceAll(" ", "").split(",")); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java index e576522bf..ac1470dc6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java @@ -23,27 +23,31 @@ package at.gv.egovernment.moa.id.config.auth.data; import java.security.PrivateKey; +import java.util.Collection; import java.util.List; import java.util.Map; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; -import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; -import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; +import at.gv.egovernment.moa.id.config.stork.StorkAttribute; +import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; /** * @author tlenz * */ -public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParameters { +public class DynamicOAAuthParameters implements IOAAuthParameters { + + private String publicURLPrefix; private String businessTarget; + private boolean businessService; + + private boolean isInderfederationIDP; + private String IDPQueryURL; + + private String target; /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTarget() @@ -78,29 +82,11 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam return null; } - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTransformsInfos() - */ - @Override - public List getTransformsInfos() { - // TODO Auto-generated method stub - return null; - } - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getSAML1Parameter() */ @Override - public OASAML1 getSAML1Parameter() { - // TODO Auto-generated method stub - return null; - } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPVP2Parameter() - */ - @Override - public OAPVP2 getPVP2Parameter() { + public SAML1ConfigurationParameters getSAML1Parameter() { // TODO Auto-generated method stub return null; } @@ -109,7 +95,7 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTemplateURL() */ @Override - public List getTemplateURL() { + public List getTemplateURL() { // TODO Auto-generated method stub return null; } @@ -159,15 +145,6 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam return false; } - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getSingleLogOutURL() - */ - @Override - public String getSingleLogOutURL() { - // TODO Auto-generated method stub - return null; - } - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getMandateProfiles() */ @@ -231,15 +208,6 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam return null; } - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getRequestedAttributes() - */ - @Override - public List getRequestedAttributes() { - // TODO Auto-generated method stub - return null; - } - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isRequireConsentForStorkAttributes() */ @@ -253,7 +221,7 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getStorkAPs() */ @Override - public List getStorkAPs() { + public Collection getStorkAPs() { // TODO Auto-generated method stub return null; } @@ -280,7 +248,7 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPepsList() */ @Override - public List getPepsList() { + public Collection getPepsList() { // TODO Auto-generated method stub return null; } @@ -398,4 +366,91 @@ public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParam // TODO Auto-generated method stub return false; } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFullConfiguration() + */ + @Override + public Map getFullConfiguration() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getConfigurationValue(java.lang.String) + */ + @Override + public String getConfigurationValue(String key) { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getFriendlyName() + */ + @Override + public String getFriendlyName() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPublicURLPrefix() + */ + @Override + public String getPublicURLPrefix() { + return this.publicURLPrefix; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getOaType() + */ + @Override + public String getOaType() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBusinessService() + */ + @Override + public boolean getBusinessService() { + return this.businessService; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTargetFriendlyName() + */ + @Override + public String getTargetFriendlyName() { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isInderfederationIDP() + */ + @Override + public boolean isInderfederationIDP() { + return this.isInderfederationIDP; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isSTORKPVPGateway() + */ + @Override + public boolean isSTORKPVPGateway() { + // TODO Auto-generated method stub + return false; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getRequestedSTORKAttributes() + */ + @Override + public Collection getRequestedSTORKAttributes() { + // TODO Auto-generated method stub + return null; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java index 3d4b53f7c..54156330f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java @@ -80,7 +80,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.data.IssuerAndSerial; import at.gv.egovernment.moa.logging.Logger; @@ -97,6 +96,15 @@ public class BuildFromLegacyConfig { private static final String SEARCHBKUTEMPLATE_HANDY = "https://www.handy-signatur.at"; private static final String SEARCHBKUTEMPLATE_ONLINE = "bkuonline/http-security-layer-request"; + public static final String AUTH_SESSION_TIMEOUT_PROPERTY = + "AuthenticationSession.TimeOut"; + /** + * The name of the generic configuration property giving the authentication data time out. + */ + public static final String AUTH_DATA_TIMEOUT_PROPERTY = + "AuthenticationData.TimeOut"; + + public static MOAIDConfiguration build(File fileName, String rootConfigFileDir, MOAIDConfiguration oldconfig) throws ConfigurationException { InputStream stream = null; Element configElem; @@ -163,13 +171,13 @@ public class BuildFromLegacyConfig { //Load Assertion and Session timeouts TimeOuts timeOuts = new TimeOuts(); - if (genericConfiguration.containsKey(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY)) - timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AuthConfigurationProvider.AUTH_DATA_TIMEOUT_PROPERTY)))); + if (genericConfiguration.containsKey(AUTH_DATA_TIMEOUT_PROPERTY)) + timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_DATA_TIMEOUT_PROPERTY)))); else timeOuts.setAssertion(BigInteger.valueOf(2*60)); //default 2min - if (genericConfiguration.containsKey(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY)) - timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AuthConfigurationProvider.AUTH_SESSION_TIMEOUT_PROPERTY)))); + if (genericConfiguration.containsKey(AUTH_SESSION_TIMEOUT_PROPERTY)) + timeOuts.setAssertion(BigInteger.valueOf(Long.valueOf((String)genericConfiguration.get(AUTH_SESSION_TIMEOUT_PROPERTY)))); else timeOuts.setAssertion(BigInteger.valueOf(30*60)); //default 30min diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java index 81caa13ee..c926e2b01 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java @@ -50,7 +50,7 @@ public class STORKConfig { /** STORK SAML signature creation parameters */ private Properties props = null; - private Map cpepsMap = null; + private Map cpepsMap = new HashMap(); private String basedirectory = null; private SignatureVerificationParameter sigverifyparam = null; private List attr = null; @@ -63,11 +63,11 @@ public class STORKConfig { //create CPEPS map List cpeps = new ArrayList(); - Properties storkCPEPSProps = + Map storkCPEPSProps = AuthConfigurationProviderFactory.getInstance().getConfigurationWithPrefix( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST); if (storkCPEPSProps != null) { - Set keyValues = storkCPEPSProps.keySet(); + Set keyValues = storkCPEPSProps.keySet(); for (Object elObj : keyValues) { if (elObj instanceof String) { String el = (String) elObj; @@ -76,14 +76,14 @@ public class STORKConfig { String listCounter = el.substring(0, index); try { CPEPS moacpep = - new CPEPS(storkCPEPSProps.getProperty(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY), - new URL(storkCPEPSProps.getProperty(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL)), - Boolean.valueOf(storkCPEPSProps.getProperty(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG))); + new CPEPS(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY), + new URL(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL)), + Boolean.valueOf(storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_SUPPORT_XMLDSIG))); cpepsMap.put(moacpep.getCountryCode(), moacpep); } catch (MalformedURLException e) { Logger.warn("CPEPS URL " + - storkCPEPSProps.getProperty(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL) + + storkCPEPSProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_URL) + " are not parseable.", e); } @@ -93,11 +93,11 @@ public class STORKConfig { } attr = new ArrayList(); - Properties storkAttributeProps = + Map storkAttributeProps = AuthConfigurationProviderFactory.getInstance().getConfigurationWithPrefix( MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST); if (storkAttributeProps != null) { - Set keyValues = storkAttributeProps.keySet(); + Set keyValues = storkAttributeProps.keySet(); for (Object elObj : keyValues) { if (elObj instanceof String) { String el = (String) elObj; @@ -105,8 +105,8 @@ public class STORKConfig { int index = el.indexOf("."); String listCounter = el.substring(0, index); StorkAttribute moaStorkAttr = - new StorkAttribute(storkAttributeProps.getProperty(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME), - Boolean.valueOf(storkAttributeProps.getProperty(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY))); + new StorkAttribute(storkAttributeProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME), + Boolean.valueOf(storkAttributeProps.get(listCounter + "." + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY))); attr.add(moaStorkAttr); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java index 4879942ae..03b5d98f9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java @@ -30,7 +30,7 @@ import javax.servlet.http.HttpServletRequest; import org.opensaml.saml2.core.Attribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -152,11 +152,10 @@ class OAuth20AuthRequest extends OAuth20BaseRequest { // check if client id and redirect uri are ok try { // OAOAUTH20 cannot be null at this point. check was done in base request - OAOAUTH20 oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()) - .getoAuth20Config(); - - if (!this.getClientID().equals(oAuthConfig.getOAuthClientId()) - || !this.getRedirectUri().equals(oAuthConfig.getOAuthRedirectUri())) { + OAAuthParameter oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()); + + if (!this.getClientID().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID)) + || !this.getRedirectUri().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) { throw new OAuth20AccessDeniedException(); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java index 9a7e44f70..844cfa815 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java @@ -31,7 +31,7 @@ import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang.StringEscapeUtils; import org.apache.commons.lang.StringUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -40,7 +40,6 @@ import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20InvalidRequestException; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20OANotSupportedException; -import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ServerErrorException; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; @@ -84,12 +83,9 @@ abstract class OAuth20BaseRequest extends RequestImpl { } this.setTarget(oaParam.getTarget()); - OAOAUTH20 config = oaParam.getoAuth20Config(); - if (config == null) { - throw new OAuth20InvalidRequestException(); - } - if (StringUtils.isEmpty(config.getOAuthClientSecret()) || StringUtils.isEmpty(config.getOAuthClientId()) - || StringUtils.isEmpty(config.getOAuthRedirectUri())) { + if (StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET)) + || StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID)) + || StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) { throw new OAuth20OANotSupportedException(); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java index 5cb5108ed..1b6d93fdd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java @@ -28,9 +28,10 @@ import javax.servlet.http.HttpServletRequest; import org.opensaml.saml2.core.Attribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; @@ -121,14 +122,13 @@ class OAuth20TokenRequest extends OAuth20BaseRequest { // check if client id and secret are ok try { // OAOAUTH20 cannot be null at this point. check was done in base request - OAOAUTH20 oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()) - .getoAuth20Config(); + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()); - if (!this.getClientID().equals(oAuthConfig.getOAuthClientId())) { + if (!this.getClientID().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))) { throw new OAuth20AccessDeniedException(); } - if (!this.getClientSecret().equals(oAuthConfig.getOAuthClientSecret())) { + if (!this.getClientSecret().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET))) { throw new OAuth20AccessDeniedException(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java index 587d8e935..0b6cb6eea 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java @@ -33,7 +33,6 @@ import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder; import org.opensaml.saml2.binding.security.SAML2AuthnRequestsSignedRule; import org.opensaml.saml2.binding.security.SAML2HTTPRedirectDeflateSignatureRule; import org.opensaml.saml2.core.RequestAbstractType; -import org.opensaml.saml2.core.Response; import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.IDPSSODescriptor; import org.opensaml.saml2.metadata.SPSSODescriptor; @@ -48,7 +47,6 @@ import org.opensaml.ws.transport.http.HttpServletRequestAdapter; import org.opensaml.ws.transport.http.HttpServletResponseAdapter; import org.opensaml.xml.parse.BasicParserPool; import org.opensaml.xml.security.SecurityException; -import org.opensaml.xml.security.credential.Credential; import org.opensaml.xml.security.x509.X509Credential; import at.gv.egovernment.moa.id.config.ConfigurationException; @@ -63,7 +61,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.MiscUtil; public class RedirectBinding implements IDecoder, IEncoder { @@ -173,11 +171,32 @@ public class RedirectBinding implements IDecoder, IEncoder { else messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME); - decode.decode(messageContext); + try { + decode.decode(messageContext); - //check signature - signatureRule.evaluate(messageContext); + //check signature + signatureRule.evaluate(messageContext); + + } catch (SecurityException e) { + if (MiscUtil.isEmpty(messageContext.getPeerEntityId())) { + throw e; + + } + Logger.debug("PVP2X message validation FAILED. Relead metadata for entityID: " + messageContext.getPeerEntityId()); + if (!MOAMetadataProvider.getInstance().refreshMetadataProvider(messageContext.getPeerEntityId())) + throw e; + + else { + Logger.trace("PVP2X metadata reload finished. Check validate message again."); + decode.decode(messageContext); + //check signature + signatureRule.evaluate(messageContext); + + } + Logger.trace("Second PVP2X message validation finished"); + } + InboundMessage msg = null; if (messageContext.getInboundMessage() instanceof RequestAbstractType) { RequestAbstractType inboundMessage = (RequestAbstractType) messageContext diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java index 5c473f32d..ca95ff90c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java @@ -24,10 +24,12 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.config; import iaik.x509.X509Certificate; +import java.io.IOException; import java.net.URL; import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.List; +import java.util.Map; import java.util.Properties; import java.util.jar.Attributes; import java.util.jar.Manifest; @@ -46,18 +48,16 @@ import org.opensaml.saml2.metadata.SurName; import org.opensaml.saml2.metadata.TelephoneNumber; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; -//TODO!!!!! - public class PVPConfiguration { private static PVPConfiguration instance; @@ -116,6 +116,9 @@ public class PVPConfiguration { props = AuthConfigurationProviderFactory.getInstance().getGeneralPVP2ProperiesConfig(); rootDir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir(); + //load PVP2X metadata for all active online applications + MOAMetadataProvider.getInstance(); + } catch (ConfigurationException e) { e.printStackTrace(); } @@ -201,52 +204,39 @@ public class PVPConfiguration { return AuthConfigurationProviderFactory.getInstance().getConfigurationWithKey( MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_SERVICENAMME) + moaIDVersion; } - - //TODO: - public String getTargetForSP(String sp) { - - try { - OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(sp); - - if (oaParam != null) - return oaParam.getTarget(); - - Logger.warn("OnlineApplication with ID "+ sp + " is not found."); - return null; - - } catch (ConfigurationException e) { - Logger.warn("OnlineApplication with ID "+ sp + " is not found."); - return null; - } - - } - public iaik.x509.X509Certificate getTrustEntityCertificate(String entityID) { + + try { + Logger.trace("Load metadata signing certificate for online application " + entityID); + IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(entityID); + if (oaParam == null) { + Logger.info("Online Application with ID " + entityID + " not found!"); + return null; + } - try { - IOAAuthParameters oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(entityID); - - if (oaParam == null) { - Logger.warn("Online Application with ID " + entityID + " not found!"); - return null; - } - - OAPVP2 pvp2param = oaParam.getPVP2Parameter(); - - if (pvp2param == null) { - return null; - } - - Logger.info("Load TrustEntityCertificate ("+entityID+") from Database."); - return new X509Certificate(pvp2param.getCertificate()); + String pvp2MetadataCertificateString = + oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); + if (MiscUtil.isEmpty(pvp2MetadataCertificateString)) { + Logger.info("Online Application with ID " + entityID + " include not PVP2X metadata signing certificate!"); + return null; + + } + + X509Certificate cert = new X509Certificate(Base64Utils.decode(pvp2MetadataCertificateString, false)); + Logger.debug("Metadata signing certificate is loaded for ("+entityID+") is loaded."); + return cert; } catch (CertificateException e) { - Logger.warn("Signer certificate can not be loaded from session database!", e); + Logger.warn("Metadata signer certificate is not parsed.", e); return null; } catch (ConfigurationException e) { - e.printStackTrace(); + Logger.error("Configuration is not accessable.", e); + return null; + + } catch (IOException e) { + Logger.warn("Metadata signer certificate is not decodeable.", e); return null; } } @@ -254,16 +244,16 @@ public class PVPConfiguration { public List getIDPContacts() throws ConfigurationException { List list = new ArrayList(); - Properties contacts = AuthConfigurationProviderFactory.getInstance().getConfigurationWithPrefix( + Map contacts = AuthConfigurationProviderFactory.getInstance().getConfigurationWithPrefix( MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT + "."); ContactPerson person = SAML2Utils .createSAMLObject(ContactPerson.class); - String type = contacts.getProperty(IDP_CONTACT_TYPE); + String type = contacts.get(IDP_CONTACT_TYPE); if (type == null) { - Logger.error("IDP Contact with SurName " + contacts.getProperty(IDP_CONTACT_SURNAME) + Logger.error("IDP Contact with SurName " + contacts.get(IDP_CONTACT_SURNAME) + " has no type defined!"); } @@ -287,13 +277,13 @@ public class PVPConfiguration { } if (enumType == null) { - Logger.error("IDP Contact with SurName " + contacts.getProperty(IDP_CONTACT_SURNAME) + Logger.error("IDP Contact with SurName " + contacts.get(IDP_CONTACT_SURNAME) + " has invalid type defined: " + type); } person.setType(enumType); - String givenName = contacts.getProperty(IDP_CONTACT_GIVENNAME); + String givenName = contacts.get(IDP_CONTACT_GIVENNAME); if (givenName != null) { GivenName name = SAML2Utils @@ -302,7 +292,7 @@ public class PVPConfiguration { person.setGivenName(name); } - String company = contacts.getProperty(IDP_CONTACT_COMPANY); + String company = contacts.get(IDP_CONTACT_COMPANY); if (company != null) { Company comp = SAML2Utils.createSAMLObject(Company.class); @@ -310,7 +300,7 @@ public class PVPConfiguration { person.setCompany(comp); } - String surname = contacts.getProperty(IDP_CONTACT_SURNAME); + String surname = contacts.get(IDP_CONTACT_SURNAME); if (surname != null) { SurName name = SAML2Utils.createSAMLObject(SurName.class); @@ -318,7 +308,7 @@ public class PVPConfiguration { person.setSurName(name); } - String phone = contacts.getProperty(IDP_CONTACT_PHONE); + String phone = contacts.get(IDP_CONTACT_PHONE); if (phone != null) { TelephoneNumber telePhone = SAML2Utils .createSAMLObject(TelephoneNumber.class); @@ -326,7 +316,7 @@ public class PVPConfiguration { person.getTelephoneNumbers().add(telePhone); } - String mail = contacts.getProperty(IDP_CONTACT_MAIL); + String mail = contacts.get(IDP_CONTACT_MAIL); if (mail != null) { EmailAddress mailAddress = SAML2Utils .createSAMLObject(EmailAddress.class); @@ -341,12 +331,12 @@ public class PVPConfiguration { public Organization getIDPOrganisation() throws ConfigurationException { Organization org = SAML2Utils.createSAMLObject(Organization.class); - Properties organisation = AuthConfigurationProviderFactory.getInstance().getConfigurationWithPrefix( + Map organisation = AuthConfigurationProviderFactory.getInstance().getConfigurationWithPrefix( MOAIDConfigurationConstants.GENERAL_PROTOCOLS_PVP2X_METADATA_ORG + "."); - String org_name = organisation.getProperty(IDP_ORG_NAME); - String org_dispname = organisation.getProperty(IDP_ORG_DISPNAME); - String org_url = organisation.getProperty(IDP_ORG_URL); + String org_name = organisation.get(IDP_ORG_NAME); + String org_dispname = organisation.get(IDP_ORG_DISPNAME); + String org_url = organisation.get(IDP_ORG_URL); if (org_name == null || org_dispname == null || org_url == null) { return null; @@ -373,6 +363,7 @@ public class PVPConfiguration { private String parseMOAIDVersionFromManifest() { try { + @SuppressWarnings("rawtypes") Class clazz = PVPConfiguration.class; String className = clazz.getSimpleName() + ".class"; String classPath = clazz.getResource(className).toString(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index 0ec79c79a..c2127a2af 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -22,6 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.metadata; +import java.io.IOException; import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Collection; @@ -30,6 +31,7 @@ import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; +import java.util.Map.Entry; import java.util.Timer; import javax.net.ssl.SSLHandshakeException; @@ -47,13 +49,13 @@ import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.xml.XMLObject; import org.opensaml.xml.parse.BasicParserPool; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; -import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SchemaValidationException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.filter.SignatureValidationException; @@ -61,6 +63,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.Interfeder import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.MetadataFilterChain; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.metadata.SchemaValidationFilter; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.MiscUtil; public class MOAMetadataProvider implements MetadataProvider { @@ -68,7 +71,6 @@ public class MOAMetadataProvider implements MetadataProvider { private static MOAMetadataProvider instance = null; private static Object mutex = new Object(); - private static Date timestamp = null; public static MOAMetadataProvider getInstance() { if (instance == null) { @@ -80,18 +82,19 @@ public class MOAMetadataProvider implements MetadataProvider { } return instance; } - - public static Date getTimeStamp() { - return timestamp; - } public static void reInitialize() { synchronized (mutex) { /**add new Metadataprovider or remove Metadataprovider which are not in use any more.**/ if (instance != null) - instance.addAndRemoveMetadataProvider(); - + try { + instance.addAndRemoveMetadataProvider(); + + } catch (ConfigurationException e) { + Logger.error("Access to MOA-ID configuration FAILED.", e); + + } else Logger.info("MOAMetadataProvider is not loaded."); } @@ -109,89 +112,165 @@ public class MOAMetadataProvider implements MetadataProvider { MetadataProvider internalProvider; - private void addAndRemoveMetadataProvider() { + public boolean refreshMetadataProvider(String entityID) { + try { + OAAuthParameter oaParam = + AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(entityID); + if (oaParam != null) { + String metadataURL = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL); + if (MiscUtil.isNotEmpty(metadataURL)) { + Map actuallyLoadedProviders = getAllActuallyLoadedProviders(); + + // check if MetadataProvider is actually loaded + if (actuallyLoadedProviders.containsKey(metadataURL)) { + actuallyLoadedProviders.get(metadataURL).refresh(); + Logger.info("PVP2X metadata for onlineApplication: " + + entityID + " is refreshed."); + return true; + + } else { + //load new Metadata Provider + String certBase64 = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); + if (MiscUtil.isNotEmpty(certBase64)) { + byte[] cert = Base64Utils.decode(certBase64, false); + String oaFriendlyName = oaParam.getFriendlyName(); + + ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider; + HTTPMetadataProvider newMetadataProvider = createNewHTTPMetaDataProvider(metadataURL, + cert, oaFriendlyName, + buildMetadataFilterChain(oaParam, metadataURL, + cert)); + + chainProvider.addMetadataProvider(newMetadataProvider); + Logger.info("PVP2X metadata for onlineApplication: " + + entityID + " is added."); + return true; + + } else + Logger.debug("Can not refresh PVP2X metadata: NO PVP2X metadata certificate for OA with Id: " + entityID); + + } + + } else + Logger.debug("Can not refresh PVP2X metadata: NO PVP2X metadata URL for OA with Id: " + entityID); + + } else + Logger.debug("Can not refresh PVP2X metadata: NO onlineApplication with Id: " + entityID); + + + } catch (ConfigurationException e) { + Logger.warn("Access MOA-ID configuration FAILED.", e); + + } catch (MetadataProviderException e) { + Logger.warn("Refresh PVP2X metadata for onlineApplication: " + + entityID + " FAILED.", e); + + } catch (IOException e) { + Logger.warn("Refresh PVP2X metadata for onlineApplication: " + + entityID + " FAILED.", e); + + } catch (CertificateException e) { + Logger.warn("Refresh PVP2X metadata for onlineApplication: " + + entityID + " FAILED.", e); + + } + + return false; + + } + + private Map getAllActuallyLoadedProviders() { + Map loadedproviders = new HashMap(); + ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider; + + //make a Map of all actually loaded HTTPMetadataProvider + List providers = chainProvider.getProviders(); + for (MetadataProvider provider : providers) { + if (provider instanceof HTTPMetadataProvider) { + HTTPMetadataProvider httpprovider = (HTTPMetadataProvider) provider; + loadedproviders.put(httpprovider.getMetadataURI(), httpprovider); + + } + } + + return loadedproviders; + } + + + private void addAndRemoveMetadataProvider() throws ConfigurationException { if (internalProvider != null && internalProvider instanceof ChainingMetadataProvider) { Logger.info("Relaod MOAMetaDataProvider."); /*OpenSAML ChainingMetadataProvider can not remove a MetadataProvider (UnsupportedOperationException) *The ChainingMetadataProvider use internal a unmodifiableList to hold all registrated MetadataProviders.*/ Map providersinuse = new HashMap(); - - Map loadedproviders = new HashMap(); ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider; - //make a Map of all actually loaded HTTPMetadataProvider - List providers = chainProvider.getProviders(); - for (MetadataProvider provider : providers) { - if (provider instanceof HTTPMetadataProvider) { - HTTPMetadataProvider httpprovider = (HTTPMetadataProvider) provider; - loadedproviders.put(httpprovider.getMetadataURI(), httpprovider); - } - } - - //set Timestamp - Date oldTimeStamp = timestamp; - timestamp = new Date(); + //get all actually loaded metadata providers + Map loadedproviders = getAllActuallyLoadedProviders(); //load all PVP2 OAs form ConfigurationDatabase and //compare actually loaded Providers with configured PVP2 OAs - List oaList = ConfigurationDBRead - .getAllActiveOnlineApplications(); - - Iterator oaIt = oaList.iterator(); - while (oaIt.hasNext()) { - HTTPMetadataProvider httpProvider = null; - - try { - OnlineApplication oa = oaIt.next(); - OAPVP2 pvp2Config = oa.getAuthComponentOA().getOAPVP2(); - if (pvp2Config != null && MiscUtil.isNotEmpty(pvp2Config.getMetadataURL())) { - - String metadataurl = pvp2Config.getMetadataURL(); + Map allOAs = AuthConfigurationProviderFactory.getInstance().getConfigurationWithWildCard( + MOAIDConfigurationConstants.PREFIX_SERVICES + + ".%." + + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); + + if (allOAs != null) { + Iterator> oaInterator = allOAs.entrySet().iterator(); + while (oaInterator.hasNext()) { + Entry oaKeyPair = oaInterator.next(); + + OAAuthParameter oaParam = + AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaKeyPair.getValue()); + if (oaParam != null) { + String metadataurl = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL); - if (loadedproviders.containsKey(metadataurl)) { - - if (pvp2Config.getUpdateRequiredItem() != null && - pvp2Config.getUpdateRequiredItem().after(oldTimeStamp)) { - //PVP2 OA is actually loaded, but update is requested - Logger.info("Reload metadata for: " + oa.getFriendlyName()); - loadedproviders.get(metadataurl).refresh(); - - } - - // PVP2 OA is actually loaded, to nothing - providersinuse.put(metadataurl, loadedproviders.get(metadataurl)); - loadedproviders.remove(metadataurl); + HTTPMetadataProvider httpProvider = null; + try { + if (MiscUtil.isNotEmpty(metadataurl)) { + if (loadedproviders.containsKey(metadataurl)) { + // PVP2 OA is actually loaded, to nothing + providersinuse.put(metadataurl, loadedproviders.get(metadataurl)); + loadedproviders.remove(metadataurl); - } else if ( MiscUtil.isNotEmpty(metadataurl) && - !providersinuse.containsKey(metadataurl) ) { - //PVP2 OA is new, add it to MOAMetadataProvider - - Logger.info("Loading metadata for: " + oa.getFriendlyName()); - httpProvider = createNewHTTPMetaDataProvider( - pvp2Config.getMetadataURL(), - pvp2Config.getCertificate(), - oa.getFriendlyName(), - buildMetadataFilterChain(oa, pvp2Config.getMetadataURL(), - pvp2Config.getCertificate())); + } else if ( MiscUtil.isNotEmpty(metadataurl) && + !providersinuse.containsKey(metadataurl) ) { + //PVP2 OA is new, add it to MOAMetadataProvider + String certBase64 = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); + if (MiscUtil.isNotEmpty(certBase64)) { + byte[] cert = Base64Utils.decode(certBase64, false); + String oaFriendlyName = oaParam.getFriendlyName(); + + + Logger.info("Loading metadata for: " + oaFriendlyName); + httpProvider = createNewHTTPMetaDataProvider( + metadataurl, + cert, + oaFriendlyName, + buildMetadataFilterChain(oaParam, metadataurl, + cert)); - if (httpProvider != null) - providersinuse.put(metadataurl, httpProvider); + if (httpProvider != null) + providersinuse.put(metadataurl, httpProvider); + } - } - } - } catch (Throwable e) { - Logger.error( + } + } + } catch (Throwable e) { + Logger.error( "Failed to add Metadata (unhandled reason: " + e.getMessage(), e); - if (httpProvider != null) { - Logger.debug("Destroy failed Metadata provider"); - httpProvider.destroy(); - } + if (httpProvider != null) { + Logger.debug("Destroy failed Metadata provider"); + httpProvider.destroy(); + } - } + } + } + } } //remove all actually loaded MetadataProviders with are not in ConfigurationDB any more @@ -261,77 +340,90 @@ public class MOAMetadataProvider implements MetadataProvider { Logger.info("Loading metadata"); Map providersinuse = new HashMap(); - - List oaList = ConfigurationDBRead - .getAllActiveOnlineApplications(); - - if (oaList.size() == 0) - Logger.info("No Online-Application configuration found. PVP 2.1 metadata provider initialization failed!"); - - Iterator oaIt = oaList.iterator(); - while (oaIt.hasNext()) { - HTTPMetadataProvider httpProvider = null; + try { + Map allOAs = AuthConfigurationProviderFactory.getInstance().getConfigurationWithWildCard( + MOAIDConfigurationConstants.PREFIX_SERVICES + + ".%." + + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); - try { - OnlineApplication oa = oaIt.next(); - Logger.info("Loading metadata for: " + oa.getFriendlyName()); - OAPVP2 pvp2Config = oa.getAuthComponentOA().getOAPVP2(); - if (pvp2Config != null && MiscUtil.isNotEmpty(pvp2Config.getMetadataURL())) { - String metadataURL = pvp2Config.getMetadataURL(); + if (allOAs != null) { + Iterator> oaInterator = allOAs.entrySet().iterator(); + while (oaInterator.hasNext()) { + Entry oaKeyPair = oaInterator.next(); - if (!providersinuse.containsKey(metadataURL)) { - - httpProvider = createNewHTTPMetaDataProvider( - metadataURL, - pvp2Config.getCertificate(), - oa.getFriendlyName(), - buildMetadataFilterChain(oa, metadataURL, - pvp2Config.getCertificate())); - - if (httpProvider != null) - providersinuse.put(metadataURL, httpProvider); + OAAuthParameter oaParam = + AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaKeyPair.getValue()); + if (oaParam != null) { + String metadataurl = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL); + String oaFriendlyName = oaParam.getFriendlyName(); + HTTPMetadataProvider httpProvider = null; + + try { + String certBase64 = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); + if (MiscUtil.isNotEmpty(certBase64) || MiscUtil.isNotEmpty(metadataurl)) { + byte[] cert = Base64Utils.decode(certBase64, false); + + + Logger.info("Loading metadata for: " + oaFriendlyName); + if (!providersinuse.containsKey(metadataurl)) { + httpProvider = createNewHTTPMetaDataProvider( + metadataurl, + cert, + oaFriendlyName, + buildMetadataFilterChain(oaParam, metadataurl, + cert)); - } else { - Logger.info(metadataURL + " are already added."); - } + if (httpProvider != null) + providersinuse.put(metadataurl, httpProvider); + + } else { + Logger.info(metadataurl + " are already added."); + } + + } else { + Logger.info(oaFriendlyName + + " is not a PVP2 Application skipping"); + } + } catch (Throwable e) { + Logger.error( + "Failed to add Metadata (unhandled reason: " + + e.getMessage(), e); - } else { - Logger.info(oa.getFriendlyName() - + " is not a PVP2 Application skipping"); + if (httpProvider != null) { + Logger.debug("Destroy failed Metadata provider"); + httpProvider.destroy(); + } + } + } } - } catch (Throwable e) { + + } else + Logger.info("No Online-Application configuration found. PVP 2.1 metadata provider initialization failed!"); + + try { + chainProvider.setProviders(new ArrayList(providersinuse.values())); + + } catch (MetadataProviderException e) { Logger.error( "Failed to add Metadata (unhandled reason: " + e.getMessage(), e); - - if (httpProvider != null) { - Logger.debug("Destroy failed Metadata provider"); - httpProvider.destroy(); - } - } - } - - - try { - chainProvider.setProviders(new ArrayList(providersinuse.values())); + } + + } catch (ConfigurationException e) { + Logger.error("Access MOA-ID configuration FAILED.", e); - } catch (MetadataProviderException e) { - Logger.error( - "Failed to add Metadata (unhandled reason: " - + e.getMessage(), e); } internalProvider = chainProvider; - timestamp = new Date(); } - private MetadataFilterChain buildMetadataFilterChain(OnlineApplication oa, String metadataURL, byte[] certificate) throws CertificateException { + private MetadataFilterChain buildMetadataFilterChain(OAAuthParameter oaParam, String metadataURL, byte[] certificate) throws CertificateException { MetadataFilterChain filterChain = new MetadataFilterChain(metadataURL, certificate); filterChain.getFilters().add(new SchemaValidationFilter()); - if (oa.isIsInterfederationIDP() != null && oa.isIsInterfederationIDP()) { + if (oaParam.isInderfederationIDP()) { Logger.info("Online-Application is an interfederated IDP. Add addional Metadata policies"); - filterChain.getFilters().add(new InterfederatedIDPPublicServiceFilter(metadataURL, oa.getType())); + filterChain.getFilters().add(new InterfederatedIDPPublicServiceFilter(metadataURL, oaParam.getBusinessService())); } @@ -352,7 +444,7 @@ public class MOAMetadataProvider implements MetadataProvider { AuthConfigurationProviderFactory.getInstance().getCertstoreDirectory(), AuthConfigurationProviderFactory.getInstance().getTrustedCACertificates(), null, - ChainingModeType.fromValue(AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode()), + AuthConfiguration.DEFAULT_X509_CHAININGMODE, AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking()); httpClient.setCustomSSLTrustStore(metadataURL, protoSocketFactory); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java index 550643da1..69c760f19 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java @@ -22,6 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.verification; +import java.io.IOException; import java.util.List; import org.opensaml.saml2.metadata.EntitiesDescriptor; @@ -32,36 +33,39 @@ import org.opensaml.xml.signature.SignatureValidator; import org.opensaml.xml.validation.ValidationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSignedException; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; public class EntityVerifier { public static byte[] fetchSavedCredential(String entityID) { // List oaList = ConfigurationDBRead // .getAllActiveOnlineApplications(); + try { + OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(entityID); - OnlineApplication oa = ConfigurationDBRead - .getActiveOnlineApplication(entityID); - -// Iterator oaIt = oaList.iterator(); -// while (oaIt.hasNext()) { -// OnlineApplication oa = oaIt.next(); -// if (oa.getPublicURLPrefix().equals(entityID)) { - - if (oa != null && oa.getAuthComponentOA() != null) { - - OAPVP2 pvp2Config = oa.getAuthComponentOA().getOAPVP2(); - if (pvp2Config != null) { - return pvp2Config.getCertificate(); - } + String certBase64 = oa.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); + if (MiscUtil.isNotEmpty(certBase64)) { + return Base64Utils.decode(certBase64, false); + } -// } + + } catch (ConfigurationException e) { + Logger.error("Access MOA-ID configuration FAILED.", e); + + } catch (IOException e) { + Logger.warn("Decoding PVP2X metadata certificate FAILED.", e); + + } + return null; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java index 257f9dac4..70b778c49 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java @@ -38,7 +38,6 @@ import org.opensaml.saml2.core.RequestAbstractType; import org.opensaml.saml2.core.Response; import org.opensaml.saml2.core.StatusCode; import org.opensaml.saml2.core.StatusResponseType; -import org.opensaml.saml2.core.validator.AuthnRequestSchemaValidator; import org.opensaml.saml2.encryption.Decrypter; import org.opensaml.saml2.encryption.EncryptedElementTypeEncryptedKeyResolver; import org.opensaml.saml2.metadata.IDPSSODescriptor; @@ -68,25 +67,50 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SchemaValidationExcep import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse; +import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class SAMLVerificationEngine { public void verify(InboundMessage msg, SignatureTrustEngine sigTrustEngine ) throws org.opensaml.xml.security.SecurityException, Exception { - if (msg instanceof MOARequest && - ((MOARequest)msg).getSamlRequest() instanceof RequestAbstractType) - verifyRequest(((RequestAbstractType)((MOARequest)msg).getSamlRequest()), sigTrustEngine); - - else - verifyResponse(((MOAResponse)msg).getResponse(), sigTrustEngine); + try { + if (msg instanceof MOARequest && + ((MOARequest)msg).getSamlRequest() instanceof RequestAbstractType) + verifyRequest(((RequestAbstractType)((MOARequest)msg).getSamlRequest()), sigTrustEngine); + else + verifyResponse(((MOAResponse)msg).getResponse(), sigTrustEngine); + + } catch (InvalidProtocolRequestException e) { + if (MiscUtil.isEmpty(msg.getEntityID())) { + throw e; + + } + Logger.debug("PVP2X message validation FAILED. Relead metadata for entityID: " + msg.getEntityID()); + if (!MOAMetadataProvider.getInstance().refreshMetadataProvider(msg.getEntityID())) + throw e; + + else { + Logger.trace("PVP2X metadata reload finished. Check validate message again."); + + if (msg instanceof MOARequest && + ((MOARequest)msg).getSamlRequest() instanceof RequestAbstractType) + verifyRequest(((RequestAbstractType)((MOARequest)msg).getSamlRequest()), sigTrustEngine); + + else + verifyResponse(((MOAResponse)msg).getResponse(), sigTrustEngine); + + } + Logger.trace("Second PVP2X message validation finished"); + } } - public void verifyResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine ) throws org.opensaml.xml.security.SecurityException, Exception { + public void verifyResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine ) throws InvalidProtocolRequestException{ SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator(); try { profileValidator.validate(samlObj.getSignature()); @@ -110,13 +134,13 @@ public class SAMLVerificationEngine { if (!sigTrustEngine.validate(samlObj.getSignature(), criteriaSet)) { throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); } - } catch (SecurityException e) { - e.printStackTrace(); + } catch (org.opensaml.xml.security.SecurityException e) { + Logger.warn("PVP2x message signature validation FAILED.", e); throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); } } - public void verifyRequest(RequestAbstractType samlObj, SignatureTrustEngine sigTrustEngine ) throws org.opensaml.xml.security.SecurityException, Exception { + public void verifyRequest(RequestAbstractType samlObj, SignatureTrustEngine sigTrustEngine ) throws InvalidProtocolRequestException { SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator(); try { profileValidator.validate(samlObj.getSignature()); @@ -140,8 +164,8 @@ public class SAMLVerificationEngine { if (!sigTrustEngine.validate(samlObj.getSignature(), criteriaSet)) { throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); } - } catch (SecurityException e) { - e.printStackTrace(); + } catch (org.opensaml.xml.security.SecurityException e) { + Logger.warn("PVP2x message signature validation FAILED.", e); throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/InterfederatedIDPPublicServiceFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/InterfederatedIDPPublicServiceFilter.java index 4d9b97a52..918863d05 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/InterfederatedIDPPublicServiceFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/InterfederatedIDPPublicServiceFilter.java @@ -41,14 +41,10 @@ public class InterfederatedIDPPublicServiceFilter implements MetadataFilter { /** * */ - public InterfederatedIDPPublicServiceFilter(String metadataURL, String oaType) { + public InterfederatedIDPPublicServiceFilter(String metadataURL, boolean isBusinessService) { Logger.debug("Add " + this.getClass().getName() + " to metadata policy"); this.metadataURL = metadataURL; - - if (oaType.equals("businessService")) - this.isPublicService = false; - else - this.isPublicService = true; + this.isPublicService = !isBusinessService; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index c8a480cac..e70e71d49 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -51,10 +51,10 @@ import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.auth.exception.ValidateException; import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; @@ -173,10 +173,10 @@ public class SAML1AuthenticationServer extends AuthenticationServer { throws ConfigurationException, BuildException, AuthenticationException { //Load SAML1 Parameter from OA config - OASAML1 saml1parameter = oaParam.getSAML1Parameter(); + SAML1ConfigurationParameters saml1parameter = oaParam.getSAML1Parameter(); boolean useCondition = saml1parameter.isUseCondition(); - int conditionLength = saml1parameter.getConditionLength().intValue(); + int conditionLength = saml1parameter.getConditionLength(); try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index f86d5f769..bc38735ac 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -32,15 +32,14 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringEscapeUtils; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; @@ -149,7 +148,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { throw new InvalidProtocolRequestException("auth.00", new Object[] { null }); - OASAML1 saml1 = oaParam.getSAML1Parameter(); + SAML1ConfigurationParameters saml1 = oaParam.getSAML1Parameter(); if (saml1 == null || !