From 1c567f6eb16fa10d3811fbaaf70c4ab04fb08077 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 6 Feb 2014 15:42:53 +0100
Subject: BRZ:  -add SAML1 SourceID parameter in moa-id general

Bugfix:
 -SSO target had an error in case of business-service
 -OA with business-service whichout single sign-on produce an error
---
 .../moa/id/auth/AuthenticationServer.java          | 22 ++++++++---
 .../moa/id/auth/MOAIDAuthConstants.java            |  2 +
 .../moa/id/config/ConfigurationProvider.java       | 21 -----------
 .../id/config/auth/AuthConfigurationProvider.java  | 44 +++++++++++++---------
 .../id/config/legacy/BuildFromLegacyConfig.java    | 24 ++++++++----
 5 files changed, 62 insertions(+), 51 deletions(-)

(limited to 'id/server/idserverlib')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 06d5b01bd..a5e92c701 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -2,6 +2,7 @@
 package at.gv.egovernment.moa.id.auth;
 
 import iaik.asn1.ObjectID;
+import iaik.util.logging.Log;
 import iaik.x509.X509Certificate;
 import iaik.x509.X509ExtensionInitException;
 
@@ -250,16 +251,27 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 		String infoboxReadRequest = "";
 
+		String domainIdentifier = AuthConfigurationProvider.getInstance().getSSOTagetIdentifier().trim();
+		if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) {
+			//do not use SSO if no Target is set
+			Log.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!");
+			session.setSsoRequested(false);
+			
+		}
+		
 		if (session.isSsoRequested()) {
 			//load identityLink with SSO Target
 			boolean isbuisness = false;
-			String domainIdentifier = "";
-			IdentificationNumber ssobusiness = AuthConfigurationProvider.getInstance().getSSOBusinessService();
-			if (ssobusiness != null) {
+						
+			if (domainIdentifier.startsWith(PREFIX_WPBK)) {
+				
+				isbuisness = false;
+				
+			} else {
 				isbuisness = true;
-				domainIdentifier = ssobusiness.getValue();
+				
 			}
-
+			
 			//build ReadInfobox request
 			infoboxReadRequest = new InfoboxReadRequestBuilder().build(
 					isbuisness, domainIdentifier);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
index f555cfb9a..060dc2248 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
@@ -104,6 +104,8 @@ public interface MOAIDAuthConstants {
 //  /** the number of the certifcate extension for party organ representatives */
 //  public static final String PARTY_ORGAN_REPRESENTATION_OID_NUMBER = PARTY_REPRESENTATION_OID_NUMBER + ".10";
   
+  public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+";
+  
   /** OW */
   public static final String OW_ORGANWALTER = PARTY_REPRESENTATION_OID_NUMBER + ".4";
   
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
index 3432a19b1..dc5ec430e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java
@@ -135,27 +135,6 @@ public class ConfigurationProvider {
 		return rootConfigFileDir;
 	}
 
-  /**
-     * Returns the mapping of generic configuration properties.
-     * 
-     * @return The mapping of generic configuration properties (a name to value
-     * mapping) from the configuration.
-     */
-  public Map<String, String> getGenericConfiguration() {
-    return genericConfiguration;
-  }
-
-  /**
-     * Returns the value of a parameter from the generic configuration section.
-     * 
-     * @return the parameter value; <code>null</code> if no such parameter
-     */
-  public String getGenericConfigurationParameter(String parameter) {
-  	if (! genericConfiguration.containsKey(parameter))
-  		return null;
-    return (String)genericConfiguration.get(parameter);
-  }
-
   /**
      * Return the chaining mode for a given trust anchor.
      * 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index 1804b5fd5..304b63de0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -519,6 +519,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 				
 				if (protocols.getSAML1() != null) {
 					allowedProtcols.setSAML1Active(protocols.getSAML1().isIsActive());
+					
+					//load alternative sourceID
+					if (MiscUtil.isNotEmpty(protocols.getSAML1().getSourceID()))
+							alternativesourceid = protocols.getSAML1().getSourceID();
+					
 				}
 				
 				if (protocols.getOAuth() != null) {
@@ -562,8 +567,11 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 		}
 				
 		//set alternativeSourceID
-		if (auth.getGeneralConfiguration() != null)		  
-			alternativesourceid =  auth.getGeneralConfiguration().getAlternativeSourceID();
+		if (auth.getGeneralConfiguration() != null)
+			
+			//TODO: can be removed in a further version, because it is moved to SAML1 config
+			if (MiscUtil.isEmpty(alternativesourceid))
+				alternativesourceid =  auth.getGeneralConfiguration().getAlternativeSourceID();
 		
