From 663ad546237fe9102c97e0eed2970e703d3034d9 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 7 Oct 2013 13:23:08 +0200 Subject: Code CleanUP --- .../moa/id/advancedlogging/StatisticLogger.java | 6 +- .../moa/id/auth/AuthenticationServer.java | 299 +--------- .../moa/id/auth/MOAIDAuthConstants.java | 10 + .../moa/id/auth/MOAIDAuthInitializer.java | 1 + .../builder/AuthenticationAssertionBuilder.java | 4 +- .../AuthenticationBlockAssertionBuilder.java | 9 +- .../AuthenticationDataAssertionBuilder.java | 5 +- .../moa/id/auth/builder/BPKBuilder.java | 2 - .../CreateXMLSignatureRequestBuilderForeign.java | 32 +- .../moa/id/auth/builder/DataURLBuilder.java | 6 +- .../auth/builder/GetIdentityLinkFormBuilder.java | 1 - .../builder/InfoboxValidatorParamsBuilder.java | 110 ---- .../moa/id/auth/builder/LoginFormBuilder.java | 27 +- .../moa/id/auth/builder/RedirectFormBuilder.java | 2 - .../moa/id/auth/builder/SAMLArtifactBuilder.java | 2 +- .../id/auth/builder/SendAssertionFormBuilder.java | 21 +- .../moa/id/auth/data/AuthenticationSession.java | 135 ++--- .../parser/CreateXMLSignatureResponseParser.java | 5 +- .../moa/id/auth/servlet/AuthServlet.java | 7 +- .../servlet/GenerateIFrameTemplateServlet.java | 11 +- .../moa/id/auth/servlet/GetForeignIDServlet.java | 2 +- .../id/auth/servlet/GetMISSessionIDServlet.java | 8 +- .../moa/id/auth/servlet/LogOutServlet.java | 29 - .../moa/id/auth/servlet/MonitoringServlet.java | 53 +- .../auth/servlet/ProcessValidatorInputServlet.java | 268 --------- .../id/auth/servlet/SSOSendAssertionServlet.java | 9 - .../servlet/VerifyAuthenticationBlockServlet.java | 6 +- .../id/auth/servlet/VerifyCertificateServlet.java | 2 +- .../id/auth/servlet/VerifyIdentityLinkServlet.java | 2 +- .../auth/stork/PEPSConnectorResponseVerifier.java | 2 - .../id/auth/stork/STORKAuthnRequestProcessor.java | 5 - .../moa/id/auth/stork/STORKResponseProcessor.java | 10 - .../CreateXMLSignatureResponseValidator.java | 12 +- .../id/auth/validator/IdentityLinkValidator.java | 38 +- .../VerifyXMLSignatureResponseValidator.java | 1 - .../auth/validator/parep/ParepInputProcessor.java | 87 --- .../validator/parep/ParepInputProcessorImpl.java | 337 ----------- .../moa/id/auth/validator/parep/ParepUtils.java | 40 +- .../id/auth/validator/parep/ParepValidator.java | 643 --------------------- .../auth/validator/parep/PartyRepresentative.java | 183 ------ .../parep/client/szrgw/CreateMandateRequest.java | 281 --------- .../validator/parep/config/ParepConfiguration.java | 436 -------------- .../moa/id/config/ConfigurationProvider.java | 4 +- .../moa/id/config/TargetToSectorNameMapper.java | 2 +- .../moa/id/config/auth/AuthConfigLoader.java | 4 - .../id/config/auth/AuthConfigurationProvider.java | 14 +- .../moa/id/config/auth/VerifyInfoboxParameter.java | 411 ------------- .../id/config/auth/VerifyInfoboxParameters.java | 159 ----- .../id/config/legacy/BuildFromLegacyConfig.java | 10 +- .../moa/id/entrypoints/DispatcherServlet.java | 1 - .../moa/id/iaik/pki/jsse/MOAIDTrustManager.java | 2 +- .../iaik/servertools/observer/ObservableImpl.java | 4 +- .../moa/id/moduls/AuthenticationManager.java | 69 +-- .../egovernment/moa/id/moduls/RequestStorage.java | 7 +- .../gv/egovernment/moa/id/moduls/SSOManager.java | 4 - .../moa/id/monitoring/DatabaseTestModule.java | 11 + .../moa/id/monitoring/IdentityLinkTestModule.java | 70 +-- .../egovernment/moa/id/monitoring/TestManager.java | 55 +- .../moa/id/monitoring/TestModuleInterface.java | 4 + .../moa/id/protocols/pvp2x/PVP2XProtocol.java | 4 +- .../id/protocols/pvp2x/binding/PostBinding.java | 3 - .../protocols/pvp2x/binding/RedirectBinding.java | 2 - .../id/protocols/pvp2x/binding/SoapBinding.java | 2 - .../pvp2x/builder/CitizenTokenBuilder.java | 9 - .../builder/attributes/BPKAttributeBuilder.java | 4 + .../builder/attributes/BaseAttributeBuilder.java | 3 +- .../MandateProfRepDescAttributeBuilder.java | 3 +- .../MandateProfRepOIDAttributeBuilder.java | 3 +- .../protocols/pvp2x/config/PVPConfiguration.java | 5 - .../pvp2x/metadata/MOAMetadataProvider.java | 1 - .../pvp2x/requestHandler/AuthnRequestHandler.java | 12 - .../protocols/pvp2x/signer/CredentialProvider.java | 11 - .../protocols/pvp2x/utils/AttributeExtractor.java | 11 +- .../moa/id/protocols/pvp2x/utils/SAML2Utils.java | 2 - .../verification/MetadataSignatureFilter.java | 3 +- .../pvp2x/verification/SAMLVerificationEngine.java | 1 - .../pvp2x/verification/TrustEngineFactory.java | 4 - .../saml1/GetAuthenticationDataService.java | 1 - .../protocols/saml1/SAML1AuthenticationServer.java | 2 +- .../id/storage/AuthenticationSessionStoreage.java | 4 +- .../egovernment/moa/id/util/HTTPSessionUtils.java | 70 --- .../moa/id/util/ParamValidatorUtils.java | 3 +- .../java/at/gv/egovernment/moa/id/util/Random.java | 3 - .../at/gv/egovernment/moa/id/util/SSLUtils.java | 4 +- .../moa/id/util/SessionEncrytionUtil.java | 4 - .../id/util/client/mis/simple/MISSimpleClient.java | 4 +- 86 files changed, 411 insertions(+), 3747 deletions(-) delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessor.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/PartyRepresentative.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateRequest.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/config/ParepConfiguration.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java (limited to 'id/server/idserverlib') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java index c84599b25..c45bebdf7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java @@ -98,9 +98,11 @@ public class StatisticLogger { //log basic AuthInformation dblog.setOaurlprefix(protocolRequest.getOAURL()); dblog.setOafriendlyName(dbOA.getFriendlyName()); - dblog.setBusinessservice(isBusinessService(dbOA)); - if (dblog.isBusinessservice()) + boolean isbusinessservice = isBusinessService(dbOA); + dblog.setBusinessservice(isbusinessservice); + + if (isbusinessservice) dblog.setOatarget(dbOA.getAuthComponentOA().getIdentificationNumber().getValue()); else dblog.setOatarget(dbOA.getTarget()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index e8564ad3c..25f0ba1d3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -94,7 +94,6 @@ import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.id.auth.validator.parep.ParepValidator; import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse; import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient; import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; @@ -324,7 +323,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws BKUException */ public String verifyIdentityLink(AuthenticationSession session, - Map infoboxReadResponseParameters) throws AuthenticationException, + Map infoboxReadResponseParameters) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException, BKUException { @@ -399,7 +398,8 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setIdentityLink(identityLink); // now validate the extended infoboxes - verifyInfoboxes(session, infoboxReadResponseParameters, false); + //Removed in MOA-ID 2.0 + //verifyInfoboxes(session, infoboxReadResponseParameters, false); return "found!"; } @@ -634,7 +634,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws BKUException */ public X509Certificate verifyXMLSignature(String sessionID, - Map createXMLSignatureResponseParameters) + Map createXMLSignatureResponseParameters) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException, BKUException { @@ -694,7 +694,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { * @throws BKUException */ public X509Certificate getCertificate(String sessionID, - Map readInfoboxResponseParameters) throws AuthenticationException, + Map readInfoboxResponseParameters) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException, BKUException { @@ -784,7 +784,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { // (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105) // String oaURL = session.getPublicOAURLPrefix(); - List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); + List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); if (session.isSsoRequested()) { @@ -812,254 +812,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { identificationType, oaURL, gebDat, extendedSAMLAttributes, session, oaParam); return authBlock; - } - - - - - + } } - /** - * Verifies the infoboxes (except of the identity link infobox) returned by - * the BKU by calling appropriate validator classes. - * - * @param session - * The actual authentication session. - * @param infoboxReadResponseParams - * The parameters returned