(saml1.isIsActive() != null && saml1.isIsActive()) ) { Logger.info("Online-Application " + oaURL + " can not use SAML1 for authentication."); throw new InvalidProtocolRequestException("auth.00", diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java index f73726890..5370573a7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java @@ -27,10 +27,10 @@ import java.util.List; import org.opensaml.saml2.core.Attribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.config.auth.data.SAML1ConfigurationParameters; import at.gv.egovernment.moa.id.moduls.RequestImpl; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder; @@ -71,7 +71,7 @@ public class SAML1RequestImpl extends RequestImpl { try { OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); - OASAML1 saml1 = oa.getSAML1Parameter(); + SAML1ConfigurationParameters saml1 = oa.getSAML1Parameter(); if (saml1 != null) { if (saml1.isProvideAUTHBlock()) reqAttr.add(PVPConstants.EID_AUTH_BLOCK_NAME); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 27b9cd849..71b55d991 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -26,12 +26,8 @@ import java.util.ArrayList; import java.util.Iterator; import java.util.List; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index 10b325234..f0b0f58de 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -23,6 +23,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; +import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider; import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.EHvdAttributeProviderPlugin; import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.EHvdAttribute_deprecatedProviderPlugin; @@ -33,6 +34,7 @@ import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.StorkAttribu import at.gv.egovernment.moa.logging.Logger; import java.util.ArrayList; +import java.util.Collection; import java.util.Iterator; import java.util.List; import java.util.PriorityQueue; @@ -91,14 +93,14 @@ public class AttributeProviderFactory { /** * Gets fresh instances of the configured plugins. * - * @param configuredAPs the configured a ps + * @param collection the configured a ps * @return the configured plugins */ public static Iterator getConfiguredPlugins( - List configuredAPs) { + Collection collection) { PriorityQueue result = new PriorityQueue(); - for (AttributeProviderPlugin current : configuredAPs) { + for (StorkAttributeProviderPlugin current : collection) { result.add(create(current.getName(), current.getUrl(), current.getAttributes())); Logger.debug("Adding configured attribute provider: " + current.getClass().getName() + current.getName() + " at " + current.getUrl()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java index b55dea250..64ae95093 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java @@ -64,12 +64,10 @@ import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; @@ -262,7 +260,7 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{ * @param template * @return */ - public static boolean isValidTemplate(HttpServletRequest req, String template, List oaSlTemplates) { + public static boolean isValidTemplate(HttpServletRequest req, String template, List oaSlTemplates) { Logger.debug("Ueberpruefe Parameter Template bzw. bkuSelectionTemplateURL"); @@ -295,9 +293,9 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{ //get OA specific template URLs if (oaSlTemplates != null && oaSlTemplates.size() > 0) { - for (TemplateType el : oaSlTemplates) - if (MiscUtil.isNotEmpty(el.getURL())) - trustedTemplateURLs.add(el.getURL()); + for (String el : oaSlTemplates) + if (MiscUtil.isNotEmpty(el)) + trustedTemplateURLs.add(el); } boolean b = trustedTemplateURLs.contains(template); diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index ad01644a1..985d499ba 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -74,7 +74,8 @@ config.18=Keine MOA-ID 2.x Konfiguration gefunden. config.19=Kein Schl\u00FCssel f\u00FCr die Resignierung der Personenbindung gefunden. config.20=Umgebungsvariable "moa.id.proxy.configuration" nicht gesetzt config.21=F\u00FCr diese Online Applikation sind keine Vollmachtsprofile hinterlegt. -config.22=F\u00FCr den Interfederation-Gateway mit der ID {0} ist kein Endpunkt zur Weiterleitung konfiguriert. +config.22=F\u00FCr den Interfederation-Gateway mit der ID {0} ist kein Endpunkt zur Weiterleitung konfiguriert. +config.23=Fehler beim initialisieren von OpenSAML parser.00=Leichter Fehler beim Parsen: {0} parser.01=Fehler beim Parsen: {0} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java deleted file mode 100644 index 313038e08..000000000 --- a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/AuthConfigurationProviderLegacyCompatibilityTest.java +++ /dev/null @@ -1,109 +0,0 @@ -package at.gv.egovnerment.moa.id.config.auth; - -import static org.easymock.EasyMock.createMock; -import static org.easymock.EasyMock.expect; -import static org.easymock.EasyMock.replay; -import static org.easymock.EasyMock.verify; - -import java.util.Collections; - -import org.junit.Test; -import org.unitils.reflectionassert.ReflectionAssert; - -import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; -import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; -import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; -import at.gv.egovernment.moa.id.commons.db.dao.config.GeneralConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOASP; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAuth; -import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; -import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1; -import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; -import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer; -import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; -import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyAuthBlock; -import at.gv.egovernment.moa.id.commons.db.dao.config.VerifyIdentityLink; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.NewAuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.data.ProtocolAllowed; - -public class AuthConfigurationProviderLegacyCompatibilityTest { - - private MOAIDConfiguration getMinimalMoaidConfiguration() { - - MOAIDConfiguration moaidConfiguration = new MOAIDConfiguration(); - AuthComponentGeneral authComponentGeneral = new AuthComponentGeneral(); - MOASP moasp = new MOASP(); - VerifyAuthBlock verifyAuthBlock = new VerifyAuthBlock(); - moasp.setVerifyAuthBlock(verifyAuthBlock); - VerifyIdentityLink verifyIdentityLink = new VerifyIdentityLink(); - moasp.setVerifyIdentityLink(verifyIdentityLink); - authComponentGeneral.setMOASP(moasp); - SecurityLayer securityLayer = new SecurityLayer(); - TransformsInfoType transformsInfo = new TransformsInfoType(); - transformsInfo.setFilename("transforms/TransformsInfoAuthBlockTable_DE.xml"); - transformsInfo.setTransformation(new byte[] {}); - securityLayer.setTransformsInfo(Collections.singletonList(transformsInfo)); - authComponentGeneral.setSecurityLayer(securityLayer); - SLRequestTemplates slRequestTemplates = new SLRequestTemplates(); - moaidConfiguration.setSLRequestTemplates(slRequestTemplates); - GeneralConfiguration generalConfiguration = new GeneralConfiguration(); - generalConfiguration.setTrustManagerRevocationChecking(Boolean.FALSE); - generalConfiguration.setPublicURLPreFix("http://test.org"); - authComponentGeneral.setGeneralConfiguration(generalConfiguration); - moaidConfiguration.setAuthComponentGeneral(authComponentGeneral); - ChainingModes chainingModes = new ChainingModes(); - moaidConfiguration.setChainingModes(chainingModes); - - return moaidConfiguration; - } - - @Test - public void testGetAllowedProtocolls() throws ConfigurationException { - MOAIDConfiguration moaidConfiguration = getMinimalMoaidConfiguration(); - - testGetAllowedProtocolls(moaidConfiguration); - } - - @Test - public void testGetAllowedProtocollsAll() throws ConfigurationException { - MOAIDConfiguration moaidConfiguration = getMinimalMoaidConfiguration(); - Protocols protocols = new Protocols(); - SAML1 saml1 = new SAML1(); - saml1.setIsActive(Boolean.TRUE); - protocols.setSAML1(saml1); - PVP2 pvp2 = new PVP2(); - pvp2.setIsActive(Boolean.FALSE); - protocols.setPVP2(pvp2); - OAuth oAuth = new OAuth(); - oAuth.setIsActive(null); - protocols.setOAuth(oAuth); - moaidConfiguration.getAuthComponentGeneral().setProtocols(protocols); - - testGetAllowedProtocolls(moaidConfiguration); - } - - public void testGetAllowedProtocolls(MOAIDConfiguration moaidConfiguration) throws ConfigurationException { - - TestLegacyAuthConfigurationProvider legacyAuthConfigurationProvider = new TestLegacyAuthConfigurationProvider(moaidConfiguration); - ProtocolAllowed expectedAllowedProtocols = legacyAuthConfigurationProvider.getAllowedProtocols(); - - Configuration configuration = createMock(Configuration.class); - NewAuthConfigurationProvider newAuthConfigurationProvider = new NewAuthConfigurationProvider(); - newAuthConfigurationProvider.setConfiguration(configuration); - - expect(configuration.get(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, AuthComponentGeneral.class)).andReturn(moaidConfiguration.getAuthComponentGeneral()); - - replay(configuration); - - ProtocolAllowed actualAllowedProtocols = newAuthConfigurationProvider.getAllowedProtocols(); - - verify(configuration); - - ReflectionAssert.assertLenientEquals(expectedAllowedProtocols, actualAllowedProtocols); - } - -} diff --git a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java b/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java deleted file mode 100644 index 483731179..000000000 --- a/id/server/idserverlib/src/test/java/at/gv/egovnerment/moa/id/config/auth/TestLegacyAuthConfigurationProvider.java +++ /dev/null @@ -1,31 +0,0 @@ -package at.gv.egovnerment.moa.id.config.auth; - -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.JaxBAuthConfigurationProvider; - -public class TestLegacyAuthConfigurationProvider extends - JaxBAuthConfigurationProvider { - - private final MOAIDConfiguration moaidConfiguration; - - public TestLegacyAuthConfigurationProvider(MOAIDConfiguration moaidConfiguration) - throws ConfigurationException { - super(); - this.moaidConfiguration = moaidConfiguration; - reloadDataBaseConfig(); - } - - @SuppressWarnings("unused") - private TestLegacyAuthConfigurationProvider(String fileName) - throws ConfigurationException { - super(); - moaidConfiguration = new MOAIDConfiguration(); - } - - @Override - protected MOAIDConfiguration loadDataBaseConfig() { - return this.moaidConfiguration; - } - -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java deleted file mode 100644 index df21e17bf..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java +++ /dev/null @@ -1,139 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.auth.builder; - -import java.io.FileInputStream; -import java.io.RandomAccessFile; - -import org.w3c.dom.Element; -import test.at.gv.egovernment.moa.id.auth.invoke.MOASPSSTestCase; - -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.JaxBAuthConfigurationProvider; - - - -/** - * Test case for the signature verification web service. - * - * This test requires a running SignatureVerification web service. - * - * @author Stefan Knirsch - * @version $Id$ - */ -public class VerifyXMLSignatureRequestBuilderTest extends MOASPSSTestCase { - - - private SignatureVerificationInvoker caller; - - public VerifyXMLSignatureRequestBuilderTest(String name) { - super(name); - } - - public void setUp() { - System.setProperty( - ConfigurationProvider.CONFIG_PROPERTY_NAME, - "data/test/conf/ConfigurationTest.xml"); - caller = new SignatureVerificationInvoker(); - } - - public void testVerifyXMLSignatureRequestBuilderIdentityLink() throws Exception { - - RandomAccessFile infoBox = new RandomAccessFile( - "data/test/xmldata/testperson1/InfoboxReadResponse.xml","r"); - byte[] b = new byte[(int) infoBox.length()]; - infoBox.read(b); - infoBox.close(); - String xmlInfoboxReadResponse = new String(b, "UTF-8"); - - - RandomAccessFile vr = new RandomAccessFile( - "data/test/xmldata/standard/VerifyXMLSignatureRequestIdentityLink.xml","r"); - b = new byte[(int) vr.length()]; - vr.read(b); - vr.close(); - String xmlResponse = new String(b, "UTF-8"); - - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); - JaxBAuthConfigurationProvider authConf = JaxBAuthConfigurationProvider.getInstance(); - - Element requestBuild = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID()); - - assertXmlEquals(requestBuild, xmlResponse); - - } - - public void testVerifyXMLSignature2() throws Exception { - - RandomAccessFile s = new RandomAccessFile("data/test/xmldata/standard/CreateXMLSignatureResponse.xml","r"); - byte[] b = new byte[(int) s.length()]; - s.read(b); - s.close(); - String xmlCreateXMLSignatureResponse = new String(b, "UTF-8"); - - CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); - CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); - - VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); - - JaxBAuthConfigurationProvider authConf = JaxBAuthConfigurationProvider.getInstance(); - - Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID()); - - // check the result - assertXmlEquals(request, new FileInputStream("data/test/xmldata/standard/VerifyXMLSignatureRequestCreateXML.xml")); - - } - } diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java deleted file mode 100644 index c5c17f623..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java +++ /dev/null @@ -1,216 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.auth.invoke; - -import java.io.RandomAccessFile; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; -import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; -import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; -import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.JaxBAuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; -import at.gv.egovernment.moa.util.DOMUtils; - - - -/** - * Test case for the signature verification web service. - * - * This test requires a running SignatureVerification web service. - * - * @author Patrick Peck - * @author Fatemeh Philippi - * @version $Id$ - */ -public class SignatureVerificationTest extends MOASPSSTestCase { - - - private SignatureVerificationInvoker caller; - - public SignatureVerificationTest(String name) { - super(name); - } - - public void setUp() { -System.setProperty( - ConfigurationProvider.CONFIG_PROPERTY_NAME, - "data/test/conf/ConfigurationTest.xml"); - caller = new SignatureVerificationInvoker(); - } - -/* public void testVerifyCMSSignature() throws Exception { - Element request = - parseXml("data/test/xml/VCSQ000.xml").getDocumentElement(); - Element result; - - // call the service - result = caller.verifyXMLSignature(request); - - // check the result - assertEquals("VerifyCMSSignatureResponse", result.getTagName()); - }*/ - - public void testVerifyXMLSignature1() throws Exception { - - //Momentan zeigt die Konfiguration als Endpunkt aus localhost:8081 zum - //Protokollieren per TCPMon... der ECHT Endpunkt ist 10.16.46.108:8080 - RandomAccessFile s = - new RandomAccessFile( - "data/test/xmldata/testperson1/InfoboxReadResponse.xml","r"); - byte[] b = new byte[(int) s.length()]; - s.read(b); - String xmlInfoboxReadResponse =new String(b,"UTF8"); - - InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(xmlInfoboxReadResponse); - IdentityLink idl = irrp.parseIdentityLink(); - VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); - - JaxBAuthConfigurationProvider authConf = JaxBAuthConfigurationProvider.getInstance(); - - Element request = vsrb.build(idl, authConf.getMoaSpIdentityLinkTrustProfileID()); - s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithInfoboxReadResponse.xml","rw"); - s.write(DOMUtils.serializeNode(request).getBytes("UTF-8")); - s.close(); -// Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement(); -// Element request = DOMUtils.parseDocument(xmlInfoboxReadResponse,false,null,null).getDocumentElement(); -// call the service - Element response = caller.verifyXMLSignature(request); - VerifyXMLSignatureResponseParser vParser = new VerifyXMLSignatureResponseParser(response); - VerifyXMLSignatureResponse vData = vParser.parseData(); - VerifyXMLSignatureResponseValidator vValidate = VerifyXMLSignatureResponseValidator.getInstance(); - - DynamicOAAuthParameters oaParam = new DynamicOAAuthParameters(); - oaParam.setBusinessService(true); - vValidate.validate(vData, authConf.getIdentityLinkX509SubjectNames(), VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, oaParam); - vValidate.validateCertificate(vData,idl); - - // check the result - assertXmlEquals(response, request); - - } - - public void testVerifyXMLSignature2() throws Exception { - // Pr�ft den 2. Aufruf mit dem CreateXMLSIgnatureResponse als Parameter - //Momentan zeigt die Konfiguration als Endpunkt aus localhost:8081 zum - //Protokollieren per TCPMon... der ECHT Endpunkt ist 10.16.46.108:8080 - RandomAccessFile s = - new RandomAccessFile( - "data/test/xmldata/standard/CreateXMLSignatureResponse.xml","r"); - byte[] b = new byte[(int) s.length()]; - s.read(b); - String xmlCreateXMLSignatureResponse = new String(b, "UTF8"); - - CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); -// CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); - CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); - - VerifyXMLSignatureRequestBuilder vsrb = new VerifyXMLSignatureRequestBuilder(); - - JaxBAuthConfigurationProvider authConf = JaxBAuthConfigurationProvider.getInstance(); - - Element request = vsrb.build(csr, authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(), authConf.getMoaSpIdentityLinkTrustProfileID()); - // Element request = DOMUtils.parseDocument(vsrb.build(xmlInfoboxReadResponse,"TrustProfile1"),false,null,null).getDocumentElement(); -// Element request = DOMUtils.parseDocument(xmlInfoboxReadResponse,false,null,null).getDocumentElement(); - Element result; -/*s =new RandomAccessFile("D://PatricksVerifyXMLSignatureRequestWithAuthBlock.xml","rw"); - s.write(DOMUtils.serializeNode(request).getBytes("UTF-8")); - s.close();*/ - // call the service - result = caller.verifyXMLSignature(request); - // check the result - assertEquals("VerifyXMLSignatureResponse", result.getTagName()); - - } - - - public void testParseCreateXMLSignatureResponse() throws Exception { - - //Sp�ter soll die Datei direkt vom Server geholt werden... - - RandomAccessFile s = - new RandomAccessFile( - "data/test/xmldata/standard/CreateXMLSignatureResponse.xml", - - "r"); - byte[] b = new byte[(int) s.length()]; - s.read(b); - String xmlCreateXMLSignatureResponse = new String(b, "UTF-8"); - - CreateXMLSignatureResponseParser cXMLsrp = new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureResponse); - CreateXMLSignatureResponse csr = cXMLsrp.parseResponse(); - - } - - public void testParseVerifyXMLSignatureResponse() throws Exception { - - //Sp�ter soll die Datei direkt vom Server geholt werden... - - RandomAccessFile s = - new RandomAccessFile( - "data/test/xmldata/standard/VerifyXMLSignaterResponse.xml", - - "r"); - byte[] b = new byte[(int) s.length()]; - s.read(b); - String xmlVerifyXMLSignatureResponse = new String(b, "UTF-8"); - - VerifyXMLSignatureResponseParser vXMLsrp = new VerifyXMLSignatureResponseParser(xmlVerifyXMLSignatureResponse); - VerifyXMLSignatureResponse vsr = vXMLsrp.parseData(); - - } - - - } diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/AllTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/AllTests.java deleted file mode 100644 index 8386fc52f..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/AllTests.java +++ /dev/null @@ -1,77 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -///* -// * Copyright 2003 Federal Chancellery Austria -// * MOA-ID has been developed in a cooperation between BRZ, the Federal -// * Chancellery Austria - ICT staff unit, and Graz University of Technology. -// * -// * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by -// * the European Commission - subsequent versions of the EUPL (the "Licence"); -// * You may not use this work except in compliance with the Licence. -// * You may obtain a copy of the Licence at: -// * http://www.osor.eu/eupl/ -// * -// * Unless required by applicable law or agreed to in writing, software -// * distributed under the Licence is distributed on an "AS IS" basis, -// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// * See the Licence for the specific language governing permissions and -// * limitations under the Licence. -// * -// * This product combines work with different licenses. See the "NOTICE" text -// * file for details on the various modules and licenses. -// * The "NOTICE" text file is part of the distribution. Any derivative works -// * that you distribute must include a readable copy of the "NOTICE" text file. -// */ -// -// -//package test.at.gv.egovernment.moa.id.proxy; -// -//import test.at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilderTest; -//import test.at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParserTest; -//import junit.awtui.TestRunner; -//import junit.framework.Test; -//import junit.framework.TestSuite; -// -///** -// * @author Paul Ivancsics -// * @version $Id$ -// */ -//public class AllTests { -// -// public static Test suite() { -// TestSuite suite = new TestSuite(); -// -// suite.addTestSuite(SAMLRequestBuilderTest.class); -// suite.addTestSuite(SAMLResponseParserTest.class); -// -// return suite; -// } -// -// public static void main(String[] args) { -// try { -// TestRunner.run(AllTests.class); -// } catch (Exception e) { -// e.printStackTrace(); -// } -// } -//} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java deleted file mode 100644 index d2af95855..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/DOMTreeCompare.java +++ /dev/null @@ -1,508 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.proxy.builder; - -import java.io.PrintStream; -import java.util.ArrayList; - -import org.w3c.dom.Element; -import org.w3c.dom.NamedNodeMap; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.w3c.dom.Text; - -import at.gv.egovernment.moa.util.Base64Utils; - -/** - * @author Administrator - * - * To change this generated comment edit the template variable "typecomment": - * Window>Preferences>Java>Templates. - * To enable and disable the creation of type comments go to - * Window>Preferences>Java>Code Generation. - */ -public class DOMTreeCompare { - - boolean debug = true; - - private static PrintStream Log = null; - - static - { - Log = System.out; - } - - public boolean compareElements(Element root1, Element root2) - { - //Log.println("----- Compare Elements:"+root1.getNodeName()+" "+root2.getNodeName()); - filterTree(root1); - filterTree(root2); - return compareNodes(root1,root2,0,"root/",false); - } - - private boolean compareNodes(Node n1, Node n2, int level,String path,boolean attribute) - { - /*try { - Log.println(DOMUtils.serializeNode(n1)); - } - catch(Exception e) - { - e.printStackTrace(); - }*/ - boolean equal = false; - //Log.println("----- Compare Node "+level+":"+n1+" "+n2); - //Log.println("----- Compare Node "+level+":"+n1.getNodeName()+" "+n2.getNodeName()); - //Log.println("----- Checking:"+path+getPathString(n1)); - NodeList nl1 = n1.getChildNodes(); - NodeList nl2 = n2.getChildNodes(); - - int size1 = nl1.getLength(); - int size2 = nl2.getLength(); - - if(debug)display_one(n1); - if(debug)display_one(n2); - - - if(debug) - if(n1.getNodeName().equals("Base64Content") && n2.getNodeName().equals("Base64Content")) - { - try { - Log.println("CONT:"+new String(Base64Utils.decode(strip(n1.getChildNodes().item(0).getNodeValue()),false))); - Log.println("CONT:"+new String(Base64Utils.decode(strip(n2.getChildNodes().item(0).getNodeValue()),false))); - } - catch(Exception e) - { - e.printStackTrace(); - } - } - - if(size1 != size2) - { - Log.println("----- Anzahl der Kinder nicht gleich:"+path+getPathString(n1)+":"+getPathString(n2)); - return false; - } - - equal = compareNodeExact(n1,n2,level,path+getPathString(n1)+"/"); - if(!equal) - { - Log.println("----- Knoten sind nicht identisch:"+path+getPathString(n1)); - return false; - } - - if(n1.hasAttributes() || n2.hasAttributes()) - { - equal = compareNodeAttriubtes(n1,n2,level+1,path+getPathString(n1)+"/(a)"); - if(!equal) - { - Log.println("----- Attribute stimmen nicht �berein:"+path+getPathString(n1)); - return false; - } - } - if(size1==0) - { - return true; - } - - for(int counter=0;counter" + - "" + samlArtifact + "" + - ""; - Element request = new SAMLRequestBuilder().build(requestID, samlArtifact); - Element requestShould = DOMUtils.parseDocument(REQUEST_SHOULD, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); - assertTrue(new SAMLRequestCompare().compareElements(requestShould, request)); - } - -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java deleted file mode 100644 index e595ca86c..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestCompare.java +++ /dev/null @@ -1,65 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.proxy.builder; - -/* - * @author Paul Ivancsics - * @version $Id$ - */ -public class SAMLRequestCompare extends test.at.gv.egovernment.moa.id.proxy.builder.DOMTreeCompare { - - - /* - * @see at.gv.egovernment.moa.util.SAMLRequestCompare#specialAttributes(java.lang.String, java.lang.String) - */ - public boolean specialAttributes(String path,String attr1_name,String value1,String attr2_name,String value2) { - if(attr1_name.equals("IssueInstant")) - return true; - return false; - } - -} diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java deleted file mode 100644 index 3b4beb7b7..000000000 --- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java +++ /dev/null @@ -1,227 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.at.gv.egovernment.moa.id.proxy.parser; - -import org.w3c.dom.Element; - -import test.at.gv.egovernment.moa.id.UnitTestCase; - -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.data.SAMLStatus; -import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData; -import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; - -/* - * @author Paul Ivancsics - * @version $Id$ - */ -public class SAMLResponseParserTest extends UnitTestCase { - - public SAMLResponseParserTest(String arg0) { - super(arg0); - } - - public void testParse() throws Exception { - String samlResponse = - "" + - "" + - "" + - "" + - "Ollas leiwand" + - "" + -"" + - "" + - "" + - "MTk2OC0xMC0yMmdi" + - "" + - "http://reference.e-government.gv.at/namespace/moa/20020822#cm" + - "" + - "" + - "" + - "" + - "http://localhost:8080/moa-id-auth/" + - "" + - "" + - "gb" + - "" + - "" + - "https://localhost:9443/" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "urn:oasis:names:tc:SAML:1.0:cm:sender-vouches" + - "" + - "" + - "" + - "123456789012" + - "http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl" + - "" + - "" + - "Hermann" + - "Muster" + - "" + - "1968-10-22" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a f2daYYuO8dycQw3xg6U=" + - "AQAB" + - "" + - "" + - "" + - "" + - "" + - "" + - "i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn pIpdAwR9sw5xnIvTySc=" + - "AQAB" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "not(ancestor-or-self::pr:Identification)" + - "" + - "" + - "" + - "" + - "s7TfoZrYo36OMdlxGxuIfAw/wr8=" + - "" + - "" + - "" + - "" + - "ancestor-or-self::dsig:Manifest" + - "" + - "" + - "" + - "dO+RSn4xLHT3cuq8uopFtZyUBqo=" + - "" + - "" + - "MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz 5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP 3mZkRYWJDxxsVzI7E+Y=" + - "" + - "" + - "MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3 +UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0 lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2 fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0 Btxup/kgjGMnnS7C" + - "MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia 2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv 7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik" + - "MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB /wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7 kFfp23o/juVtJNw=" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "BqzfCB7dNg4G3u4YaxpD1tALdKI=" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "" + - "123456789012" + - "http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl" + - "" + - "" + - "Hermann" + - "Muster" + - "" + - "1968-10-22" + - "" + - "" + - "" + - "" + - "true" + - "" + - "" + -"" + - ""; - - Element samlResponseElem = - DOMUtils.parseDocument(samlResponse, true, Constants.ALL_SCHEMA_LOCATIONS, null).getDocumentElement(); - SAMLResponseParser parser = new SAMLResponseParser(samlResponseElem); - SAMLStatus status = parser.parseStatusCode(); - assertEquals("samlp:Success", status.getStatusCode()); - assertEquals("samlp:Success", status.getSubStatusCode()); - assertEquals("Ollas leiwand", status.getStatusMessage()); - SAML1AuthenticationData authData = parser.parseAuthenticationData(); - assertEquals(1, authData.getMajorVersion()); - assertEquals(0, authData.getMinorVersion()); - assertEquals("-4633313027464114584", authData.getAssertionID()); - assertEquals("http://localhost:8080/moa-id-auth/", authData.getIssuer()); - assertEquals("2003-04-02T14:55:42+02:00", authData.getIssueInstantString()); - assertEquals("123456789012", authData.getIdentificationValue()); - assertEquals("MTk2OC0xMC0yMmdi", authData.getBPK()); - assertEquals("Hermann", authData.getGivenName()); - assertEquals("Muster", authData.getFamilyName()); - assertEquals("1968-10-22", authData.getDateOfBirth()); - assertTrue(authData.isQualifiedCertificate()); - assertFalse(authData.isPublicAuthority()); - } -} diff --git a/id/server/idserverlib/src/test/java/test/lasttest/Dispatcher.java b/id/server/idserverlib/src/test/java/test/lasttest/Dispatcher.java deleted file mode 100644 index 2111d9811..000000000 --- a/id/server/idserverlib/src/test/java/test/lasttest/Dispatcher.java +++ /dev/null @@ -1,110 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.lasttest; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ -public class Dispatcher extends Thread { - private LasttestClient parent = null; - private int max; - private int turns; - private int turn_counter; - private int turn; - private int time; - private long sum; - private int turnnum; - - public Dispatcher(LasttestClient parent, int max, int turns, int time, long sum) { - this.parent = parent; - this.max = max; - this.turns = turns; - this.time = time; - this.sum = sum; - turnnum=0; - } - - public void run() { - this.setPriority(Thread.NORM_PRIORITY + 1); - System.out.println("Dispatcher wird gestartet..."); - TestThread[] old_reqs = buildRequests(0); - for (turn_counter = 0; turns == 0 ? true : (turn_counter < turns); turn_counter++) { - try { -// LasttestClient.Log.write(("Starte Durchlauf " + turn_counter + "\n").getBytes()); - } - catch (Exception e) {} - -// System.out.println("Starte Durchlauf " + turn_counter); - turn = turn_counter; - if (turns == 0) - turn_counter--; - TestThread[] reqs = buildRequests(turn_counter); - for (int counter = 0; counter < max; counter++) { - old_reqs[counter].start(); - } - old_reqs = reqs; - try { - Thread.sleep(time); - } - catch (Exception e) { - e.printStackTrace(); - } - } - parent.stop = true; - } - - public TestThread[] buildRequests(int turnNo) { - TestThread[] ret = new TestThread[max]; - for (int counter = 0; counter < max; counter++) { -// turnnum ++; - ret[counter] = new TestThread(parent, turnNo); - } - return ret; - } -} diff --git a/id/server/idserverlib/src/test/java/test/lasttest/HostnameVerifierHack.java b/id/server/idserverlib/src/test/java/test/lasttest/HostnameVerifierHack.java deleted file mode 100644 index 7dd68a949..000000000 --- a/id/server/idserverlib/src/test/java/test/lasttest/HostnameVerifierHack.java +++ /dev/null @@ -1,59 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.lasttest; - -import com.sun.net.ssl.HostnameVerifier; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ -public class HostnameVerifierHack implements HostnameVerifier{ - public boolean verify(String arg0, String arg1) { - return true; - }} diff --git a/id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java b/id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java deleted file mode 100644 index 74e89c833..000000000 --- a/id/server/idserverlib/src/test/java/test/lasttest/LasttestClient.java +++ /dev/null @@ -1,264 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.lasttest; - -import java.io.FileOutputStream; -import java.io.OutputStream; -import java.io.PrintStream; -import java.security.Security; -import java.util.Date; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.JaxBAuthConfigurationProvider; -import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.StreamUtils; -import at.gv.egovernment.moa.util.URLDecoder; -import at.gv.egovernment.moa.util.URLEncoder; -import com.sun.net.ssl.HttpsURLConnection; - -/** - * @author Sven - * - * To change this generated comment edit the template variable "typecomment": - * Window>Preferences>Java>Templates. - * To enable and disable the creation of type comments go to - * Window>Preferences>Java>Code Generation. - * - * Aufruf: Requestdatei (==null), ServerURL, Anzahl der Requests pro Sekunde, Anzahl der Wiederholungen - * z.b. "data/CX0/TestGeneratorCX0.001.Req.xml" "http://127.0.0.1:8080/" 5 100 - * - * ==> GE�NDERT: ersten 2 Parameter gekillt... nur noch 5 100 - */ -public class LasttestClient { - - protected static final String TESTDATA_ROOT = "data/abnahme-test/"; - protected static final String MOA_AUTH_SERVER = "https://localhost:8443/moa-id-auth/"; - protected AuthenticationServer server; - - public int max_thread_count = 300; - public int thread_counter = 0; - public int error_count = 0; - public int turns = 0; - public long sum = 0; - public long max = 0; - public long min = Long.MAX_VALUE; - - public static PrintStream Log = null; - - public boolean stop = false; - - public static final String trustStore = "javax.net.ssl.trustStore"; - public static final String trustStorePassword = "javax.net.ssl.trustStorePassword"; - public static final String handler = "java.protocol.handler.pkgs"; - - public void startTest(int req_per_second, int turns, int time) throws Exception { - Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); - - System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); - System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); - System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); - - System.setProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME, TESTDATA_ROOT + "xmldata/L000/Configuration.xml"); - - JaxBAuthConfigurationProvider.reload(); - - this.turns = turns; - - boolean result = new TestThread(this,0).doRequest(0);// doTestRequest(); - if (result) { - System.out.println("TestRequest OK. Lasttest wird gestartet."); - sum=0; - max=0; - Dispatcher dp = new Dispatcher(this, req_per_second, turns, time, sum); - dp.start(); - while (!stop) { - try { - Log.println(new String(("Checking Stop Condition ...(Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")"))); - Log.flush(); - } - catch (Exception e) {} - - System.out.println("Checking Stop Condition ...(Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")"); - Thread.sleep(10000); - } - System.out.println("Fehler:" + error_count + " (Running " + thread_counter + ", Min " + (min) + ", Max " + (max) + ", " + new Date(System.currentTimeMillis()) + ")"); - } - else { - System.out.println("TestRequest lieferte einen Fehler. Lasttest wird nicht gestartet."); - } - } - - - public boolean doTestRequest() throws Exception { - - try { - - TestThread tt = new TestThread(null,0); - - // Anmelden - String URL = tt.getURL(MOA_AUTH_SERVER, "gb", "http://10.16.126.28:9080/moa-id-proxy/"); - HttpsURLConnection conn = tt.giveConnection(URL, "GET"); - - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - String MOASessionID = tt.parseSessionIDFromForm(result); - conn.disconnect(); - - URL = tt.parseDataURL(result); - // Verify Identity Link - conn = tt.giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = tt.readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = tt.giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(tt.readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - String samlArtifact = tt.parseSamlArtifact(redirectLoc); - System.out.println("SamlArtifact: " + samlArtifact); - - conn.disconnect(); - - conn = null; - - SAMLRequestBuilder srb = new SAMLRequestBuilder(); - - Element erg = tt.doCall(srb.build(MOASessionID, URLDecoder.decode(samlArtifact, "UTF-8")),MOA_AUTH_SERVER); - result = DOMUtils.serializeNode(erg); - if (result.indexOf("saml:Assertion")<0) - { - System.err.println("Falsche Antwort vom Webservice:\n" + result); - throw new Exception("Falsche Antwort vom Webservice"); - - } - } - catch (Exception e) { - System.err.println("------ FEHLER IN LASTTEST :" + e.getLocalizedMessage()); - throw e; - } - - return true; - - } - - public String replaceString(String input, String oldPart, String newPart) throws Exception { - String erg = null; - - //First Part - erg = input.substring(0, input.indexOf(oldPart)); - //Insert new Part - erg += newPart; - - //insert REST - erg += input.substring(input.indexOf(oldPart) + oldPart.length(), input.length()); - - return erg; - } - - public static void main(String[] args) throws Exception { - Log = new PrintStream(new FileOutputStream("C:/Lasttest.log")); - int time = 0; - int sek = 0; - int turns = 0; - - if (args.length != 3) { - System.out.println("Parameteranzahl falsch. Bitte verwenden Sie die Syntax "); - return; - } - - try { - sek = Integer.parseInt(args[0]); - time = Integer.parseInt(args[2]); - if (args[1].equals("INF")) { - turns = 0; - } - else - turns = Integer.parseInt(args[1]); - } - catch (NumberFormatException e) { - System.out.println("Einer der Parameter (Requestanzahl oder Testanzahl) ist keine Zahl !"); - return; - } - - System.out.println("Starte Lastest mit folgenden Parametern ..."); - System.out.println("ServerURL: " + MOA_AUTH_SERVER); - double reqPerSek = sek*1000; - System.out.println("Requests pro Sekunde: " + reqPerSek/time); - System.out.println("Durchl�ufe: " + (turns == 0 ? "INF" : turns + "")); - - Log.println("Starte Lastest mit folgenden Parametern ..."); - Log.println("ServerURL: " + MOA_AUTH_SERVER); - Log.println("Requests pro Sekunde: " + reqPerSek / time); - Log.println("Durchl�ufe: " + (turns == 0 ? "INF" : turns + "")); - - - try { - LasttestClient lc = new LasttestClient(); - //lc.startTest("data/CX0/TestGeneratorCX0.001.Req.xml","http://161.106.2.255:8080/",10,1000); - lc.startTest(sek, turns, time); - } - catch (Exception e) { - e.printStackTrace(); - } - } -} - diff --git a/id/server/idserverlib/src/test/java/test/lasttest/TestThread.java b/id/server/idserverlib/src/test/java/test/lasttest/TestThread.java deleted file mode 100644 index 9ad9890a0..000000000 --- a/id/server/idserverlib/src/test/java/test/lasttest/TestThread.java +++ /dev/null @@ -1,297 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - ******************************************************************************/ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package test.lasttest; - -import java.io.OutputStream; -import java.net.URL; -import java.util.Vector; - -import javax.xml.namespace.QName; -import javax.xml.rpc.Call; -import javax.xml.rpc.Service; -import javax.xml.rpc.ServiceFactory; - -import org.apache.axis.message.SOAPBodyElement; -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; -import at.gv.egovernment.moa.id.util.AxisSecureSocketFactory; -import at.gv.egovernment.moa.util.FileUtils; -import at.gv.egovernment.moa.util.StreamUtils; -import at.gv.egovernment.moa.util.URLDecoder; -import at.gv.egovernment.moa.util.URLEncoder; -import com.sun.net.ssl.HttpsURLConnection; - -/** - * @author Stefan Knirsch - * @version $Id$ - * - */ -public class TestThread extends Thread { - private LasttestClient parent = null; - private int turn_no; - private Dispatcher disp = null; - - public TestThread( LasttestClient parent, int durchlauf_nr) { - turn_no = durchlauf_nr; - this.parent = parent; - - } - - protected Element doCall(Element request, String server) throws Exception { - - /* QName serviceName = new QName("GetAuthenticationData"); - - String endPoint = server + "services/GetAuthenticationData"; - Service service = ServiceFactory.newInstance().createService(serviceName); - Call call = service.createCall(); - SOAPBodyElement body = new SOAPBodyElement(request); - SOAPBodyElement[] params = new SOAPBodyElement[] { body }; - Vector responses; - SOAPBodyElement response; - - - System.out.println(DOMUtils.serializeNode(body.getAsDOM())); - call.setTargetEndpointAddress(endPoint); - System.out.println("Rufe WS auf: " + endPoint); - responses = (Vector) call.invoke(params); - System.out.println("WS aufgerufen."); - response = (SOAPBodyElement) responses.get(0); - System.out.println(DOMUtils.serializeNode(response.getAsDOM())); - return response.getAsDOM();*/ - - QName serviceName = new QName("GetAuthenticationData"); - String endPoint = server + "services/GetAuthenticationData"; - Service service = ServiceFactory.newInstance().createService(serviceName); - Call call = service.createCall(); - - System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); - System.setProperty("javax.net.ssl.trustStore", "C:/Programme/ApacheGroup/abnahme/server.keystore"); - System.setProperty("javax.net.ssl.trustStorePassword", "changeit"); - SOAPBodyElement body = new SOAPBodyElement(request); - SOAPBodyElement[] params = new SOAPBodyElement[] { body }; - Vector responses; - SOAPBodyElement response; - - call.setTargetEndpointAddress(endPoint); - responses = (Vector) call.invoke(params); - response = (SOAPBodyElement) responses.get(0); - return response.getAsDOM(); - } - - public boolean doRequest(int turnNo) throws Exception { - long start = System.currentTimeMillis(); - - try { - LasttestClient.Log.write(("Starte Durchlauf " + turnNo + "\n").getBytes()); - } - catch (Exception e) {} - - System.out.println("Starte Durchlauf " + turnNo); - // Anmelden - String URL = getURL(LasttestClient.MOA_AUTH_SERVER, "gb", "http://10.16.126.28:9080/moa-id-proxy/"); - HttpsURLConnection conn = giveConnection(URL, "GET"); - conn.connect(); - String result = new String(StreamUtils.readStream(conn.getInputStream())); - /* - * FOR DEBUG ONLY - */ - // System.out.println(URL); - // System.out.println(result); - //---------------- - - String MOASessionID = parseSessionIDFromForm(result); - conn.disconnect(); - - URL = parseDataURL(result); - // Verify Identity Link - conn = giveConnection(URL, "POST"); - conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded"); - String infoboxReadResponse = readXmldata("InfoboxReadResponse.xml"); - OutputStream out = conn.getOutputStream(); - out.write(new String("XMLResponse=" + URLEncoder.encode(infoboxReadResponse, "UTF-8")).getBytes()); - out.flush(); - out.close(); - conn.connect(); - - /* - * FOR DEBUG ONLY - */ - // System.out.println(URL); - // System.out.println(new String(StreamUtils.readStream(conn.getInputStream()))); - //---------------- - - String redirectLoc = conn.getHeaderField("Location"); - conn.disconnect(); - //Verify Auth Block - conn = giveConnection(redirectLoc, "POST"); - String createXMLSignatureResponse = URLEncoder.encode(readXmldata("CreateXMLSignatureResponse.xml"), "UTF-8"); - out = conn.getOutputStream(); - out.write(("XMLResponse=" + createXMLSignatureResponse).getBytes("UTF-8")); - out.flush(); - out.close(); - conn.connect(); - redirectLoc = conn.getHeaderField("Location"); - - /* - * FOR DEBUG ONLY - */ - // System.out.println(redirectLoc); - // System.out.println(new String(StreamUtils.readStream(conn.getInputStream()))); - //---------------- - String samlArtifact = parseSamlArtifact(redirectLoc); - - // System.out.println("SamlArtifact: " + samlArtifact); - - AxisSecureSocketFactory.initialize(conn.getSSLSocketFactory()); - conn.disconnect(); - - conn = null; - - SAMLRequestBuilder srb = new SAMLRequestBuilder(); - - doCall(srb.build(MOASessionID, URLDecoder.decode(samlArtifact, "UTF-8")), LasttestClient.MOA_AUTH_SERVER); - // writeXmldata("GetAuthenticationDataWebServiceResponse.xml", result.getBytes("UTF-8")); - - long end = System.currentTimeMillis(); - long diff = end - start; - parent.sum +=diff; - if (parent.max < diff) { - parent.max = diff; - } - if (parent.min > diff) { - parent.min = diff; - } - if (turnNo>0) { - long totalmem = Runtime.getRuntime().totalMemory(); - long freemem = Runtime.getRuntime().freeMemory(); - try { - LasttestClient.Log.write(new String("Ende Durchlauf: " + turnNo + " ==> Dauer:" + diff + " Schnitt: " + (parent.sum/turnNo/2) + " Total-Mem: " + totalmem + " Free-Mem: " + freemem + "\n").getBytes()); - LasttestClient.Log.flush(); - } - catch (Exception e) {} - System.out.println(new String("Ende Durchlauf: " + turnNo + " ==> Dauer:" + diff + " Schnitt: " + (parent.sum/turnNo/2) + " Total-Mem: " + totalmem + " Free-Mem: " + freemem)); - } - return true; - - } - - public String getSubString(String input, String startsWith, String endsWith) { - return input.substring(input.indexOf(startsWith) + startsWith.length(), input.indexOf(endsWith, input.indexOf(startsWith) + startsWith.length())); - } - - public String getURL(String authURL, String target, String oaURL) { - return authURL + "StartAuthentication?Target=" + target + "&OA=" + oaURL; - } - - public HttpsURLConnection giveConnection(String targetURL, String requestMethod) throws Exception { - HttpsURLConnection conn = (HttpsURLConnection) new URL(targetURL).openConnection(); - conn.setRequestMethod(requestMethod); - conn.setDoInput(true); - conn.setDoOutput(true); - conn.setUseCaches(false); - conn.setAllowUserInteraction(false); - conn.setHostnameVerifier(new HostnameVerifierHack()); - return conn; - } - - public String killInclusive(String input, String startsWith, String endsWith, String newValue) { - int start = 0; - int ende; - String result; - result = input; - do { - start = result.indexOf(startsWith, start) + startsWith.length(); - ende = result.indexOf(endsWith, start); - result = result.substring(0, start - startsWith.length()) + newValue + result.substring(ende + endsWith.length(), result.length()); - start++; - } - while (result.indexOf(startsWith, ende + 1) > 0); - - return result; - } - - public String parseDataURL(String input) { - return getSubString(input.substring(input.indexOf("DataURL"), input.length()), "value=\"", "\""); - } - - public String parseSamlArtifact(String input) { -// System.out.println(input); - return getSubString(input + "@@@", "SAMLArtifact=", "@@@"); - } - - public String parseSessionIDFromForm(String htmlForm) { - String parName = "MOASessionID="; - int i1 = htmlForm.indexOf(parName) + parName.length(); - int i2 = htmlForm.indexOf("\"", i1); - return htmlForm.substring(i1, i2); - } - - public String readXmldata(String filename) throws Exception { - - return FileUtils.readFile(LasttestClient.TESTDATA_ROOT + "xmldata/L000/" + filename, "UTF-8"); - } - - /** - * @see java.lang.Runnable#run() - */ - public void run() { - parent.thread_counter++; - - try { - if (!doRequest(turn_no)) { - parent.error_count++; - } - } - catch (Exception e) { - e.printStackTrace(); - parent.error_count++; - } - parent.thread_counter--; - } - -} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java index 468e4a536..bac2d0011 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java @@ -1,226 +1,253 @@ -//package at.gv.egovernment.moa.id.commons.config; -// -//import java.io.File; -//import java.io.FileInputStream; -//import java.io.FileNotFoundException; -//import java.io.FileOutputStream; -//import java.io.IOException; -//import java.util.Enumeration; -//import java.util.List; -//import java.util.Properties; -// -//import javax.xml.bind.JAXBContext; -//import javax.xml.bind.JAXBException; -//import javax.xml.bind.Unmarshaller; -// -//import org.springframework.context.ApplicationContext; -//import org.springframework.context.support.ClassPathXmlApplicationContext; -// -//import at.gv.egovernment.moa.id.commons.config.persistence.Configuration; -//import at.gv.egovernment.moa.id.commons.config.persistence.JsonMapper; -//import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; -// -//import com.fasterxml.jackson.core.JsonProcessingException; -// -//public class ConfigurationUtil { -// -// final boolean isOverwriteData; -// -// public ConfigurationUtil(boolean isOverwriteData){ -// this.isOverwriteData = isOverwriteData; -// } -// -// /** -// * Read an input MOAID 2 XML file, transfer it to properties and write the -// * properties to a MOAID 3 property file. -// * -// * @param inStream -// * the input stream to read from. -// * @param outFile -// * the output file to write to. -// * @throws JAXBException -// */ -// public void readFromXMLFileConvertToPropertyFile(FileInputStream inStream, File outFile) throws JAXBException { -// -// try (FileOutputStream outStream = new FileOutputStream(outFile);) { -// -// // get config from xml file -// JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); -// Unmarshaller m = jc.createUnmarshaller(); -// MOAIDConfiguration config = (MOAIDConfiguration) m.unmarshal(inStream); -// -// // serialize config to JSON properties -// Properties result = moaIdConfigToJsonProperties(config); -// -// // write to output stream -// result.store(outStream, null); -// -// } catch (FileNotFoundException e) { -// System.out.println("Could not find the output file."); -// System.exit(1); -// } catch (IOException e) { -// System.out.println("Could not write to the output file."); -// System.exit(1); -// } -// } -// -// /** -// * Helper method to serialize a {@link MOAIDConfiguration} to Properties -// * with JSON encoded values. -// * -// * @param config -// * the MOAIDConfiguration to serialize -// * @return {@link Properties} containing the database key and the serialized -// * values -// * @throws JsonProcessingException -// * is thrown if problem occurred while serializing one of the -// * database values -// */ -// private Properties moaIdConfigToJsonProperties(MOAIDConfiguration config) throws JsonProcessingException { -// -// Properties result = new Properties(); -// boolean prettyPrint = true; -// JsonMapper mapper = new JsonMapper(prettyPrint); -// -// // serialize config to JSON -// String oaJson = mapper.serialize(config.getOnlineApplication()); -// String authCompGeneralJson = mapper.serialize(config.getAuthComponentGeneral()); -// String chainingModeJson = mapper.serialize(config.getChainingModes()); -// String defaultBKUJson = mapper.serialize(config.getDefaultBKUs()); -// String genericConfigJson = mapper.serialize(config.getGenericConfiguration()); -// String pvp2RefreshJson = mapper.serialize(config.getPvp2RefreshItem()); -// String slRequestTemplatesJson = mapper.serialize(config.getSLRequestTemplates()); -// String timestampJson = mapper.serialize(config.getTimestampItem()); -// String trustedCaCertJson = mapper.serialize(config.getTrustedCACertificates()); -// -// // add to properties -// result.put(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY, oaJson); -// result.put(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY, authCompGeneralJson); -// result.put(MOAIDConfigurationConstants.CHAINING_MODES_KEY, chainingModeJson); -// result.put(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY, defaultBKUJson); -// result.put(MOAIDConfigurationConstants.GENERIC_CONFIGURATION_KEY, genericConfigJson); -// result.put(MOAIDConfigurationConstants.PVP2REFRESH_ITEM_KEY, pvp2RefreshJson); -// result.put(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY, slRequestTemplatesJson); -// result.put(MOAIDConfigurationConstants.TIMESTAMP_ITEM_KEY, timestampJson); -// result.put(MOAIDConfigurationConstants.TRUSTED_CERTIFICATES_KEY, trustedCaCertJson); -// -// return result; -// } -// -// /** -// * Exports a key-value database to a property file, where keys are the same -// * as in the database, and the values are serialized JSON objects. -// * -// * @param inputDBConfigFilePath -// * the path to the database properties, for the db the data is -// * read from. -// * @param outFile -// * the destination file for the exported data. -// */ -// public void readFromDBWriteToFile(String inputDBConfigFilePath, File outFile) { -// -// try (FileOutputStream outStream = new FileOutputStream(outFile);) { -// -// Properties result = new Properties(); -// -// System.getProperties().setProperty("location", "file:" + inputDBConfigFilePath); -// ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); -// Configuration dbConfiguration = (Configuration) context.getBean("config"); -// boolean prettyPrint = true; -// at.gv.egovernment.moa.id.commons.config.persistence.JsonMapper mapper = new JsonMapper(prettyPrint); -// -// for (String key : MOAIDConfigurationConstants.getAllMOAIDConfigurationKeys()) { -// -// // extract database value -// Object value = dbConfiguration.get(key); -// -// // serialize value to JSON -// String json = mapper.serialize(value); -// -// // add to properties -// result.setProperty(key, json); -// } -// -// // write to output stream -// result.store(outStream, null); -// -// System.out.println("Property configuration written to:"); -// System.out.println(outFile.getAbsolutePath()); -// -// } catch (FileNotFoundException e) { -// System.out.println("Could not find the output file."); -// System.exit(1); -// } catch (IOException e) { -// System.out.println("Could not write to the output file."); -// System.exit(1); -// } -// } -// -// /** -// * Read an input property file, deserialize it's values and write them to -// * the given database. -// * -// * @param inStream -// * the FileInputStream to read from. -// * @param outputDBConfigFilePath -// * the path to the database properties, for the db which is -// * written. -// * @throws IOException -// * is thrown in case the properties could not be loaded from the -// * stream -// */ -// public void readFromFileWriteToDB(FileInputStream inStream, String outputDBConfigFilePath) throws IOException { -// -// Properties inProperties = new Properties(); -// inProperties.load(inStream); -// -// System.getProperties().setProperty("location", "file:" + outputDBConfigFilePath); -// ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); -// Configuration dbConfiguration = (Configuration) context.getBean("config"); -// boolean prettyPrint = true; -// JsonMapper mapper = new JsonMapper(prettyPrint); -// -// List keys = dbConfiguration.getAllKeys(); -// -// if (keys == null) { -// System.out.println("Database can not be read."); -// System.exit(1); -// } -// -// if (!keys.isEmpty() && !isOverwriteData) { -// System.out.println("The database already contains configuration data."); -// System.out.println("Use force switch if you want to override data)"); -// System.exit(1); -// } -// -// if (isOverwriteData) { -// // remove existing entries -// for (String key : keys) { -// dbConfiguration.set(key, null); -// } -// } -// -// Enumeration propertyNames = inProperties.propertyNames(); -// -// while (propertyNames.hasMoreElements()) { -// String key = (String) propertyNames.nextElement(); -// // extract database value -// String json = inProperties.getProperty(key); -// -// // deserialize value to object -// Object value = mapper.deserialize(json, null); -// -// // add to database -// boolean result = dbConfiguration.set(key, value); -// if (!result) { -// System.out.println("Could NOT persist the configuration file's information in the database."); -// } -// } -// System.out.println("Data has been successfully written to the database."); -// } -// -// private static void readFromDBWriteToDB(String inputDBConfigFilePath, String outputDBConfigFilePath) { -// //TODO: implement -// } -// -//} +package at.gv.egovernment.moa.id.commons.config; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.Arrays; +import java.util.Enumeration; +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; +import javax.xml.bind.Unmarshaller; + +import org.springframework.context.ApplicationContext; +import org.springframework.context.support.ClassPathXmlApplicationContext; +import org.springframework.transaction.annotation.Transactional; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; + +import com.fasterxml.jackson.core.JsonProcessingException; + +public class ConfigurationUtil { + + final boolean isOverwriteData; + + public ConfigurationUtil(boolean isOverwriteData){ + this.isOverwriteData = isOverwriteData; + } + + /** + * Read an input MOAID 2 XML file, transfer it to properties and write the + * properties to a MOAID 3 property file. + * + * @param inStream + * the input stream to read from. + * @param outFile + * the output file to write to. + * @throws JAXBException + */ + public void readFromXMLFileConvertToPropertyFile(FileInputStream inStream, File outFile) throws JAXBException { + + try (FileOutputStream outStream = new FileOutputStream(outFile);) { + + // get config from xml file + JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config"); + Unmarshaller m = jc.createUnmarshaller(); + MOAIDConfiguration config = (MOAIDConfiguration) m.unmarshal(inStream); + + // serialize config to JSON properties + Properties result = moaIdConfigToJsonProperties(config); + + // write to output stream + result.store(outStream, null); + + } catch (FileNotFoundException e) { + System.out.println("Could not find the output file."); + System.exit(1); + } catch (IOException e) { + System.out.println("Could not write to the output file."); + System.exit(1); + } + } + + /** + * Helper method to serialize a {@link MOAIDConfiguration} to Properties + * with JSON encoded values. + * + * @param config + * the MOAIDConfiguration to serialize + * @return {@link Properties} containing the database key and the serialized + * values + * @throws JsonProcessingException + * is thrown if problem occurred while serializing one of the + * database values + */ + private Properties moaIdConfigToJsonProperties(MOAIDConfiguration config) throws JsonProcessingException { + + Properties result = new Properties(); + + //convert all online applications + List oaList = config.getOnlineApplication(); + for (int i=0; i keyValueOA = ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa); + + String serviceIdentifier = keyValueOA.get(MOAIDConfigurationConstants.PREFIX_SERVICES); + if (MiscUtil.isEmpty(serviceIdentifier)) { + Logger.info("Use default ServiceIdentifier."); + serviceIdentifier = MOAIDConfigurationConstants.PREFIX_OA; + } + + //write all OA key/value pairs to configuration + for (String key : keyValueOA.keySet()) { + if (MiscUtil.isNotEmpty(keyValueOA.get(key))) + result.put(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + + "." + serviceIdentifier + "." + String.valueOf(i) + "." + + key, + keyValueOA.get(key)); + + } + } + + Map keyValueGeneral = ConfigurationMigrationUtils.convertHyberJaxBMOAIDConfigToKeyValue(config); + //write all OA key/value pairs to configuration + for (String key : keyValueGeneral.keySet()) { + if (MiscUtil.isNotEmpty(keyValueGeneral.get(key))) + result.put(key, keyValueGeneral.get(key)); + + } + + return result; + } + + /** + * Exports a key-value database to a property file, where keys are the same + * as in the database, and the values are serialized JSON objects. + * + * @param inputDBConfigFilePath + * the path to the database properties, for the db the data is + * read from. + * @param outFile + * the destination file for the exported data. + */ + public void readFromDBWriteToFile(String inputDBConfigFilePath, File outFile) { + + try (FileOutputStream outStream = new FileOutputStream(outFile);) { + + Properties result = new Properties(); + + System.getProperties().setProperty("location", "file:" + inputDBConfigFilePath); + ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); + Configuration dbConfiguration = (Configuration) context.getBean("config"); + String[] allKeys = dbConfiguration.getConfigurationIds(); + + for (String key : allKeys) { + + // extract database value + String value = dbConfiguration.getStringValue(key); + + // add to properties + result.setProperty(key, value); + } + + // write to output stream + result.store(outStream, null); + + System.out.println("Property configuration written to:"); + System.out.println(outFile.getAbsolutePath()); + + } catch (FileNotFoundException e) { + System.out.println("Could not find the output file."); + System.exit(1); + } catch (IOException e) { + System.out.println("Could not write to the output file."); + System.exit(1); + + } catch (ConfigurationException e) { + System.out.println("Could not read from database."); + System.exit(1); + + } + } + + /** + * Read an input property file, deserialize it's values and write them to + * the given database. + * + * @param inStream + * the FileInputStream to read from. + * @param outputDBConfigFilePath + * the path to the database properties, for the db which is + * written. + * @throws IOException + * is thrown in case the properties could not be loaded from the + * stream + */ + @Transactional + public void readFromFileWriteToDB(FileInputStream inStream, String outputDBConfigFilePath) throws IOException { + + Properties inProperties = new Properties(); + inProperties.load(inStream); + + System.getProperties().setProperty("location", "file:" + outputDBConfigFilePath); + ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); + Configuration dbConfiguration = (Configuration) context.getBean("moaidconfig"); + + List keys = null; + try { + keys = Arrays.asList(dbConfiguration.getConfigurationIds()); + + } catch (ConfigurationException e1) { + System.out.println("Database can not be read."); + System.exit(1); + } + + if (keys == null) { + System.out.println("Database can not be read."); + System.exit(1); + } + + if (!keys.isEmpty() && !isOverwriteData) { + System.out.println("The database already contains configuration data."); + System.out.println("Use force switch if you want to override data)"); + System.exit(1); + } + + if (isOverwriteData) { + // remove existing entries + for (String key : keys) { + try { + dbConfiguration.setStringValue(key, null); + } catch (ConfigurationException e) { + System.out.println("Could NOT persist the configuration file's information in the database."); + + } + } + } + + Enumeration propertyNames = inProperties.propertyNames(); + + while (propertyNames.hasMoreElements()) { + String key = (String) propertyNames.nextElement(); + String json = inProperties.getProperty(key); + + // add to database + try { + dbConfiguration.setStringValue(key, json); + + } catch (ConfigurationException e) { + System.out.println("Could NOT persist the configuration file's information in the database."); + + } + + + + } + System.out.println("Data has been successfully written to the database."); + } + + private static void readFromDBWriteToDB(String inputDBConfigFilePath, String outputDBConfigFilePath) { + //TODO: implement + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java index 6799fcb13..884587d36 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java @@ -1,5 +1,9 @@ package at.gv.egovernment.moa.id.commons.config; +import java.util.Collections; +import java.util.Hashtable; +import java.util.Map; + /** * * @@ -10,6 +14,29 @@ public final class MOAIDConfigurationConstants { // restrict instantiation } + //general configuration constants + + public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+"; + public static final String PREFIX_STORK = "urn:publicid:gv.at:storkid+"; + + public static final String IDENIFICATIONTYPE_FN = "FN"; + public static final String IDENIFICATIONTYPE_ERSB = "ERSB"; + public static final String IDENIFICATIONTYPE_ZVR = "ZVR"; + public static final String IDENIFICATIONTYPE_STORK = "STORK"; + + public static final Map BUSINESSSERVICENAMES; + + static { + Hashtable tmp = new Hashtable(); + tmp.put(IDENIFICATIONTYPE_FN, "Firmenbuchnummer"); + tmp.put(IDENIFICATIONTYPE_ZVR, "Vereinsnummer"); + tmp.put(IDENIFICATIONTYPE_ERSB, "ERsB Kennzahl"); + tmp.put(IDENIFICATIONTYPE_STORK, "STORK"); + + BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp); + } + + //Basic key namespaces public static final String PREFIX_MOAID = "moa.id"; public static final String PREFIX_GENERAL = "general"; @@ -27,10 +54,10 @@ public final class MOAIDConfigurationConstants { public static final String PREFIX_MOAID_SERVICES_GATEWAY = PREFIX_MOAID_SERVICES + "." + PREFIX_GATEWAY; //Namespaces for online applications - public static final String SERVICE_UNIQUEIDENTIFIER = "uniqueID"; //publicURLPrefix - public static final String SERVICE_FRIENDLYNAME = "friendlyName"; //friendlyName - public static final String SERVICE_TYPE = "type"; //type - public static final String SERVICE_ISACTIVE = "isActive"; //isActive + public static final String SERVICE_UNIQUEIDENTIFIER = "uniqueID"; //publicURLPrefix + public static final String SERVICE_FRIENDLYNAME = "friendlyName"; //friendlyName + public static final String SERVICE_BUSINESSSERVICE = "businessservice"; //type + public static final String SERVICE_ISACTIVE = "isActive"; //isActive //service authentication keys private static final String AUTH = "auth"; @@ -49,23 +76,37 @@ public final class MOAIDConfigurationConstants { private static final String PVP2X = "pvp2x"; private static final String OPENID = "openID"; - public static final String SERVICE_AUTH_TARGET = AUTH + "." + TARGET; - public static final String SERVICE_AUTH_TARGET_TYPE = SERVICE_AUTH_TARGET + ".type"; //targetFriendlyName or IdentificationType - public static final String SERVICE_AUTH_TARGET_VALUE = SERVICE_AUTH_TARGET + ".value"; //target or IdentificationValue - + private static final String SERVICE_AUTH_TARGET = AUTH + "." + TARGET; + private static final String SERVICE_AUTH_TARGET_PUBLIC = SERVICE_AUTH_TARGET + ".public"; + private static final String SERVICE_AUTH_TARGET_BUSINESS = SERVICE_AUTH_TARGET + ".business"; + public static final String SERVICE_AUTH_TARGET_BUSINESS_TYPE = SERVICE_AUTH_TARGET_BUSINESS + ".type"; + public static final String SERVICE_AUTH_TARGET_BUSINESS_VALUE = SERVICE_AUTH_TARGET_BUSINESS + ".value"; + + public static final String SERVICE_AUTH_TARGET_PUBLIC_TARGET = SERVICE_AUTH_TARGET_PUBLIC + ".target"; + public static final String SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB = SERVICE_AUTH_TARGET_PUBLIC + ".target.sub"; + public static final String SERVICE_AUTH_TARGET_PUBLIC_USE_SUB = SERVICE_AUTH_TARGET_PUBLIC + ".use.sub"; + public static final String SERVICE_AUTH_TARGET_PUBLIC_USE_OWN = SERVICE_AUTH_TARGET_PUBLIC + ".use.own"; + public static final String SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET = SERVICE_AUTH_TARGET_PUBLIC + ".own.target"; + public static final String SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME = SERVICE_AUTH_TARGET_PUBLIC + ".own.name"; + private static final String SERVICE_AUTH_BKU = AUTH + "." + BKU; public static final String SERVICE_AUTH_BKU_ONLINE = SERVICE_AUTH_BKU + ".onlineBKU"; public static final String SERVICE_AUTH_BKU_LOCAL = SERVICE_AUTH_BKU + ".localBKU"; public static final String SERVICE_AUTH_BKU_HANDY = SERVICE_AUTH_BKU + ".handyBKU"; public static final String SERVICE_AUTH_BKU_KEYBOXIDENTIFIER = SERVICE_AUTH_BKU + ".keyBoxIdentifier"; - public static final String SERVICE_AUTH_BKU_TEMPLATE_LIST = SERVICE_AUTH_BKU + ".template"; //SecurityLayer Templates - public static final String SERVICE_AUTH_BKU_TEMPLATE_LIST_VALUE = "url"; + public static final String SERVICE_AUTH_BKU_TEMPLATE = SERVICE_AUTH_BKU + ".template"; //SecurityLayer Templates + public static final String SERVICE_AUTH_BKU_TEMPLATE_LEGACY = SERVICE_AUTH_BKU_TEMPLATE + ".legacy"; + public static final String SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE = SERVICE_AUTH_BKU_TEMPLATE + ".first.url"; + public static final String SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE = SERVICE_AUTH_BKU_TEMPLATE + ".second.url"; + public static final String SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE = SERVICE_AUTH_BKU_TEMPLATE + ".third.url"; public static final String SERVICE_AUTH_BKU_AUTHBLOCKTEXT = SERVICE_AUTH_BKU + "authblock.additionaltext"; public static final String SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK = SERVICE_AUTH_BKU + "authblock.removebPK"; private static final String SERVICE_AUTH_TEMPLATES = AUTH + "." + TEMPLATES; public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION = SERVICE_AUTH_TEMPLATES + ".bkuselection"; + public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME = SERVICE_AUTH_TEMPLATES + ".bkuselection.filename"; public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION = SERVICE_AUTH_TEMPLATES + ".sendAssertion"; + public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME = SERVICE_AUTH_TEMPLATES + ".sendAssertion.filename"; private static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION = SERVICE_AUTH_TEMPLATES + ".customize"; public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".fonttype"; public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".color.back"; @@ -85,10 +126,19 @@ public final class MOAIDConfigurationConstants { public static final String SERVICE_AUTH_TESTCREDENTIALS_OIDs = SERVICE_AUTH_TESTCREDENTIALS + ".oids"; private static final String SERVICE_AUTH_MANDATES = AUTH + "." + MANDATES; + public static final String SERVICE_AUTH_MANDATES_USE = SERVICE_AUTH_MANDATES + "use"; public static final String SERVICE_AUTH_MANDATES_ONLY = SERVICE_AUTH_MANDATES + "only"; public static final String SERVICE_AUTH_MANDATES_PROFILES = SERVICE_AUTH_MANDATES + "profiles"; - public static final String SERVICE_AUTH_FOREIGNBPK = AUTH + "." + FOREIGNBPK; //complex attribute + public static final String SERVICE_AUTH_FOREIGNBPK = AUTH + "." + FOREIGNBPK; + public static final String SERVICE_AUTH_FOREIGNBPK_DECRYPT = SERVICE_AUTH_FOREIGNBPK + ".decrypt"; + public static final String SERVICE_AUTH_FOREIGNBPK_DECRYPT_IV = SERVICE_AUTH_FOREIGNBPK_DECRYPT + ".iv"; + public static final String SERVICE_AUTH_FOREIGNBPK_DECRYPT_BLOB = SERVICE_AUTH_FOREIGNBPK_DECRYPT + ".blob"; + public static final String SERVICE_AUTH_FOREIGNBPK_DECRYPT_FILENAME= SERVICE_AUTH_FOREIGNBPK_DECRYPT + ".filename"; + public static final String SERVICE_AUTH_FOREIGNBPK_DECRYPT_KEYSTORE = SERVICE_AUTH_FOREIGNBPK_DECRYPT + ".keystore"; + public static final String SERVICE_AUTH_FOREIGNBPK_DECRYPT_KEYSTOREPASSWORD = SERVICE_AUTH_FOREIGNBPK_DECRYPT + ".keystore.password"; + public static final String SERVICE_AUTH_FOREIGNBPK_DECRYPT_KEYALIAS = SERVICE_AUTH_FOREIGNBPK_DECRYPT + ".key.alias"; + public static final String SERVICE_AUTH_FOREIGNBPK_DECRYPT_KEYPASSWORD = SERVICE_AUTH_FOREIGNBPK_DECRYPT + ".key.password"; private static final String SERVICE_AUTH_SSO = AUTH + "." + SSO; public static final String SERVICE_AUTH_SSO_ENABLED = SERVICE_AUTH_SSO + ".enabled"; @@ -96,11 +146,14 @@ public final class MOAIDConfigurationConstants { private static final String SERVICE_AUTH_STORK = AUTH + "." + STORK; public static final String SERVICE_AUTH_STORK_ENABLED = SERVICE_AUTH_STORK + ".enabled"; + public static final String SERVICE_AUTH_STORK_MINQAALEVEL = SERVICE_AUTH_STORK + ".minqaalevel"; public static final String SERVICE_AUTH_STORK_COUNTRIES_LIST = SERVICE_AUTH_STORK + ".countries"; public static final String SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED = "enabled"; + public static final String SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE = "countrycode"; public static final String SERVICE_AUTH_STORK_ATTRIBUTES_LIST = SERVICE_AUTH_STORK + ".attributes"; public static final String SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME = "name"; - public static final String SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY = "mandatory"; + public static final String SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY = "mandatory"; + public static final String SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED = "requested"; public static final String SERVICE_AUTH_STORK_REQUIRECONSENT = SERVICE_AUTH_STORK + ".requireConsent"; public static final String SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST = SERVICE_AUTH_STORK + ".attributeprovider"; public static final String SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME = "name"; @@ -120,6 +173,7 @@ public final class MOAIDConfigurationConstants { public static final String SERVICE_PROTOCOLS_PVP2X_RELOAD = SERVICE_PROTOCOLS_PVP2X + ".reload"; public static final String SERVICE_PROTOCOLS_PVP2X_URL = SERVICE_PROTOCOLS_PVP2X + ".URL"; public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE = SERVICE_PROTOCOLS_PVP2X + ".certificate"; + public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE_SUBJECT = SERVICE_PROTOCOLS_PVP2X + ".certificate.subject"; private static final String SERVICE_PROTOCOLS_OPENID = PROTOCOLS + "." + OPENID; public static final String SERVICE_PROTOCOLS_OPENID_CLIENTID = SERVICE_PROTOCOLS_OPENID + ".clientID"; @@ -139,9 +193,9 @@ public final class MOAIDConfigurationConstants { //Namespaces for general MOA-ID config - public static final String GENERAL_PUBLICURLPREFIX = "publicURLPrefix"; + public static final String GENERAL_PUBLICURLPREFIX = PREFIX_MOAID_GENERAL + ".publicURLPrefix"; - private static final String GENERAL_DEFAULTS = "defaults"; + private static final String GENERAL_DEFAULTS = PREFIX_MOAID_GENERAL + ".defaults"; private static final String GENERAL_DEFAULTS_BKU = GENERAL_DEFAULTS + "." + BKU; public static final String GENERAL_DEFAULTS_BKU_ONLINE = GENERAL_DEFAULTS_BKU + ".onlineBKU"; public static final String GENERAL_DEFAULTS_BKU_HANDY = GENERAL_DEFAULTS_BKU + ".handyBKU"; @@ -151,7 +205,7 @@ public final class MOAIDConfigurationConstants { public static final String GENERAL_DEFAULTS_TEMPLATES_HANDY = GENERAL_DEFAULTS_TEMPLATES + ".handyBKU"; public static final String GENERAL_DEFAULTS_TEMPLATES_ONLINE = GENERAL_DEFAULTS_TEMPLATES + ".onlineBKU"; - private static final String GENERAL_AUTH = "auth"; + private static final String GENERAL_AUTH = PREFIX_MOAID_GENERAL + ".auth"; public static final String GENERAL_AUTH_CERTSTORE_URL = GENERAL_AUTH + ".certstore.url"; public static final String GENERAL_AUTH_TRUSTSTORE_URL = GENERAL_AUTH + ".truststore.url"; public static final String GENERAL_AUTH_REVOCATIONCHECKING = GENERAL_AUTH + ".revocationchecking"; @@ -175,7 +229,7 @@ public final class MOAIDConfigurationConstants { public static final String GENERAL_AUTH_SSO_TARGET = GENERAL_AUTH + "." + SSO + ".target"; public static final String GENERAL_AUTH_SSO_AUTHBLOCK_TEXT = GENERAL_AUTH + "." + SSO + ".authblock.text"; - public static final String GENERAL_PROTOCOLS = PROTOCOLS; + public static final String GENERAL_PROTOCOLS = PREFIX_MOAID_GENERAL + "." + PROTOCOLS; public static final String GENERAL_PROTOCOLS_SAML1 = GENERAL_PROTOCOLS + "." + SAML1; public static final String GENERAL_PROTOCOLS_PVP2X = GENERAL_PROTOCOLS + "." + PVP2X; public static final String GENERAL_PROTOCOLS_OPENID = GENERAL_PROTOCOLS + "." + OPENID; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java index 32dd97148..4e8c7dffd 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrateConfiguration.java @@ -1,103 +1,103 @@ -//package at.gv.egovernment.moa.id.commons.config; -// -//import java.io.File; -//import java.io.FileInputStream; -//import java.io.FileNotFoundException; -//import java.io.IOException; -// -//import javax.xml.bind.JAXBException; -// -//import at.gv.egovernment.moa.id.commons.config.cli.MOAIDConfCLI; -//import at.gv.egovernment.moa.id.commons.config.cli.MigrateConfigurationParams; -// -///** -// * CLI tool which is able to perform the following tasks: -// *
    -// *
  • transform a MoaID 2 XML configuration XML file to a MoaID 3 property file -// *
    • -// *
  • read a property file and transfer it's content to a database
    • -// *
  • write the content of a database to a property file
    • -// *
-// */ -//public class MigrateConfiguration { -// -// public static void main(String[] args) { -// -// MOAIDConfCLI cli = new MOAIDConfCLI(); -// MigrateConfigurationParams parsedParameters = cli.parse(args); -// -// // consider settings of force switch -// boolean isOverwriteData = parsedParameters.isOverwriteData(); -// ConfigurationUtil configUtil = new ConfigurationUtil(isOverwriteData); -// -// if (!parsedParameters.isInputDB() && (parsedParameters.getInputTarget() != null)) { -// // read input from file -// workWithInputFromFile(parsedParameters.getInputTarget(), parsedParameters, configUtil); -// -// } else if (parsedParameters.getInputDBConfig() != null) { -// // read input from database -// workWithImputFromDB(parsedParameters, configUtil); -// -// } else { -// System.exit(1); -// } -// } -// -// /** -// * Handle the case where input from a file is read. -// * -// * @param inputFileUrl -// * the url of the input file. -// * @param parsedParameters -// * the command line parameters. -// * @param configUtil -// * the class for working with the configuration. -// */ -// private static void workWithInputFromFile(String inputFileUrl, MigrateConfigurationParams parsedParameters, -// ConfigurationUtil configUtil) { -// File inFile = new File(inputFileUrl); -// try (FileInputStream inStream = new FileInputStream(inFile);) { -// -// if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { -// // input from file and output to a file is desired -// File outFile = new File(parsedParameters.getOutputFile()); -// configUtil.readFromXMLFileConvertToPropertyFile(inStream, outFile); -// -// } else if (parsedParameters.getOutputDBConfig() != null) { -// // input from file and output to a database is desired -// configUtil.readFromFileWriteToDB(inStream, parsedParameters.getOutputDBConfig()); -// } -// } catch (JAXBException e) { -// System.out.println("MOA-ID XML configuration can not be loaded from given file."); -// System.exit(1); -// } catch (FileNotFoundException e) { -// System.out.println("Could not find the input file."); -// System.exit(1); -// } catch (IOException e) { -// System.out.println("Could not read from the input file."); -// System.exit(1); -// } -// } -// -// /** -// * Handle the case where input is read from a database. -// * -// * @param parsedParameters -// * the command line parameters. -// * @param configUtil -// * the class for working with the configuration. -// */ -// private static void workWithImputFromDB(MigrateConfigurationParams parsedParameters, ConfigurationUtil configUtil) { -// if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { -// // input from database and output to a file is desired -// File outFile = new File(parsedParameters.getOutputFile()); -// String inputDBConfigFilePath = parsedParameters.getInputDBConfig(); -// configUtil.readFromDBWriteToFile(inputDBConfigFilePath, outFile); -// -// } else if (parsedParameters.getOutputDBConfig() != null) { -// // input from database and output to a database is desired -// // configUtil.readFromDBWriteToDB(inDBConfigFilePath, -// // outDBConfigFilePath); -// } -// } -//} \ No newline at end of file +package at.gv.egovernment.moa.id.commons.config; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; + +import javax.xml.bind.JAXBException; + +import at.gv.egovernment.moa.id.commons.config.cli.MOAIDConfCLI; +import at.gv.egovernment.moa.id.commons.config.cli.MigrateConfigurationParams; + +/** + * CLI tool which is able to perform the following tasks: + *
    + *
  • transform a MoaID 2 XML configuration XML file to a MoaID 3 property file + *
    • + *
  • read a property file and transfer it's content to a database
    • + *
  • write the content of a database to a property file
    • + *
+ */ +public class MigrateConfiguration { + + public static void main(String[] args) { + + MOAIDConfCLI cli = new MOAIDConfCLI(); + MigrateConfigurationParams parsedParameters = cli.parse(args); + + // consider settings of force switch + boolean isOverwriteData = parsedParameters.isOverwriteData(); + ConfigurationUtil configUtil = new ConfigurationUtil(isOverwriteData); + + if (!parsedParameters.isInputDB() && (parsedParameters.getInputTarget() != null)) { + // read input from file + workWithInputFromFile(parsedParameters.getInputTarget(), parsedParameters, configUtil); + + } else if (parsedParameters.getInputDBConfig() != null) { + // read input from database + workWithImputFromDB(parsedParameters, configUtil); + + } else { + System.exit(1); + } + } + + /** + * Handle the case where input from a file is read. + * + * @param inputFileUrl + * the url of the input file. + * @param parsedParameters + * the command line parameters. + * @param configUtil + * the class for working with the configuration. + */ + private static void workWithInputFromFile(String inputFileUrl, MigrateConfigurationParams parsedParameters, + ConfigurationUtil configUtil) { + File inFile = new File(inputFileUrl); + try (FileInputStream inStream = new FileInputStream(inFile);) { + + if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { + // input from file and output to a file is desired + File outFile = new File(parsedParameters.getOutputFile()); + configUtil.readFromXMLFileConvertToPropertyFile(inStream, outFile); + + } else if (parsedParameters.getOutputDBConfig() != null) { + // input from file and output to a database is desired + configUtil.readFromFileWriteToDB(inStream, parsedParameters.getOutputDBConfig()); + } + } catch (JAXBException e) { + System.out.println("MOA-ID XML configuration can not be loaded from given file."); + System.exit(1); + } catch (FileNotFoundException e) { + System.out.println("Could not find the input file."); + System.exit(1); + } catch (IOException e) { + System.out.println("Could not read from the input file."); + System.exit(1); + } + } + + /** + * Handle the case where input is read from a database. + * + * @param parsedParameters + * the command line parameters. + * @param configUtil + * the class for working with the configuration. + */ + private static void workWithImputFromDB(MigrateConfigurationParams parsedParameters, ConfigurationUtil configUtil) { + if (!parsedParameters.isOutputDB() && (parsedParameters.getOutputFile() != null)) { + // input from database and output to a file is desired + File outFile = new File(parsedParameters.getOutputFile()); + String inputDBConfigFilePath = parsedParameters.getInputDBConfig(); + configUtil.readFromDBWriteToFile(inputDBConfigFilePath, outFile); + + } else if (parsedParameters.getOutputDBConfig() != null) { + // input from database and output to a database is desired + // configUtil.readFromDBWriteToDB(inDBConfigFilePath, + // outDBConfigFilePath); + } + } +} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfiguration.java index 159b587df..fbb1597f3 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfiguration.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfiguration.java @@ -1,5 +1,6 @@ package at.gv.egovernment.moa.id.commons.config.persistence; +import java.util.Map; import java.util.Properties; import at.gv.egiz.components.configuration.api.Configuration; @@ -13,13 +14,36 @@ public interface MOAIDConfiguration extends Configuration { /** * Get all key/value pairs with a prefix * - * @param preFix A key prefix - * @return All key/value pairs with this prefix. The prefix is removed from the key. + * @param preFix: A key prefix + * @param removePrefix: Indicates, if the prefix should be removed from the result key + * @return All key/value pairs with this prefix or null if no key is found. The prefix is removed from the key. * **/ - public Properties getPropertySubset(String preFix) throws ConfigurationException; + public Map getPropertySubset(String preFix) throws ConfigurationException; + /** + * Searches the configuration use '*' or '%' for wildcards. + * + * Example: + * + * db.server1.url=... + * db.server1.user=... + * db.server1.password=... + * db.server1.driver=... + * db.server2.url=... + * db.server2.user=... + * db.server2.password=... + * db.server2.driver=... + * + * searchString: "db.server1.*" returns + * ["db.server1.url", "db.server1.user", "db.server1.password", "db.server1.driver"] + * @param searchkey The search string + * @return All key/value pairs with this prefix or null if no key is found. The prefix is not removed from the key. + * @throws ConfigurationException if something went wrong + */ + public Map searchPropertiesWithWildcard(String searchkey) throws ConfigurationException; + /** * Load an OnlineApplication configuration and remove the OA key prefix * @@ -27,57 +51,5 @@ public interface MOAIDConfiguration extends Configuration { * @return Properties of the online application or null if no OA is found * @throws ConfigurationException in case of an configuration access error */ - public Properties getOnlineApplication(String publicURLPrefix) throws ConfigurationException; - - -// /** -// * Gets all keys in the database. NOTE: may return an empty list or {@code null}. -// * @return a List containing all keys in the database or {@code null}. -// */ -// List getAllKeys(); -// -// /** -// * Get the value associated with the given key as {@link Object}. -// * @param key the key -// * @return the String associated with the given key or {@code null} if the key does not exist or does not have a value. -// */ -// String get(String key); -// -// /** -// * Get the object of type {@code T} associated with the given key. -// * -// * @param key the key -// * @param clazz the type of the requested object -// * @return the object associated with the given key or {@code null} if the key does not exist or does not have a value. -// */ -// T get(String key, Class clazz); -// -// /** -// * Store an object associated with a key. If the given object is set to {@code null} then the entry associated with the key is deleted. -// * -// * @param key the key under which the value is stored, respectively key determining the entry to be deleted. -// * @param value the String to store. if value is set to {@code null} then the entry associated with key {@code key} is deleted. -// * @return {@code true} if the operation was carried out successfully, {@code false} otherwise. -// */ -// boolean set(String key, String value); -// -// /** -// * Get the object of type {@code T} associated with the given key from the database. If the key does not exist or does not have a value, the given default -// * value is returned. -// * -// * @param key the key -// * @param clazz the type of the requested object -// * @param defaultValue the default value to return -// * @return the object associated with the given key or {@code defaultValue} if the key does not exist or does not have a value. -// */ -// T get(String key, Class clazz, Object defaultValue); -// -// /** -// * Get a list of objects associated with the given key. The list may be empty or contain only a single object. -// * @param key the key -// * @param clazz the type of the requested object -// * @return a list containing objects of type {@code T} or an empty list if no objects are associated with the key. -// */ -// List getList(String key, Class clazz); - + public Map getOnlineApplication(String publicURLPrefix) throws ConfigurationException; } \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java index 2d652d748..06e174942 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java @@ -1,51 +1,108 @@ package at.gv.egovernment.moa.id.commons.config.persistence; +import java.util.HashMap; +import java.util.Iterator; import java.util.List; -import java.util.Properties; +import java.util.Map; import javax.persistence.EntityManager; import javax.persistence.TypedQuery; -import org.springframework.beans.factory.annotation.Required; import org.springframework.stereotype.Component; +import org.springframework.stereotype.Repository; +import org.springframework.transaction.annotation.EnableTransactionManagement; +import org.springframework.transaction.annotation.Transactional; import at.gv.egiz.components.configuration.api.Configuration; import at.gv.egiz.components.configuration.api.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.ConfigProperty; -import at.gv.egovernment.moa.id.commons.db.dao.config.ConfigPropertyDaoImpl; +import at.gv.egovernment.moa.id.commons.db.dao.config.DatabaseConfigPropertyImpl; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.logging.Logger; /** * The implementation of a key-value configuration implementing the {@link Configuration} interface. * It employs the {@link ConfigPropertyDao} to persist configuration data. */ -@Component -public class MOAIDConfigurationImpl extends ConfigPropertyDaoImpl implements MOAIDConfiguration { - - Configuration configPropertyDao; -// private JsonMapper mapper = new JsonMapper(); +@Repository +@EnableTransactionManagement +@Transactional("transactionManager") +public class MOAIDConfigurationImpl extends DatabaseConfigPropertyImpl implements MOAIDConfiguration { - /** - * Sets the {@link ConfigPropertyDao}. - * @param configPropertyDao the ConfigPropertyDao +// Configuration configPropertyDao; +// +// /** +// * Sets the {@link ConfigPropertyDao}. +// * @param configPropertyDao the ConfigPropertyDao +// */ +// @Required +// public void setConfigPropertyDao(Configuration configPropertyDao) { +// this.configPropertyDao = configPropertyDao; +// } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration#getPropertySubset(java.lang.String) */ - @Required - public void setConfigPropertyDao(Configuration configPropertyDao) { - this.configPropertyDao = configPropertyDao; - } + public Map getPropertySubset(String preFix) throws ConfigurationException{ + EntityManager em = this.getPersistenceContext(); + if (null == em) { + Logger.error("No EntityManager set!"); + throw new ConfigurationException("No EntityManager set!"); + + } + + TypedQuery configQuery = em.createQuery("select * from ConfigProperty dbconfig where dbconfig.key like :key", ConfigProperty.class); + configQuery.setParameter("key", preFix + ".%"); + List configResult = configQuery.getResultList(); + if (configResult == null || configResult.isEmpty()) { + Logger.warn("Found no configuration keys with prefix: " + preFix + ".%"); + return null; + + } + Logger.trace("Find " + configResult.size() + " key/value pairs with prefix: " + preFix + ".%"); + + //build key/value configuration map from database entries + Map result = getKeyValueFromDatabaseDAO( + configResult.iterator(), preFix, true); + return result; + + } /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration#getPropertySubset(java.lang.String) + * @see at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration#searchPropertiesWithWildcard(java.lang.String) */ - public Properties getPropertySubset(String preFix) throws ConfigurationException{ - // TODO Auto-generated method stub - return null; + @Override + public Map searchPropertiesWithWildcard(String searchKey) + throws ConfigurationException { + EntityManager em = this.getPersistenceContext(); + if (null == em) { + Logger.error("No EntityManager set!"); + throw new ConfigurationException("No EntityManager set!"); + + } + + TypedQuery configQuery = em.createQuery("select * from ConfigProperty dbconfig where dbconfig.key like :key", ConfigProperty.class); + configQuery.setParameter("key", searchKey.replace("*", "%")); + List configResult = configQuery.getResultList(); + + if (configResult == null || configResult.isEmpty()) { + Logger.warn("Found no configuration keys with searchKey: " + searchKey); + return null; + + } + Logger.trace("Find " + configResult.size() + " key/value pairs with searchKey: " + searchKey); + + //build key/value configuration map from database entries + Map result = getKeyValueFromDatabaseDAO( + configResult.iterator(), null, false); + return result; + } @Override - public Properties getOnlineApplication(String publicURLPrefix) + public Map getOnlineApplication(String publicURLPrefix) throws ConfigurationException { EntityManager em = this.getPersistenceContext(); if (null == em) { @@ -54,148 +111,74 @@ public class MOAIDConfigurationImpl extends ConfigPropertyDaoImpl implements MOA } + //search key prefix for online application with this publicURLPrefix String keyId = MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + ".%." + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER; - TypedQuery query = em.createQuery("select * from ConfigProperty dbconfig where dbconfig.key like :key and dbconfig.value = SUBSTRING(:uniqueID, 1, LENGTH(dbconfig.value))", ConfigProperty.class); - query.setParameter("key", keyId); - query.setParameter("uniqueID", publicURLPrefix); - List result = query.getResultList(); + + TypedQuery oaSearchQuery = em.createQuery("select dbconfig from ConfigProperty dbconfig where dbconfig.key like :key and dbconfig.value = SUBSTRING(:uniqueID, 1, LENGTH(dbconfig.value))", ConfigProperty.class); + oaSearchQuery.setParameter("key", keyId); + oaSearchQuery.setParameter("uniqueID", publicURLPrefix); + List oaSearchResult = oaSearchQuery.getResultList(); - if (result.size() == 0) { + if (oaSearchResult.size() == 0) { Logger.debug("No entries found."); - return null; - } + return null; } - if (result.size() > 1) { + if (oaSearchResult.size() > 1) { Logger.warn("OAIdentifier match to more then one DB-entry!"); return null; } - String oaKey = result.get(0).getKey(); - String oaValue = result.get(0).getValue(); - Logger.trace("Find online application with uniqueID: " + oaValue + " and keyID: " + oaKey); + String oaIdKey = oaSearchResult.get(0).getKey(); + String oaIdValue = oaSearchResult.get(0).getValue(); + Logger.trace("Find online application with uniqueID: " + oaIdValue + " and keyID: " + oaIdKey); + //load all online application key/value pairs from database + String oaType = KeyValueUtils.getFirstChildAfterPrefix(oaIdKey, MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); + String oaKey = KeyValueUtils.getPrefixFromKey(oaIdKey, MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); - - return null; + TypedQuery oaConfigQuery = em.createQuery("select dbconfig from ConfigProperty dbconfig where dbconfig.key like :key", ConfigProperty.class); + oaConfigQuery.setParameter("key", oaKey + ".%"); + List oaConfigResult = oaConfigQuery.getResultList(); + + if (oaConfigResult == null) { + Logger.warn("Found no configuration keys with prefix: " + oaKey + ".%"); + return null; + } + Logger.trace("Find " + oaConfigResult.size() + " key/value pairs with prefix: " + oaKey + ".