 	        // sets the authentication session and authentication data time outs
 	        BigInteger param = auth.getGeneralConfiguration().getTimeOuts().getMOASessionCreated();
@@ -744,7 +752,7 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
   }
   
   public ProtocolAllowed getAllowedProtocols() {
-	  return this.allowedProtcols;
+	  return allowedProtcols;
   }
   
   public PVP2 getGeneralPVP2DBConfig() {
@@ -895,27 +903,27 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
   	}
   }
   
-  public boolean isSSOBusinessService() throws ConfigurationException {
-	  
-	if (ssoconfig != null && ssoconfig.getIdentificationNumber() != null)
-		return true;
-	else
-		return false;
-  }
+//  public boolean isSSOBusinessService() throws ConfigurationException {
+//	  
+//	if (ssoconfig != null && ssoconfig.getIdentificationNumber() != null)
+//		return true;
+//	else
+//		return false;
+//  }
   
-  public IdentificationNumber getSSOBusinessService() throws ConfigurationException {
+  public String getSSOTagetIdentifier() throws ConfigurationException {
 	  if (ssoconfig != null)
-		  return ssoconfig.getIdentificationNumber();
+		  return ssoconfig.getTarget();
 	  else 
 		  return null;
   }
   
-  public String getSSOTarget() throws ConfigurationException {	
-	  if (ssoconfig!= null)		  
-		  return ssoconfig.getTarget();
-	  
-	  return null;
-  }
+//  public String getSSOTarget() throws ConfigurationException {	
+//	  if (ssoconfig!= null)		  
+//		  return ssoconfig.getTarget();
+//	  
+//	  return null;
+//  }
   
   public String getSSOFriendlyName() {	
 	if (ssoconfig!= null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index f515ea6bd..7ecd7dde8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -58,11 +58,13 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OAuth;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates;
 import at.gv.egovernment.moa.id.commons.db.dao.config.Organization;
 import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2;
 import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols;
+import at.gv.egovernment.moa.id.commons.db.dao.config.SAML1;
 import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates;
 import at.gv.egovernment.moa.id.commons.db.dao.config.SSO;
 import at.gv.egovernment.moa.id.commons.db.dao.config.SecurityLayer;
@@ -141,11 +143,7 @@ public class BuildFromLegacyConfig {
 	    	//Load generic Config
 	    	Map<String, String> genericConfiguration = builder.buildGenericConfiguration();
 	    	GeneralConfiguration authGeneral = new GeneralConfiguration();
-	    	
-	    	if (genericConfiguration.containsKey(GENERIC_CONFIG_PARAM_SOURCEID))
-	    		authGeneral.setAlternativeSourceID(
-	    				(String)genericConfiguration.get(GENERIC_CONFIG_PARAM_SOURCEID));
-	    	
+	    		    	
 	    	if (genericConfiguration.containsKey(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING))
 	    		authGeneral.setTrustManagerRevocationChecking(
 	    				Boolean.valueOf((String)genericConfiguration.get(ConfigurationProvider.TRUST_MANAGER_REVOCATION_CHECKING)));
@@ -179,6 +177,19 @@ public class BuildFromLegacyConfig {
 	    	final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x");
 	    	prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED);
 	    	
+	    	//set SAML1 config
+	    	SAML1 saml1 = new SAML1();
+	    	saml1.setIsActive(true);
+	    	if (genericConfiguration.containsKey(GENERIC_CONFIG_PARAM_SOURCEID))
+	    		saml1.setSourceID((String)genericConfiguration.get(GENERIC_CONFIG_PARAM_SOURCEID));
+	    	auth_protocols.setSAML1(saml1);
+	    	
+	    	//set OAuth config
+	    	OAuth oauth = new OAuth();
+	    	oauth.setIsActive(true);
+	    	auth_protocols.setOAuth(oauth);
+	    	
+	    	//set PVP2.1 config
 	    	PVP2 prot_pvp2 = new PVP2();
 	    	auth_protocols.setPVP2(prot_pvp2);
 	    	prot_pvp2.setPublicURLPrefix("https://....");
@@ -188,7 +199,7 @@ public class BuildFromLegacyConfig {
 	    	prot_pvp2.setOrganization(pvp2_org);
 	    	pvp2_org.setDisplayName("OrganisationDisplayName");
 	    	pvp2_org.setName("OrganisatioName");
-	    	pvp2_org.setURL("http://www.egiz.gv.at");
+	    	pvp2_org.setURL("http://testorganisation.at");
 	    	
 	    	List<Contact> pvp2_contacts = new ArrayList<Contact>();
 	    	prot_pvp2.setContact(pvp2_contacts);	    	
@@ -357,7 +368,6 @@ public class BuildFromLegacyConfig {
 //	        	oa_auth.setUseIFrame(false);
 //	        	oa_auth.setUseUTC(oa.getUseUTC());
 	        	
-	        	
 	        	//BKUURLs
 	        	BKUURLS bkuurls = new BKUURLS();
 	        	bkuurls.setOnlineBKU(oldbkuonline);
-- 
cgit v1.2.3