from the BKU as response to an infobox - * read request (including the infobox tokens to be verified). - * @param hideStammzahl - * Indicates whether source pins (Stammzahlen) - * should be hidden in any SAML attribute that may be returned by - * a validator. - * - * @throws AuthenticationException - * If the verification of at least one infobox fails. - * @throws ConfigurationException - * If the OAuthParameter cannot be extracted. - */ - private void verifyInfoboxes(AuthenticationSession session, - Map infoboxReadResponseParams, boolean hideStammzahl) - throws ValidateException, ConfigurationException { - - AuthConfigurationProvider authConfigurationProvider = AuthConfigurationProvider - .getInstance(); - // get the default VerifyInfobox parameters - Map defaultInfoboxParameters = null; - - //removed in MOA-ID 2.0 -// VerifyInfoboxParameters defaultVerifyInfoboxParameters = authConfigurationProvider -// .getDefaultVerifyInfoboxParameters(); -// if (defaultVerifyInfoboxParameters != null) { -// defaultInfoboxParameters = defaultVerifyInfoboxParameters -// .getInfoboxParameters(); -// } - - // get the OA specific VerifyInfobox parameters - Map infoboxParameters = null; - OAAuthParameter oaParam = authConfigurationProvider - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - - //removed in MOAID 2.0 -// VerifyInfoboxParameters verifyInfoboxParameters = oaParam -// .getVerifyInfoboxParameters(); -// VerifyInfoboxParameters verifyInfoboxParameters = null; - - session.setExtendedSAMLAttributesAUTH(new Vector()); // Initialize SAML - // Attributes - session.setExtendedSAMLAttributesOA(new Vector()); - // System.out.println("SAML set: " + - // session.getExtendedSAMLAttributesAUTH().size()); - - //removed in MOAID 2.0 -// if (verifyInfoboxParameters != null) { -// -// infoboxParameters = verifyInfoboxParameters.getInfoboxParameters(); -// // get the list of infobox identifiers -// List identifiers = verifyInfoboxParameters.getIdentifiers(); -// if (identifiers != null) { -// // step through the identifiers and verify the infoboxes -// Iterator it = identifiers.iterator(); -// while (it.hasNext()) { -// String identifier = (String) it.next(); -// // get the infobox read response from the map of parameters -// String infoboxReadResponse = (String) infoboxReadResponseParams -// .get(identifier); -// // get the configuration parameters -// VerifyInfoboxParameter verifyInfoboxParameter = null; -// Object object = infoboxParameters.get(identifier); -// // if not present, use default -// if ((object == null) && (defaultInfoboxParameters != null)) { -// object = defaultInfoboxParameters.get(identifier); -// } -// if (object != null) { -// verifyInfoboxParameter = (VerifyInfoboxParameter) object; -// } -// if (infoboxReadResponse != null) { -// if (verifyInfoboxParameter == null) { -// // should not happen because of the pushinfobox -// // mechanism; check it anyway -// Logger.error("No validator for verifying \"" -// + identifier + "\"-infobox configured."); -// throw new ValidateException("validator.41", -// new Object[] { identifier }); -// } else { -// String friendlyName = verifyInfoboxParameter -// .getFriendlyName(); -// boolean isParepRequest = false; -// -// // parse the infobox read reponse -// List infoboxTokenList = null; -// try { -// infoboxTokenList = ExtendedInfoboxReadResponseParser -// .parseInfoboxReadResponse( -// infoboxReadResponse, -// friendlyName); -// } catch (ParseException e) { -// Logger -// .error("InfoboxReadResponse for \"" -// + identifier -// + "\"-infobox could not be parsed successfully: " -// + e.getMessage()); -// throw new ValidateException("validator.43", -// new Object[] { friendlyName }); -// } -// // set compatibility mode for mandates infobox and -// // all infoboxes (it is possible to be a parep -// // infobox) -// // session.setMandateCompatibilityMode(ParepConfiguration.isMandateCompatibilityMode(verifyInfoboxParameter.getApplicationSpecificParams())); -// // check for party representation in mandates -// // infobox -// if (Constants.INFOBOXIDENTIFIER_MANDATES -// .equalsIgnoreCase(identifier) -// && !