%"); + + //build key/value configuration map from database entries + Map result = getKeyValueFromDatabaseDAO( + oaConfigResult.iterator(), oaKey, true); + result.put(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES, oaType); + + return result; } + /** - * Small helper method. NOTE: may return empty properties, but never {@code null}. - * @param propPrefix the prefix of the desired property. - * @return the {@link Properties} + * Small helper method. NOTE: may return empty configuration properties, but never {@code null}. + * + * @param propPrefix: the prefix of the desired property. + * @param input: List of database objects with key/value information. + * @param removePrefix: Indicates if the prefix should be removed from the result key + * @return the {@link Map} of configuration properties */ - private Properties getGeneralProperiesConfig(Properties input, final String propPrefix) { - - Properties configProp = new Properties(); - for (Object key : input.keySet()) { - if (key.toString().startsWith(propPrefix)) { - String propertyName = key.toString().substring(propPrefix.length()); - configProp.put(propertyName, input.get(key.toString())); - } + private Map getKeyValueFromDatabaseDAO(Iterator input, final String prefix, boolean removePrefix) { + Map configProp = new HashMap(); + while (input.hasNext()) { + ConfigProperty el = input.next(); + if (removePrefix) { + if (el.getKey().startsWith(prefix)) { + String propertyName = KeyValueUtils.removePrefixFromKey(el.getKey(), prefix); + configProp.put(propertyName, el.getValue()); + + } + } else + configProp.put(el.getKey(), el.getValue()); + } return configProp; } - - -// @Override -// public List getAllKeys(){ -// try { -// return Arrays.asList(this.configPropertyDao.getConfigurationIds()); -// } catch (Exception e) { -// log.debug("Error while retrieving a list of all keys in the database."); -// return null; -// } -// } -// -// @Override -// public String get(String key) { -// // return null if key does not exist -// try { -// return configPropertyDao.getStringValue(key); -// -// } catch (Exception e) { -// log.debug("Error while searching value of key '{}' to object.", key); -// return null; -// } -// } -// -// @Override -// public T get(String key, Class clazz) { -// // return null if key does not exist -// try { -// T property = configPropertyDao.getObjectValue(key, clazz); -// return property; -// -// } catch (IllegalArgumentException e) { -// log.debug("Error while searching for key '{}' in the database.", key); -// return null; -// } catch (Exception e) { -// log.debug("Error while deserializing value of key '{}' to object of type {}.", key, clazz.getClass()); -// return null; -// } -// } -// -// @Override -// public boolean set(String key, String value) { -// -// try { -// //TODO: add delete -// if (value == null) { -// //configPropertyDao.delete(key); -// return true; -// } else { -// configPropertyDao.setStringValue(key, value); -// return true; -// } -// } catch (EntityExistsException e) { -// log.debug("Property '{}' already exists!", key); -// return false; -// } catch (Exception e) { -// log.debug("Error while setting value for key '{}' in the database.", key); -// return false; -// } -// } -// @Override -// public T get(String key, Class clazz, Object defaultValue) { -// -// T value = get(key, clazz); -// if (value != null) { -// return value; -// } else { -// return clazz.cast(defaultValue); -// } -// } -// -// @SuppressWarnings("unchecked") -// @Override -// public List getList(String key, Class clazz) { -// -// CollectionType listType = TypeFactory.defaultInstance().constructCollectionType(List.class, clazz); -// try { -// if ((configPropertyDao.getProperty(key) == null) -// || (configPropertyDao.getProperty(key).getValue() == null)) { -// return new ArrayList(); -// } -// String json = configPropertyDao.getProperty(key).getValue(); -// ObjectMapper mapper = new ObjectMapper(); -// -// return (List) mapper.readValue(json, listType); -// } catch (JsonMappingException e) { -// ArrayList tmp = new ArrayList(); -// T value = get(key, clazz); -// if (value != null) { -// tmp.add(value); -// } -// return tmp; -// } catch (IOException e) { -// log.debug("Error while deserializing value for key '{}' to List<{}>.", key, clazz.getClass()); -// return new ArrayList(); -// } catch (Exception e){ -// log.debug("Error while searching key '{}' in the database.", key); -// return new ArrayList(); -// } -// } - } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java index 22a7bf76b..5c14df671 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java @@ -71,333 +71,333 @@ public class ConfigurationDBRead { QUERIES.put("searchOnlineApplicationsWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.friendlyName like :id"); } - public static OnlineApplication getActiveOnlineApplication(String id) { - MiscUtil.assertNotNull(id, "OnlineApplictionID"); - Logger.trace("Getting OnlineApplication with ID " + id + " from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getActiveOnlineApplicationWithID")); - //query.setParameter("id", id+"%"); - query.setParameter("id", StringEscapeUtils.escapeHtml4(id)); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.debug("No entries found."); - return null; - } - - if (result.size() > 1) { - Logger.warn("OAIdentifier match to more then one DB-entry!"); - return null; - } - - return (OnlineApplication) result.get(0); - } - - public static OnlineApplication getOnlineApplication(String id) { - MiscUtil.assertNotNull(id, "OnlineApplictionID"); - Logger.trace("Getting OnlineApplication with ID " + id + " from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithID")); - //query.setParameter("id", id+"%"); - query.setParameter("id", id); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - - if (result.size() > 1) { - Logger.warn("OAIdentifier match to more then one DB-entry!"); - return null; - } - - return (OnlineApplication) result.get(0); - } - - public static OnlineApplication getOnlineApplication(long dbid) { - MiscUtil.assertNotNull(dbid, "OnlineApplictionID"); - Logger.trace("Getting OnlineApplication with DBID " + dbid + " from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithDBID")); - //query.setParameter("id", id+"%"); - query.setParameter("id", dbid); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - - return (OnlineApplication) result.get(0); - } - - @JsonProperty("getMOAIDConfiguration") - public static MOAIDConfiguration getMOAIDConfiguration() { - Logger.trace("Load MOAID Configuration from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getMOAIDConfiguration")); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found. Create fresh instance."); - return null; - } - - return (MOAIDConfiguration) result.get(0); - } - - @JsonProperty("getAllOnlineApplications") - public static List getAllOnlineApplications() { - Logger.trace("Get All OnlineApplications from database."); - - List result = null; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getAllOnlineApplications")); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return result; - } - - public static List getAllNewOnlineApplications() { - Logger.trace("Get All OnlineApplications from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getAllNewOnlineApplications")); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return result; - } - - @JsonProperty("getAllUsers") - public static List getAllUsers() { - Logger.trace("Get All OnlineApplications from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getAllUsers")); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return result; - } - - public static List getAllActiveOnlineApplications() { - Logger.trace("Get All active OnlineApplications from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getAllActiveOnlineApplications")); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - result = new ArrayList(); - - } - return result; - } - - @SuppressWarnings("rawtypes") - public static List searchOnlineApplications(String id) { - MiscUtil.assertNotNull(id, "OnlineApplictionID"); - Logger.trace("Getting OnlineApplication with ID " + id + " from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("searchOnlineApplicationsWithID")); - query.setParameter("id", "%" + id + "%"); - - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - - return result; - } - - public static UserDatabase getUserWithID(long id) { - MiscUtil.assertNotNull(id, "UserID"); - Logger.trace("Getting Userinformation with ID " + id + " from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserID")); - query.setParameter("id", id); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return (UserDatabase) result.get(0); - } - - public static UserDatabase getUsersWithOADBID(long id) { - MiscUtil.assertNotNull(id, "OADBID"); - Logger.trace("Getting Userinformation with OADBID " + id + " from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getUsersWithOADBID")); - query.setParameter("id", id); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return (UserDatabase) result.get(0); - } - - public static UserDatabase getUserWithUserName(String username) { - MiscUtil.assertNotNull(username, "UserName"); - Logger.trace("Getting Userinformation with ID " + username + " from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserUsername")); - query.setParameter("username", username); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return (UserDatabase) result.get(0); - } - - public static UserDatabase getUserWithUserBPKWBPK(String bpkwbpk) { - MiscUtil.assertNotNull(bpkwbpk, "bpk/wbpk"); - Logger.trace("Getting Userinformation with ID " + bpkwbpk + " from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserBPKWBPK")); - query.setParameter("bpk", bpkwbpk); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return (UserDatabase) result.get(0); - } - - public static UserDatabase getNewUserWithTokken(String tokken) { - MiscUtil.assertNotNull(tokken, "bpk/wbpk"); - Logger.trace("Getting Userinformation with Tokken " + tokken + " from database."); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getNewUserWithUserTokken")); - query.setParameter("tokken", tokken); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return (UserDatabase) result.get(0); - } - - public static List getAllNewUsers() { - Logger.trace("Get all new Users from Database"); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getAllNewUsers")); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return result; - } - - public static List getAllOpenUsersRequests() { - Logger.trace("Get all new Users from Database"); - - List result; - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - - javax.persistence.Query query = session.createQuery(QUERIES.get("getAllOpenUsersRequests")); - result = query.getResultList(); - - Logger.trace("Found entries: " + result.size()); - - if (result.size() == 0) { - Logger.trace("No entries found."); - return null; - } - return result; - } +// public static OnlineApplication getActiveOnlineApplication(String id) { +// MiscUtil.assertNotNull(id, "OnlineApplictionID"); +// Logger.trace("Getting OnlineApplication with ID " + id + " from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getActiveOnlineApplicationWithID")); +// //query.setParameter("id", id+"%"); +// query.setParameter("id", StringEscapeUtils.escapeHtml4(id)); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.debug("No entries found."); +// return null; +// } +// +// if (result.size() > 1) { +// Logger.warn("OAIdentifier match to more then one DB-entry!"); +// return null; +// } +// +// return (OnlineApplication) result.get(0); +// } +// +// public static OnlineApplication getOnlineApplication(String id) { +// MiscUtil.assertNotNull(id, "OnlineApplictionID"); +// Logger.trace("Getting OnlineApplication with ID " + id + " from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithID")); +// //query.setParameter("id", id+"%"); +// query.setParameter("id", id); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// +// if (result.size() > 1) { +// Logger.warn("OAIdentifier match to more then one DB-entry!"); +// return null; +// } +// +// return (OnlineApplication) result.get(0); +// } +// +// public static OnlineApplication getOnlineApplication(long dbid) { +// MiscUtil.assertNotNull(dbid, "OnlineApplictionID"); +// Logger.trace("Getting OnlineApplication with DBID " + dbid + " from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getOnlineApplicationWithDBID")); +// //query.setParameter("id", id+"%"); +// query.setParameter("id", dbid); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// +// return (OnlineApplication) result.get(0); +// } +// +// @JsonProperty("getMOAIDConfiguration") +// public static MOAIDConfiguration getMOAIDConfiguration() { +// Logger.trace("Load MOAID Configuration from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getMOAIDConfiguration")); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found. Create fresh instance."); +// return null; +// } +// +// return (MOAIDConfiguration) result.get(0); +// } +// +// @JsonProperty("getAllOnlineApplications") +// public static List getAllOnlineApplications() { +// Logger.trace("Get All OnlineApplications from database."); +// +// List result = null; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllOnlineApplications")); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// return result; +// } +// +// public static List getAllNewOnlineApplications() { +// Logger.trace("Get All OnlineApplications from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllNewOnlineApplications")); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// return result; +// } +// +// @JsonProperty("getAllUsers") +// public static List getAllUsers() { +// Logger.trace("Get All OnlineApplications from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllUsers")); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// return result; +// } +// +// public static List getAllActiveOnlineApplications() { +// Logger.trace("Get All active OnlineApplications from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllActiveOnlineApplications")); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// result = new ArrayList(); +// +// } +// return result; +// } +// +// @SuppressWarnings("rawtypes") +// public static List searchOnlineApplications(String id) { +// MiscUtil.assertNotNull(id, "OnlineApplictionID"); +// Logger.trace("Getting OnlineApplication with ID " + id + " from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("searchOnlineApplicationsWithID")); +// query.setParameter("id", "%" + id + "%"); +// +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// +// return result; +// } +// +// public static UserDatabase getUserWithID(long id) { +// MiscUtil.assertNotNull(id, "UserID"); +// Logger.trace("Getting Userinformation with ID " + id + " from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserID")); +// query.setParameter("id", id); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// return (UserDatabase) result.get(0); +// } +// +// public static UserDatabase getUsersWithOADBID(long id) { +// MiscUtil.assertNotNull(id, "OADBID"); +// Logger.trace("Getting Userinformation with OADBID " + id + " from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getUsersWithOADBID")); +// query.setParameter("id", id); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// return (UserDatabase) result.get(0); +// } +// +// public static UserDatabase getUserWithUserName(String username) { +// MiscUtil.assertNotNull(username, "UserName"); +// Logger.trace("Getting Userinformation with ID " + username + " from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserUsername")); +// query.setParameter("username", username); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// return (UserDatabase) result.get(0); +// } +// +// public static UserDatabase getUserWithUserBPKWBPK(String bpkwbpk) { +// MiscUtil.assertNotNull(bpkwbpk, "bpk/wbpk"); +// Logger.trace("Getting Userinformation with ID " + bpkwbpk + " from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserBPKWBPK")); +// query.setParameter("bpk", bpkwbpk); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// return (UserDatabase) result.get(0); +// } +// +// public static UserDatabase getNewUserWithTokken(String tokken) { +// MiscUtil.assertNotNull(tokken, "bpk/wbpk"); +// Logger.trace("Getting Userinformation with Tokken " + tokken + " from database."); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getNewUserWithUserTokken")); +// query.setParameter("tokken", tokken); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// return (UserDatabase) result.get(0); +// } +// +// public static List getAllNewUsers() { +// Logger.trace("Get all new Users from Database"); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllNewUsers")); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// return result; +// } +// +// public static List getAllOpenUsersRequests() { +// Logger.trace("Get all new Users from Database"); +// +// List result; +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// +// javax.persistence.Query query = session.createQuery(QUERIES.get("getAllOpenUsersRequests")); +// result = query.getResultList(); +// +// Logger.trace("Found entries: " + result.size()); +// +// if (result.size() == 0) { +// Logger.trace("No entries found."); +// return null; +// } +// return result; +// } } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java index 3dcfa8aa9..d9f0267df 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java @@ -64,156 +64,170 @@ public final class ConfigurationDBUtils { } - /** - * Checks if a session factory is currently available. If necessary a new - * session factory is created. - * - * @return current (or new) session factory - * @throws HibernateException - * thrown if a hibernate error occurs - */ - public static EntityManager getCurrentSession() { - if (automaticSessionHandling) { - - return entitymanagerfactory.createEntityManager(); - } - - EntityManager session = (EntityManager) THREAD_LOCAL_CONFIG.get(); - - if (session != null && session.isOpen()) { +// /** +// * Checks if a session factory is currently available. If necessary a new +// * session factory is created. +// * +// * @return current (or new) session factory +// * @throws HibernateException +// * thrown if a hibernate error occurs +// */ +// public static EntityManager getCurrentSession() { +// if (automaticSessionHandling) { +// +// return entitymanagerfactory.createEntityManager(); +// } +// +// EntityManager session = (EntityManager) THREAD_LOCAL_CONFIG.get(); +// +// if (session != null && session.isOpen()) { +// +// //maybe a hack, but sometimes we do not know if the session is closed (session already closed but isOpen()=true) +// try { +// javax.persistence.Query query = session.createQuery("select userdatabase from UserDatabase userdatabase"); +// query.getResultList(); +// +// } catch (Throwable e) { +// Logger.warn("JPA Session Handling Warning!!!! - This error should not occur."); +// session = getNewSession(); +// } +// +// } else +// session = getNewSession(); +// +// return session; +// } +// +// @SuppressWarnings("unchecked") +// public static EntityManager getNewSession() { +// if (automaticSessionHandling) { +// Logger.warn("Session is being automatically handled by hibernate. Therefore this session maybe not being newly created. Use HibernateUtil.getCurrentSession() instead."); +// return entitymanagerfactory.createEntityManager(); +// } +// EntityManager session = (EntityManager) THREAD_LOCAL_CONFIG.get(); +// if (session != null ) { +// Logger.warn("Previous session has not been closed; closing ConfigDB session now."); +// closeSession(); +// } +// Logger.debug("Opening new ConfigDB hibernate session..."); +// try { +// session = entitymanagerfactory.createEntityManager(); +// THREAD_LOCAL_CONFIG.set(session); +// } catch (HibernateException hex) { +// Logger.error(hex.getMessage()); +// } +// return session; +// } - //maybe a hack, but sometimes we do not know if the session is closed (session already closed but isOpen()=true) - try { - javax.persistence.Query query = session.createQuery("select userdatabase from UserDatabase userdatabase"); - query.getResultList(); - - } catch (Throwable e) { - Logger.warn("JPA Session Handling Warning!!!! - This error should not occur."); - session = getNewSession(); - } - - } else - session = getNewSession(); - - return session; - } - - @SuppressWarnings("unchecked") - public static EntityManager getNewSession() { - if (automaticSessionHandling) { - Logger.warn("Session is being automatically handled by hibernate. Therefore this session maybe not being newly created. Use HibernateUtil.getCurrentSession() instead."); - return entitymanagerfactory.createEntityManager(); - } - EntityManager session = (EntityManager) THREAD_LOCAL_CONFIG.get(); - if (session != null ) { - Logger.warn("Previous session has not been closed; closing ConfigDB session now."); - closeSession(); - } - Logger.debug("Opening new ConfigDB hibernate session..."); - try { - session = entitymanagerfactory.createEntityManager(); - THREAD_LOCAL_CONFIG.set(session); - } catch (HibernateException hex) { - Logger.error(hex.getMessage()); - } - return session; - } + /** + * Closes the current session. + * + * @throws HibernateException + * thrown if session is already closed or a hibernate error + * occurs. + * + * @deprecated + */ +@SuppressWarnings("unchecked") +public static void closeSession() { - /** - * Closes the current session. - * - * @throws HibernateException - * thrown if session is already closed or a hibernate error - * occurs. - */ - @SuppressWarnings("unchecked") - public static void closeSession() { - if (automaticSessionHandling) { - Logger.warn("Session is being automatically handled by hibernate. Therefore the current session cannot be closed on demand."); - return; - } - Logger.debug("Closing current ConfigDB hibernate session..."); - EntityManager session = (EntityManager) THREAD_LOCAL_CONFIG.get(); - THREAD_LOCAL_CONFIG.set(null); - if (session != null) { - try { - session.close(); - - } catch (HibernateException hex) { - Logger.error(hex.getMessage()); - } - } - } - - public static boolean save(Object dbo) throws MOADatabaseException { - EntityTransaction tx = null; - - try { - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - tx = session.getTransaction(); - - synchronized (session) { - tx.begin(); - session.merge(dbo); - tx.commit(); - - session.clear(); - } - return true; - - } catch(HibernateException e) { - Logger.warn("Error during Config database saveOrUpdate. Rollback.", e); - tx.rollback(); - throw new MOADatabaseException(e); - } - } - +} - public static boolean saveOrUpdate(Object dbo) throws MOADatabaseException { - EntityTransaction tx = null; - - try { - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - tx = session.getTransaction(); - - synchronized (session) { - tx.begin(); - - session.merge(dbo); - session.flush(); - - tx.commit(); - - //session.clear(); - } - return true; - - } catch(HibernateException e) { - Logger.warn("Error during Config database saveOrUpdate. Rollback.", e); - tx.rollback(); - throw new MOADatabaseException(e); - } - } - - public static boolean delete(Object dbo) { - EntityTransaction tx = null; - try { - EntityManager session = ConfigurationDBUtils.getCurrentSession(); - tx = session.getTransaction(); - - synchronized (session) { - tx.begin(); - session.remove(session.contains(dbo) ? dbo : session.merge(dbo)); - tx.commit(); - } - - return true; - - } catch(HibernateException e) { - Logger.warn("Error during Config database delete. Rollback.", e); - tx.rollback(); - return false; - } - } +// /** +// * Closes the current session. +// * +// * @throws HibernateException +// * thrown if session is already closed or a hibernate error +// * occurs. +// */ +// @SuppressWarnings("unchecked") +// public static void closeSession() { +// if (automaticSessionHandling) { +// Logger.warn("Session is being automatically handled by hibernate. Therefore the current session cannot be closed on demand."); +// return; +// } +// Logger.debug("Closing current ConfigDB hibernate session..."); +// EntityManager session = (EntityManager) THREAD_LOCAL_CONFIG.get(); +// THREAD_LOCAL_CONFIG.set(null); +// if (session != null) { +// try { +// session.close(); +// +// } catch (HibernateException hex) { +// Logger.error(hex.getMessage()); +// } +// } +// } +// +// public static boolean save(Object dbo) throws MOADatabaseException { +// EntityTransaction tx = null; +// +// try { +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// tx = session.getTransaction(); +// +// synchronized (session) { +// tx.begin(); +// session.merge(dbo); +// tx.commit(); +// +// session.clear(); +// } +// return true; +// +// } catch(HibernateException e) { +// Logger.warn("Error during Config database saveOrUpdate. Rollback.", e); +// tx.rollback(); +// throw new MOADatabaseException(e); +// } +// } +// +// +// public static boolean saveOrUpdate(Object dbo) throws MOADatabaseException { +// EntityTransaction tx = null; +// +// try { +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// tx = session.getTransaction(); +// +// synchronized (session) { +// tx.begin(); +// +// session.merge(dbo); +// session.flush(); +// +// tx.commit(); +// +// //session.clear(); +// } +// return true; +// +// } catch(HibernateException e) { +// Logger.warn("Error during Config database saveOrUpdate. Rollback.", e); +// tx.rollback(); +// throw new MOADatabaseException(e); +// } +// } +// +// public static boolean delete(Object dbo) { +// EntityTransaction tx = null; +// try { +// EntityManager session = ConfigurationDBUtils.getCurrentSession(); +// tx = session.getTransaction(); +// +// synchronized (session) { +// tx.begin(); +// session.remove(session.contains(dbo) ? dbo : session.merge(dbo)); +// tx.commit(); +// } +// +// return true; +// +// } catch(HibernateException e) { +// Logger.warn("Error during Config database delete. Rollback.", e); +// tx.rollback(); +// return false; +// } +// } } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationFromDBExtractor.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationFromDBExtractor.java deleted file mode 100644 index 432991f33..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationFromDBExtractor.java +++ /dev/null @@ -1,182 +0,0 @@ -//package at.gv.egovernment.moa.id.commons.db; -// -//import java.util.ArrayList; -//import java.util.Date; -//import java.util.List; -// -//import javax.persistence.EntityManager; -//import javax.persistence.TypedQuery; -// -//import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -//import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; -//import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; -//import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; -//import at.gv.egovernment.moa.id.commons.db.dao.config.GenericConfiguration; -//import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -//import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; -// -//import com.fasterxml.jackson.annotation.JsonProperty; -// -///** -// * This class is used to extract information from a legacy moa-id database. -// */ -//public class ConfigurationFromDBExtractor { -// -// /** -// * This class should not be instantiated. -// */ -// private ConfigurationFromDBExtractor() { -// } -// -// /** -// * Helper method, to query for a single value. NOTE: returns {@code null} if -// * there is no result, more than one result or if an exception is thrown -// * while querying the database. -// * -// * @param queryString -// * a jpa query string. -// * @param clazz -// * the class type of the expected result. -// * @return the result of the query or {@code null}. -// */ -// private static T getSingleValue(String queryString, Class clazz) { -// T result = null; -// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -// TypedQuery query = session.createQuery(queryString, clazz); -// try { -// result = query.getSingleResult(); -// } catch (Exception e) { -// return null; -// } -// return result; -// } -// -// /** -// * Helper method, to query for a a list of values. NOTE: the returned list -// * may be empty but is never {@code null}. -// * -// * @param queryString -// * a jpa query string. -// * @param clazz -// * the class type of the elements the expected result list. -// * @return a list with the result of the query or an empty list. -// */ -// private static List getListOfValues(String queryString, Class clazz) { -// List result = new ArrayList(); -// EntityManager session = ConfigurationDBUtils.getCurrentSession(); -// TypedQuery query = session.createQuery(queryString, clazz); -// try { -// result = query.getResultList(); -// } catch (Exception e) { -// return new ArrayList(); -// } -// return result; -// } -// -// /** -// * Extracts an {@link AuthComponentGeneral} from the database. NOTE: returns -// * {@code null} if there is no result, more than one result or if an -// * exception is thrown while querying the database. -// * -// * @return an AuthComponentgeneral or {@code null}. -// */ -// @JsonProperty(MOAIDConfigurationConstants.AUTH_COMPONENT_GENERAL_KEY) -// public static AuthComponentGeneral getAuthComponentGeneral() { -// return getSingleValue("from AuthComponentGeneral", AuthComponentGeneral.class); -// } -// -// /** -// * Extracts an {@link AuthComponentGeneral} from the database. NOTE: returns -// * {@code null} if there is no result, more than one result or if an -// * exception is thrown while querying the database. -// * -// * @return an AuthComponentgeneral or {@code null}. -// */ -// @JsonProperty(MOAIDConfigurationConstants.CHAINING_MODES_KEY) -// public static ChainingModes getChainingModes() { -// return (ChainingModes) getSingleValue("from ChainingModes", ChainingModes.class); -// } -// -// /** -// * Extracts a list of {@link OnlineApplication} from the database. NOTE: the -// * returned list may be empty but is never {@code null}. -// * -// * @return a list of {@link OnlineApplication}. -// */ -// @JsonProperty(MOAIDConfigurationConstants.ONLINE_APPLICATIONS_KEY) -// public static List getOnlineApplications() { -// return getListOfValues("from OnlineApplication", OnlineApplication.class); -// } -// -// /** -// * Extracts a list of {@link GenericConfiguration} from the database. NOTE: -// * the returned list may be empty but is never {@code null}. -// * -// * @return a list of {@link GenericConfiguration}. -// */ -// @JsonProperty(MOAIDConfigurationConstants.GENERIC_CONFIGURATION_KEY) -// public static List getGenericConfigurations() { -// return getListOfValues("from GenericConfiguration", GenericConfiguration.class); -// } -// -// /** -// * Extracts the trusted CA-certificates from the database. NOTE: returns -// * {@code null} if there is no result, more than one result or if an -// * exception is thrown while querying the database. -// * -// * @return the trusted CA-certificates or {@code null}. -// */ -// @JsonProperty(MOAIDConfigurationConstants.TRUSTED_CERTIFICATES_KEY) -// public static String getTrustedCACertificates() { -// return getSingleValue("select trustedCACertificates from MOAIDConfiguration", String.class); -// } -// -// /** -// * Extracts a {@link DefaultBKUs} from the database. NOTE: returns -// * {@code null} if there is no result, more than one result or if an -// * exception is thrown while querying the database. -// * -// * @return a DefaultBKUs or {@code null}. -// */ -// @JsonProperty(MOAIDConfigurationConstants.DEFAULT_BKUS_KEY) -// public static DefaultBKUs getDefaultBKUs() { -// return getSingleValue("select defaultBKUs from MOAIDConfiguration", DefaultBKUs.class); -// } -// -// /** -// * Extracts a {@link SLRequestTemplates} from the database. NOTE: returns -// * {@code null} if there is no result, more than one result or if an -// * exception is thrown while querying the database. -// * -// * @return a SLRequestTemplates or {@code null}. -// */ -// @JsonProperty(MOAIDConfigurationConstants.SLREQUEST_TEMPLATES_KEY) -// public static SLRequestTemplates getSLRequestTemplates() { -// return getSingleValue("select SLRequestTemplates from MOAIDConfiguration", SLRequestTemplates.class); -// } -// -// /** -// * Extracts the moa-id timestamp (last update) from the database. NOTE: -// * returns {@code null} if there is no result, more than one result or if an -// * exception is thrown while querying the database. -// * -// * @return the moa-id timestamp (last update) or {@code null}. -// */ -// @JsonProperty(MOAIDConfigurationConstants.TIMESTAMP_ITEM_KEY) -// public static Date getTimeStampItem() { -// return getSingleValue("select timestampItem from MOAIDConfiguration", Date.class); -// } -// -// /** -// * Extracts the date of the last pvp2refresh from the database. NOTE: -// * returns {@code null} if there is no result, more than one result or if an -// * exception is thrown while querying the database. -// * -// * @return the date of the last pvp2refresh or {@code null}. -// */ -// @JsonProperty(MOAIDConfigurationConstants.PVP2REFRESH_ITEM_KEY) -// public static Date getPvp2RefreshItem() { -// return getSingleValue("select pvp2RefreshItem from MOAIDConfiguration", Date.class); -// } -// -//} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java deleted file mode 100644 index eaeb4e7f7..000000000 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/ConfigPropertyDaoImpl.java +++ /dev/null @@ -1,195 +0,0 @@ -package at.gv.egovernment.moa.id.commons.db.dao.config; - -import java.util.List; - -import javax.persistence.EntityManager; -import javax.persistence.PersistenceContext; -import javax.persistence.TypedQuery; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.transaction.annotation.Transactional; - -import at.gv.egiz.components.configuration.api.AbstractConfigurationImpl; -import at.gv.egiz.components.configuration.api.ConfigurationException; -import at.gv.egovernment.moa.util.MiscUtil; - -/** - * Database backed implementation of the DAO interface - * - */ -@Transactional("transactionManager") -public class ConfigPropertyDaoImpl extends AbstractConfigurationImpl { - - private Logger log = LoggerFactory.getLogger(getClass()); - - @PersistenceContext(unitName = "moaidconf") - private EntityManager em; - - /** - * - * @return EntityManager for database access - */ - protected EntityManager getPersistenceContext() { - return em; - } - - @Override - protected List getAllKeys() { - if (null == em) { - log.error("No EntityManager set!"); - return null; - } - TypedQuery query = em.createQuery("select key from ConfigProperty", String.class); - List result = query.getResultList(); - return result; - } - - /* (non-Javadoc) - * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#getValue(java.lang.String) - */ - @Override - protected String getValue(String key) throws ConfigurationException { - ConfigProperty property = getProperty(key); - if (property == null) - return null; - - else { - if (MiscUtil.isEmpty(property.getValue())) - return new String(); - else - return property.getValue(); - - } - } - - /* (non-Javadoc) - * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#containsKey(java.lang.String) - */ - @Override - protected boolean containsKey(String key) throws ConfigurationException { - ConfigProperty property = getProperty(key); - if (property == null) - return false; - else - return true; - - } - - /* (non-Javadoc) - * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#storeKey(java.lang.String, java.lang.String) - */ - @Override - protected void storeKey(String key, String value) throws ConfigurationException { - if (null == em) { - log.error("No EntityManager set!"); - return; - - } - ConfigProperty property = new ConfigProperty(); - property.setKey(key); - property.setValue(value); - log.debug("Storing '{}'.", property.toString()); - em.persist(property); - - } - - protected void deleteKey(String key) { - log.debug("Deleting entry with key '{}'.", key); - em.remove(em.find(ConfigProperty.class, key)); - } - - /* (non-Javadoc) - * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#findConfigurationId(java.lang.String) - */ - @Override - public String[] findConfigurationId(String searchString) - throws ConfigurationException { - if (null == em) { - log.error("No EntityManager set!"); - return null; - } - - TypedQuery query = em.createQuery("select key from ConfigProperty dbconfig where dbconfig.key like :key", String.class); - query.setParameter("key", searchString.replace("*", "%")); - List result = query.getResultList(); - return result.toArray(new String[result.size()]); - } - - /* (non-Javadoc) - * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#findByValue(java.lang.String) - */ - @Override - public String[] findByValue(String searchString) - throws ConfigurationException { - if (null == em) { - log.error("No EntityManager set!"); - return null; - } - - TypedQuery query = em.createQuery("select key from ConfigProperty dbconfig where dbconfig.value like :value", String.class); - query.setParameter("value", searchString.replace("*", "%")); - List result = query.getResultList(); - return result.toArray(new String[result.size()]); - } - - /* (non-Javadoc) - * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#synchronize() - */ - @Override - public void synchronize() throws ConfigurationException { - //INFO: no implementation required - - } - - /* (non-Javadoc) - * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#getName() - */ - @Override - public String getName() { - return "DatabaseConfiguration"; - } - - - private ConfigProperty getProperty(String key) { - log.debug("Looking for configuration property for key '{}'.", key); - ConfigProperty result = em.find(ConfigProperty.class, key); - if (result != null) { - log.debug("Found configuration property {}.", result); - } else { - log.debug("Unable to find configuration property for key '{}'.", key); - } - return result; - } - - - -// @Override -// public String getPropertyValue(String key) { -// ConfigProperty property = getProperty(key); -// if (property == null) { -// return null; -// } -// return property.getValue(); -// } -// -// @Override -// public List getProperties() { -// -// if (null == em) { -// log.error("No EntityManager set!"); -// return null; -// } -// -// log.debug("Retrieving all properties from database."); -// TypedQuery query = em.createQuery("select mc from ConfigProperty mc", ConfigProperty.class); -// try { -// List propertiesList = query.getResultList(); -// return propertiesList; -// } catch (NoResultException e) { -// log.debug("No property found in database."); -// return null; -// } -// } - -} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java new file mode 100644 index 000000000..72cb2fdf4 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java @@ -0,0 +1,201 @@ +package at.gv.egovernment.moa.id.commons.db.dao.config; + +import java.util.List; + +import javax.persistence.EntityManager; +import javax.persistence.PersistenceContext; +import javax.persistence.TypedQuery; + +import org.hibernate.SessionFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Repository; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.EnableTransactionManagement; +import org.springframework.transaction.annotation.Transactional; + +import at.gv.egiz.components.configuration.api.AbstractConfigurationImpl; +import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * Database backed implementation of the DAO interface + * + */ +@Repository +@Transactional("transactionManager") +public class DatabaseConfigPropertyImpl extends AbstractConfigurationImpl { + + private Logger log = LoggerFactory.getLogger(getClass()); + + @PersistenceContext(unitName = "config") + private EntityManager em; + + /** + * + * @return EntityManager for database access + */ + protected EntityManager getPersistenceContext() { + return em; + } + + @Override + protected List getAllKeys() throws ConfigurationException { + if (null == em) { + log.error("No EntityManager set!"); + throw new ConfigurationException("No EntityManager set!"); + } + TypedQuery query = em.createQuery("select key from ConfigProperty", String.class); + List result = query.getResultList(); + return result; + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#getValue(java.lang.String) + */ + @Override + protected String getValue(String key) throws ConfigurationException { + ConfigProperty property = getProperty(key); + if (property == null) + return null; + + else { + if (MiscUtil.isEmpty(property.getValue())) + return new String(); + else + return property.getValue(); + + } + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#containsKey(java.lang.String) + */ + @Override + protected boolean containsKey(String key) throws ConfigurationException { + ConfigProperty property = getProperty(key); + if (property == null) + return false; + else + return true; + + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#storeKey(java.lang.String, java.lang.String) + */ + @Override + @Transactional(value="transactionManager") + protected void storeKey(String key, String value) throws ConfigurationException { + if (null == em) { + log.error("No EntityManager set!"); + throw new ConfigurationException("No EntityManager set!"); + + } + ConfigProperty property = new ConfigProperty(); + property.setKey(key); + property.setValue(value); + log.debug("Storing '{}'.", property.toString()); + em.persist(property); + + } + + protected void deleteKey(String key) { + log.debug("Deleting entry with key '{}'.", key); + em.remove(em.find(ConfigProperty.class, key)); + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#findConfigurationId(java.lang.String) + */ + @Override + public String[] findConfigurationId(String searchString) + throws ConfigurationException { + if (null == em) { + log.error("No EntityManager set!"); + throw new ConfigurationException("No EntityManager set!"); + } + + TypedQuery query = em.createQuery("select key from ConfigProperty dbconfig where dbconfig.key like :key", String.class); + query.setParameter("key", searchString.replace("*", "%")); + List result = query.getResultList(); + return result.toArray(new String[result.size()]); + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#findByValue(java.lang.String) + */ + @Override + public String[] findByValue(String searchString) + throws ConfigurationException { + if (null == em) { + log.error("No EntityManager set!"); + throw new ConfigurationException("No EntityManager set!"); + } + + TypedQuery query = em.createQuery("select key from ConfigProperty dbconfig where dbconfig.value like :value", String.class); + query.setParameter("value", searchString.replace("*", "%")); + List result = query.getResultList(); + return result.toArray(new String[result.size()]); + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#synchronize() + */ + @Override + public void synchronize() throws ConfigurationException { + //INFO: no implementation required + + } + + /* (non-Javadoc) + * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#getName() + */ + @Override + public String getName() { + return "DatabaseConfiguration"; + } + + + private ConfigProperty getProperty(String key) { + log.debug("Looking for configuration property for key '{}'.", key); + ConfigProperty result = em.find(ConfigProperty.class, key); + if (result != null) { + log.debug("Found configuration property {}.", result); + } else { + log.debug("Unable to find configuration property for key '{}'.", key); + } + return result; + } + + + +// @Override +// public String getPropertyValue(String key) { +// ConfigProperty property = getProperty(key); +// if (property == null) { +// return null; +// } +// return property.getValue(); +// } +// +// @Override +// public List getProperties() { +// +// if (null == em) { +// log.error("No EntityManager set!"); +// return null; +// } +// +// log.debug("Retrieving all properties from database."); +// TypedQuery query = em.createQuery("select mc from ConfigProperty mc", ConfigProperty.class); +// try { +// List propertiesList = query.getResultList(); +// return propertiesList; +// } catch (NoResultException e) { +// log.debug("No property found in database."); +// return null; +// } +// } + +} \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml b/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml index 8ff384eb9..6325ada5f 100644 --- a/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml +++ b/id/server/moa-id-commons/src/main/resources/META-INF/persistence.xml @@ -10,7 +10,7 @@ http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd" at.gv.egovernment.moa.id.commons.config.persistence.dal.SOME_CLASS - + org.hibernate.ejb.HibernatePersistence at.gv.egovernment.moa.id.commons.db.dao.config.ConfigProperty diff --git a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml deleted file mode 100644 index 732c19721..000000000 --- a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml +++ /dev/null @@ -1,56 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml_old b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml_old new file mode 100644 index 000000000..b3e7526d0 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml_old @@ -0,0 +1,59 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/id/server/moa-id-commons/src/main/resources/persistence_template.xml b/id/server/moa-id-commons/src/main/resources/persistence_template.xml index 06706e27a..d9adc4394 100644 --- a/id/server/moa-id-commons/src/main/resources/persistence_template.xml +++ b/id/server/moa-id-commons/src/main/resources/persistence_template.xml @@ -3,7 +3,7 @@ http://java.sun.com/xml/ns/persistence/orm http://java.sun.com/xml/ns/persistence/orm_1_0.xsd" xmlns="http://java.sun.com/xml/ns/persistence" xmlns:orm="http://java.sun.com/xml/ns/persistence/orm" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - + org.hibernate.ejb.HibernatePersistence at.gv.egovernment.moa.id.commons.db.dao.config.ConfigProperty diff --git a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java index 5f0ffd4e2..9896f2454 100644 --- a/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java +++ b/id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java @@ -29,11 +29,8 @@ import java.util.List; import org.hibernate.Query; import org.hibernate.Session; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore; import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog; import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; @@ -96,10 +93,9 @@ public class DatabaseTestModule implements TestModuleInterface{ private String testMOAConfigurationDatabase() throws Exception{ - MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); - ConfigurationDBUtils.closeSession(); - - if (moaidconfig == null) + String publicURLPreFix = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + + if (MiscUtil.isEmpty(publicURLPreFix)) return ("MOA-ID 2.x configuration can not be loaded from Database."); return null; diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java index 6f5cf0700..939390847 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/AbstractPepsConnectorWithLocalSigningTask.java @@ -54,6 +54,8 @@ import eu.stork.peps.auth.commons.IPersonalAttributeList; public abstract class AbstractPepsConnectorWithLocalSigningTask extends AbstractAuthServletTask { + public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnectorWithLocalSigning"; + String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, ApiUtilsException { diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java index 11051ceec..8b013ab4d 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/CreateStorkAuthRequestFormTask.java @@ -2,13 +2,49 @@ package at.gv.egovernment.moa.id.auth.modules.stork.tasks; import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.