From 4e829d34a90f6317cabf48ef507d46a783f90604 Mon Sep 17 00:00:00 2001 From: Alexander Marsalek Date: Tue, 9 Sep 2014 09:10:35 +0200 Subject: added DTL support in PEPSConnectorServlet --- .../moa/id/auth/servlet/PEPSConnectorServlet.java | 183 ++++++++++++++++++++- 1 file changed, 181 insertions(+), 2 deletions(-) (limited to 'id/server/idserverlib') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java index ade7d3f3c..4cd192070 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java @@ -27,7 +27,11 @@ import iaik.x509.X509Certificate; import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; +import java.net.URL; import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.Properties; import javax.activation.DataSource; import javax.servlet.ServletException; @@ -68,24 +72,54 @@ import at.gv.util.xsd.xmldsig.X509DataType; import eu.stork.oasisdss.api.ApiUtils; import eu.stork.oasisdss.api.LightweightSourceResolver; import eu.stork.oasisdss.api.exceptions.ApiUtilsException; +import eu.stork.oasisdss.api.utils.ByteArrayDataSource; +import eu.stork.oasisdss.profile.DocumentType; +import eu.stork.oasisdss.profile.DocumentWithSignature; +import eu.stork.oasisdss.profile.SignRequest; import eu.stork.oasisdss.profile.SignResponse; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAuthnRequest; import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; +import eu.stork.documentservice.DocumentService; +import eu.stork.documentservice.data.DatabaseConnectorMySQLImpl; +import javax.xml.namespace.QName; +import javax.xml.ws.Service; +import javax.xml.ws.soap.SOAPBinding; +import javax.xml.ws.BindingProvider; + + /** * Endpoint for receiving STORK response messages */ public class PEPSConnectorServlet extends AuthServlet { + private static final long serialVersionUID = 1L; public static final String PEPSCONNECTOR_SERVLET_URL_PATTERN = "/PEPSConnector"; - + private String dtlUrl = null; + + + public PEPSConnectorServlet() + { + super(); + Properties props = new Properties(); + try { + props.load(DatabaseConnectorMySQLImpl.class.getResourceAsStream("docservice.properties")); + dtlUrl = props.getProperty("docservice.url"); + } catch (IOException e) { + dtlUrl = "http://testvidp.buergerkarte.at/DocumentService/DocumentService"; + Logger.error("Loading DTL config failed, using default value:"+dtlUrl); + e.printStackTrace(); + } + } /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ @@ -245,7 +279,9 @@ public class PEPSConnectorServlet extends AuthServlet { String citizenSignature = null; try { String signatureInfo = authnResponse.getPersonalAttributeList().get("signedDoc").getValue().get(0); // TODO ERROR HANDLING - + + Logger.debug("signatureInfo:"+signatureInfo); + SignResponse dssSignResponse = (SignResponse) ApiUtils.unmarshal(new StreamSource(new java.io.StringReader(signatureInfo))); // fetch signed doc @@ -258,6 +294,19 @@ public class PEPSConnectorServlet extends AuthServlet { citizenSignature = IOUtils.toString(incoming); incoming.close(); + Logger.debug("citizenSignature:"+citizenSignature); + if(isDocumentServiceUsed(citizenSignature)==true) + { + Logger.debug("Loading document from DocumentService."); + String url = getDtlUrlFromResponse(dssSignResponse); + //get Transferrequest + String transferRequest = getDocTransferRequest(dssSignResponse.getDocUI(), url); + //Load document from DocujmentService + byte[] data = getDocumentFromDtl(transferRequest, url); + citizenSignature = new String(data, "UTF-8"); + Logger.debug("Overridung citizenSignature with:"+citizenSignature); + } + JAXBContext ctx = JAXBContext.newInstance(SignatureType.class.getPackage().getName()); SignatureType root = ((JAXBElement) ctx.createUnmarshaller().unmarshal(IOUtils.toInputStream(citizenSignature))).getValue(); @@ -423,5 +472,135 @@ public class PEPSConnectorServlet extends AuthServlet { } } + + private boolean isDocumentServiceUsed(String citizenSignature) //TODo add better check + { + if(citizenSignature.contains("