((infoboxTokenList == null || infoboxTokenList -// .size() == 0))) { -// // We need app specific parameters -// if (null == verifyInfoboxParameter -// .getApplicationSpecificParams()) { -// throw new ValidateException("validator.66", -// new Object[] { friendlyName }); -// } -// Element mandate = ParepValidator -// .extractPrimaryToken(infoboxTokenList); -// // ParepUtils.serializeElement(mandate, -// // System.out); -// String mandateID = ParepUtils -// .extractRepresentativeID(mandate); -// if (!isEmpty(mandateID) -// && ("*".equals(mandateID) || mandateID -// .startsWith(MOAIDAuthConstants.PARTY_REPRESENTATION_OID_NUMBER))) { -// isParepRequest = true; -// } -// if (!isParepRequest) { -// // if mandates validator is disabled we must -// // throw an error in this case -// if (!ParepUtils -// .isValidatorEnabled(verifyInfoboxParameter -// .getApplicationSpecificParams())) { -// throw new ValidateException( -// "validator.60", -// new Object[] { friendlyName }); -// } -// } -// } -// -// // get the class for validating the infobox -// InfoboxValidator infoboxValidator = null; -// try { -// Class validatorClass = null; -// if (isParepRequest) { -// // Mandates infobox in party representation -// // mode -// validatorClass = Class -// .forName("at.gv.egovernment.moa.id.auth.validator.parep.ParepValidator"); -// } else { -// validatorClass = Class -// .forName(verifyInfoboxParameter -// .getValidatorClassName()); -// } -// infoboxValidator = (InfoboxValidator) validatorClass -// .newInstance(); -// } catch (Exception e) { -// Logger -// .error("Could not load validator class \"" -// + verifyInfoboxParameter -// .getValidatorClassName() -// + "\" for \"" -// + identifier -// + "\"-infobox: " -// + e.getMessage()); -// throw new ValidateException("validator.42", -// new Object[] { friendlyName }); -// } -// Logger -// .debug("Successfully loaded validator class \"" -// + verifyInfoboxParameter -// .getValidatorClassName() -// + "\" for \"" -// + identifier -// + "\"-infobox."); -// // build the parameters for validating the infobox -// InfoboxValidatorParams infoboxValidatorParams = InfoboxValidatorParamsBuilder -// .buildInfoboxValidatorParams(session, -// verifyInfoboxParameter, -// infoboxTokenList, oaParam); -// -// // now validate the infobox -// InfoboxValidationResult infoboxValidationResult = null; -// try { -// infoboxValidationResult = infoboxValidator -// .validate(infoboxValidatorParams); -// } catch (ValidateException e) { -// Logger.error("Error validating " + identifier -// + " infobox:" + e.getMessage()); -// throw new ValidateException("validator.44", -// new Object[] { friendlyName }); -// } -// if (!infoboxValidationResult.isValid()) { -// Logger.info("Validation of " + identifier -// + " infobox failed."); -// throw new ValidateException("validator.40", -// new Object[] { -// friendlyName, -// infoboxValidationResult -// .getErrorMessage() }); -// } -// -// Logger.info(identifier -// + " infobox successfully validated."); -// // store the validator for post processing -// session.addInfoboxValidator(identifier, -// friendlyName, infoboxValidator); -// -// // get the SAML attributes to be appended to the -// // AUTHBlock or to the final -// // SAML Assertion -// AddAdditionalSAMLAttributes(session, -// infoboxValidationResult -// .getExtendedSamlAttributes(), -// identifier, friendlyName); -// } -// } else { -// if ((verifyInfoboxParameter != null) -// && (verifyInfoboxParameter.isRequired())) { -// Logger -// .info("Infobox \"" -// + identifier -// + "\" is required, but not returned from the BKU"); -// throw new ValidateException("validator.48", -// new Object[] { verifyInfoboxParameter -// .getFriendlyName() }); -// } -// Logger.debug("Infobox \"" + identifier -// + "\" not returned from BKU."); -// } -// } -// } -// } - } /** * Verifies the infoboxes (except of the identity link infobox) returned by @@ -1090,7 +846,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { for (int i = 0; i < length; i++) { ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i]; - Object value = verifySAMLAttribute(samlAttribute, i, "MISService", + verifySAMLAttribute(samlAttribute, i, "MISService", "MISService"); } @@ -1145,12 +901,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { String friendlyName) throws ValidateException { if (extendedSAMLAttributes == null) return; - List oaAttributes = session.getExtendedSAMLAttributesOA(); + List oaAttributes = session.getExtendedSAMLAttributesOA(); if (oaAttributes == null) - oaAttributes = new Vector(); - List authAttributes = session.getExtendedSAMLAttributesAUTH(); + oaAttributes = new Vector(); + List authAttributes = session.getExtendedSAMLAttributesAUTH(); if (authAttributes == null) - authAttributes = new Vector(); + authAttributes = new Vector(); int length = extendedSAMLAttributes.length; for (int i = 0; i < length; i++) { ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i]; @@ -1211,7 +967,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { MISMandate mandate, boolean business, boolean provideStammzahl) throws SAXException, IOException, ParserConfigurationException, TransformerException { - Vector extendedSamlAttributes = new Vector(); + Vector extendedSamlAttributes = new Vector(); extendedSamlAttributes.clear(); @@ -1229,7 +985,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { // Mandate extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_RAW, domMandate, + EXT_SAML_MANDATE_RAW, domMandate, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); @@ -1242,14 +998,14 @@ public class AuthenticationServer implements MOAIDAuthConstants { if (!ParepUtils.isEmpty(idType) && idType.startsWith(Constants.URN_PREFIX_BASEID)) { extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_CB_BASE_ID, + EXT_SAML_MANDATE_CB_BASE_ID, ParepUtils.getRegisterString(idType) + ": " + wbpk, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); } } else if (business) { extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_WBPK, wbpk, + EXT_SAML_MANDATE_WBPK, wbpk, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); } @@ -1277,14 +1033,14 @@ public class AuthenticationServer implements MOAIDAuthConstants { MISMandate mandate, boolean business) throws SAXException, IOException, ParserConfigurationException, TransformerException { - Vector extendedSamlAttributes = new Vector(); + Vector extendedSamlAttributes = new Vector(); extendedSamlAttributes.clear(); // RepresentationType extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTYPE, - ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTEXT, + EXT_SAML_MANDATE_REPRESENTATIONTYPE, + EXT_SAML_MANDATE_REPRESENTATIONTEXT, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); @@ -1292,12 +1048,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { if (oid != null) { extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_OID, oid, + EXT_SAML_MANDATE_OID, oid, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); String oidDescription = mandate.getTextualDescriptionOfOID(); extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - ParepValidator.EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, + EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, oidDescription, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); @@ -1327,10 +1083,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { return doc.getDocumentElement(); } - protected static void replaceExtendedSAMLAttribute(List attributes, + protected static void replaceExtendedSAMLAttribute(List attributes, ExtendedSAMLAttribute samlAttribute) { if (null == attributes) { - attributes = new Vector(); + attributes = new Vector(); } else { String id = samlAttribute.getName(); int length = attributes.size(); @@ -1723,6 +1479,8 @@ public class AuthenticationServer implements MOAIDAuthConstants { authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW"); authData.setIdentityLink(identityLink); + Logger.trace("Authenticated User is OW: " + mandate.getOWbPK()); + } else { if (businessService) { @@ -1747,8 +1505,11 @@ public class AuthenticationServer implements MOAIDAuthConstants { } else { authData.setBPK(identityLink.getIdentificationValue()); authData.setBPKType(identityLink.getIdentificationType()); + } - + + Logger.trace("Authenticate user with wbPK " + authData.getBPK()); + Element idlassertion = session.getIdentityLink().getSamlAssertion(); //set bpk/wpbk; Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); @@ -1770,6 +1531,8 @@ public class AuthenticationServer implements MOAIDAuthConstants { authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget()); } + Logger.trace("Authenticate user with bPK " + authData.getBPK()); + authData.setIdentityLink(identityLink); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java