*; +import java.io.IOException; +import java.io.StringWriter; +import java.math.BigInteger; +import java.net.URL; +import java.security.NoSuchAlgorithmException; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Date; +import java.util.List; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.commons.io.IOUtils; import org.apache.commons.lang.StringEscapeUtils; +import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.StringUtils; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.opensaml.common.IdentifierGenerator; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; +import org.w3c.dom.DOMException; + +import eu.stork.oasisdss.api.AdditionalProfiles; +import eu.stork.oasisdss.api.ApiUtils; +import eu.stork.oasisdss.api.Profiles; +import eu.stork.oasisdss.api.QualityLevels; +import eu.stork.oasisdss.api.SignatureTypes; +import eu.stork.oasisdss.api.exceptions.ApiUtilsException; +import eu.stork.oasisdss.profile.AnyType; +import eu.stork.oasisdss.profile.DocumentType; +import eu.stork.oasisdss.profile.SignRequest; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; +import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; @@ -17,12 +53,17 @@ import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; +import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.config.stork.CPEPS; import at.gv.egovernment.moa.id.config.stork.STORKConfig; +import at.gv.egovernment.moa.id.config.stork.StorkAttribute; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; +import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; /** @@ -95,7 +136,7 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { executionContext.put(PROCESS_CTX_KEY_CPEPS_ISXMLSIGSUPPORTED, cpeps.isXMLSignatureSupported()); Logger.info("Starting STORK authentication for a citizen of country: " + moasession.getCcc()); - AuthenticationServer.startSTORKAuthentication(req, resp, moasession); + startSTORKAuthentication(req, resp, moasession); } catch (MOAIDException ex) { throw new TaskExecutionException(ex.getMessage(), ex); @@ -110,5 +151,285 @@ public class CreateStorkAuthRequestFormTask extends AbstractAuthServletTask { ConfigurationDBUtils.closeSession(); } } + + /** + * Starts a MOA-ID authentication process using STORK + * + * @param req HttpServletRequest + * @param resp HttpServletResponse + * @param ccc Citizen country code + * @param oaURL URL of the online application + * @param target Target parameter + * @param targetFriendlyName Friendly Name of Target + * @param authURL Authentication URL + * @param sourceID SourceID parameter + * @throws MOAIDException + * @throws AuthenticationException + * @throws WrongParametersException + * @throws ConfigurationException + */ + public void startSTORKAuthentication( + HttpServletRequest req, + HttpServletResponse resp, + AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException { + + if (moasession == null) { + throw new AuthenticationException("auth.18", new Object[]{}); + } + + //read configuration paramters of OA + OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("auth.00", new Object[]{moasession.getPublicOAURLPrefix()}); + + //Start of STORK Processing + STORKConfig storkConfig = AuthConfigurationProviderFactory.getInstance().getStorkConfig(); + + CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc()); + + Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:"); + String destination = cpeps.getPepsURL().toExternalForm(); + Logger.debug("C-PEPS URL: " + destination); + + + String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); + // String acsURL = new DataURLBuilder().buildDataURL(issuerValue, + // PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN, moasession.getSessionID()); + + + String providerName = oaParam.getFriendlyName(); + Logger.debug("Issuer value: " + issuerValue); + + // prepare collection of required attributes + // - attributes for online application + Collection attributesFromConfig = oaParam.getRequestedSTORKAttributes(); + + // - prepare attribute list + PersonalAttributeList attributeList = new PersonalAttributeList(); + + // - fill container + for (StorkAttribute current : attributesFromConfig) { + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName(current.getName()); + + boolean globallyMandatory = false; + for (StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes()) + if (current.getName().equals(currentGlobalAttribute.getName())) { + globallyMandatory = BooleanUtils.isTrue(currentGlobalAttribute.getMandatory()); + break; + } + + newAttribute.setIsRequired(current.getMandatory() || globallyMandatory); + attributeList.add(newAttribute); + } + + // add sign request + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("signedDoc"); + newAttribute.setIsRequired(true); + List value = new ArrayList(); + + Logger.debug("PEPS supports XMLSignatures:"+cpeps.isXMLSignatureSupported()); + String acsURL; + if(cpeps.isXMLSignatureSupported())//Send SignRequest to PEPS + { + //solve Problem with sessionIDs + acsURL = issuerValue + PepsConnectorTask.PEPSCONNECTOR_SERVLET_URL_PATTERN; + + value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession), + "application/xhtml+xml", moasession.getCcc())); + newAttribute.setValue(value); + attributeList.add(newAttribute); + + // TODO[branch]: STORK AuthReq CPEPS acsURL "/PEPSConnector" + } + else//Process SignRequest locally with MOCCA + { + String target = moasession.getTarget(); + moasession.setTarget("AT"); + String signedDoc = (generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession), + "application/xhtml+xml", "AT"));//moasession.getCcc() + moasession.setTarget(target); + Logger.warn("signedDoc to store:"+signedDoc); + //attributeList.add(newAttribute); + + //store SignRequest for later... + moasession.setSignedDoc(signedDoc); + + acsURL = issuerValue + AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN; + // TODO[branch]: STORK AuthReq acsURL "/PEPSConnectorWithLocalSigning" + try { + AuthenticationSessionStoreage.storeSession(moasession); + } catch (MOADatabaseException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + } + Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL); + + if (Logger.isDebugEnabled()) { + Logger.debug("The following attributes are requested for this OA:"); + for (StorkAttribute logReqAttr : attributesFromConfig) + Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.getMandatory()); + } + + //TODO: check Target in case of SSO!! + String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget(); + String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); + String spApplication = spInstitution; + String spCountry = "AT"; // intentionally set AT - the flow is limited on that use case only + + //generate AuthnRquest + STORKAuthnRequest authnRequest = new STORKAuthnRequest(); + authnRequest.setDestination(destination); + authnRequest.setAssertionConsumerServiceURL(acsURL);//PEPSConnectorWithLocalSigning + authnRequest.setProviderName(providerName); + authnRequest.setIssuer(issuerValue); + authnRequest.setQaa(oaParam.getQaaLevel()); + authnRequest.setSpInstitution(spInstitution); + authnRequest.setSpCountry(spCountry); + authnRequest.setSpApplication(spApplication); + authnRequest.setSpSector(spSector); + authnRequest.setPersonalAttributeList(attributeList); + + //TODO change + authnRequest.setEIDCrossBorderShare(true); + authnRequest.setEIDCrossSectorShare(true); + authnRequest.setEIDSectorShare(true); + + authnRequest.setCitizenCountryCode(moasession.getCcc()); + + Logger.debug("STORK AuthnRequest succesfully assembled."); + + STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing"); + + if (samlEngine == null) { + Logger.error("Could not initalize STORK SAML engine."); + throw new MOAIDException("stork.00", null); + } + + try { + authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest); + } catch (STORKSAMLEngineException e) { + Logger.error("Could not sign STORK SAML AuthnRequest.", e); + throw new MOAIDException("stork.00", null); + } + + Logger.info("STORK AuthnRequest successfully signed!"); + + //validate AuthnRequest + try { + samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml()); + } catch (STORKSAMLEngineException e) { + Logger.error("STORK SAML AuthnRequest not valid.", e); + throw new MOAIDException("stork.01", null); + } + + Logger.debug("STORK AuthnRequest successfully internally validated."); + + //send + moasession.setStorkAuthnRequest(authnRequest); + + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS receives request from SP#spurl#spepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS receives request from SP#" + + moasession.getPublicOAURLPrefix() + "#" + issuerValue + "#" + spApplication + "#" + + new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() + + "#_hash_#" + moasession.getProcessInstanceId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + + AuthenticationSessionStoreage.changeSessionID(moasession, authnRequest.getSamlId()); + + + Logger.info("Preparing to send STORK AuthnRequest."); + Logger.info("prepared STORKAuthnRequest: "); + Logger.info(new String(authnRequest.getTokenSaml())); + + try { + Logger.trace("Initialize VelocityEngine..."); + + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); + VelocityContext context = new VelocityContext(); + context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml())); + context.put("RelayState", moasession.getSessionID()); + context.put("action", destination); + + StringWriter writer = new StringWriter(); + template.merge(context, writer); + + // TODO[branch]: SAML2 Form Submit to CPEPS, response to acsURL Servlet + + resp.setContentType("text/html;charset=UTF-8"); + resp.getOutputStream().write(writer.toString().getBytes("UTF-8")); + + } catch (Exception e) { + Logger.error("Error sending STORK SAML AuthnRequest.", e); + throw new MOAIDException("stork.02", new Object[]{destination}); + + } + + Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination()); + + // do PEPS-conform logging for easier evaluation + try { + // 2015-03-12 16:44:27.144#S-PEPS generates request to C-PEPS#spepsurl#cpepsurl#spapp#spdomain#citizen country#qaa#msghash#msg_id id1#id2# + Logger.info(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss.SSS").format(new Date()) + "#S-PEPS generates request to C-PEPS#" + + issuerValue + "#" + destination + "#" + spApplication + "#" + + new URL(moasession.getPublicOAURLPrefix()).getHost() + "#" + moasession.getCcc() + "#" + oaParam.getQaaLevel() + + "#_hash_#" + moasession.getProcessInstanceId() + "#" + authnRequest.getSamlId() + "#"); + } catch (Exception e1) { + Logger.info("STORK PEPS conform logging failed because of: " + e1.getMessage()); + } + } + private String generateDssSignRequest(String text, String mimeType, String citizenCountry) { + IdentifierGenerator idGenerator; + try { + idGenerator = new SecureRandomIdentifierGenerator(); + + DocumentType doc = new DocumentType(); + doc.setBase64XML(text.getBytes("UTF-8")); + doc.setID(idGenerator.generateIdentifier()); + + SignRequest request = new SignRequest(); + request.setInputDocuments(ApiUtils.createInputDocuments(doc)); + + String id = idGenerator.generateIdentifier(); + request.setRequestID(id); + request.setDocUI(id); + + request.setProfile(Profiles.XADES_BES.toString()); + request.setNumberOfSigners(BigInteger.ONE); + request.setTargetCountry(citizenCountry); + + // no, no todo. PEPS will alter this value anyhow. + request.setReturnURL("http://invalid_return"); + + AnyType required = new AnyType(); + required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString())); + required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString())); + required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG)); + required.getAny().add(ApiUtils.createIncludeObject(doc)); + request.setOptionalInputs(required); + + return IOUtils.toString(ApiUtils.marshalToInputStream(request)); + } catch (NoSuchAlgorithmException e) { + Logger.error("Cannot generate id", e); + throw new RuntimeException(e); + } catch (ApiUtilsException e) { + Logger.error("Could not create SignRequest", e); + throw new RuntimeException(e); + } catch (DOMException e) { + Logger.error("Could not create SignRequest", e); + throw new RuntimeException(e); + } catch (IOException e) { + Logger.error("Could not create SignRequest", e); + throw new RuntimeException(e); + } + } } diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java index 84570141e..d9188d4fc 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorHandleResponseWithoutSignatureTask.java @@ -5,6 +5,7 @@ import iaik.x509.X509Certificate; import java.io.IOException; import java.io.StringWriter; import java.util.ArrayList; +import java.util.Collection; import java.util.List; import javax.servlet.http.HttpServletRequest; @@ -26,12 +27,11 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; -import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorWithLocalSigningServlet; import at.gv.egovernment.moa.id.auth.stork.STORKException; import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; +import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; import at.gv.egovernment.moa.id.moduls.ModulUtils; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; @@ -290,17 +290,17 @@ public class PepsConnectorHandleResponseWithoutSignatureTask extends AbstractPep String issuerValue = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix(); String acsURL = issuerValue - + PEPSConnectorWithLocalSigningServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN; + + AbstractPepsConnectorWithLocalSigningTask.PEPSCONNECTOR_SERVLET_URL_PATTERN; String url = acsURL + "?moaSessionID=" + newMOASessionID; // redirect to OASIS module and sign there boolean found = false; try { - List aps = AuthConfigurationProviderFactory.getInstance() + Collection aps = AuthConfigurationProviderFactory.getInstance() .getOnlineApplicationParameter(moaSession.getPublicOAURLPrefix()).getStorkAPs(); Logger.info("Found AttributeProviderPlugins:" + aps.size()); - for (AttributeProviderPlugin ap : aps) { + for (StorkAttributeProviderPlugin ap : aps) { Logger.info("Found AttributeProviderPlugin attribute:" + ap.getAttributes()); if (ap.getAttributes().equalsIgnoreCase("signedDoc")) { // FIXME: A servlet's class field is not thread safe!!! diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index 748b7df5d..4a12e72ca 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -30,7 +30,6 @@ import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.opensaml.saml2.core.StatusCode; -import org.springframework.format.datetime.DateFormatter; import org.w3c.dom.Element; import org.w3c.dom.Node; @@ -43,7 +42,6 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask; import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet; import at.gv.egovernment.moa.id.auth.stork.STORKException; import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; @@ -64,10 +62,8 @@ import at.gv.egovernment.moa.util.XPathUtils; import at.gv.util.xsd.xmldsig.SignatureType; import at.gv.util.xsd.xmldsig.X509DataType; import eu.stork.documentservice.DocumentService; -import eu.stork.documentservice.data.DatabaseConnectorMySQLImpl; import eu.stork.oasisdss.api.ApiUtils; import eu.stork.oasisdss.api.LightweightSourceResolver; -import eu.stork.oasisdss.api.exceptions.ApiUtilsException; import eu.stork.oasisdss.profile.DocumentType; import eu.stork.oasisdss.profile.DocumentWithSignature; import eu.stork.oasisdss.profile.SignResponse; @@ -123,6 +119,8 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException; */ public class PepsConnectorTask extends AbstractAuthServletTask { + public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnector"; + public PepsConnectorTask() { super(); @@ -336,7 +334,7 @@ public class PepsConnectorTask extends AbstractAuthServletTask { // //////////////////////////////////////////////////////////////////////// - AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); String citizenSignature = null; if(config.isStorkFakeIdLActive() && config.getStorkNoSignatureCountries().contains(storkAuthnRequest.getCitizenCountryCode()) && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) { Logger.debug("signedDoc extraction skipped due to configuration"); @@ -456,7 +454,6 @@ public class PepsConnectorTask extends AbstractAuthServletTask { IdentityLink identityLink = null; executionContext.put("identityLinkAvailable", false); try { - AuthConfiguration config = AuthConfigurationProviderFactory.getInstance(); if(config.isStorkFakeIdLActive() && config.getStorkFakeIdLCountries().contains(storkAuthnRequest.getCitizenCountryCode())) { // create fake IdL // - fetch IdL template from resources -- cgit v1.2.3 From 98dbb23fa5dcd9518beb56fd2410667b385b5524 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 17 Jul 2015 09:18:28 +0200 Subject: first beta version of new MOA-ID WebGUI module for configuration --- .../exception/ConfigurationException.java | 47 -- id/moa-id-webgui/pom.xml | 31 +- .../id/config/webgui/MOAIDConfigurationModul.java | 48 +- .../config/webgui/MOAIDSpringResourceProvider.java | 29 +- .../id/config/webgui/MOAIDWebGUIConfiguration.java | 160 ++++++ .../webgui/exception/ConfigurationException.java | 48 ++ .../exception/SchemaValidationException.java | 43 ++ .../exception/SignatureValidationException.java | 58 +++ .../validation/MOAIDConfigurationValidator.java | 17 +- .../validation/modul/impl/GatewayValidator.java | 19 +- .../modul/impl/InterfederationIDPValidator.java | 7 + .../modul/impl/OnlineApplicationValidator.java | 30 +- .../validation/modul/impl/VIDPValidator.java | 20 +- .../validation/task/AbstractTaskValidator.java | 4 +- .../task/impl/GeneralMOAIDConfigurationTask.java | 5 +- .../task/impl/GeneralOpenIDConfigurationTask.java | 2 +- .../task/impl/GeneralPVP2XConfigurationTask.java | 2 +- .../task/impl/GeneralSTORKConfigurationTask.java | 2 +- .../ServicesAuthenticationInformationTask.java | 229 +++++++++ .../task/impl/ServicesAuthenticationSTORKTask.java | 301 +++++++++++ .../task/impl/ServicesBKUSelectionTask.java | 403 +++++++++++++++ .../task/impl/ServicesGeneralInformationTask.java | 150 +++++- .../task/impl/ServicesInterfederationIDPTask.java | 116 +++++ .../task/impl/ServicesPVPGatewayTask.java | 121 +++++ .../task/impl/ServicesProtocolOpenIDTask.java | 152 ++++++ .../task/impl/ServicesProtocolPVP2XTask.java | 336 +++++++++++++ .../task/impl/ServicesProtocolSAML1Task.java | 114 +++++ .../task/impl/ServicesProtocolSTORKTask.java | 273 ++++++++++ .../task/impl/ServicesSSOAuthenticationTask.java | 101 ++++ .../validation/task/impl/ServicesTargetTask.java | 221 ++++++++ .../task/impl/ServicesbPKDecryptionTask.java | 137 +++++ .../utils/MetaDataVerificationFilter.java | 122 +++++ .../validation/utils/SchemaValidationFilter.java | 98 ++++ ...i.validation.task.IDynamicLoadableTaskValidator | 4 + .../resources/applicationResources_de.properties | 4 +- .../resources/applicationResources_en.properties | 2 + .../src/main/resources/gui/meta.properties | 92 +++- .../src/main/resources/gui/types/gateway.json | 50 ++ .../src/main/resources/gui/types/general.json | 7 + .../src/main/resources/gui/types/iidp.json | 124 +++++ .../src/main/resources/gui/types/oa.json | 557 ++++++++++++++++++++- .../src/main/resources/gui/types/vidp.json | 371 ++++++++++++++ .../src/main/resources/moaid.webgui.beans.xml | 12 +- .../moa/id/auth/AuthenticationServer.java | 2 +- .../moa/id/auth/MOAIDAuthConstants.java | 11 +- .../id/auth/builder/AuthenticationDataBuilder.java | 2 +- .../moa/id/auth/builder/DataURLBuilder.java | 3 +- .../StartAuthentificationParameterParser.java | 2 +- .../moa/id/auth/servlet/AuthServlet.java | 2 +- .../servlet/GenerateIFrameTemplateServlet.java | 9 +- .../id/auth/servlet/IDPSingleLogOutServlet.java | 13 +- .../auth/servlet/ProcessEngineSignalServlet.java | 10 +- .../moa/id/auth/servlet/RedirectServlet.java | 11 +- .../moa/id/config/ConfigurationUtils.java | 1 - .../auth/AuthConfigurationProviderFactory.java | 18 +- .../moa/id/config/auth/OAAuthParameter.java | 11 +- .../PropertyBasedAuthConfigurationProvider.java | 19 +- .../moa/id/entrypoints/DispatcherServlet.java | 7 +- .../moa/id/moduls/AuthenticationManager.java | 2 +- .../at/gv/egovernment/moa/id/moduls/IAction.java | 2 +- .../moa/id/protocols/pvp2x/PVP2XProtocol.java | 2 +- .../moa/id/protocols/pvp2x/SingleLogOutAction.java | 7 +- .../builder/attributes/IPVPAttributeBuilder.java | 3 +- .../moa/id/protocols/saml1/GetArtifactAction.java | 9 +- .../moa/id/protocols/saml1/SAML1Protocol.java | 2 +- .../protocols/stork2/AttributeProviderFactory.java | 10 +- .../moa/id/protocols/stork2/STORKProtocol.java | 2 +- .../moa/id/util/ParamValidatorUtils.java | 2 +- .../moa/id/util/legacy/LegacyHelper.java | 2 +- .../main/resources/moaid.configuration.beans.xml | 24 + .../resources/properties/id_messages_de.properties | 3 +- .../protocol_response_statuscodes_de.properties | 1 + .../src/test/java/test/tlenz/simpletest.java | 22 + .../egovernment/moa/id/commons/MOAIDConstants.java | 109 ++++ .../config/ConfigurationMigrationUtils.java | 242 +++++---- .../moa/id/commons/config/ConfigurationUtil.java | 34 +- .../config/MOAIDConfigurationConstants.java | 90 +--- .../moa/id/commons/config/MigrationTest.java | 2 +- .../config/persistence/MOAIDConfigurationImpl.java | 10 + .../db/dao/config/DatabaseConfigPropertyImpl.java | 3 +- .../moa/id/commons/utils/KeyValueUtils.java | 13 + .../src/main/resources/configuration.beans.xml | 28 +- .../src/main/resources/moaid.migration.beans.xml | 40 ++ 83 files changed, 5013 insertions(+), 441 deletions(-) delete mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationException.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java create mode 100644 id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java create mode 100644 id/moa-id-webgui/src/main/resources/gui/types/gateway.json create mode 100644 id/moa-id-webgui/src/main/resources/gui/types/iidp.json create mode 100644 id/moa-id-webgui/src/main/resources/gui/types/vidp.json create mode 100644 id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java create mode 100644 id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml (limited to 'id/server/idserverlib/src/test/java') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java deleted file mode 100644 index 3aa3910cc..000000000 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java +++ /dev/null @@ -1,47 +0,0 @@ -/******************************************************************************* - * Copyright 2014 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - *******************************************************************************/ -package at.gv.egovernment.moa.id.configuration.exception; - -import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; - -public class ConfigurationException extends Exception { - - private static final long serialVersionUID = 1L; - - public ConfigurationException(String errorname) { - super(LanguageHelper.getErrorString(errorname, null)); - } - - public ConfigurationException(String errorname, Throwable e) { - super(LanguageHelper.getErrorString(errorname, null), e); - } - - public ConfigurationException(String errorname, Object[] params, Throwable e) { - super(LanguageHelper.getErrorString(errorname, params, null), e); - } - - public ConfigurationException(Throwable e) { - super(e); - } - -} diff --git a/id/moa-id-webgui/pom.xml b/id/moa-id-webgui/pom.xml index 76660eac2..35436db4b 100644 --- a/id/moa-id-webgui/pom.xml +++ b/id/moa-id-webgui/pom.xml @@ -16,8 +16,16 @@ ${basedir}/../../repository + + + shibboleth.internet2.edu + Internet2 + https://build.shibboleth.net/nexus/content/groups/public/ + + + - src/main/jave + src/main/java maven-compiler-plugin @@ -47,6 +55,27 @@ moa-id-commons + + org.opensaml + opensaml + + + org.slf4j + log4j-over-slf4j + + + + + org.opensaml + xmltooling + + + org.slf4j + log4j-over-slf4j + + + + diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java index 72e2321e9..0ec230324 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java @@ -45,6 +45,9 @@ import at.gv.egiz.components.configuration.meta.api.MetadataConfiguration; import at.gv.egiz.components.configuration.meta.api.SchemaEntry; import at.gv.egiz.components.configuration.meta.api.impl.BaseMetadataConfiguration; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfigurationImpl; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationValidationException; import at.gv.egovernment.moa.id.config.webgui.validation.MOAIDConfigurationValidator; @@ -57,7 +60,7 @@ public class MOAIDConfigurationModul implements ConfigurationModul{ private static final String MODULE_NAME = "MOAIDConfigurationModul"; - private static Configuration config; + private static MOAIDConfiguration config; private static Configuration meta; private static MetadataConfiguration metadata = null; @@ -76,23 +79,29 @@ public class MOAIDConfigurationModul implements ConfigurationModul{ } @Autowired - public void setDatabaseConfiguration(Configuration dbconfig) { + public void setDatabaseConfiguration(MOAIDConfiguration dbconfig) { config = dbconfig; } /** + * @throws Exception * */ - public MOAIDConfigurationModul() { - loadType("general", "/gui/types/general.json"); - -// loadType("oa", "/gui/types/oa.json"); - - //TODO: load correct types -// loadType("vidp", "/gui/types/oa.json"); -// loadType("iidp", "/gui/types/oa.json"); -// loadType("gateway", "/gui/types/oa.json"); + public MOAIDConfigurationModul() throws Exception { + loadType("general", "/gui/types/general.json"); + loadType("moaidoa", "/gui/types/oa.json"); + loadType("moaidvidp", "/gui/types/vidp.json"); + loadType("moaidiidp", "/gui/types/iidp.json"); + loadType("moaidgateway", "/gui/types/gateway.json"); + try { + MOAIDWebGUIConfiguration.getInstance(); + + } catch (at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException e) { + logger.error("MOA-ID WebGUI initialization FAILED! (Reason: {})", e.getMessage()); + throw new Exception(e); + + } } @@ -146,8 +155,19 @@ public class MOAIDConfigurationModul implements ConfigurationModul{ @Override public String buildArrayIdentifier(String arrayId, int refCounter, Map properties) throws ConfigurationException { - // TODO Auto-generated method stub - return null; + logger.trace("Search next free list index for key: " + arrayId); + + if (arrayId.startsWith(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES)) { + String[] allListKeys = config.findConfigurationId(arrayId + ".%." + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); + int freeIndex = KeyValueUtils.findNextFreeListCounter(allListKeys, arrayId) + refCounter; + logger.debug("Found free listIndex: " + freeIndex + " for serviceKey: " + arrayId); + return String.valueOf(freeIndex); + + } else { + logger.warn("Actually, only services are from type array and need an index."); + throw new ConfigurationException("Actually, only services are from type array and need an index."); + + } } /* (non-Javadoc) @@ -203,7 +223,7 @@ public class MOAIDConfigurationModul implements ConfigurationModul{ Iterator deleteInterator = deleted.iterator(); while (deleteInterator.hasNext()) { String el = deleteInterator.next(); - try { + try { config.deleteIds(el); logger.trace("Delete key {}", el); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java index 61e1a1192..f9f8d1d2d 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java @@ -22,10 +22,14 @@ */ package at.gv.egovernment.moa.id.config.webgui; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; import at.gv.egiz.components.spring.api.SpringResourceProvider; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolPVP2XTask; /** * @author tlenz @@ -33,16 +37,33 @@ import at.gv.egiz.components.spring.api.SpringResourceProvider; */ public class MOAIDSpringResourceProvider implements SpringResourceProvider { - private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig"; + private static final Logger log = LoggerFactory.getLogger(MOAIDSpringResourceProvider.class); /* (non-Javadoc) * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad() */ @Override - public Resource[] getResourcesToLoad() { - ClassPathResource webguicontextconfig = new ClassPathResource("/moaid.webgui.beans.xml", MOAIDSpringResourceProvider.class); + public Resource[] getResourcesToLoad() { +// try { + //TODO: is not a nice solution -> fix in futher version + //MOAIDWebGUIConfiguration moaIdWebguiConfig = MOAIDWebGUIConfiguration.getInstance(); + //JPAPropertiesWithJavaConfig.setLocalProperties(moaIdWebguiConfig.getDatabaseProperties()); + ClassPathResource databasecontextconfig = new ClassPathResource("/configuration.beans.xml", MOAIDSpringResourceProvider.class); - return new Resource[] {webguicontextconfig, databasecontextconfig}; + ClassPathResource webguicontextconfig = new ClassPathResource("/moaid.webgui.beans.xml", MOAIDSpringResourceProvider.class); + ClassPathResource webguidatabasecontextconfig = new ClassPathResource("/moaid.migration.beans.xml", MOAIDSpringResourceProvider.class); + + + + return new Resource[] {databasecontextconfig, webguidatabasecontextconfig, webguicontextconfig}; + +// } catch (ConfigurationException e) { +// log.error("Can not load MOA-ID WebGUI configuration.", e); +// return null; +// +// } + + } diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java new file mode 100644 index 000000000..0a3a9eef8 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java @@ -0,0 +1,160 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.net.URI; +import java.net.URISyntaxException; +import java.util.Properties; + +import org.opensaml.DefaultBootstrap; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.stereotype.Service; + +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException; +import at.gv.egovernment.moa.util.FileUtils; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +@Service +public class MOAIDWebGUIConfiguration { + + private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig"; + + private static final Logger log = LoggerFactory.getLogger(MOAIDWebGUIConfiguration.class); + + + + private Properties props; + private String configFileName; + private String configRootDir; + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.commons.config.persistence.LocalConfigurationBean#getLocalDatabaseProperties() + */ + + private static MOAIDWebGUIConfiguration instance = null; + + public static MOAIDWebGUIConfiguration getInstance() throws ConfigurationException { + if (instance == null) { + instance = new MOAIDWebGUIConfiguration(); + + } + return instance; + } + + + MOAIDWebGUIConfiguration() throws ConfigurationException { + configFileName = System.getProperty(SYSTEM_PROP_CONFIG); + + if (configFileName == null) { + throw new ConfigurationException("config.05"); + } + try { + URI fileURI = new URI(configFileName); + + // determine the directory of the root config file + configRootDir = new File(fileURI).getParent(); + + log.info("Loading MOA-ID WebGUI configuration from file " + fileURI); + + //Load MOAID-2.0 properties file + + File propertiesFile = new File(fileURI); + FileInputStream fis; + props = new Properties(); + + fis = new FileInputStream(propertiesFile); + props.load(fis); + + fis.close(); + + log.debug("OpenSAML initialization started ..."); + DefaultBootstrap.bootstrap(); + log.info("OpenSAML initialization complete."); + + log.info("Pre-Initialization step of MOA-ID WebGUI module finished ... "); + + + } catch (FileNotFoundException e) { + throw new ConfigurationException("config.01", new Object[]{configFileName}, e); + + } catch (IOException e) { + throw new ConfigurationException("config.02", new Object[]{configFileName}, e); + + } catch (org.opensaml.xml.ConfigurationException e) { + throw new ConfigurationException("config.04", e); + + } catch (URISyntaxException e) { + throw new ConfigurationException("config.06", new Object[]{MOAIDConfigurationConstants.FILE_URI_PREFIX, configFileName}, e); + + } + } + +// @Override +// protected Properties getLocalDatabaseProperties() { +// return this.props; +// } + + public String getConfigFile() { + return configFileName; + } + + public String getConfigRootDir() { + return configRootDir; + } + + public String getCertStoreDirectory() throws ConfigurationException { + String dir = props.getProperty("general.ssl.certstore"); + if (MiscUtil.isNotEmpty(dir)) + return FileUtils.makeAbsoluteURL(dir, configRootDir); + + else + throw new ConfigurationException("No SSLCertStore configured use default JAVA TrustStore."); + + } + + public String getTrustStoreDirectory() throws ConfigurationException { + String dir = props.getProperty("general.ssl.truststore"); + if (MiscUtil.isNotEmpty(dir)) + return FileUtils.makeAbsoluteURL(dir, configRootDir); + + else + throw new ConfigurationException("No SSLTrustStore configured use default JAVA TrustStore."); + + } + + public boolean isPVPMetadataSchemaValidationActive() { + return Boolean.parseBoolean(props.getProperty("general.pvp.schemavalidation", "true")); + + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationException.java new file mode 100644 index 000000000..2f2decab9 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationException.java @@ -0,0 +1,48 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.config.webgui.exception; + +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; + + +public class ConfigurationException extends Exception { + + private static final long serialVersionUID = 1L; + + public ConfigurationException(String errorname) { + super(LanguageHelper.getErrorString(errorname, null)); + } + + public ConfigurationException(String errorname, Throwable e) { + super(LanguageHelper.getErrorString(errorname, null), e); + } + + public ConfigurationException(String errorname, Object[] params, Throwable e) { + super(LanguageHelper.getErrorString(errorname, params), e); + } + + public ConfigurationException(Throwable e) { + super(e); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java new file mode 100644 index 000000000..3c0827a62 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java @@ -0,0 +1,43 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.exception; + +import org.opensaml.saml2.metadata.provider.FilterException; + +/** + * @author tlenz + * + */ +public class SchemaValidationException extends FilterException { + + /** + * @param string + */ + public SchemaValidationException(String string) { + super(string); + + } + + private static final long serialVersionUID = 1L; + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java new file mode 100644 index 000000000..7c4c48e6b --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java @@ -0,0 +1,58 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.exception; + +import org.opensaml.saml2.metadata.provider.FilterException; + +/** + * @author tlenz + * + */ +public class SignatureValidationException extends FilterException { + + /** + * @param string + */ + public SignatureValidationException(String string) { + super(string); + + } + + /** + * @param e + */ + public SignatureValidationException(Exception e) { + super(e); + } + + /** + * @param string + * @param object + */ + public SignatureValidationException(String string, Exception e) { + super(string, e); + } + + private static final long serialVersionUID = 1L; + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java index a1cafe702..5fc5b86d2 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java @@ -36,6 +36,7 @@ import org.springframework.beans.factory.annotation.Autowired; import at.gv.egiz.components.configuration.api.Configuration; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationValidationException; @@ -48,7 +49,7 @@ import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTa */ public class MOAIDConfigurationValidator { private static final Logger logger = LoggerFactory.getLogger(MOAIDConfigurationValidator.class); - private static Configuration dbconfig; + private static MOAIDConfiguration dbconfig; private static ServiceLoader moduleLoader = ServiceLoader.load(IModuleValidator.class); @@ -61,7 +62,7 @@ public class MOAIDConfigurationValidator { private boolean isDataValidated = false; @Autowired - public void setDatabaseConfiguration(Configuration config) { + public void setDatabaseConfiguration(MOAIDConfiguration config) { dbconfig = config; } @@ -81,7 +82,7 @@ public class MOAIDConfigurationValidator { } - //load tasks + //load dynamic tasks Iterator taskLoaderInterator = taskLoader.iterator(); while (taskLoaderInterator.hasNext()) { IDynamicLoadableTaskValidator task = taskLoaderInterator.next(); @@ -151,8 +152,13 @@ public class MOAIDConfigurationValidator { if (moduleValidator.containsKey(moduleID)) { logger.trace("Starting validation process of keyGroup: " + groupEl.getKey() + " with module: " + moduleValidator.get(moduleID).getName()); + Map servicekeys = KeyValueUtils.removePrefixFromKeys(groupEl.getValue(), groupEl.getKey()); + + //put service prefix to validation Map to check if service already stored + servicekeys.put(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES, groupEl.getKey()); + moduleValidator.get(moduleID) - .validate(KeyValueUtils.removePrefixFromKeys(groupEl.getValue(), groupEl.getKey())); + .validate(servicekeys); } else logger.info("No ModulValidator for keygroup {} found.", moduleID); @@ -268,6 +274,7 @@ public class MOAIDConfigurationValidator { for (String key : validationModuleKeys) { if (el.getKey().startsWith(key)) { selectedModul = moduleValidator.get(key); + break; } } @@ -276,7 +283,7 @@ public class MOAIDConfigurationValidator { String groupkey = null; if (selectedModul.getKeyPrefix().startsWith(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES)) { String oaIndex = KeyValueUtils.getFirstChildAfterPrefix(el.getKey(), selectedModul.getKeyPrefix()); - groupkey = selectedModul + "." + oaIndex; + groupkey = selectedModul.getKeyPrefix() + "." + oaIndex; } else groupkey = selectedModul.getKeyPrefix(); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java index 22281c973..e7775beba 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java @@ -22,12 +22,10 @@ */ package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl; -import java.util.Map; - import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException; import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator; -import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesPVPGatewayTask; /** * @author tlenz @@ -35,17 +33,12 @@ import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator; */ public class GatewayValidator extends AbstractModuleValidator { - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#validate(java.util.Map) - */ - @Override - public void validate(Map input) - throws ConfigurationModulValidationException { - // TODO Auto-generated method stub - + public GatewayValidator() { + addTaskValidator(new ServicesGeneralInformationTask()); + addTaskValidator(new ServicesPVPGatewayTask()); } - + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getKeyPrefix() */ diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java index 2e9288415..5b9312e8e 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java @@ -24,6 +24,8 @@ package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesInterfederationIDPTask; /** * @author tlenz @@ -31,6 +33,11 @@ import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleVal */ public class InterfederationIDPValidator extends AbstractModuleValidator { + public InterfederationIDPValidator() { + addTaskValidator(new ServicesGeneralInformationTask()); + addTaskValidator(new ServicesInterfederationIDPTask()); + + } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getKeyPrefix() diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java index a71d425f2..dbce8ec3a 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java @@ -22,13 +22,15 @@ */ package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl; -import java.util.Map; - import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException; -import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationValidationException; import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator; -import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesAuthenticationInformationTask; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesBKUSelectionTask; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolSAML1Task; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesSSOAuthenticationTask; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesTargetTask; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesbPKDecryptionTask; /** * @author tlenz @@ -36,14 +38,18 @@ import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator; */ public class OnlineApplicationValidator extends AbstractModuleValidator { - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#validate(java.util.Map) + /** + * */ - @Override - public void validate(Map input) - throws ConfigurationModulValidationException { - // TODO Auto-generated method stub - + public OnlineApplicationValidator() { + addTaskValidator(new ServicesGeneralInformationTask()); + addTaskValidator(new ServicesTargetTask()); + addTaskValidator(new ServicesAuthenticationInformationTask()); + addTaskValidator(new ServicesSSOAuthenticationTask()); + addTaskValidator(new ServicesbPKDecryptionTask()); + addTaskValidator(new ServicesProtocolSAML1Task()); + addTaskValidator(new ServicesBKUSelectionTask()); + } /* (non-Javadoc) diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java index 17dc66550..ad3c15b16 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java @@ -22,13 +22,11 @@ */ package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl; -import java.util.Map; - import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException; -import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationValidationException; import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator; -import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesBKUSelectionTask; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask; +import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesTargetTask; /** * @author tlenz @@ -36,14 +34,12 @@ import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator; */ public class VIDPValidator extends AbstractModuleValidator { - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#validate(java.util.Map) - */ - @Override - public void validate(Map input) - throws ConfigurationModulValidationException { - // TODO Auto-generated method stub + public VIDPValidator() { + addTaskValidator(new ServicesGeneralInformationTask()); + addTaskValidator(new ServicesTargetTask()); + addTaskValidator(new ServicesBKUSelectionTask()); + } /* (non-Javadoc) diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java index 394bc4da7..a124949f1 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java @@ -49,7 +49,7 @@ public abstract class AbstractTaskValidator implements ITaskValidator { throws ConfigurationTaskValidationException { //start task specific validation - tastValidate(input); + taskValidate(input); } @@ -59,7 +59,7 @@ public abstract class AbstractTaskValidator implements ITaskValidator { * @param input Key/Value pairs of a module for validation * @throws ConfigurationModulValidationException */ - abstract protected void tastValidate(Map input) + abstract protected void taskValidate(Map input) throws ConfigurationTaskValidationException; /* (non-Javadoc) diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java index e4646bc04..b8836b90c 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java @@ -94,7 +94,7 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map) */ @Override - protected void tastValidate(Map input) + protected void taskValidate(Map input) throws ConfigurationTaskValidationException { List errors = new ArrayList(); @@ -451,7 +451,7 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme } check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, getKeyPrefix())); - if (MiscUtil.isEmpty(check)) { + if (MiscUtil.isEmpty(check) || check.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) { log.info("AuthBlock Transformation file is empty"); errors.add(new ValidationObjectIdentifier( MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, @@ -537,6 +537,7 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme //TODO: add AuthBlock transformation filename String authBlockTransformation = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, getKeyPrefix())); + String[] splittet = authBlockTransformation.split(","); if (splittet.length > 1) { newConfigValues.put(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java index 95f6c8349..35fed19a3 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java @@ -54,7 +54,7 @@ public class GeneralOpenIDConfigurationTask extends AbstractTaskValidator { * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) */ @Override - protected void tastValidate(Map input) + protected void taskValidate(Map input) throws ConfigurationTaskValidationException { } diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java index 46dce77a0..a593b5461 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java @@ -82,7 +82,7 @@ public class GeneralPVP2XConfigurationTask extends AbstractTaskValidator impleme * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map) */ @Override - protected void tastValidate(Map input) + protected void taskValidate(Map input) throws ConfigurationTaskValidationException { List errors = new ArrayList(); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java index a12c8f0cd..c6086583a 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java @@ -90,7 +90,7 @@ public static final List KEYWHITELIST; * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map) */ @Override - public void tastValidate(Map input) + public void taskValidate(Map input) throws ConfigurationTaskValidationException { List errors = new ArrayList(); Map validatedCPeps = new HashedMap(); diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java new file mode 100644 index 000000000..c39e857e4 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java @@ -0,0 +1,229 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesAuthenticationInformationTask extends AbstractTaskValidator implements ITaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesAuthenticationInformationTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return ""; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - Authentication Configuration Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + //Check BKU URLs + String check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY); + if (MiscUtil.isNotEmpty(check) && + !ValidationHelper.validateURL(check)) { + log.info("Not valid Handy-BKU URL"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY, + "BKU - Handy", + LanguageHelper.getErrorString("validation.general.bku.handy.valid"))); + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL); + if (MiscUtil.isNotEmpty(check) && + !ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL, + "BKU - Local", + LanguageHelper.getErrorString("validation.general.bku.local.valid"))); + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE); + if (MiscUtil.isNotEmpty(check) && + !ValidationHelper.validateURL(check)) { + log.info("Not valid Online-BKU URL"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE, + "BKU - Online", + LanguageHelper.getErrorString("validation.general.bku.online.valid"))); + } + + //check KeyBoxIdentifier + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_KEYBOXIDENTIFIER); + if (MiscUtil.isEmpty(check)) { + log.info("Empty KeyBoxIdentifier"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE, + "BKU - KeyBoxIdentifier", + LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty"))); + + } else { + if (!MOAIDConfigurationConstants.ALLOWED_KEYBOXIDENTIFIER.contains(check)) { + log.info("Not valid KeyBoxIdentifier " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE, + "BKU - KeyBoxIdentifier", + LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid"))); + } + } + + //check LegacyMode SLTemplates + String isLegacyModeActive = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_LEGACY); + if (MiscUtil.isNotEmpty(isLegacyModeActive) && Boolean.parseBoolean(isLegacyModeActive)) { + if (MiscUtil.isEmpty(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE)) && + MiscUtil.isEmpty(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE)) && + MiscUtil.isEmpty(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE)) ) { + log.info("Empty OA-specific SecurityLayer Templates"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_LEGACY, + "BKU - SecurityLayer Templates", + LanguageHelper.getErrorString("validation.general.sltemplates.empty"))); + + } else { + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE); + if (MiscUtil.isNotEmpty(check) && + ValidationHelper.isNotValidIdentityLinkSigner(check) ) { + log.info("First OA-specific SecurityLayer Templates is not valid"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE, + "BKU - 1. SecurityLayer Templates", + LanguageHelper.getErrorString("validation.general.sltemplate1.valid"))); + } + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE); + if (MiscUtil.isNotEmpty(check) && + ValidationHelper.isNotValidIdentityLinkSigner(check) ) { + log.info("Second OA-specific SecurityLayer Templates is not valid"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE, + "BKU - 2. SecurityLayer Templates", + LanguageHelper.getErrorString("validation.general.sltemplate2.valid"))); + } + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE); + if (MiscUtil.isNotEmpty(check) && + ValidationHelper.isNotValidIdentityLinkSigner(check) ) { + log.info("Third OA-specific SecurityLayer Templates is not valid"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE, + "BKU - 3. SecurityLayer Templates", + LanguageHelper.getErrorString("validation.general.sltemplate3.valid"))); + } + } + } + + //check Mandate Profiles + String checkUseMandate = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_USE); + if (MiscUtil.isNotEmpty(checkUseMandate) && Boolean.parseBoolean(checkUseMandate)) { + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_PROFILES); + if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + log.warn("MandateProfiles contains potentail XSS characters: " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_PROFILES, + "Mandates - Profiles", + LanguageHelper.getErrorString("validation.general.mandate.profiles", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + } + + } + + String isTestCredentialsActive = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED); + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs); + if (MiscUtil.isNotEmpty(isTestCredentialsActive) && + Boolean.parseBoolean(isTestCredentialsActive) && + MiscUtil.isNotEmpty(check)) { + String[] oids = check.split(","); + for (String el : oids) { + if (!el.startsWith(MOAIDConfigurationConstants.TESTCREDENTIALROOTOID)) { + log.warn("Test credential OID does not start with test credential root OID"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs, + "Test-Identities - allowed OIDs", + LanguageHelper.getErrorString("validation.general.testcredentials.oid.valid", + new Object[] {el}) )); + } + } + } + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java new file mode 100644 index 000000000..087334c4b --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java @@ -0,0 +1,301 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.regex.Pattern; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesAuthenticationSTORKTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesAuthenticationSTORKTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return ""; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - General Configuration Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + Map newConfigValues = new HashMap(); + + //C-PEPS + try { + //search all actually configured C-PEPS + String[] cPepsKeys = dbconfig.findConfigurationId( + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST + + ".%." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY); + List cPepsCountries = new ArrayList(); + for (String el : cPepsKeys) { + String country = dbconfig.getStringValue(el); + if (MiscUtil.isNotEmpty(el)) + cPepsCountries.add(country); + + } + + //check SERVICE STORK countries against C-PEPS configuration + Map GUICountries = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST); + Iterator> GUICountriesInterator = GUICountries.entrySet().iterator(); + while (GUICountriesInterator.hasNext()) { + Entry entry = GUICountriesInterator.next(); + if (entry.