Service Name:{http://stork.eu}DocumentService
Port Name:{http://stork.eu}DocumentServicePort
")) + return true; + return false; + } + + /** + * Get DTL uril from the oasis sign response + * @param signRequest The signature response + * @return The URL of DTL service + * @throws SimpleException + */ + private String getDtlUrlFromResponse(SignResponse dssSignResponse) { + List documents = ApiUtils.findNamedElement(dssSignResponse.getOptionalOutputs(), + ApiUtils.OPTIONAL_OUTPUT_DOCUMENTWITHSIGNATURE, DocumentWithSignature.class); + DocumentType sourceDocument = documents.get(0).getDocument(); + + if (sourceDocument.getDocumentURL() != null) + return sourceDocument.getDocumentURL(); + else + return null;//throw new Exception("No document url found"); + } + +//From DTLPEPSUTIL + + + + /** + * Get document from DTL + * @param transferRequest The transfer request (attribute query) + * @param eDtlUrl The DTL url of external DTL + * @return the document data + * @throws SimpleException + */ + private byte[] getDocumentFromDtl(String transferRequest, String eDtlUrl) throws Exception + { + URL url = null; + try + { + url = new URL(dtlUrl); + QName qname = new QName("http://stork.eu", + "DocumentService"); + + Service service = Service.create(url, qname); + DocumentService docservice = service.getPort(DocumentService.class); + + BindingProvider bp = (BindingProvider) docservice; + SOAPBinding binding = (SOAPBinding) bp.getBinding(); + binding.setMTOMEnabled(true); + + if (eDtlUrl.equalsIgnoreCase(dtlUrl)) + return docservice.getDocument(transferRequest, ""); + else + return docservice.getDocument(transferRequest, eDtlUrl); + } + catch (Exception e) + { + e.printStackTrace(); + throw new Exception("Error in getDocumentFromDtl", e); + } + } + + /** + * Get a document transfer request (attribute query) + * @param docId + * @return + * @throws SimpleException + */ + private String getDocTransferRequest(String docId, String destinationUrl) throws Exception + { + String spCountry = docId.substring(0, docId.indexOf("/")); + final STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + STORKAttrQueryRequest req = new STORKAttrQueryRequest(); + req.setAssertionConsumerServiceURL(dtlUrl); + req.setDestination(destinationUrl); + req.setSpCountry(spCountry); + req.setQaa(3);//TODO + PersonalAttributeList pal = new PersonalAttributeList(); + PersonalAttribute attr = new PersonalAttribute(); + attr.setName("docRequest"); + attr.setIsRequired(true); + attr.setValue(Arrays.asList(docId)); + pal.add(attr); + req.setPersonalAttributeList(pal); + + STORKAttrQueryRequest req1; + try { + req1 = engine.generateSTORKAttrQueryRequest(req); + return PEPSUtil.encodeSAMLTokenUrlSafe(req1.getTokenSaml()); + } catch (STORKSAMLEngineException e) { + e.printStackTrace(); + throw new Exception("Error in doc request attribute query generation", e); + } + } + + /** + * Get mime type of document from DTL + * @param docId The document id + * @param dtlUrl The url of dtl + * @return The mime type + */ +// private String getDocumentMimeFromDtl(String docId, String eDtlUrl) throws Exception +// { +// URL url = null; +// try +// { +// url = new URL(dtlUrl); +// QName qname = new QName("http://stork.eu", +// "DocumentService"); +// +// Service service = Service.create(url, qname); +// DocumentService docservice = service.getPort(DocumentService.class); +// +// BindingProvider bp = (BindingProvider) docservice; +// SOAPBinding binding = (SOAPBinding) bp.getBinding(); +// binding.setMTOMEnabled(true); +// +// if (eDtlUrl.equalsIgnoreCase(dtlUrl)) +// return docservice.getDocumentMime(docId, ""); +// else +// return docservice.getDocumentMime(docId, eDtlUrl); +// } +// catch (Exception e) +// { +// e.printStackTrace(); +// throw new Exception("Error in getDocumentFromDtl", e); +// } +// } } -- cgit v1.2.3