index edc43da0c..c17b86c46 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java @@ -139,4 +139,14 @@ public interface MOAIDAuthConstants { public static final List REQ_BKU_TYPES = Arrays.asList(REQ_BKU_TYPE_LOCAL, REQ_BKU_TYPE_ONLINE, REQ_BKU_TYPE_HANDY); + public final static String EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION = "OIDTextualDescription"; + public final static String EXT_SAML_MANDATE_OID = "OID"; + public final static String EXT_SAML_MANDATE_RAW = "Mandate"; + public final static String EXT_SAML_MANDATE_NAME = "MandatorName"; + public final static String EXT_SAML_MANDATE_DOB = "MandatorDateOfBirth"; + public final static String EXT_SAML_MANDATE_WBPK = "MandatorWbpk"; + public final static String EXT_SAML_MANDATE_REPRESENTATIONTYPE = "RepresentationType"; + public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter"; + public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier"; + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java index 2890532b2..556d26c67 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java @@ -83,6 +83,7 @@ public class MOAIDAuthInitializer { // create some properties and get the default Session Properties props = new Properties(); props.put("mail.smtp.host", "localhost"); + Session session = Session.getDefaultInstance(props, null); // Restricts TLS cipher suites diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java index c1ca18e95..b3e34aeac 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java @@ -82,11 +82,11 @@ public class AuthenticationAssertionBuilder { * * @throws ParseException If an error occurs on serializing an SAML attribute. */ - protected String buildExtendedSAMLAttributes(List extendedSAMLAttributes) throws ParseException + protected String buildExtendedSAMLAttributes(List extendedSAMLAttributes) throws ParseException { StringBuffer sb = new StringBuffer(); if (extendedSAMLAttributes!=null) { - Iterator it = extendedSAMLAttributes.iterator(); + Iterator it = extendedSAMLAttributes.iterator(); while (it.hasNext()) { ExtendedSAMLAttribute extendedSAMLAttribute = (ExtendedSAMLAttribute)it.next(); Object value = extendedSAMLAttribute.getValue(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java index c737b015c..0421a868c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java @@ -28,9 +28,7 @@ import java.io.StringWriter; import java.text.MessageFormat; import java.text.SimpleDateFormat; import java.util.Calendar; -import java.util.Date; import java.util.List; -import java.util.Locale; import javax.xml.bind.DatatypeConverter; import javax.xml.transform.Result; @@ -54,7 +52,6 @@ import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; @@ -169,7 +166,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String identityLinkType, String oaURL, String gebDat, - List extendedSAMLAttributes, + List extendedSAMLAttributes, AuthenticationSession session, OAAuthParameter oaParam) throws BuildException @@ -332,7 +329,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String identityLinkType, String oaURL, String gebDat, - List extendedSAMLAttributes, + List extendedSAMLAttributes, AuthenticationSession session) throws BuildException { @@ -479,7 +476,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String identityLinkType, String oaURL, String gebDat, - List extendedSAMLAttributes, + List extendedSAMLAttributes, AuthenticationSession session, OAAuthParameter oaParam) throws BuildException diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java index 106f69f73..f32372e2b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java @@ -28,6 +28,7 @@ import java.text.MessageFormat; import java.util.Calendar; import java.util.List; +import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.data.AuthenticationData; @@ -229,7 +230,7 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB String bkuURL, String signerCertificateBase64, boolean businessService, - List extendedSAMLAttributes, + List extendedSAMLAttributes, boolean useCondition, int conditionLength) throws BuildException @@ -350,7 +351,7 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB String bkuURL, String signerCertificateBase64, boolean businessService, - List extendedSAMLAttributes, + List