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE)) { + + if (cPepsCountries.contains(entry.getValue())) { + //Service contains C-PEPS + log.trace("Service contains C-PEPS with countryCode: " + entry.getValue()); + cPepsCountries.remove(entry.getValue()); + + } else { + //Service contains countryCode which is not a C-PEPS --> remove country code from service + log.debug("No C-PEPS with service countryCode: " + entry.getValue() + + " Remove countryCode from service."); + String index = KeyValueUtils.getParentKey(entry.getKey()); + if (MiscUtil.isNotEmpty(index)) { + keysToDelete.add( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + index + "*"); + + } else + log.warn("Can not remove countryCode from service. Suspect key: " + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + entry.getKey()); + + } + } + } + + // add new C-PEPS to service + int nextFreeIndex = KeyValueUtils.findNextFreeListCounter(GUICountries.keySet(), new String()); + for (String el : cPepsCountries) { + log.debug("Add new C-PEPS: " + el + " to service with key: " + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + nextFreeIndex); + newConfigValues.put( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + nextFreeIndex + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE, + el); + newConfigValues.put( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + nextFreeIndex + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED, + String.valueOf(true)); + nextFreeIndex++; + } + + + } catch (ConfigurationException e) { + log.error("Can not access configuration.", e); + + } + + + //STORK attributes + try { + //search all actually configured C-PEPS + String[] attributeKeys = dbconfig.findConfigurationId( + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST + + ".%." + + MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME); + List attributeNames = new ArrayList(); + for (String el : attributeKeys) { + String country = dbconfig.getStringValue(el); + if (MiscUtil.isNotEmpty(el)) + attributeNames.add(country); + + } + + //check SERVICE STORK countries against C-PEPS configuration + Map GUIAttributes = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST); + Iterator> GUIAttributesInterator = GUIAttributes.entrySet().iterator(); + while (GUIAttributesInterator.hasNext()) { + Entry entry = GUIAttributesInterator.next(); + if (entry.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME)) { + + if (attributeNames.contains(entry.getValue())) { + //Service contains C-PEPS + log.trace("Service contains STORK attribute with name: " + entry.getValue()); + attributeNames.remove(entry.getValue()); + + } else { + //Service contains countryCode which is not a C-PEPS --> remove country code from service + log.debug("No STORK attribute with service attributeName: " + entry.getValue() + + " Remove STORK attribte from service."); + String index = KeyValueUtils.getParentKey(entry.getKey()); + if (MiscUtil.isNotEmpty(index)) { + keysToDelete.add( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + index + "*"); + + } else + log.warn("Can not remove STORK attribute from service. Suspect key: " + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + entry.getKey()); + + } + } + } + + // add new C-PEPS to service + int nextFreeIndex = KeyValueUtils.findNextFreeListCounter(GUIAttributes.keySet(), new String()); + for (String el : attributeNames) { + log.debug("Add new STORK attribute: " + el + " to service with key: " + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + nextFreeIndex); + newConfigValues.put( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + nextFreeIndex + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME, + el); + + newConfigValues.put( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + nextFreeIndex + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED, + String.valueOf(false)); + + newConfigValues.put( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + nextFreeIndex + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, + String.valueOf(false)); + + nextFreeIndex++; + } + + + } catch (ConfigurationException e) { + log.error("Can not access configuration.", e); + + } + + + + if (newConfigValues.isEmpty()) + return null; + else + return newConfigValues; + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + // check qaa + String qaaString = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL); + if (MiscUtil.isNotEmpty(qaaString)) { + try { + int qaa = Integer.parseInt(qaaString); + if(1 > qaa && 4 < qaa) { + log.warn("QAA is out of range : " + qaa); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, + "STORK - minimal QAA level", + LanguageHelper.getErrorString("validation.stork.qaa.outofrange", + new Object[] {qaa}))); + } + + } catch (NumberFormatException e) { + log.warn("QAA level is not a number: " + qaaString); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, + "STORK - minimal QAA level", + LanguageHelper.getErrorString("validation.stork.qaa.outofrange", + new Object[] {qaaString}))); + } + } + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix() + */ + @Override + public List getModulValidatorPrefix() { + return Arrays.asList( + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA + ); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java new file mode 100644 index 000000000..7ed9751cb --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java @@ -0,0 +1,403 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; + +import org.apache.commons.codec.binary.Base64; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesBKUSelectionTask extends AbstractTaskValidator implements ITaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesBKUSelectionTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return "auth.templates"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - BKU-Selection Configuration Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + + Map newConfigValues = new HashMap(); + + String bkuSelectTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME); + if (MiscUtil.isNotEmpty(bkuSelectTemplateUploadedFileName)) { + newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW, bkuSelectTemplateUploadedFileName); + + } + + String sendAssertionTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME); + if (MiscUtil.isNotEmpty(sendAssertionTemplateUploadedFileName)) { + newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW, sendAssertionTemplateUploadedFileName); + + } + + if (newConfigValues.isEmpty()) + return null; + else + return newConfigValues; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + + //validate aditionalAuthBlockText + String check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT, + "AuthBlock - Addition AuthBlocktext", + LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + } + } + + //validate BKU selection template + String bkuSelectTemplate = null; + String bkuSelectionFileUpload = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA); + if (MiscUtil.isNotEmpty(bkuSelectionFileUpload) && + !bkuSelectionFileUpload.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT) ) { + String bkuSelectTemplateFileName = "unknown"; + try { + String bkuSelectTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME); + if (MiscUtil.isNotEmpty(bkuSelectTemplateUploadedFileName)) { + if (ValidationHelper.containsPotentialCSSCharacter(bkuSelectTemplateUploadedFileName, false)) { + log.info("BKU Selection Filename is not valid"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME, + "Templates - BKU Selection Filename", + LanguageHelper.getErrorString("validation.general.bkuselection.filename.valid"))); + + } else + bkuSelectTemplateFileName = bkuSelectTemplateUploadedFileName; + + } else { + String bkuSelectTemplatePreView = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW); + if (MiscUtil.isNotEmpty(bkuSelectTemplatePreView)) + bkuSelectTemplateFileName = bkuSelectTemplatePreView; + + } + + String[] bkuSelectTemplateSplitted = bkuSelectionFileUpload.split(","); + if (bkuSelectTemplateSplitted.length > 1) + bkuSelectTemplate = bkuSelectTemplateSplitted[1]; + else + bkuSelectTemplate = bkuSelectionFileUpload; + + if (!Base64.isBase64(bkuSelectTemplate)) { + log.info("BKU Selection Template is not decodeable."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA, + "Templates - BKU Selection", + LanguageHelper.getErrorString("validation.general.bkuselection.file.valid", + new Object[] {bkuSelectTemplateFileName}))); + + } + + } catch (Exception e) { + log.info("BKU Selection Template is not decodeable."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA, + "Templates - BKU Selection", + LanguageHelper.getErrorString("validation.general.bkuselection.file.valid", + new Object[] {bkuSelectTemplateFileName}))); + + } + + } + + //validate send-assertion template + String sendAssertionTemplate = null; + String sendAssertionFileUpload = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA); + if (MiscUtil.isNotEmpty(sendAssertionFileUpload) && + !sendAssertionFileUpload.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) { + String sendAssertionTemplateFileName = "unknown"; + try { + String sendAssertionTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME); + if (MiscUtil.isNotEmpty(sendAssertionTemplateUploadedFileName)) { + if (ValidationHelper.containsPotentialCSSCharacter(sendAssertionTemplateUploadedFileName, false)) { + log.info("Send Assertion Filename is not valid"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME, + "Templates - Send Assertion Filename", + LanguageHelper.getErrorString("validation.general.sendassertion.filename.valid"))); + + } else + sendAssertionTemplateFileName = sendAssertionTemplateUploadedFileName; + + } else { + String sendAssertionTemplatePreView = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_PREVIEW); + if (MiscUtil.isNotEmpty(sendAssertionTemplatePreView)) + sendAssertionTemplateFileName = sendAssertionTemplatePreView; + + } + + String[] sendAssertionTemplateSplitted = sendAssertionFileUpload.split(","); + if (sendAssertionTemplateSplitted.length > 1) + sendAssertionTemplate = sendAssertionTemplateSplitted[1]; + else + sendAssertionTemplate = sendAssertionFileUpload; + + if (!Base64.isBase64(sendAssertionTemplate)) { + log.info("Send Assertion Template is not decodeable."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA, + "Templates - Send Assertion", + LanguageHelper.getErrorString("validation.general.sendassertion.file.valid", + new Object[] {sendAssertionTemplateFileName}))); + + } + + } catch (Exception e) { + log.info("Send Assertion Template is not decodeable."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA, + "Templates - Send Assertion", + LanguageHelper.getErrorString("validation.general.sendassertion.file.valid", + new Object[] {sendAssertionTemplateFileName}))); + + } + + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) + check = "#" + check; + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR, + "Templates - Background Color", + LanguageHelper.getErrorString("validation.general.form.color.background"))); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) + check = "#" + check; + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("BKUSelectionFrontColor is not a valid hex value " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR, + "Templates - Front Color", + LanguageHelper.getErrorString("validation.general.form.color.front"))); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) + check = "#" + check; + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("HeaderBackGroundColor is not a valid hex value " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR, + "Templates - Header Background-Color", + LanguageHelper.getErrorString("validation.general.form.header.color.back"))); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) + check = "#" + check; + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("HeaderFrontColor is not a valid hex value " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR, + "Templates - Header Front-Color", + LanguageHelper.getErrorString("validation.general.form.header.color.front"))); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("HeaderText contains potentail XSS characters: " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT, + "Templates - Header Text", + LanguageHelper.getErrorString("validation.general.form.header.text", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) + check = "#" + check; + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("ButtonBackGroundColor is not a valid hex value " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR, + "Templates - Button Background-Color", + LanguageHelper.getErrorString("validation.general.form.button.color.back"))); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) + check = "#" + check; + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("ButtonBackGroundColorFocus is not a valid hex value " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS, + "Templates - Button Background-Color on Focus", + LanguageHelper.getErrorString("validation.general.form.button.color.back.focus"))); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR); + if (MiscUtil.isNotEmpty(check)) { + if (!check.startsWith("#")) + check = "#" + check; + + if (!ValidationHelper.isValidHexValue(check)) { + log.warn("ButtonFrontColor is not a valid hex value " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR, + "Templates - Button Front-Color", + LanguageHelper.getErrorString("validation.general.form.button.color.front"))); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET); + if (MiscUtil.isNotEmpty(check)) { + if (!MOAIDConfigurationConstants.ALLOWED_REDIRECTTARGETNAMES.contains(check)) { + log.warn("AppletRedirectTarget has not valid value " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET, + "Templates - Applet Redirect-Target", + LanguageHelper.getErrorString("validation.general.form.appletredirecttarget"))); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, true)) { + log.warn("FontType contains potentail XSS characters: " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE, + "Templates - Font Type", + LanguageHelper.getErrorString("validation.general.form.fonttype", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("Applet height "+ check + " is no valid number"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT, + "Templates - Applet Height", + LanguageHelper.getErrorString("validation.general.form.applet.height", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + } + } + + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.validateNumber(check)) { + log.warn("Applet width "+ check + " is no valid number"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH, + "Templates - Applet Width", + LanguageHelper.getErrorString("validation.general.form.applet.width", + new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) )); + } + } + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java index f27cb9ce7..86d047c74 100644 --- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java @@ -28,47 +28,50 @@ import java.util.List; import java.util.Map; import java.util.regex.Pattern; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; + import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egiz.components.configuration.api.ConfigurationException; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; -import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator; +import at.gv.egovernment.moa.util.MiscUtil; /** * @author tlenz * */ public class ServicesGeneralInformationTask extends AbstractTaskValidator implements ITaskValidator { - + private static final Logger log = LoggerFactory.getLogger(ServicesGeneralInformationTask.class); private static final List KEYWHITELIST; + private static MOAIDConfiguration dbconfig; + static { - ArrayList temp = new ArrayList(); - temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_OPENID_ENABLED, MOAIDConfigurationConstants.PREFIX_GENERAL)); - temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_OPENID_LEGACY, MOAIDConfigurationConstants.PREFIX_GENERAL)); - + ArrayList temp = new ArrayList(); KEYWHITELIST = Collections.unmodifiableList(temp); } - - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map) - */ - @Override - public void validate(Map input) - throws ConfigurationTaskValidationException { - // TODO Auto-generated method stub + @Autowired + public void setDatabaseConfiguration(MOAIDConfiguration config) { + dbconfig = config; + } - + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() */ @Override public String getKeyPrefix() { - // TODO Auto-generated method stub - return null; + return ""; } /* (non-Javadoc) @@ -76,8 +79,7 @@ public class ServicesGeneralInformationTask extends AbstractTaskValidator implem */ @Override public String getName() { - // TODO Auto-generated method stub - return null; + return "Service - General Configuration Task"; } /* (non-Javadoc) @@ -86,7 +88,6 @@ public class ServicesGeneralInformationTask extends AbstractTaskValidator implem @Override public Map postProcessing(Map input, List keysToDelete, Configuration dbconfig) { - // TODO Auto-generated method stub return null; } @@ -94,10 +95,113 @@ public class ServicesGeneralInformationTask extends AbstractTaskValidator implem * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) */ @Override - protected void tastValidate(Map input) - throws ConfigurationTaskValidationException { - // TODO Auto-generated method stub + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + if (dbconfig == null) { + throw new ConfigurationTaskValidationException( + new ValidationObjectIdentifier("internal", "Internal Error", "Configuration is not readable!")); + + } + + List errors = new ArrayList(); + + String check = input.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("OAFriendlyName contains potentail XSS characters: " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, + "FriendlyName", + LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); + } + } else { + log.info("OA friendlyName is empty"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, + "FriendlyName", + LanguageHelper.getErrorString("validation.general.oafriendlyname.empty"))); + } + + String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE); + if (MiscUtil.isEmpty(isBusinessService)) { + log.info("OA businessservice flag is empty"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE, + "BusinessService", + LanguageHelper.getErrorString("validation.general.businessservice.empty"))); + + } + + String servicePrefixId = input.get(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES); + if (MiscUtil.isNotEmpty(servicePrefixId)) { + String uniqueServiceID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); + if (MiscUtil.isEmpty(uniqueServiceID)) { + log.info("Empty unique service identifier"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER, + "Unique Identifier", + LanguageHelper.getErrorString("validation.general.oaidentifier.empty"))); + + } else { + if (!ValidationHelper.validateURL(uniqueServiceID)) { + log.warn("Unique serice identifier is not a valid URL: " + uniqueServiceID); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER, + "Unique Identifier", + LanguageHelper.getErrorString("validation.general.oaidentifier.valid"))); + + } else { + //check uniqueness of service identifier + try { + String[] allServiceKeys = dbconfig.findConfigurationId( + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + +".%." + + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); + if (allServiceKeys != null) { + List foundKeys = new ArrayList(); + for (String elKey : allServiceKeys) { + String elValue = dbconfig.getStringValue(elKey); + if (uniqueServiceID.startsWith(elValue) || + (elValue != null && elValue.startsWith(uniqueServiceID))) { + log.debug("Found service with key: " + elKey + + " and uniqueID: " + elValue + + " which maches to edited service with uniqueID:" + + uniqueServiceID); + foundKeys.add(elKey); + + } + + } + if ((foundKeys.size() > 1) || + ((foundKeys.size() == 1) && !foundKeys.get(0).startsWith(servicePrefixId) )) { + log.info("The service identifier is not unique"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER, + "Unique Identifier", + LanguageHelper.getErrorString("validation.general.oaidentifier.notunique"))); + + } + } + + } catch (ConfigurationException e) { + log.error("Configuration not readable!", e); + new ValidationObjectIdentifier("internal", "Internal Error", "Configuration is not readable!"); + + } + } + } + + } else { + throw new ConfigurationTaskValidationException( + new ValidationObjectIdentifier("internal", "Internal Error", "No MOA-ID service prefix! Can not check uniqueness of service configuration.")); + + } + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + } /* (non-Javadoc) diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java new file mode 100644 index 000000000..8c3475d8b --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java @@ -0,0 +1,116 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesInterfederationIDPTask extends AbstractTaskValidator implements ITaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesInterfederationIDPTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return "interfederation"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - Interfederation IDP"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + String queryURL = input.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL); + if (MiscUtil.isNotEmpty(queryURL)) { + if (!ValidationHelper.validateURL(queryURL)) { + log.info("AttributeQuery URL is not valid"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL, + "Attribute Querry URL", + LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.valid"))); + + } + } + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java new file mode 100644 index 000000000..2e9dd1c30 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java @@ -0,0 +1,121 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesPVPGatewayTask extends AbstractTaskValidator implements ITaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesPVPGatewayTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return "interfederation"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - PVP Gateway Configuration Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + String entityID = input.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER); + if (MiscUtil.isNotEmpty(entityID)) { + if (!ValidationHelper.validateURL(entityID)) { + log.info("PVP gateway EntityID is not valid"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER, + "EntityID of PVP Portal ", + LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.valid"))); + + } + + } else + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER, + "EntityID of PVP Portal ", + LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.empty"))); + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java new file mode 100644 index 000000000..e8cdbba90 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java @@ -0,0 +1,152 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.UUID; +import java.util.regex.Pattern; + +import org.apache.commons.lang.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesProtocolOpenIDTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesProtocolOpenIDTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return ""; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - General Configuration Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + Map newConfigValues = new HashMap(); + + //TODO: check secret + String guiClientID = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID); + String guiClientSecret = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET); + + if (MiscUtil.isEmpty(guiClientSecret)) { + log.info("OpenID Connect client-secret is empty --> generate a new secrete."); + guiClientSecret = UUID.randomUUID().toString(); + newConfigValues.put( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET, + guiClientSecret); + + } + + if (MiscUtil.isEmpty(guiClientID)) { + log.info("OpenID Connect ClientID is empty --> Set ClientID to unique identifier."); + newConfigValues.put( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID, + input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER)); + + } + + if (newConfigValues.isEmpty()) + return null; + else + return newConfigValues; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + String redirectURL = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL); + // validate redirectUri + if (StringUtils.isNotEmpty(redirectURL) && !ValidationHelper.validateURL(redirectURL)) { + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL, + "OpenID - Redirect URL", + LanguageHelper.getErrorString("error.oa.oauth.redirecturi"))); + } + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix() + */ + @Override + public List getModulValidatorPrefix() { + return Arrays.asList( + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA + ); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java new file mode 100644 index 000000000..6da1bc389 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java @@ -0,0 +1,336 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import iaik.x509.X509Certificate; + +import java.io.IOException; +import java.security.cert.CertificateException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Timer; +import java.util.regex.Pattern; + +import javax.net.ssl.SSLHandshakeException; + +import org.apache.commons.httpclient.MOAHttpClient; +import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider; +import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.saml2.metadata.provider.MetadataFilterChain; +import org.opensaml.saml2.metadata.provider.MetadataProviderException; +import org.opensaml.xml.parse.BasicParserPool; +import org.opensaml.xml.security.x509.BasicX509Credential; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException; +import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.config.webgui.MOAIDWebGUIConfiguration; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.SchemaValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.SignatureValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.utils.MetaDataVerificationFilter; +import at.gv.egovernment.moa.id.config.webgui.validation.utils.SchemaValidationFilter; +import at.gv.egovernment.moa.util.Base64Utils; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesProtocolPVP2XTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesProtocolPVP2XTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return ""; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - General Configuration Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + + Map newConfigValues = new HashMap(); + String certBase64 = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); + + String[] splittet = certBase64.split(","); + if (splittet.length > 1) { + newConfigValues.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE, + splittet[1]); + log.debug("Extract PVP2X metadata validation certificate from GUI upload and add it to key: {}", MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); + + try { + byte[] certSerialized = null; + if (MiscUtil.isNotEmpty(certBase64)) { + certSerialized = Base64Utils.decode(certBase64, true); + X509Certificate cert = new X509Certificate(certSerialized); + newConfigValues.put( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE_SUBJECT, + cert.getSubjectDN().getName()); + + } + + } catch (IOException | CertificateException e) { + log.error("PVP2X metadata signing certificate is not parseable.", e); + + } + } + + if (newConfigValues.isEmpty()) + return null; + else + return newConfigValues; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + Timer timer = null; + MOAHttpClient httpClient = null; + HTTPMetadataProvider httpProvider = null; + + String certBase64 = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE); + + try { + byte[] certSerialized = null; + if (MiscUtil.isNotEmpty(certBase64) && + !certBase64.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) { + String[] splittet = certBase64.split(","); + if (splittet.length > 1) + certSerialized = Base64Utils.decode(splittet[1], true); + else + certSerialized = Base64Utils.decode(certBase64, true); + } + + + String metadataURL = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL); + if (MiscUtil.isNotEmpty(metadataURL)) { + + if (!ValidationHelper.validateURL(metadataURL)) { + log.info("MetaDataURL has no valid form."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, + "PVP2x - Metadata URL", + LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid"))); + + } else { + + if (certSerialized == null) { + log.info("No certificate for metadata validation"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE, + "PVP2x - Metadata Certificate", + LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"))); + + } else { + + X509Certificate cert = new X509Certificate(certSerialized); + BasicX509Credential credential = new BasicX509Credential(); + credential.setEntityCertificate(cert); + + timer = new Timer(); + httpClient = new MOAHttpClient(); + + if (metadataURL.startsWith("https:")) + try { + MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory( + "MOAMetaDataProvider", + MOAIDWebGUIConfiguration.getInstance().getCertStoreDirectory(), + MOAIDWebGUIConfiguration.getInstance().getTrustStoreDirectory(), + null, + "pkix", + true); + + httpClient.setCustomSSLTrustStore( + metadataURL, + protoSocketFactory); + + } catch (MOAHttpProtocolSocketFactoryException e) { + log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.", e); + + } catch (at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException e) { + log.info("No MOA specific SSL-TrustStore configured. Use default Java TrustStore.", e); + + } + + List filterList = new ArrayList(); + filterList.add(new MetaDataVerificationFilter(credential)); + + try { + filterList.add(new SchemaValidationFilter( + MOAIDWebGUIConfiguration.getInstance().isPVPMetadataSchemaValidationActive())); + + } catch (at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException e) { + log.warn("Configuration access FAILED!", e); + + } + + MetadataFilterChain filter = new MetadataFilterChain(); + filter.setFilters(filterList); + + httpProvider = + new HTTPMetadataProvider(timer, httpClient, metadataURL); + httpProvider.setParserPool(new BasicParserPool()); + httpProvider.setRequireValidMetadata(true); + httpProvider.setMetadataFilter(filter); + httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes + httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours + httpProvider.setRequireValidMetadata(true); + httpProvider.initialize(); + + if (httpProvider.getMetadata() == null) { + log.info("Metadata could be received but validation FAILED."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, + "PVP2x - Metadata", + LanguageHelper.getErrorString("validation.pvp2.metadata.validation"))); + } + } + } + } + + } catch (CertificateException e) { + log.info("Uploaded Certificate can not be found", e); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, + "PVP2x - Metadata", + LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"))); + + } catch (IOException e) { + log.info("Metadata can not be loaded from URL", e); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, + "PVP2x - Metadata", + LanguageHelper.getErrorString("validation.pvp2.metadataurl.read"))); + + } catch (MetadataProviderException e) { + + try { + if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) { + log.info("SSL Server certificate not trusted.", e); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, + "PVP2x - Metadata", + LanguageHelper.getErrorString("validation.pvp2.metadata.ssl"))); + + } else if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) { + log.info("MetaDate verification failed", e); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, + "PVP2x - Metadata", + LanguageHelper.getErrorString("validation.pvp2.metadata.verify.sig"))); + + } else if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) { + log.info("MetaDate verification failed", e); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, + "PVP2x - Metadata", + LanguageHelper.getErrorString("validation.pvp2.metadata.verify.schema"))); + + } else { + log.info("MetaDate verification failed", e); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, + "PVP2x - Metadata", + LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general"))); + } + + } catch (Exception e1) { + log.info("MetaDate verification failed", e1); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, + "PVP2x - Metadata", + LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general"))); + + } + + } finally { + if (httpProvider != null) + httpProvider.destroy(); + + if (timer != null) + timer.cancel(); + + } + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix() + */ + @Override + public List getModulValidatorPrefix() { + return Arrays.asList( + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA, + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_IIDP + ); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java new file mode 100644 index 000000000..fe3a791e7 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java @@ -0,0 +1,114 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesProtocolSAML1Task extends AbstractTaskValidator implements ITaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesProtocolSAML1Task.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return "protocols.saml1"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - SAML1 Protocol Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE); + String isProvideBaseID = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID); + + if (Boolean.parseBoolean(isBusinessService) && + MiscUtil.isNotEmpty(isProvideBaseID) && Boolean.parseBoolean(isProvideBaseID)) { + log.info("ProvideStammZahl can not be used with BusinessService applications"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID, + "Protocols - SAML1 BaseID", + LanguageHelper.getErrorString("validation.saml1.providestammzahl"))); + } + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java new file mode 100644 index 000000000..d4e80bed9 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java @@ -0,0 +1,273 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; +import java.util.regex.Pattern; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesProtocolSTORKTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesProtocolSTORKTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return ""; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - General Configuration Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + Map newConfigValues = new HashMap(); + + try { + //search actually stored service configurations + List storedServices = new ArrayList(); + for (String prefix : getModulValidatorPrefix()) { + String[] storedService = dbconfig.findConfigurationId(prefix + ".%." + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); + if (storedService != null && storedService.length > 0) + storedServices.addAll(Arrays.asList(storedService)); + } + + String GUIServiceUniqueID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); + String selectedServiceKey = null; + for (String serviceKey : storedServices) { + String storedUniqueId = dbconfig.getStringValue(serviceKey); + if (storedUniqueId.equals(GUIServiceUniqueID)) { + selectedServiceKey = KeyValueUtils.getPrefixFromKey(serviceKey, MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); + log.debug("Find service with key: " + selectedServiceKey + " --> Start STORK attribute provider postProcessing."); + break; + } + + } + + //load actually stored attribute provider names for service + Map storedAttributeProviders = new HashMap(); + if (MiscUtil.isNotEmpty(selectedServiceKey)) { + String[] storedAttribteProviderNames = dbconfig.findConfigurationId( + selectedServiceKey + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + ".%." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME); + if (storedAttribteProviderNames != null) { + for (String el : storedAttribteProviderNames) { + String attrProviderName = dbconfig.getStringValue(el); + storedAttributeProviders.put(attrProviderName, el); + + } + } + } + + Map storkAttrProviders = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST); + Iterator> interator = storkAttrProviders.entrySet().iterator(); + while (interator.hasNext()) { + Entry current = interator.next(); + if (current.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME)) { + String guiAttrProviderName = current.getValue(); + if (storedAttributeProviders.containsKey(guiAttrProviderName)) { + log.trace("STORK attribute provider: " + guiAttrProviderName + + " is already stored"); + storedAttributeProviders.remove(guiAttrProviderName); + + } else { + log.trace("Add new STORK attribute provider: " + guiAttrProviderName + + " to service"); + + } + } + } + + if (!storedAttributeProviders.isEmpty()) { + log.trace("Remove STORK attribute providers from configuration."); + for (String el : storedAttributeProviders.values()) { + String removeString = KeyValueUtils.getPrefixFromKey(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME); + keysToDelete.add(removeString + "*"); + log.debug("Remove STORK attribute provider with key:" + removeString + "*"); + + } + + } + + } catch (ConfigurationException e) { + log.error("Configuration access FAILED.", e); + + } + + + if (newConfigValues.isEmpty()) + return null; + else + return newConfigValues; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + //check V-IDP specific Target configurations + String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE); + if (!Boolean.parseBoolean(isBusinessService)) { + log.info("STORK V-IDP only allowed as business Service."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE, + "BusinessService", + "STORK V-IDP only allowed as business Service.")); + } + + String identificationType = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE); + if (MiscUtil.isEmpty(identificationType) || + !MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK.equals(identificationType)) { + log.info("STORK V-IDP only allowes identification numbers with STORK prefix."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, + "BusinessService - IdentificationType", + "STORK V-IDP only allowes identification numbers with STORK prefix")); + + } + + + Map storkAttrProviders = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST); + Iterator> interator = storkAttrProviders.entrySet().iterator(); + while (interator.hasNext()) { + Entry current = interator.next(); + if (current.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME)) { + log.trace("Validate STORK attribute provider with key: " + current.getKey() + " value: " + current.getValue()); + String index = KeyValueUtils.getParentKey(current.getKey()); + + //validate attribute provider name + String attrProviderName = current.getValue(); + if (MiscUtil.isEmpty(attrProviderName)) { + log.info("AttributeProviderPlugin Name is empty."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME, + "STORK - Attribute Provider", + LanguageHelper.getErrorString("validation.stork.ap.name.empty"))); + + } else { + if (!MOAIDConfigurationConstants.ALLOWED_STORKATTRIBUTEPROVIDERS.contains(attrProviderName)) { + log.info("AttributeProviderPlugin Name is not supported."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME, + "STORK - Attribute Provider", + LanguageHelper.getErrorString("validation.stork.ap.name.valid"))); + } + } + + String attrProviderURL = storkAttrProviders.get(index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL); + String attrProviderAttr = storkAttrProviders.get(index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES); + + if (MiscUtil.isEmpty(attrProviderURL) || !ValidationHelper.validateURL(attrProviderURL)) { + log.info("AttributeProviderPlugin URL has no valid form."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL, + "STORK - Attribute Provider", + LanguageHelper.getErrorString("validation.stork.ap.url.valid"))); + } + + + if (MiscUtil.isEmpty(attrProviderAttr) || !attrProviderAttr.matches("[a-zA-Z]+(, ?[a-zA-Z]+)*")) { + log.info("AttributeProviderPlugin attributes are empty or do not match csv format."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST + + "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES, + "STORK - Attribute Provider", + LanguageHelper.getErrorString("validation.stork.ap.attributes.valid"))); + } + + } + } + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix() + */ + @Override + public List getModulValidatorPrefix() { + return Arrays.asList( + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_VIDP + ); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java new file mode 100644 index 000000000..bf2a38cd9 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java @@ -0,0 +1,101 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator; + +/** + * @author tlenz + * + */ +public class ServicesSSOAuthenticationTask extends AbstractTaskValidator implements ITaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesSSOAuthenticationTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return "auth.sso"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - SSO Authentication Configuration Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + //Actually, there is nothing to validate. + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java new file mode 100644 index 000000000..766032f1f --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java @@ -0,0 +1,221 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.utils.CompanyNumberValidator; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesTargetTask extends AbstractTaskValidator implements ITaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesTargetTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return ""; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - Target Configuration Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE); + String check; + if (Boolean.parseBoolean(isBusinessService)) { + + //check identification type + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE); + if (!MOAIDConfigurationConstants.BUSINESSSERVICENAMES.keySet().contains(check)) { + log.info("IdentificationType is not known."); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, + "BusinessService - Type", + LanguageHelper.getErrorString("validation.general.stork.sptarget"))); + } + + //check identification number + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE); + if (MiscUtil.isEmpty(check)) { + log.info("Empty IdentificationNumber"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, + "BusinessService - Value", + LanguageHelper.getErrorString("validation.general.identificationnumber.empty"))); + + } else { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, + "BusinessService - Value", + LanguageHelper.getErrorString("validation.general.identificationnumber.valid", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + } + + if (input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE) + .equals(MOAIDConfigurationConstants.IDENIFICATIONTYPE_FN)) { + CompanyNumberValidator val = new CompanyNumberValidator(); + if (!val.validate(check)) { + log.info("Not valid CompanyNumber"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, + "BusinessService - Value", + LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid"))); + } + } + } + + } else { + + //check own target + String useOwnTarget = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN); + if (MiscUtil.isNotEmpty(useOwnTarget) && Boolean.parseBoolean(useOwnTarget)) { + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME); + if (MiscUtil.isNotEmpty(check)) { + if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { + log.warn("TargetFriendlyName contains potentail XSS characters: " + check); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME, + "Own Target - FriendlyName", + LanguageHelper.getErrorString("validation.general.targetfriendlyname", + new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) )); + } + } + + //check Own Target + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isValidAdminTarget(check)) { + log.info("Not valid Target"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET, + "Own Target - Target", + LanguageHelper.getErrorString("validation.general.target.admin.valid"))); + } + } + + } else { + + //check PublicURL Prefix allows PublicService + String uniqueID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER); + if (!ValidationHelper.isPublicServiceAllowed(input.get(uniqueID))) { + log.warn("PublicURLPrefix does not allow PublicService: " + uniqueID); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET, + "PublicService - Target", + LanguageHelper.getErrorString("validation.general.target.publicserviceurl", + new Object[] {uniqueID}) )); + + } + + //check Target + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET); + if (MiscUtil.isNotEmpty(check)) { + if (!ValidationHelper.isValidTarget(check)) { + log.info("Not valid Target"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET, + "PublicService - Target", + LanguageHelper.getErrorString("validation.general.target.valid"))); + } + } + + String isSubTargetUsed = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_SUB); + if (MiscUtil.isNotEmpty(isSubTargetUsed) && Boolean.parseBoolean(isSubTargetUsed)) { + check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB); + if (!ValidationHelper.isValidAdminTarget(check)) { + log.info("Not valid Target-Subsector"); + errors.add(new ValidationObjectIdentifier( + MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB, + "PublicService - Target SubSector", + LanguageHelper.getErrorString("validation.general.target.subsector.valid"))); + + } + } + } + } + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java new file mode 100644 index 000000000..96088b6eb --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java @@ -0,0 +1,137 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.task.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Map; +import java.util.regex.Pattern; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import at.gv.egiz.components.configuration.api.Configuration; +import at.gv.egiz.components.configuration.api.ConfigurationException; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; +import at.gv.egovernment.moa.id.commons.validation.ValidationHelper; +import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException; +import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier; +import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper; +import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator; +import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator; +import at.gv.egovernment.moa.util.MiscUtil; + +/** + * @author tlenz + * + */ +public class ServicesbPKDecryptionTask extends AbstractTaskValidator implements ITaskValidator { + private static final Logger log = LoggerFactory.getLogger(ServicesbPKDecryptionTask.class); + private static final List KEYWHITELIST; + + static { + ArrayList temp = new ArrayList(); + KEYWHITELIST = Collections.unmodifiableList(temp); + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix() + */ + @Override + public String getKeyPrefix() { + return ""; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName() + */ + @Override + public String getName() { + return "Service - bPK-Decryption Configuration Task"; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration) + */ + @Override + public Map postProcessing(Map input, + List keysToDelete, Configuration dbconfig) { + return null; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map) + */ + @Override + protected void taskValidate(Map input) + throws ConfigurationTaskValidationException { + List errors = new ArrayList(); + + + //TODO: + + +// String check = input.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME); +// if (MiscUtil.isNotEmpty(check)) { +// if (ValidationHelper.containsPotentialCSSCharacter(check, false)) { +// log.warn("OAFriendlyName contains potentail XSS characters: " + check); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, +// "FriendlyName", +// LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", +// new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}))); +// } +// } else { +// log.info("OA friendlyName is empty"); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, +// "FriendlyName", +// LanguageHelper.getErrorString("validation.general.oafriendlyname.empty"))); +// } +// +// String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE); +// if (MiscUtil.isEmpty(isBusinessService)) { +// log.info("OA businessservice flag is empty"); +// errors.add(new ValidationObjectIdentifier( +// MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE, +// "BusinessService", +// LanguageHelper.getErrorString("validation.general.businessservice.empty"))); +// +// } + + + if (!errors.isEmpty()) + throw new ConfigurationTaskValidationException(errors); + + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys() + */ + @Override + public List getAllAllowedPatterns() { + return generatePatternsFromKeys(KEYWHITELIST); + } + +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java new file mode 100644 index 000000000..6ec48fa43 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java @@ -0,0 +1,122 @@ +/******************************************************************************* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + *******************************************************************************/ +package at.gv.egovernment.moa.id.config.webgui.validation.utils; + +import java.util.Iterator; + +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.saml2.metadata.EntitiesDescriptor; +import org.opensaml.saml2.metadata.EntityDescriptor; +import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.security.SAMLSignatureProfileValidator; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.x509.BasicX509Credential; +import org.opensaml.xml.signature.SignatureValidator; +import org.opensaml.xml.validation.ValidationException; + +import at.gv.egovernment.moa.id.config.webgui.exception.SignatureValidationException; +import at.gv.egovernment.moa.logging.Logger; + +public class MetaDataVerificationFilter implements MetadataFilter { + + BasicX509Credential credential; + + public MetaDataVerificationFilter(BasicX509Credential credential) { + this.credential = credential; + } + + + public void doFilter(XMLObject metadata) throws SignatureValidationException { + + if (metadata instanceof EntitiesDescriptor) { + EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata; + if(entitiesDescriptor.getSignature() == null) { + throw new SignatureValidationException("Root element of metadata file has to be signed"); + } + try { + processEntitiesDescriptor(entitiesDescriptor); + + } catch (SignatureValidationException e) { + throw new SignatureValidationException("Invalid signature element in EntitiesDescriptor"); + } + + } if (metadata instanceof EntityDescriptor) { + try { + EntityDescriptor entity = (EntityDescriptor) metadata; + if (entity.getSignature() != null) + verify(entity, this.credential); + + else + throw new SignatureValidationException("Root element of metadata file has to be signed", null); + + } catch (SignatureValidationException e) { + throw new SignatureValidationException("Invalid signature element in EntityDescriptor", null); + } + } + } + + private void processEntitiesDescriptor(EntitiesDescriptor desc) throws SignatureValidationException { + Iterator entID = desc.getEntitiesDescriptors().iterator(); + + if(desc.getSignature() != null) { + verify(desc, this.credential); + } + + while(entID.hasNext()) { + processEntitiesDescriptor(entID.next()); + } + + Iterator entIT = desc.getEntityDescriptors().iterator(); + + while(entIT.hasNext()) { + EntityDescriptor entity = entIT.next(); + if (entity.getSignature() != null) + verify(entity, this.credential); + } + } + + private void verify(SignableSAMLObject entityDescriptor, Credential cred) + throws SignatureValidationException { + if (entityDescriptor.getSignature() == null) { + throw new SignatureValidationException("PVP2X Metadata not signed"); + } + + try { + SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator(); + sigValidator.validate(entityDescriptor.getSignature()); + } catch (ValidationException e) { + Logger.error("Failed to validate Signature", e); + throw new SignatureValidationException("Failed to validate Signature", e); + } + + SignatureValidator sigValidator = new SignatureValidator(cred); + try { + sigValidator.validate(entityDescriptor.getSignature()); + } catch (ValidationException e) { + Logger.error("Failed to verfiy Signature", e); + throw new SignatureValidationException("Failed to verfiy Signature", e); + + } + } +} diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java new file mode 100644 index 000000000..587afe381 --- /dev/null +++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java @@ -0,0 +1,98 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.config.webgui.validation.utils; + +import org.opensaml.saml2.metadata.provider.FilterException; +import org.opensaml.saml2.metadata.provider.MetadataFilter; +import org.opensaml.xml.XMLObject; + +import javax.xml.transform.dom.DOMSource; +import javax.xml.validation.Schema; +import javax.xml.validation.Validator; + +import org.opensaml.common.xml.SAMLSchemaBuilder; + +import org.xml.sax.SAXException; + +import at.gv.egovernment.moa.id.config.webgui.exception.SchemaValidationException; +import at.gv.egovernment.moa.logging.Logger; + +/** + * @author tlenz + * + */ +public class SchemaValidationFilter implements MetadataFilter { + + private boolean isActive = true; + + /** + * + */ + public SchemaValidationFilter(boolean useSchemaValidation) { + this.isActive = useSchemaValidation; + } + + + /* (non-Javadoc) + * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject) + */ + @Override + public void doFilter(XMLObject arg0) throws SchemaValidationException { + + String errString = null; + + if (isActive) { + try { + Schema test = SAMLSchemaBuilder.getSAML11Schema(); + Validator val = test.newValidator(); + DOMSource source = new DOMSource(arg0.getDOM()); + val.validate(source); + Logger.info("Metadata Schema validation check done OK"); + return; + + } catch (SAXException e) { + if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) + Logger.warn("Metadata Schema validation FAILED with exception:", e); + else + Logger.warn("Metadata Schema validation FAILED with message: "+ e.getMessage()); + + errString = e.getMessage(); + + } catch (Exception e) { + if (Logger.isDebugEnabled() || Logger.isTraceEnabled()) + Logger.warn("Metadata Schema validation FAILED with exception:", e); + else + Logger.warn("Metadata Schema validation FAILED with message: "+ e.getMessage()); + + errString = e.getMessage(); + + } + + throw new SchemaValidationException("Metadata Schema validation FAILED with message: "+ errString); + + } else + Logger.info("Metadata Schema validation check is DEACTIVATED!"); + + } + +} diff --git a/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator index 42bc23c95..8faf16843 100644 --- a/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator +++ b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator @@ -1 +1,5 @@ +at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolOpenIDTask +at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolPVP2XTask at.gv.egovernment.moa.id.config.webgui.validation.task.impl.GeneralSTORKConfigurationTask +at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesAuthenticationSTORKTask +at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolSTORKTask \ No newline at end of file diff --git a/id/moa-id-webgui/src/main/resources/applicationResources_de.properties b/id/moa-id-webgui/src/main/resources/applicationResources_de.properties index 2f36ab125..bb0499020 100644 --- a/id/moa-id-webgui/src/main/resources/applicationResources_de.properties +++ b/id/moa-id-webgui/src/main/resources/applicationResources_de.properties @@ -6,6 +6,7 @@ config.02=Configfile is not readable. ({0}) config.03=Hibernate Database connector can not be initialized config.04=OpenSAML (PVP2 Login) can not be initialized config.05=Configuration file not defined +config.06=Configfile {1} does not start with {0} prefix. error.title=Fehler: error.login.internal=W\u00E4hrend der Verarbeitung ist ein interner Fehler aufgetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator. @@ -372,7 +373,8 @@ validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folge validation.general.SAML1SourceID=Die SAML1SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.publicURLprefix.empty=Public URL Prefix Feld ist leer. -validation.general.publicURLprefix.valid=Public URL Prefix hat kein g\u00F6ltiges Format. +validation.general.publicURLprefix.valid=Public URL Prefix hat kein g\u00FCltiges Format. +validation.general.businessservice.empty=Die Application ist weder dem \u00F6ffentlichen noch dem privaten Sektor zugeordnet. validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer. validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0} validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00E4hlt. diff --git a/id/moa-id-webgui/src/main/resources/applicationResources_en.properties b/id/moa-id-webgui/src/main/resources/applicationResources_en.properties index 154f380ae..420ac27ec 100644 --- a/id/moa-id-webgui/src/main/resources/applicationResources_en.properties +++ b/id/moa-id-webgui/src/main/resources/applicationResources_en.properties @@ -6,6 +6,7 @@ config.02=Configfile is not readable. ({0}) config.03=Hibernate Database connector can not be initialized config.04=OpenSAML (PVP2 Login) can not be initialized config.05=Configuration file is not defined +config.06=Configfile {1} does not start with {0} prefix. error.title=Error: error.login.internal=The error occurred during the processing. Please try again or contact Administrator. @@ -371,6 +372,7 @@ validation.edituser.bpk.valid=BPK contains forbidden characters. The following c validation.general.SAML1SourceID=SAML1SourceID contains forbidden characters. The following characters are not allowed\: {0} validation.general.publicURLprefix.empty=Public URL Prefix is blank. validation.general.publicURLprefix.valid=Public URL Prefix has invalid format. +validation.general.businessservice.empty=Online application is no public or private application. validation.general.certStoreDirectory.empty=CertStoreDirectory is blank. validation.general.certStoreDirectory.valid=CertStoreDirectory Feld contains forbidden characters. The following characters are not allowed\: {0} validation.general.Defaultchainigmode.empty=There is no DefaultChainingMode selected. diff --git a/id/moa-id-webgui/src/main/resources/gui/meta.properties b/id/moa-id-webgui/src/main/resources/gui/meta.properties index 177dff6f1..0abf358d9 100644 --- a/id/moa-id-webgui/src/main/resources/gui/meta.properties +++ b/id/moa-id-webgui/src/main/resources/gui/meta.properties @@ -1,28 +1,76 @@ -__BASE__.moaid.0=moa.id.general - -#__BASE__.all.1=moa.id.gateway +__BASE__.moaidgeneral.0=moa.id.general +__BASE__.moaidoa.0=moa.id.services.oa +__BASE__.moaidinterfederation.0=moa.id.services moa.id.general.__TY=general moa.id.general.__CA=General Configuration moa.id.general.__DE=General MOA-ID Configuration -#moa.id.oa.__GR=moa.id -#moa.id.oa.__TY=ARRAY -#moa.id.oa.__ADD=true -#moa.id.oa.__DEL=true -#moa.id.oa.__CA=List of online Applications -#moa.id.oa.__DE=Long description of the list of online Applications... -#moa.id.oa.__CTY=OA -#moa.id.oa.__CCA=Name;Online Applications URL -#moa.id.oa.__CIDS=name;url -#moa.id.oa.__CDE=An online Application - - -#moa.id.oa.__TE.name=Online Application Template -#moa.id.oa.__TE.url=http://sampleonline.application.com/ -#moa.id.oa.__TE.attributes.0.name=Vorname -#moa.id.oa.__TE.attributes.0.type=FIRSTNAME -#moa.id.oa.__TE.attributes.0.required=true -#moa.id.oa.__TE.__CA=A Template for an online Application -#moa.id.oa.__TE.__DE=Long description of the list of online Applications... +moa.id.services.__TY=GROUP +moa.id.services.__CA=MOA-ID Interfederation Services +moa.id.services.__DE=Interfederation Services + +##Online application## +moa.id.services.oa.__TY=ARRAY +moa.id.services.oa.__ADD=true +moa.id.services.oa.__DEL=true +moa.id.services.oa.__CA=List of online Applications +moa.id.services.oa.__DE=All actually configured online application +moa.id.services.oa.__CTY=moaidoa +moa.id.services.oa.__CCA=Unique ID;Friendlyname +moa.id.services.oa.__CIDS=uniqueID;friendlyName +moa.id.services.oa.__CDE=Online Application + +moa.id.services.oa.__TE.friendlyName=Sample Name +moa.id.services.oa.__TE.uniqueID=http://sampleonline.application.com/ +moa.id.services.oa.__TE.isActive=false + +##V-IDP## +moa.id.services.vidp.__GR=moa.id.services +moa.id.services.vidp.__TY=ARRAY +moa.id.services.vidp.__ADD=true +moa.id.services.vidp.__DEL=true +moa.id.services.vidp.__CA=List of V-IDPs +moa.id.services.vidp.__DE=All actually configured V-IDP instances +moa.id.services.vidp.__CTY=moaidvidp +moa.id.services.vidp.__CCA=Unique ID;Friendlyname +moa.id.services.vidp.__CIDS=uniqueID;friendlyName +moa.id.services.vidp.__CDE=V-IDP + +moa.id.services.vidp.__TE.friendlyName=Sample V-IDP +moa.id.services.vidp.__TE.uniqueID=http://sampleonline.application.com/ +moa.id.services.vidp.__TE.isActive=false + +##I-IDP## +moa.id.services.iidp.__GR=moa.id.services +moa.id.services.iidp.__TY=ARRAY +moa.id.services.iidp.__ADD=true +moa.id.services.iidp.__DEL=true +moa.id.services.iidp.__CA=List of Interfederation IDPs +moa.id.services.iidp.__DE=All actually configured I-IDP instances +moa.id.services.iidp.__CTY=moaidiidp +moa.id.services.iidp.__CCA=Unique ID;Friendlyname +moa.id.services.iidp.__CIDS=uniqueID;friendlyName +moa.id.services.iidp.__CDE=I-IDP + +moa.id.services.iidp.__TE.friendlyName=Sample I-IDP +moa.id.services.iidp.__TE.uniqueID=http://sampleonline.application.com/ +moa.id.services.iidp.__TE.isActive=false + +##Gateway## +moa.id.services.gateway.__GR=moa.id.services +moa.id.services.gateway.__TY=ARRAY +moa.id.services.gateway.__ADD=true +moa.id.services.gateway.__DEL=true +moa.id.services.gateway.__CA=List of STORK<->PVP Gateways +moa.id.services.gateway.__DE=All actually configured Gateway instances +moa.id.services.gateway.__CTY=moaidgateway +moa.id.services.gateway.__CCA=Unique ID;Friendlyname +moa.id.services.gateway.__CIDS=uniqueID;friendlyName +moa.id.services.gateway.__CDE=V-IDP + +moa.id.services.gateway.__TE.friendlyName=Sample Gateway +moa.id.services.gateway.__TE.uniqueID=http://sampleonline.application.com/ +moa.id.services.gateway.__TE.isActive=false + diff --git a/id/moa-id-webgui/src/main/resources/gui/types/gateway.json b/id/moa-id-webgui/src/main/resources/gui/types/gateway.json new file mode 100644 index 000000000..50ccd200c --- /dev/null +++ b/id/moa-id-webgui/src/main/resources/gui/types/gateway.json @@ -0,0 +1,50 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "id": "http://www.egiz.gv.at/dynUI/OA", + "typeName": "moaidgateway", + "type": "object", + "title": "STORK<->PVP Gateway", + "format": "tabs", + "properties": { + "isActive" : { + "id": "http://www.egiz.gv.at/dynUI/OA/isactive", + "type": "boolean", + "format" : "checkbox", + "title": "is Active" + }, + "uniqueID": { + "id": "http://www.egiz.gv.at/dynUI/OA/uniqueId", + "type": "string", + "format": "url", + "title": "Unique Identifier (PublicURLPrefix)" + }, + "friendlyName": { + "id": "http://www.egiz.gv.at/dynUI/OA/friendlyname", + "type": "string", + "title": "Friendlyname" + }, + "businessservice" : { + "id": "http://www.egiz.gv.at/dynUI/OA/type", + "type": "boolean", + "format" : "checkbox", + "title": "Private Sector application" + }, + "interfederation": { + "id": "http://www.egiz.gv.at/dynUI/OA/interfederation", + "type": "object", + "title": "PVP Gateway", + "description": "STORK<->PVP Gateway configuration", + "options": { + "collapsed": true + }, + "properties": { + "forward.IDP": { + "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/forward/entityID", + "type": "string", + "title": "PVP portal EntityID" + } + } + } + }, + "required": ["uniqueID", "friendlyName"] +} diff --git a/id/moa-id-webgui/src/main/resources/gui/types/general.json b/id/moa-id-webgui/src/main/resources/gui/types/general.json index a4addb5f8..f7861332d 100644 --- a/id/moa-id-webgui/src/main/resources/gui/types/general.json +++ b/id/moa-id-webgui/src/main/resources/gui/types/general.json @@ -24,16 +24,19 @@ "onlineBKU" : { "id": "http://www.egiz.gv.at/dynUI/general/bkuurls/online", "type": "string", + "format": "url", "title": "Online BKU" }, "handyBKU" : { "id": "http://www.egiz.gv.at/dynUI/general/bkuurls/handy", "type": "string", + "format": "url", "title": "Handy BKU" }, "localBKU" : { "id": "http://www.egiz.gv.at/dynUI/general/bkuurls/local", "type": "string", + "format": "url", "title": "Local BKU" } } @@ -87,6 +90,10 @@ "preview" : { "id": "http://www.egiz.gv.at/dynUI/general/auth/authblock/transform/preview", "type": "string" + }, + "filename" : { + "id": "http://www.egiz.gv.at/dynUIOA/general/auth/authblock/transform/filename", + "type": "string" } } }, diff --git a/id/moa-id-webgui/src/main/resources/gui/types/iidp.json b/id/moa-id-webgui/src/main/resources/gui/types/iidp.json new file mode 100644 index 000000000..a42254c36 --- /dev/null +++ b/id/moa-id-webgui/src/main/resources/gui/types/iidp.json @@ -0,0 +1,124 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "id": "http://www.egiz.gv.at/dynUI/OA", + "typeName": "moaidiidp", + "type": "object", + "title": "Interfederation IDP", + "format": "tabs", + "properties": { + "isActive" : { + "id": "http://www.egiz.gv.at/dynUI/OA/isactive", + "type": "boolean", + "format" : "checkbox", + "title": "is Active" + }, + "uniqueID": { + "id": "http://www.egiz.gv.at/dynUI/OA/uniqueId", + "type": "string", + "format": "url", + "title": "Unique Identifier (PublicURLPrefix)" + }, + "friendlyName": { + "id": "http://www.egiz.gv.at/dynUI/OA/friendlyname", + "type": "string", + "title": "Friendlyname" + }, + "businessservice" : { + "id": "http://www.egiz.gv.at/dynUI/OA/type", + "type": "boolean", + "format" : "checkbox", + "title": "Private Sector application" + }, + "interfederation": { + "id": "http://www.egiz.gv.at/dynUI/OA/interfederation", + "type": "object", + "title": "PVP Gateway", + "description": "STORK<->PVP Gateway configuration", + "options": { + "collapsed": true + }, + "properties": { + "SSO.inbound": { + "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/inbound", + "type": "boolean", + "format" : "checkbox", + "title": "Allow inbound SSO" + }, + "SSO.outbound": { + "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/outbound", + "type": "boolean", + "format" : "checkbox", + "title": "Allow outbound SSO" + }, + "SSO.store": { + "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/store", + "type": "boolean", + "format" : "checkbox", + "title": "Store SSO session" + }, + "passiveReqeust": { + "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/passiveReqeust", + "type": "boolean", + "format" : "checkbox", + "title": "Use SAML2 isPassive attribute" + }, + "localAuthOnError": { + "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/localAuthOnError", + "type": "boolean", + "format" : "checkbox", + "title": "Local authentication in case of an error" + }, + "attributequery.url": { + "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/attributequery/url", + "type": "string", + "title": "AttributeQuery service URL" + } + } + }, + "protocols": { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols", + "type": "object", + "title": "Protocols", + "description": "Authentication protocol configuration", + "options": { + "collapsed": true + }, + "properties": { + "pvp2x": { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x", + "type": "object", + "title": "PVP Configuration", + "description": "PVP 2.x authentication protocol", + "options": { + "collapsed": true + }, + "properties": { + "URL" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/url", + "type": "string", + "title": "Metadata URL" + }, + "certificate": { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate", + "type": "object", + "format": "file", + "title": "Metadata certificate", + "description": "Certificate for metadata signature validation", + "properties": { + "data" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/data", + "type": "string" + }, + "preview" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/preview", + "type": "string" + } + } + } + } + } + } + } + }, + "required": ["uniqueID", "friendlyName"] +} diff --git a/id/moa-id-webgui/src/main/resources/gui/types/oa.json b/id/moa-id-webgui/src/main/resources/gui/types/oa.json index eee0e97aa..aafc63b2e 100644 --- a/id/moa-id-webgui/src/main/resources/gui/types/oa.json +++ b/id/moa-id-webgui/src/main/resources/gui/types/oa.json @@ -1,7 +1,7 @@ { "$schema": "http://json-schema.org/draft-04/schema#", "id": "http://www.egiz.gv.at/dynUI/OA", - "typeName": "oa", + "typeName": "moaidoa", "type": "object", "title": "Online Application Configuration", "format": "tabs", @@ -29,7 +29,7 @@ "format" : "checkbox", "title": "Private Sector application" }, - "target": { + "auth.target": { "id": "http://www.egiz.gv.at/dynUI/OA/target", "type": "object", "title": "Target definition", @@ -96,25 +96,36 @@ "type": "string", "title": "Sub-Target" }, - "use.own" : { - "id": "http://www.egiz.gv.at/dynUI/OA/target/public/useowntarget", - "type": "boolean", - "format" : "checkbox", - "title": "Use own-target" - }, - "own.target" : { - "id": "http://www.egiz.gv.at/dynUI/OA/target/public/owntarget", - "type": "string", - "title": "Own target" - }, - "own.name" : { - "id": "http://www.egiz.gv.at/dynUI/OA/target/public/owntarget/friendlyname", - "type": "string", - "title": "Own target - friendlyname" - } + "own" : { + "id": "http://www.egiz.gv.at/dynUI/OA/target/public/own", + "type": "object", + "title": "Own Target", + "description": "Own Target definition", + "options": { + "collapsed": true + }, + "properties": { + "use" : { + "id": "http://www.egiz.gv.at/dynUI/OA/target/public/useowntarget", + "type": "boolean", + "format" : "checkbox", + "title": "Use own-target" + }, + "target" : { + "id": "http://www.egiz.gv.at/dynUI/OA/target/public/owntarget", + "type": "string", + "title": "Own target" + }, + "name" : { + "id": "http://www.egiz.gv.at/dynUI/OA/target/public/owntarget/friendlyname", + "type": "string", + "title": "Own target - friendlyname" + } + } + } } }, - "private": { + "business": { "id": "http://www.egiz.gv.at/dynUI/OA/target/private", "type": "object", "title": "Private Sector definition", @@ -138,11 +149,515 @@ "id": "http://www.egiz.gv.at/dynUI/OA/target/private/value", "type": "string", "title": "Identifier" - }, + } } } } - } + }, + "auth": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth", + "type": "object", + "title": "Authentication", + "description": "Authentication configuration", + "options": { + "collapsed": true + }, + "properties": { + "bku": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku", + "type": "object", + "title": "BKU configuration", + "description": "Online application specific BKU communikation", + "options": { + "collapsed": true + }, + "properties": { + "onlineBKU" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/online", + "type": "string", + "title": "Online BKU" + }, + "handyBKU" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/handy", + "type": "string", + "title": "Handy BKU" + }, + "localBKU" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/local", + "type": "string", + "title": "Local BKU" + }, + "keyBoxIdentifier" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/keyBoxIdentifier", + "type": "string", + "title": "KeyBoxIdentifier", + "enum": [ + "SecureSignatureKeypair", + "CertifiedKeypair" + ] + }, + "template": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template", + "type": "object", + "title": "SecurityLayer Templates", + "description": "Online application specific SecurityLayer templates", + "options": { + "collapsed": true + }, + "properties": { + "legacy" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template/legacy", + "type": "boolean", + "format" : "checkbox", + "title": "Activate Legacy Mode" + }, + "first.url" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/first/url", + "type": "string", + "title": "First SL-Template" + }, + "second.url" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/second/url", + "type": "string", + "title": "Second SL-Template" + }, + "third.url" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/third/url", + "type": "string", + "title": "Third SL-Template" + } + } + } + } + }, + "templates": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/templates", + "type": "object", + "title": "BKU selection customization", + "description": "Customization of the BKU selection form", + "options": { + "collapsed": true + }, + "properties": { + "customize": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize", + "type": "object", + "title": "Customize default template", + "description": "Customization of the default template", + "options": { + "collapsed": true + }, + "properties": { + "fonttype" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/fonttype", + "type": "string", + "title": "Font Type" + }, + "color.back" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/back", + "type": "string", + "title": "Backcolor" + }, + "color.front" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/front", + "type": "string", + "title": "Frontcolor" + }, + "header.color.back" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/back", + "type": "string", + "title": "Header Backcolor" + }, + "header.color.front" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/front", + "type": "string", + "title": "Header Frontcolor" + }, + "header.text" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/text", + "type": "string", + "title": "Header Text" + }, + "button.color.back.focus" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/back/focus", + "type": "string", + "title": "Font Type" + }, + "button.color.front" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/front", + "type": "string", + "title": "Font Type" + }, + "applet.redirecttarget" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/redirecttarget", + "type": "string", + "title": "Applet - Redirect Target", + "enum": [ + "_blank", + "_self", + "_parent", + "_top" + ] + }, + "applet.hight" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/hight", + "type": "string", + "title": "Applet - Hight" + }, + "applet.width" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/width", + "type": "string", + "title": "Applet - Width" + } + } + }, + "bkuselection": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection", + "type": "object", + "format": "file", + "title": "BKU selection template", + "description": "Applicatio specific BKU selection template", + "properties": { + "data" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection/data", + "type": "string" + }, + "preview" : { + "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/preview", + "type": "string" + }, + "filename" : { + "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/filename", + "type": "string" + } + } + }, + "sendAssertion": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion", + "type": "object", + "format": "file", + "title": "SendAssertion selection template", + "description": "Applicatio specific SendAssertion template", + "properties": { + "data" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion/data", + "type": "string" + }, + "preview" : { + "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/preview", + "type": "string" + }, + "filename" : { + "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/filename", + "type": "string" + } + } + } + } + }, + "authblock": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock", + "type": "object", + "title": "AuthBlock configuration", + "description": "Online application specific AuthBlock configuration", + "options": { + "collapsed": true + }, + "properties": { + "removebPK" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/removebpk", + "type": "boolean", + "format" : "checkbox", + "title": "Remove bPK/wbPK" + }, + "additionaltext" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/text", + "type": "string", + "format": "textarea", + "title": "Additional AuthBlock Text" + } + } + }, + "testcredentials": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials", + "type": "object", + "title": "Test identities", + "description": "Test identities configuration", + "options": { + "collapsed": true + }, + "properties": { + "enabled" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/enabled", + "type": "boolean", + "format" : "checkbox", + "title": "Enable test identities" + }, + "oids" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/oids", + "type": "string", + "title": "Allowed test-identity OIDs" + } + } + }, + "mandates": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates", + "type": "object", + "title": "Mandates", + "description": "Online mandate configuration", + "options": { + "collapsed": true + }, + "properties": { + "use" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates/use", + "type": "boolean", + "format" : "checkbox", + "title": "Mandates (yes/no)" + }, + "only" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates/only", + "type": "boolean", + "format" : "checkbox", + "title": "Only mandates allowed" + }, + "profiles" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates/profiles", + "type": "string", + "title": "Allowed mandated profiles" + } + } + }, + "sso": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/sso", + "type": "object", + "title": "Single Sign-On (SSO)", + "description": "Single Sign-On configuration", + "options": { + "collapsed": true + }, + "properties": { + "enabled" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/sso/enabled", + "type": "boolean", + "format" : "checkbox", + "title": "Single Sign-On (yes/no)" + }, + "userRequest" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/sso/sendassertionrequest", + "type": "boolean", + "format" : "checkbox", + "title": "Additional Userrequest" + } + } + }, + "stork": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork", + "type": "object", + "title": "STORK", + "description": "STORK configuration", + "options": { + "collapsed": true + }, + "properties": { + "enabled" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork/enabled", + "type": "boolean", + "format" : "checkbox", + "title": "Enable STORK logon" + }, + "minqaalevel" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork/minqaa", + "type": "boolean", + "format" : "checkbox", + "title": "Minimum QAA Level" + }, + "countries" : { + "type": "array", + "title": "Countries", + "format": "table", + "options": { + "collapsed": true, + "disable_array_add": true, + "disable_array_delete": true, + "disable_array_reorder": true + }, + "items": { + "type": "object", + "properties": { + "countrycode": { + "type": "string", + "readOnly": true, + "title": "CountryCode" + }, + "enabled": { + "type": "boolean", + "format": "checkbox", + "title": "Enabled" + } + } + } + }, + "attributes" : { + "type": "array", + "title": "Attributes", + "format": "table", + "options": { + "collapsed": true, + "disable_array_add": true, + "disable_array_delete": true, + "disable_array_reorder": true + }, + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "readOnly": true, + "title": "CountryCode" + }, + "requested": { + "type": "boolean", + "format": "checkbox", + "title": "Requested" + }, + "mandatory": { + "type": "boolean", + "format": "checkbox", + "title": "Mandatory" + } + } + } + } + } + } + } + }, + "protocols": { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols", + "type": "object", + "title": "Protocols", + "description": "Authentication protocol configuration", + "options": { + "collapsed": true + }, + "properties": { + "saml1": { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1", + "type": "object", + "title": "SAML1 Configuration", + "description": "SAML1 authentication protocol", + "options": { + "collapsed": true + }, + "properties": { + "enabled" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/enabled", + "type": "boolean", + "format" : "checkbox", + "title": "Enabled" + }, + "idl" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/idl", + "type": "boolean", + "format" : "checkbox", + "title": "IdentityLink" + }, + "baseid" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/baseid", + "type": "boolean", + "format" : "checkbox", + "title": "BaseID" + }, + "authblock" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/authblock", + "type": "boolean", + "format" : "checkbox", + "title": "AuthBlock" + }, + "certificate" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/certificate", + "type": "boolean", + "format" : "checkbox", + "title": "Signer Certificate" + }, + "mandate" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/mandate", + "type": "boolean", + "format" : "checkbox", + "title": "Full mandate" + }, + "returnError" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/returnError", + "type": "boolean", + "format" : "checkbox", + "title": "Return Errors to Application" + } + } + }, + "pvp2x": { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x", + "type": "object", + "title": "PVP Configuration", + "description": "PVP 2.x authentication protocol", + "options": { + "collapsed": true + }, + "properties": { + "URL" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/url", + "type": "string", + "title": "Metadata URL" + }, + "certificate": { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate", + "type": "object", + "format": "file", + "title": "Metadata certificate", + "description": "Certificate for metadata signature validation", + "properties": { + "data" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/data", + "type": "string" + }, + "preview" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/preview", + "type": "string" + } + } + } + } + }, + "openID" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid", + "type": "object", + "title": "OpenID Connect Configuration", + "description": "OpenID Connect authentication protocol", + "options": { + "collapsed": true + }, + "properties": { + "clientID" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid/clientid", + "type": "string", + "readOnly" : true, + "title": "Client-ID" + }, + "secret" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid/clientsecret", + "type": "string", + "readOnly" : true, + "title": "Client-Secret" + }, + "redirectURL" : { + "id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid/redirectURL", + "type": "string", + "title": "Client-Secret" + } + } + } + } + } }, "required": ["uniqueID", "friendlyName"] } diff --git a/id/moa-id-webgui/src/main/resources/gui/types/vidp.json b/id/moa-id-webgui/src/main/resources/gui/types/vidp.json new file mode 100644 index 000000000..3e6e4fb7b --- /dev/null +++ b/id/moa-id-webgui/src/main/resources/gui/types/vidp.json @@ -0,0 +1,371 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "id": "http://www.egiz.gv.at/dynUI/OA", + "typeName": "moaidvidp", + "type": "object", + "title": "STORK V-IDP", + "format": "tabs", + "properties": { + "isActive" : { + "id": "http://www.egiz.gv.at/dynUI/OA/isactive", + "type": "boolean", + "format" : "checkbox", + "title": "is Active" + }, + "uniqueID": { + "id": "http://www.egiz.gv.at/dynUI/OA/uniqueId", + "type": "string", + "format": "url", + "title": "Unique Identifier (PublicURLPrefix)" + }, + "friendlyName": { + "id": "http://www.egiz.gv.at/dynUI/OA/friendlyname", + "type": "string", + "title": "Friendlyname" + }, + "businessservice" : { + "id": "http://www.egiz.gv.at/dynUI/OA/type", + "type": "boolean", + "format" : "checkbox", + "title": "Private Sector application" + }, + "auth.target": { + "id": "http://www.egiz.gv.at/dynUI/OA/target", + "type": "object", + "title": "Target definition", + "description": "bPK or wbPK target definitions", + "options": { + "collapsed": true + }, + "properties": { + "business": { + "id": "http://www.egiz.gv.at/dynUI/OA/target/private", + "type": "object", + "title": "Private Sector definition", + "description": "wbPK target definitions", + "options": { + "collapsed": true + }, + "properties": { + "type" : { + "id": "http://www.egiz.gv.at/dynUI/OA/target/private/type", + "type": "string", + "title": "Sector Type", + "enum": [ + "FN", + "ZVR", + "ERSB", + "STORK" + ] + }, + "value" : { + "id": "http://www.egiz.gv.at/dynUI/OA/target/private/value", + "type": "string", + "title": "Identifier" + } + } + } + } + }, + "auth": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth", + "type": "object", + "title": "Authentication", + "description": "Authentication configuration", + "options": { + "collapsed": true + }, + "properties": { + "bku": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku", + "type": "object", + "title": "BKU configuration", + "description": "Online application specific BKU communikation", + "options": { + "collapsed": true + }, + "properties": { + "onlineBKU" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/online", + "type": "string", + "title": "Online BKU" + }, + "handyBKU" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/handy", + "type": "string", + "title": "Handy BKU" + }, + "localBKU" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/local", + "type": "string", + "title": "Local BKU" + }, + "keyBoxIdentifier" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/keyBoxIdentifier", + "type": "string", + "title": "KeyBoxIdentifier", + "enum": [ + "SecureSignatureKeypair", + "CertifiedKeypair" + ] + }, + "template": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template", + "type": "object", + "title": "SecurityLayer Templates", + "description": "Online application specific SecurityLayer templates", + "options": { + "collapsed": true + }, + "properties": { + "legacy" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template/legacy", + "type": "boolean", + "format" : "checkbox", + "title": "Activate Legacy Mode" + }, + "first.url" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/first/url", + "type": "string", + "title": "First SL-Template" + }, + "second.url" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/second/url", + "type": "string", + "title": "Second SL-Template" + }, + "third.url" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/third/url", + "type": "string", + "title": "Third SL-Template" + } + } + } + } + }, + "templates": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/templates", + "type": "object", + "title": "BKU selection customization", + "description": "Customization of the BKU selection form", + "options": { + "collapsed": true + }, + "properties": { + "customize": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize", + "type": "object", + "title": "Customize default template", + "description": "Customization of the default template", + "options": { + "collapsed": true + }, + "properties": { + "fonttype" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/fonttype", + "type": "string", + "title": "Font Type" + }, + "color.back" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/back", + "type": "string", + "title": "Backcolor" + }, + "color.front" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/front", + "type": "string", + "title": "Frontcolor" + }, + "header.color.back" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/back", + "type": "string", + "title": "Header Backcolor" + }, + "header.color.front" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/front", + "type": "string", + "title": "Header Frontcolor" + }, + "header.text" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/text", + "type": "string", + "title": "Header Text" + }, + "button.color.back.focus" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/back/focus", + "type": "string", + "title": "Font Type" + }, + "button.color.front" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/front", + "type": "string", + "title": "Font Type" + }, + "applet.redirecttarget" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/redirecttarget", + "type": "string", + "title": "Applet - Redirect Target", + "enum": [ + "_blank", + "_self", + "_parent", + "_top" + ] + }, + "applet.hight" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/hight", + "type": "string", + "title": "Applet - Hight" + }, + "applet.width" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/width", + "type": "string", + "title": "Applet - Width" + } + } + }, + "bkuselection": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection", + "type": "object", + "format": "file", + "title": "BKU selection template", + "description": "Applicatio specific BKU selection template", + "properties": { + "data" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection/data", + "type": "string" + }, + "preview" : { + "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/preview", + "type": "string" + }, + "filename" : { + "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/filename", + "type": "string" + } + } + }, + "sendAssertion": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion", + "type": "object", + "format": "file", + "title": "SendAssertion selection template", + "description": "Applicatio specific SendAssertion template", + "properties": { + "data" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion/data", + "type": "string" + }, + "preview" : { + "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/preview", + "type": "string" + }, + "filename" : { + "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/filename", + "type": "string" + } + } + } + } + }, + "authblock": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock", + "type": "object", + "title": "AuthBlock configuration", + "description": "Online application specific AuthBlock configuration", + "options": { + "collapsed": true + }, + "properties": { + "removebPK" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/removebpk", + "type": "boolean", + "format" : "checkbox", + "title": "Remove bPK/wbPK" + }, + "additionaltext" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/text", + "type": "string", + "format": "textarea", + "title": "Additional AuthBlock Text" + } + } + }, + "testcredentials": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials", + "type": "object", + "title": "Test identities", + "description": "Test identities configuration", + "options": { + "collapsed": true + }, + "properties": { + "enabled" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/enabled", + "type": "boolean", + "format" : "checkbox", + "title": "Enable test identities" + }, + "oids" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/oids", + "type": "string", + "title": "Allowed test-identity OIDs" + } + } + }, + "stork": { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork", + "type": "object", + "title": "STORK", + "description": "STORK configuration", + "options": { + "collapsed": true + }, + "properties": { + "requireConsent" : { + "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork/requireConsent", + "type": "boolean", + "format" : "checkbox", + "title": "Ask the user for attributes transfer consent" + }, + "attributeprovider" : { + "type": "array", + "title": "Attribute-Provider Plug-ins", + "format": "table", + "options": { + "collapsed": true + }, + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "title": "Attribute Plug-in", + "enum": [ + "StorkAttributeRequestProvider", + "EHvdAttributeProvider_deprecated", + "EHvdAttributeProvider", + "SignedDocAttributeRequestProvider", + "MandateAttributeRequestProvider", + "PVPAuthenticationProvider" + ] + }, + "url": { + "type": "string", + "format": "url", + "title": "URL" + }, + "attributes": { + "type": "string", + "title": "Attribute (CSV)" + } + } + } + } + } + } + } + } + }, + "required": ["uniqueID", "friendlyName"] +} diff --git a/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml b/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml index 3d1528fdf..0ee7ac89c 100644 --- a/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml +++ b/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml @@ -9,14 +9,16 @@ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> - - + - + - - + + + + + \ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index f62c21ed9..54484a854 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -99,7 +99,7 @@ import at.gv.util.xsd.srzgw.MISType.Filters; * @version $Id: AuthenticationServer.java 1273 2012-02-27 14:50:18Z kstranacher * $ */ -public class AuthenticationServer implements MOAIDAuthConstants { +public class AuthenticationServer extends MOAIDAuthConstants { /** * single instance diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java index 5223a181d..3d12bae61 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java @@ -9,6 +9,9 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; + import iaik.asn1.ObjectID; @@ -18,7 +21,7 @@ import iaik.asn1.ObjectID; * @author Paul Ivancsics * @version $Id$ */ -public interface MOAIDAuthConstants { +public class MOAIDAuthConstants extends MOAIDConstants{ /** servlet parameter "Target" */ public static final String PARAM_TARGET = "Target"; @@ -113,9 +116,7 @@ public interface MOAIDAuthConstants { // /** the number of the certifcate extension for party organ representatives */ // public static final String PARTY_ORGAN_REPRESENTATION_OID_NUMBER = PARTY_REPRESENTATION_OID_NUMBER + ".10"; - - public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+"; - + /** OW */ public static final String OW_ORGANWALTER = PARTY_REPRESENTATION_OID_NUMBER + ".4"; @@ -143,8 +144,6 @@ public interface MOAIDAuthConstants { public static final String PARAM_APPLET_HEIGTH = "heigth"; public static final String PARAM_APPLET_WIDTH = "width"; - public static final String TESTCREDENTIALROOTOID = "1.2.40.0.10.2.4.1"; - public static final Map COUNTRYCODE_XX_TO_NAME = Collections.unmodifiableMap(new HashMap() { private static final long serialVersionUID = 1L; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index ffadc2631..573f2e09f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -116,7 +116,7 @@ import at.gv.util.xsd.szr.PersonInfoType; * @author tlenz * */ -public class AuthenticationDataBuilder implements MOAIDAuthConstants { +public class AuthenticationDataBuilder extends MOAIDAuthConstants { public static IAuthData buildAuthenticationData(IRequest protocolRequest, AuthenticationSession session, List reqAttributes) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java index 924051e2a..899b0fd15 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.builder; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; /** @@ -96,7 +97,7 @@ public class DataURLBuilder { dataURL = authBaseURL + authServletName; - dataURL = addParameter(dataURL, AuthServlet.PARAM_SESSIONID, sessionID); + dataURL = addParameter(dataURL, MOAIDAuthConstants.PARAM_SESSIONID, sessionID); return dataURL; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index a26dec969..3b903009c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -44,7 +44,7 @@ import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; -public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ +public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ public static void parse(AuthenticationSession moasession, String target, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java index c4c4b2691..43f4f90ff 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java @@ -96,7 +96,7 @@ import at.gv.egovernment.moa.util.URLDecoder; * @author Paul Ivancsics * @version $Id$ */ -public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { +public class AuthServlet extends HttpServlet { /** * diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index 5802ce3b9..7b55564c4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringEscapeUtils; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; @@ -64,10 +65,10 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { String pendingRequestID = null; try { - String bkuid = req.getParameter(PARAM_BKU); - String useMandate = req.getParameter(PARAM_USEMANDATE); - String ccc = req.getParameter(PARAM_CCC); - String moasessionid = req.getParameter(PARAM_SESSIONID); + String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU); + String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE); + String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC); + String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); moasessionid = StringEscapeUtils.escapeHtml(moasessionid); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index 626c95b19..0a6d30be7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -32,6 +32,7 @@ import org.apache.velocity.VelocityContext; import org.opensaml.saml2.core.LogoutResponse; import org.opensaml.saml2.metadata.SingleLogoutService; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -64,9 +65,9 @@ public class IDPSingleLogOutServlet extends AuthServlet { SSOManager ssomanager = SSOManager.getInstance(); String ssoid = ssomanager.getSSOSessionID(req); - Object restartProcessObj = req.getParameter(PARAM_SLORESTART); + Object restartProcessObj = req.getParameter(MOAIDAuthConstants.PARAM_SLORESTART); - Object tokkenObj = req.getParameter(PARAM_SLOSTATUS); + Object tokkenObj = req.getParameter(MOAIDAuthConstants.PARAM_SLOSTATUS); String tokken = null; String status = null; if (tokkenObj != null && tokkenObj instanceof String) { @@ -78,7 +79,7 @@ public class IDPSingleLogOutServlet extends AuthServlet { } VelocityContext context = new VelocityContext(); - if (SLOSTATUS_SUCCESS.equals(status)) + if (MOAIDAuthConstants.SLOSTATUS_SUCCESS.equals(status)) context.put("successMsg", MOAIDMessageProvider.getInstance().getMessage("slo.00", null)); else @@ -148,12 +149,12 @@ public class IDPSingleLogOutServlet extends AuthServlet { String statusCode = null; if (sloContainer.getSloFailedOAs() == null || sloContainer.getSloFailedOAs().size() == 0) - statusCode = SLOSTATUS_SUCCESS; + statusCode = MOAIDAuthConstants.SLOSTATUS_SUCCESS; else - statusCode = SLOSTATUS_ERROR; + statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR; AssertionStorage.getInstance().put(artifact, statusCode); - redirectURL = addURLParameter(redirectURL, PARAM_SLOSTATUS, artifact); + redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact); } //redirect to Redirect Servlet diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java index 43b6c03d4..0b6180d0f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java @@ -33,10 +33,10 @@ public class ProcessEngineSignalServlet extends AuthServlet { * The HttpServletResponse. */ private void setNoCachingHeaders(HttpServletResponse resp) { - resp.setHeader(HEADER_EXPIRES, HEADER_VALUE_EXPIRES); - resp.setHeader(HEADER_PRAGMA, HEADER_VALUE_PRAGMA); - resp.setHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL_IE); + resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, MOAIDAuthConstants.HEADER_VALUE_EXPIRES); + resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, MOAIDAuthConstants.HEADER_VALUE_PRAGMA); + resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); + resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); } /** @@ -95,7 +95,7 @@ public class ProcessEngineSignalServlet extends AuthServlet { * @return The current MOA session id. */ public String getMoaSessionId(HttpServletRequest request) { - return StringEscapeUtils.escapeHtml(request.getParameter(PARAM_SESSIONID)); + return StringEscapeUtils.escapeHtml(request.getParameter(MOAIDAuthConstants.PARAM_SESSIONID)); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java index 7266a3302..431a7e0f7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java @@ -29,6 +29,7 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; @@ -55,9 +56,9 @@ public class RedirectServlet extends AuthServlet{ Logger.debug("Receive " + RedirectServlet.class + " Request"); String url = req.getParameter(REDIRCT_PARAM_URL); - String target = req.getParameter(PARAM_TARGET); - String artifact = req.getParameter(PARAM_SAMLARTIFACT); - String interIDP = req.getParameter(INTERFEDERATION_IDP); + String target = req.getParameter(MOAIDAuthConstants.PARAM_TARGET); + String artifact = req.getParameter(MOAIDAuthConstants.PARAM_SAMLARTIFACT); + String interIDP = req.getParameter(MOAIDAuthConstants.INTERFEDERATION_IDP); Logger.debug("Check URL against online-applications"); OAAuthParameter oa = null; @@ -85,12 +86,12 @@ public class RedirectServlet extends AuthServlet{ if (MiscUtil.isNotEmpty(target)) { // redirectURL = addURLParameter(redirectURL, PARAM_TARGET, // URLEncoder.encode(session.getTarget(), "UTF-8")); - url = addURLParameter(url, PARAM_TARGET, + url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(target, "UTF-8")); } - url = addURLParameter(url, PARAM_SAMLARTIFACT, + url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(artifact, "UTF-8")); url = resp.encodeRedirectURL(url); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java index d4cb909d9..d36a4318a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java @@ -27,7 +27,6 @@ import java.io.UnsupportedEncodingException; import java.util.ArrayList; import java.util.List; -import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java index 8fad1bc83..38135b028 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java @@ -22,6 +22,10 @@ */ package at.gv.egovernment.moa.id.config.auth; +import java.net.URI; +import java.net.URISyntaxException; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.logging.Logger; @@ -50,13 +54,21 @@ public class AuthConfigurationProviderFactory { * @throws ConfigurationException */ public static AuthConfiguration reload() throws ConfigurationException { - String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); + String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); if (fileName == null) { throw new ConfigurationException("config.01", null); } Logger.info("Loading MOA-ID-AUTH configuration " + fileName); - - instance = new PropertyBasedAuthConfigurationProvider(fileName); + + try { + URI fileURI = new URI(fileName); + instance = new PropertyBasedAuthConfigurationProvider(fileURI); + + } catch (URISyntaxException e){ + Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix."); + throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, fileName}); + + } return instance; } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 3bf631108..4587f0bc3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -59,6 +59,7 @@ import java.util.Set; import org.apache.commons.lang.SerializationUtils; import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.validation.TargetValidator; @@ -113,11 +114,11 @@ public String getIdentityLinkDomainIdentifier() { String type = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE); String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE); if (MiscUtil.isNotEmpty(type) && MiscUtil.isNotEmpty(value)) { - if (MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK.equals(type)) { - return MOAIDConfigurationConstants.PREFIX_STORK + "AT" + "+" + value; + if (MOAIDConstants.IDENIFICATIONTYPE_STORK.equals(type)) { + return MOAIDConstants.PREFIX_STORK + "AT" + "+" + value; } else { - return MOAIDConfigurationConstants.PREFIX_WPBK + type + "+" + value; + return MOAIDConstants.PREFIX_WPBK + type + "+" + value; } } @@ -567,7 +568,7 @@ public Collection getStorkAPs() { @Override public byte[] getBKUSelectionTemplate() { try { - String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION); + String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA); if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) { return Base64Utils.decode(bkuSelectionTemplateBase64, false); @@ -587,7 +588,7 @@ public byte[] getBKUSelectionTemplate() { @Override public byte[] getSendAssertionTemplate() { try { - String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION); + String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA); if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) { return Base64Utils.decode(bkuSelectionTemplateBase64, false); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index 9535c9aa3..9fc03e2df 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -62,7 +62,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @param fileName the path to the properties file * @throws ConfigurationException if an error occurs during loading the properties file. */ - public PropertyBasedAuthConfigurationProvider(String fileName) throws ConfigurationException { + public PropertyBasedAuthConfigurationProvider(URI fileName) throws ConfigurationException { File propertiesFile = new File(fileName); rootConfigFileDir = propertiesFile.getParent(); try { @@ -72,14 +72,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide throw new ConfigurationException("config.03", null, t); } - - System.getProperties().setProperty("location", "file:" + fileName); - context = new ClassPathXmlApplicationContext( - new String[] { "moaid.configuration.beans.xml", - "configuration.beans.xml" - }); - AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); - acbFactory.autowireBean(this); FileInputStream in = null; try { @@ -87,6 +79,15 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide properties.load(in); super.initial(properties); +// JPAPropertiesWithJavaConfig.setLocalProperties(configProp); +// System.getProperties().setProperty("location", "file:" + fileName); + context = new ClassPathXmlApplicationContext( + new String[] { "moaid.configuration.beans.xml", + "configuration.beans.xml" + }); + AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); + acbFactory.autowireBean(this); + } catch (FileNotFoundException e) { throw new ConfigurationException("config.03", null, e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index 2e0aa5486..15dbf818d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; @@ -279,7 +280,7 @@ public class DispatcherServlet extends AuthServlet{ //create interfederated MOASession String sessionID = AuthenticationSessionStoreage.createInterfederatedSession(protocolRequest, true, ssoId); - req.getParameterMap().put(PARAM_SESSIONID, new String[]{ sessionID }); + req.getParameterMap().put(MOAIDAuthConstants.PARAM_SESSIONID, new String[]{ sessionID }); Logger.info("PreProcessing of SSO interfederation response complete. "); @@ -459,7 +460,7 @@ public class DispatcherServlet extends AuthServlet{ } } else { - moasessionID = (String) req.getParameter(PARAM_SESSIONID); + moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); moasession = AuthenticationSessionStoreage.getSession(moasessionID); } @@ -475,7 +476,7 @@ public class DispatcherServlet extends AuthServlet{ } } else { - moasessionID = (String) req.getParameter(PARAM_SESSIONID); + moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); moasession = AuthenticationSessionStoreage.getSession(moasessionID); moasessionID = AuthenticationSessionStoreage.changeSessionID(moasession); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index e4a358cdb..25aaf4310 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -103,7 +103,7 @@ import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -public class AuthenticationManager implements MOAIDAuthConstants { +public class AuthenticationManager extends MOAIDAuthConstants { private static final AuthenticationManager INSTANCE = new AuthenticationManager(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java index 529e2ab81..fda92d71a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java @@ -31,7 +31,7 @@ import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; -public interface IAction extends MOAIDAuthConstants { +public interface IAction { public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException; public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 6b5e6a0f3..e9b18348c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -99,7 +99,7 @@ import at.gv.egovernment.moa.id.util.VelocityLogAdapter; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { +public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { public static final String NAME = PVP2XProtocol.class.getName(); public static final String PATH = "id_pvp2x"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java index 9884d2a8a..b567798fa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java @@ -60,6 +60,7 @@ import org.opensaml.xml.XMLObject; import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.security.x509.X509Credential; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; @@ -265,12 +266,12 @@ public class SingleLogOutAction implements IAction { String statusCode = null; if (sloContainer.getSloFailedOAs() == null || sloContainer.getSloFailedOAs().size() == 0) - statusCode = SLOSTATUS_SUCCESS; + statusCode = MOAIDAuthConstants.SLOSTATUS_SUCCESS; else - statusCode = SLOSTATUS_ERROR; + statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR; AssertionStorage.getInstance().put(artifact, statusCode); - redirectURL = addURLParameter(redirectURL, PARAM_SLOSTATUS, artifact); + redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact); } //redirect to Redirect Servlet diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java index 8adf5cad9..72775ec02 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java @@ -22,9 +22,8 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -interface IPVPAttributeBuilder extends PVPConstants, MOAIDAuthConstants, IAttributeBuilder { +interface IPVPAttributeBuilder extends PVPConstants, IAttributeBuilder { } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index 5b1f49411..2019b0d20 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -27,6 +27,7 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; @@ -83,8 +84,8 @@ public class GetArtifactAction implements IAction { String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8")); if (!oaParam.getBusinessService()) - url = addURLParameter(url, PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8")); - url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); + url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8")); + url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); url = httpResp.encodeRedirectURL(url); httpResp.setContentType("text/html"); @@ -94,12 +95,12 @@ public class GetArtifactAction implements IAction { } else { String redirectURL = oaURL; if (!oaParam.getBusinessService()) { - redirectURL = addURLParameter(redirectURL, PARAM_TARGET, + redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8")); } - redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, + redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); redirectURL = httpResp.encodeRedirectURL(redirectURL); httpResp.setContentType("text/html"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index bc38735ac..cdc50d8a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -49,7 +49,7 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.URLEncoder; -public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { +public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo { public static final String NAME = SAML1Protocol.class.getName(); public static final String PATH = "id_saml1"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index f0b0f58de..de1924ba1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -22,6 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider; @@ -50,14 +51,7 @@ public class AttributeProviderFactory { * @return the available plugins */ public static List getAvailablePlugins() { - List result = new ArrayList(); - result.add("StorkAttributeRequestProvider"); - result.add("EHvdAttributeProvider_deprecated"); - result.add("EHvdAttributeProvider"); - result.add("SignedDocAttributeRequestProvider"); - result.add("MandateAttributeRequestProvider"); - result.add("PVPAuthenticationProvider"); - return result; + return MOAIDConstants.ALLOWED_STORKATTRIBUTEPROVIDERS; } /** diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 9eab99c52..42cf04877 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -45,7 +45,7 @@ import java.util.HashMap; * * @author bsuzic */ -public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { +public class STORKProtocol extends MOAIDAuthConstants implements IModulInfo { public static final String NAME = STORKProtocol.class.getName(); public static final String PATH = "id_stork2"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java index 64ae95093..47010a735 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java @@ -72,7 +72,7 @@ import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; -public class ParamValidatorUtils implements MOAIDAuthConstants{ +public class ParamValidatorUtils extends MOAIDAuthConstants{ /** * Checks if the given target is valid diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java index 9ce44fe15..dd4e67bcd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java @@ -30,7 +30,7 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -public class LegacyHelper implements MOAIDAuthConstants{ +public class LegacyHelper extends MOAIDAuthConstants{ public static boolean isUseMandateRequested(HttpServletRequest req) throws WrongParametersException { diff --git a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml index cdfde11b1..e9e4eb23d 100644 --- a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml +++ b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml @@ -9,6 +9,30 @@ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index fc1aa714e..827eeec8d 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -75,7 +75,8 @@ config.19=Kein Schl\u00FCssel f\u00FCr die Resignierung der Personenbindung gefu config.20=Umgebungsvariable "moa.id.proxy.configuration" nicht gesetzt config.21=F\u00FCr diese Online Applikation sind keine Vollmachtsprofile hinterlegt. config.22=F\u00FCr den Interfederation-Gateway mit der ID {0} ist kein Endpunkt zur Weiterleitung konfiguriert. -config.23=Fehler beim initialisieren von OpenSAML +config.23=Fehler beim initialisieren von OpenSAML +config.24=MOA-ID-Auth Configfile {1} does not start with {0} prefix. parser.00=Leichter Fehler beim Parsen: {0} parser.01=Fehler beim Parsen: {0} diff --git a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties index faafa6fd2..59a29d9bd 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties @@ -55,6 +55,7 @@ config.20=9199 config.21=9006 config.22=9008 config.23=9199 +config.24=9199 parser.00=1101 parser.01=1101 diff --git a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java index 6e1f612c8..fd1473b1f 100644 --- a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java +++ b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java @@ -1,10 +1,19 @@ package test.tlenz; +import java.io.FileInputStream; +import java.io.InputStream; + +import org.w3c.dom.Element; + import iaik.asn1.structures.Name; import iaik.utils.RFC2253NameParser; import iaik.utils.RFC2253NameParserException; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.data.AuthenticationRole; import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; +import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; +import at.gv.egovernment.moa.util.DOMUtils; /******************************************************************************* * Copyright 2014 Federal Chancellery Austria @@ -49,6 +58,19 @@ import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; public class simpletest { // public static void main(String[] args) { + try { + InputStream s = new FileInputStream("D:/idl_test/identity_link.xml"); + Element idlTemplate = DOMUtils.parseXmlValidating(s); + + //resign IDL + IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); + Element resignedilAssertion = identitylinkresigner.resignIdentityLink(idlTemplate, "IDLSigning"); + IdentityLink identityLink = new IdentityLinkAssertionParser(resignedilAssertion).parseIdentityLink(); + + } catch (Exception e) { + System.out.println(e.getMessage()); + + } String subjectName = "serialNumber=896929130327, givenName=OCSP, SN=Responder 03-1, CN=OCSP Responder 03-1, C=AT"; diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java new file mode 100644 index 000000000..e084c07e5 --- /dev/null +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java @@ -0,0 +1,109 @@ +/* + * Copyright 2014 Federal Chancellery Austria + * MOA-ID has been developed in a cooperation between BRZ, the Federal + * Chancellery Austria - ICT staff unit, and Graz University of Technology. + * + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. + * You may obtain a copy of the Licence at: + * http://www.osor.eu/eupl/ + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the Licence for the specific language governing permissions and + * limitations under the Licence. + * + * This product combines work with different licenses. See the "NOTICE" text + * file for details on the various modules and licenses. + * The "NOTICE" text file is part of the distribution. Any derivative works + * that you distribute must include a readable copy of the "NOTICE" text file. + */ +package at.gv.egovernment.moa.id.commons; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.Hashtable; +import java.util.List; +import java.util.Map; + +/** + * @author tlenz + * + */ +public class MOAIDConstants { + + //general configuration constants + + public static final String FILE_URI_PREFIX = "file:/"; + + public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+"; + public static final String PREFIX_STORK = "urn:publicid:gv.at:storkid+"; + + public static final String IDENIFICATIONTYPE_FN = "FN"; + public static final String IDENIFICATIONTYPE_ERSB = "ERSB"; + public static final String IDENIFICATIONTYPE_ZVR = "ZVR"; + public static final String IDENIFICATIONTYPE_STORK = "STORK"; + + public static final String KEYBOXIDENTIFIER_SECURE = "SecureSignatureKeypair"; + public static final String KEYBOXIDENTIFIER_CERTIFIED = "CertifiedKeypair"; + + public static final String TESTCREDENTIALROOTOID = "1.2.40.0.10.2.4.1"; + + public static final String REDIRECTTARGET_TOP = "_top"; + public static final String REDIRECTTARGET_SELF = "_self"; + public static final String REDIRECTTARGET_PARENT = "_parent"; + public static final String REDIRECTTARGET_BLANK = "_blank"; + + public static final Map BUSINESSSERVICENAMES; + public static final List ALLOWED_WBPK_PREFIXES; + public static final List ALLOWED_KEYBOXIDENTIFIER; + public static final List ALLOWED_REDIRECTTARGETNAMES; + public static final List ALLOWED_STORKATTRIBUTEPROVIDERS; + + + static { + Hashtable tmp = new Hashtable(); + tmp.put(IDENIFICATIONTYPE_FN, "Firmenbuchnummer"); + tmp.put(IDENIFICATIONTYPE_ZVR, "Vereinsnummer"); + tmp.put(IDENIFICATIONTYPE_ERSB, "ERsB Kennzahl"); + tmp.put(IDENIFICATIONTYPE_STORK, "STORK"); + BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp); + + List awbpk = new ArrayList(); + awbpk.add(IDENIFICATIONTYPE_FN); + awbpk.add(IDENIFICATIONTYPE_ERSB); + awbpk.add(IDENIFICATIONTYPE_ZVR); + awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_FN); + awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_ERSB); + awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_ZVR); + ALLOWED_WBPK_PREFIXES = Collections.unmodifiableList(awbpk); + + List keyboxIDs = new ArrayList(); + awbpk.add(KEYBOXIDENTIFIER_SECURE); + awbpk.add(KEYBOXIDENTIFIER_CERTIFIED); + ALLOWED_KEYBOXIDENTIFIER = Collections.unmodifiableList(keyboxIDs); + + List redirectTargets = new ArrayList(); + redirectTargets.add(REDIRECTTARGET_BLANK); + redirectTargets.add(REDIRECTTARGET_PARENT); + redirectTargets.add(REDIRECTTARGET_SELF); + redirectTargets.add(REDIRECTTARGET_TOP); + ALLOWED_REDIRECTTARGETNAMES = Collections.unmodifiableList(redirectTargets); + + } + + static { + List storkAttrProvider = new ArrayList(); + storkAttrProvider.add("StorkAttributeRequestProvider"); + storkAttrProvider.add("EHvdAttributeProvider_deprecated"); + storkAttrProvider.add("EHvdAttributeProvider"); + storkAttrProvider.add("SignedDocAttributeRequestProvider"); + storkAttrProvider.add("MandateAttributeRequestProvider"); + storkAttrProvider.add("PVPAuthenticationProvider"); + ALLOWED_STORKATTRIBUTEPROVIDERS = Collections.unmodifiableList(storkAttrProvider); + + } + +} diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java index 694ff0720..4f47efb78 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java @@ -30,6 +30,7 @@ import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; +import java.util.Iterator; import java.util.List; import java.util.Map; @@ -110,12 +111,10 @@ public class ConfigurationMigrationUtils { * but no MOA-ID configuration prefix * * @param oa MOA-ID 2.x OnlineApplication configuration + * @param storkConfig * @return MOA-ID 3.x OnlineApplication configuration without prefix but never Null */ - public static Map convertHyberJaxBOnlineApplicationToKeyValue(OnlineApplication oa) { - //TODO: add C-PEPS countries and STORK attributes from general config!!!! - //TODO: add correct list identifiers for metadata handling - + public static Map convertHyberJaxBOnlineApplicationToKeyValue(OnlineApplication oa, STORK storkConfig) { Map result = new HashMap(); if (oa != null) { //convert oaID and friendlyname @@ -296,6 +295,34 @@ public class ConfigurationMigrationUtils { result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_USERREQUEST, Boolean.TRUE.toString()); } + //convert interfederation configuration + InterfederationIDPType moaIDP = oa.getInterfederationIDP(); + if (moaIDP != null) { + result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_IIDP); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL, + moaIDP.getAttributeQueryURL()); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_INBOUND, + String.valueOf(moaIDP.isInboundSSO())); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_OUTBOUND, + String.valueOf(moaIDP.isOutboundSSO())); + + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_STORE, + String.valueOf(moaIDP.isStoreSSOSession())); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_LOCALAUTHONERROR, + String.valueOf(moaIDP.isPerformLocalAuthenticationOnError())); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_PASSIVEREQUEST, + String.valueOf(moaIDP.isPerformPassivRequest())); + } + + //convert STORK <-> PVP2X gateway configuration + InterfederationGatewayType gateway = oa.getInterfederationGateway(); + if (gateway != null) { + result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_GATEWAY); + result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER, + gateway.getForwardIDPIdentifier()); + + } + //convert STORK config OASTORK config = oaauth.getOASTORK(); if(config != null) { @@ -309,46 +336,6 @@ public class ConfigurationMigrationUtils { else result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, "4"); - if (config.getCPEPS() != null) { - for (int i=0; i configuredCPEPs = new ArrayList(); + if (storkConfig != null && storkConfig.getCPEPS() != null) { + for (CPEPS el : storkConfig.getCPEPS()) { + if (MiscUtil.isNotEmpty(el.getCountryCode())) + configuredCPEPs.add(el.getCountryCode()); + + } + } + int listCounter = 0; + if (config.getCPEPS() != null) { + Iterator oaCPEPSInterator = config.getCPEPS().iterator(); + while(oaCPEPSInterator.hasNext()) { + CPEPS oaCpeps = oaCPEPSInterator.next(); + String oaCountryCode = oaCpeps.getCountryCode(); + if (MiscUtil.isNotEmpty(oaCountryCode)) { + if (configuredCPEPs.contains(oaCountryCode)) + configuredCPEPs.remove(oaCountryCode); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED, + Boolean.TRUE.toString()); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE, + oaCountryCode); + + listCounter++; + } + } + } + Iterator confCPEPS = configuredCPEPs.iterator(); + while (confCPEPS.hasNext()) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED, + Boolean.TRUE.toString()); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE, + confCPEPS.next()); + listCounter++; + + } + + //fetch STORK attributes + List configuredAttributs = new ArrayList(); + if (storkConfig != null && storkConfig.getAttributes() != null) { + for (StorkAttribute el : storkConfig.getAttributes()) { + if (MiscUtil.isNotEmpty(el.getName())) + configuredAttributs.add(el.getName()); + + } + } + listCounter = 0; + if (config.getOAAttributes() != null) { + Iterator oaAttributeInterator = config.getOAAttributes().iterator(); + while (oaAttributeInterator.hasNext()) { + OAStorkAttribute oaAttr = oaAttributeInterator.next(); + if (MiscUtil.isNotEmpty(oaAttr.getName())) { + if (configuredAttributs.contains(oaAttr.getName())) + configuredAttributs.remove(oaAttr.getName()); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME, + oaAttr.getName()); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED, + Boolean.TRUE.toString()); + + + if (oaAttr.isMandatory() != null) + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, + oaAttr.isMandatory().toString()); + else + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, + Boolean.FALSE.toString()); + listCounter++; + } + } + } + Iterator configuredAttributsInterator = configuredAttributs.iterator(); + while (configuredAttributsInterator.hasNext()) { + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME, + configuredAttributsInterator.next()); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED, + Boolean.TRUE.toString()); + + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST + + "." + String.valueOf(listCounter) + "." + + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, + Boolean.FALSE.toString()); + listCounter++; + + } + } } //convert protocols SAML1 @@ -479,9 +580,9 @@ public class ConfigurationMigrationUtils { TransformsInfoType bkuSelectTemplate = templates.getBKUSelectionTemplate(); if (bkuSelectTemplate != null && MiscUtil.isNotEmpty(bkuSelectTemplate.getFilename())) { try { - result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION, + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA, Base64Utils.encode(bkuSelectTemplate.getTransformation())); - result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME, + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW, bkuSelectTemplate.getFilename()); } catch (Exception e) { @@ -495,9 +596,9 @@ public class ConfigurationMigrationUtils { TransformsInfoType sendAssertionTemplate = templates.getSendAssertionTemplate(); if (sendAssertionTemplate != null && MiscUtil.isNotEmpty(sendAssertionTemplate.getFilename())) { try { - result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION, + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA, Base64Utils.encode(sendAssertionTemplate.getTransformation())); - result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME, + result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_PREVIEW, sendAssertionTemplate.getFilename()); } catch (Exception e) { @@ -577,38 +678,11 @@ public class ConfigurationMigrationUtils { } } } - - //convert interfederation configuration - InterfederationIDPType moaIDP = oa.getInterfederationIDP(); - if (moaIDP != null) { - result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_IIDP); - result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL, - moaIDP.getAttributeQueryURL()); - result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_INBOUND, - String.valueOf(moaIDP.isInboundSSO())); - result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_OUTBOUND, - String.valueOf(moaIDP.isOutboundSSO())); - - result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_STORE, - String.valueOf(moaIDP.isStoreSSOSession())); - result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_LOCALAUTHONERROR, - String.valueOf(moaIDP.isPerformLocalAuthenticationOnError())); - result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_PASSIVEREQUEST, - String.valueOf(moaIDP.isPerformPassivRequest())); - } - - //convert STORK <-> PVP2X gateway configuration - InterfederationGatewayType gateway = oa.getInterfederationGateway(); - if (gateway != null) { - result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_GATEWAY); - result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER, - gateway.getForwardIDPIdentifier()); - - } - + //set onlineapplication identifier if nothing is set - if (!result.containsKey(MOAIDConfigurationConstants.PREFIX_SERVICES)) + if (!result.containsKey(MOAIDConfigurationConstants.PREFIX_SERVICES)) { result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_OA); + } } return result; @@ -922,11 +996,11 @@ public class ConfigurationMigrationUtils { templates.setAditionalAuthBlockText(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT)); //store BKU-selection and send-assertion templates - if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION))) { + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA))) { TransformsInfoType el1 = new TransformsInfoType(); try { - el1.setTransformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION), false)); - el1.setFilename(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME)); + el1.setTransformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA), false)); + el1.setFilename(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW)); templates.setBKUSelectionTemplate(el1); } catch (IOException e) { @@ -934,11 +1008,11 @@ public class ConfigurationMigrationUtils { } } - if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION))) { + if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA))) { TransformsInfoType el1 = new TransformsInfoType(); try { - el1.setTransformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION), false)); - el1.setFilename(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME)); + el1.setTransformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA), false)); + el1.setFilename(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_PREVIEW)); templates.setSendAssertionTemplate(el1); } catch (IOException e) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java index bac2d0011..399533d3f 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java @@ -23,6 +23,7 @@ import at.gv.egiz.components.configuration.api.Configuration; import at.gv.egiz.components.configuration.api.ConfigurationException; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; +import at.gv.egovernment.moa.id.commons.db.dao.config.STORK; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; @@ -86,11 +87,24 @@ public class ConfigurationUtil { Properties result = new Properties(); + if (config == null) { + return null; + + } + STORK storkConfig = null; + try { + storkConfig = config.getAuthComponentGeneral().getForeignIdentities().getSTORK(); + + } catch (Exception e) { + Logger.debug("No general STORK configuration found."); + + } + //convert all online applications List oaList = config.getOnlineApplication(); for (int i=0; i keyValueOA = ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa); + Map keyValueOA = ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa, storkConfig); String serviceIdentifier = keyValueOA.get(MOAIDConfigurationConstants.PREFIX_SERVICES); if (MiscUtil.isEmpty(serviceIdentifier)) { @@ -106,7 +120,13 @@ public class ConfigurationUtil { + key, keyValueOA.get(key)); - } + } + //set correct metadata list identifier + result.put(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + + "." + serviceIdentifier + "." + String.valueOf(i) + "." + + MOAIDConfigurationConstants.METADATA_LIST +".0", + MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES + + "." + serviceIdentifier); } Map keyValueGeneral = ConfigurationMigrationUtils.convertHyberJaxBMOAIDConfigToKeyValue(config); @@ -189,8 +209,12 @@ public class ConfigurationUtil { Properties inProperties = new Properties(); inProperties.load(inStream); - System.getProperties().setProperty("location", "file:" + outputDBConfigFilePath); - ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml"); + System.getProperties().setProperty("moa.id.webconfig", "file:" + outputDBConfigFilePath); + ApplicationContext context = new ClassPathXmlApplicationContext( + new String[]{ + "configuration.beans.xml", + "moaid.migration.beans.xml" + }); Configuration dbConfiguration = (Configuration) context.getBean("moaidconfig"); List keys = null; @@ -217,7 +241,7 @@ public class ConfigurationUtil { // remove existing entries for (String key : keys) { try { - dbConfiguration.setStringValue(key, null); + dbConfiguration.deleteIds(key); } catch (ConfigurationException e) { System.out.println("Could NOT persist the configuration file's information in the database."); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java index 34e3f3c7e..fab5b437f 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java @@ -1,54 +1,20 @@ package at.gv.egovernment.moa.id.commons.config; -import java.util.ArrayList; -import java.util.Collections; -import java.util.Hashtable; -import java.util.List; -import java.util.Map; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; /** * * */ -public final class MOAIDConfigurationConstants { +public final class MOAIDConfigurationConstants extends MOAIDConstants { private MOAIDConfigurationConstants() { // restrict instantiation } - - //general configuration constants - - public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+"; - public static final String PREFIX_STORK = "urn:publicid:gv.at:storkid+"; + public static final String METADATA_LIST = "__LI"; - public static final String IDENIFICATIONTYPE_FN = "FN"; - public static final String IDENIFICATIONTYPE_ERSB = "ERSB"; - public static final String IDENIFICATIONTYPE_ZVR = "ZVR"; - public static final String IDENIFICATIONTYPE_STORK = "STORK"; + public static final String WEBGUI_EMPTY_ELEMENT = "null"; - public static final Map BUSINESSSERVICENAMES; - - public static final List ALLOWED_WBPK_PREFIXES; - - static { - Hashtable tmp = new Hashtable(); - tmp.put(IDENIFICATIONTYPE_FN, "Firmenbuchnummer"); - tmp.put(IDENIFICATIONTYPE_ZVR, "Vereinsnummer"); - tmp.put(IDENIFICATIONTYPE_ERSB, "ERsB Kennzahl"); - tmp.put(IDENIFICATIONTYPE_STORK, "STORK"); - BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp); - - List awbpk = new ArrayList(); - awbpk.add(IDENIFICATIONTYPE_FN); - awbpk.add(IDENIFICATIONTYPE_ERSB); - awbpk.add(IDENIFICATIONTYPE_ZVR); - awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_FN); - awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_ERSB); - awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_ZVR); - ALLOWED_WBPK_PREFIXES = Collections.unmodifiableList(awbpk); - } - - //Basic key namespaces public static final String PREFIX_MOAID = "moa.id"; public static final String PREFIX_GENERAL = "general"; @@ -97,7 +63,7 @@ public final class MOAIDConfigurationConstants { public static final String SERVICE_AUTH_TARGET_PUBLIC_TARGET = SERVICE_AUTH_TARGET_PUBLIC + ".target"; public static final String SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB = SERVICE_AUTH_TARGET_PUBLIC + ".target.sub"; public static final String SERVICE_AUTH_TARGET_PUBLIC_USE_SUB = SERVICE_AUTH_TARGET_PUBLIC + ".use.sub"; - public static final String SERVICE_AUTH_TARGET_PUBLIC_USE_OWN = SERVICE_AUTH_TARGET_PUBLIC + ".use.own"; + public static final String SERVICE_AUTH_TARGET_PUBLIC_USE_OWN = SERVICE_AUTH_TARGET_PUBLIC + ".own.use"; public static final String SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET = SERVICE_AUTH_TARGET_PUBLIC + ".own.target"; public static final String SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME = SERVICE_AUTH_TARGET_PUBLIC + ".own.name"; @@ -111,13 +77,15 @@ public final class MOAIDConfigurationConstants { public static final String SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE = SERVICE_AUTH_BKU_TEMPLATE + ".first.url"; public static final String SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE = SERVICE_AUTH_BKU_TEMPLATE + ".second.url"; public static final String SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE = SERVICE_AUTH_BKU_TEMPLATE + ".third.url"; - public static final String SERVICE_AUTH_BKU_AUTHBLOCKTEXT = SERVICE_AUTH_BKU + "authblock.additionaltext"; - public static final String SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK = SERVICE_AUTH_BKU + "authblock.removebPK"; + public static final String SERVICE_AUTH_BKU_AUTHBLOCKTEXT = AUTH + ".authblock.additionaltext"; + public static final String SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK = AUTH + ".authblock.removebPK"; private static final String SERVICE_AUTH_TEMPLATES = AUTH + "." + TEMPLATES; - public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION = SERVICE_AUTH_TEMPLATES + ".bkuselection"; + public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA = SERVICE_AUTH_TEMPLATES + ".bkuselection.data"; + public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW = SERVICE_AUTH_TEMPLATES + ".bkuselection.preview"; public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME = SERVICE_AUTH_TEMPLATES + ".bkuselection.filename"; - public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION = SERVICE_AUTH_TEMPLATES + ".sendAssertion"; + public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA = SERVICE_AUTH_TEMPLATES + ".sendAssertion.data"; + public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION_PREVIEW = SERVICE_AUTH_TEMPLATES + ".sendAssertion.preview"; public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME = SERVICE_AUTH_TEMPLATES + ".sendAssertion.filename"; private static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION = SERVICE_AUTH_TEMPLATES + ".customize"; public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".fonttype"; @@ -184,8 +152,8 @@ public final class MOAIDConfigurationConstants { private static final String SERVICE_PROTOCOLS_PVP2X = PROTOCOLS + "." + PVP2X; public static final String SERVICE_PROTOCOLS_PVP2X_RELOAD = SERVICE_PROTOCOLS_PVP2X + ".reload"; public static final String SERVICE_PROTOCOLS_PVP2X_URL = SERVICE_PROTOCOLS_PVP2X + ".URL"; - public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE = SERVICE_PROTOCOLS_PVP2X + ".certificate"; - public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE_SUBJECT = SERVICE_PROTOCOLS_PVP2X + ".certificate.subject"; + public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE = SERVICE_PROTOCOLS_PVP2X + ".certificate.data"; + public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE_SUBJECT = SERVICE_PROTOCOLS_PVP2X + ".certificate.preview"; private static final String SERVICE_PROTOCOLS_OPENID = PROTOCOLS + "." + OPENID; public static final String SERVICE_PROTOCOLS_OPENID_CLIENTID = SERVICE_PROTOCOLS_OPENID + ".clientID"; @@ -270,6 +238,7 @@ public final class MOAIDConfigurationConstants { public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_TYPE = GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT + ".type"; public static final String GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_NAME = GENERAL_AUTH + ".authblock.transformation.preview"; + public static final String GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_FILENAME = GENERAL_AUTH + ".authblock.transformation.filename"; public static final String GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64 = GENERAL_AUTH + ".authblock.transformation.data"; public static final String GENERAL_AUTH_STORK = GENERAL_AUTH + "." + STORK; @@ -282,35 +251,4 @@ public final class MOAIDConfigurationConstants { public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST = GENERAL_AUTH_STORK + ".attributes"; public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME = "friendlyname"; public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY = "mandatory"; - -// // old!!!!!!!!!!! // -// // keys for the object in the key-value database -// public static final String ONLINE_APPLICATIONS_KEY = "OnlineApplications"; -// public static final String AUTH_COMPONENT_GENERAL_KEY = "AuthComponentGeneral"; -// public static final String CHAINING_MODES_KEY = "ChainingModes"; -// public static final String TRUSTED_CERTIFICATES_KEY = "TruestedCertificates"; -// public static final String DEFAULT_BKUS_KEY = "DefaultBKUs"; -// public static final String SLREQUEST_TEMPLATES_KEY = "SLRequestTemplates"; -// public static final String TIMESTAMP_ITEM_KEY = "TimestampItem"; -// public static final String PVP2REFRESH_ITEM_KEY = "Pvp2RefreshItem"; -// public static final String GENERIC_CONFIGURATION_KEY = "GenericConfiguration"; -// -// /** -// * Returns all relevant (database-) keys that {@link MOAIDConfiguration} contains. -// * @return the keys as {@code String[]} -// */ -// public static final String[] getMOAIDConfigurationKeys() { -// return new String[] { AUTH_COMPONENT_GENERAL_KEY, CHAINING_MODES_KEY, TRUSTED_CERTIFICATES_KEY, -// DEFAULT_BKUS_KEY, SLREQUEST_TEMPLATES_KEY, TIMESTAMP_ITEM_KEY, PVP2REFRESH_ITEM_KEY }; -// } -// -// /** -// * Returns all (database-) keys that {@link MOAIDConfiguration} contains. -// * @return the keys as {@code String[]} -// */ -// public static final String[] getAllMOAIDConfigurationKeys() { -// return new String[] { ONLINE_APPLICATIONS_KEY, AUTH_COMPONENT_GENERAL_KEY, CHAINING_MODES_KEY, -// TRUSTED_CERTIFICATES_KEY, DEFAULT_BKUS_KEY, SLREQUEST_TEMPLATES_KEY, TIMESTAMP_ITEM_KEY, -// PVP2REFRESH_ITEM_KEY }; -// } } diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java index 7dbbac5b4..c472299b9 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java @@ -40,7 +40,7 @@ public class MigrationTest { String inputFile = "D:/Projekte/svn/moa-id/MOAID-2.0_config_labda_12.05.2015.xml"; String outputFile = "D:/Projekte/svn/moa-id/MOAID-3.0_config.propery"; - String moaidconfig = "D:/Projekte/svn/moa-id/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/moa-id/moa-id.properties"; + String moaidconfig = "D:/Projekte/svn/moa-id/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/moa-id-configuration/moa-id.properties"; try { FileInputStream input = new FileInputStream(inputFile); File out = new File(outputFile); diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java index 832c82e78..805bcb33e 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java @@ -38,6 +38,16 @@ public class MOAIDConfigurationImpl extends DatabaseConfigPropertyImpl implement // this.configPropertyDao = configPropertyDao; // } + public void setStringValue(String id, String value) throws ConfigurationException { + super.setStringValue(id, value); + + } + + public void deleteIds(String idSearch) throws ConfigurationException { + super.deleteIds(idSearch); + + } + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration#getPropertySubset(java.lang.String) */ diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java index 00c191228..f47b0c9e2 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java @@ -82,7 +82,7 @@ public class DatabaseConfigPropertyImpl extends AbstractConfigurationImpl { * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#storeKey(java.lang.String, java.lang.String) */ @Override - @Transactional(value="transactionManager") + @Transactional("transactionManager") protected void storeKey(String key, String value) throws ConfigurationException { if (null == em) { log.error("No EntityManager set!"); @@ -176,6 +176,7 @@ public class DatabaseConfigPropertyImpl extends AbstractConfigurationImpl { * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#deleteIds(java.lang.String) */ @Override + @Transactional("transactionManager") public void deleteIds(String idSearch) throws ConfigurationException { String[] keyList = findConfigurationId(idSearch); for (String el : keyList) { diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java index 0e4616825..f20647fb0 100644 --- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java +++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java @@ -29,6 +29,7 @@ import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Map.Entry; +import java.util.Set; import at.gv.egovernment.moa.util.MiscUtil; @@ -213,5 +214,17 @@ public class KeyValueUtils { return counters.get(counters.size()-1) + 1; } } + + /** + * Find the highest free list counter + * + * @param keySet {Set} of list keys + * @param listPrefix {String} prefix of the list + * @return {int} highest free list counter + */ + public static int findNextFreeListCounter(Set keySet, + String listPrefix) { + return findNextFreeListCounter((String[]) keySet.toArray(), listPrefix); + } } diff --git a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml index ea0e7c78d..775d02d05 100644 --- a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml +++ b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml @@ -11,7 +11,10 @@ - + + + @@ -24,22 +27,27 @@ - + - + diff --git a/id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml b/id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml new file mode 100644 index 000000000..a2961b0f6 --- /dev/null +++ b/id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml @@ -0,0 +1,40 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file -- cgit v1.2.3