extendedSAMLAttributes, boolean useCondition, int conditionLength) throws BuildException diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index b825f7620..5544e181c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -26,9 +26,7 @@ package at.gv.egovernment.moa.id.auth.builder; import java.security.MessageDigest; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java index 7f169f665..4654db037 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilderForeign.java @@ -46,22 +46,22 @@ public class CreateXMLSignatureRequestBuilderForeign extends Builder { /** private static int all contains the representation to replace all tags*/ private static final int ALL = -1; - /** default HTML template */ - private static final String DEFAULT_XML_TEMPLATE = - "" + - "" + - "" + KEYBOXID_TAG + "" + - "" + - "" + - "" + XMLCONTENT_TAG + "" + - "" + - "" + - "" + - "text/plain" + - "" + - "" + - "" + - ""; +// /** default HTML template */ +// private static final String DEFAULT_XML_TEMPLATE = +// "" + +// "" + +// "" + KEYBOXID_TAG + "" + +// "" + +// "" + +// "" + XMLCONTENT_TAG + "" + +// "" + +// "" + +// "" + +// "text/plain" + +// "" + +// "" + +// "" + +// ""; /** default HTML template */ private static final String DEFAULT_XHTML_TEMPLATE = diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java index 9b7cc41ba..939e7848b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java @@ -25,10 +25,6 @@ package at.gv.egovernment.moa.id.auth.builder; import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.logging.Logger; /** * Builds a DataURL parameter meant for the security layer implementation @@ -58,7 +54,7 @@ public class DataURLBuilder { */ public String buildDataURL(String authBaseURL, String authServletName, String sessionID) { - String individualDataURLPrefix = null; +// String individualDataURLPrefix = null; String dataURL; //is removed from config in MOA-ID 2.0 diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index 5a12f98f6..ceffd90dc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java @@ -55,7 +55,6 @@ public class GetIdentityLinkFormBuilder extends Builder { /** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */ private static final String PUSHINFOBOX_TAG = ""; /** special tag in the HTML template to be substituted for the BKU URL */ - private static final String MANDATE_TAG = ""; private static final String COLOR_TAG = ""; /** private static int all contains the representation to replace all tags*/ private static final int ALL = -1; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java deleted file mode 100644 index 0a526ebbe..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.builder; - -import java.util.List; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams; -import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParamsImpl; -import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter; -import at.gv.egovernment.moa.util.XPathUtils; - -/** - * This class provides one method for building parameters needed for - * validating an infobox token. - * - * @author Harald Bratko - */ -public class InfoboxValidatorParamsBuilder { - - // hide the default constructor - private InfoboxValidatorParamsBuilder() { - } - - /** - * Builds the parameters passed to the validator class for validating an infobox token. - * - * @param session The actual Authentication session. - * @param verifyInfoboxParameter The configuration parameters for the infobox. - * @param infoboxTokenList Contains the infobox token to be validated. - * @param oaParam The configuration parameters of the online application - * - * @return Parameters for validating an infobox token. - */ -// public static InfoboxValidatorParams buildInfoboxValidatorParams( -// AuthenticationSession session, -// VerifyInfoboxParameter verifyInfoboxParameter, -// List infoboxTokenList, -// OAAuthParameter oaParam) -// { -// InfoboxValidatorParamsImpl infoboxValidatorParams = new InfoboxValidatorParamsImpl(); -// IdentityLink identityLink = session.getIdentityLink(); -// -// // the infobox token to validate -// infoboxValidatorParams.setInfoboxTokenList(infoboxTokenList); -// // configuration parameters -// infoboxValidatorParams.setTrustProfileID(verifyInfoboxParameter.getTrustProfileID()); -// infoboxValidatorParams.setSchemaLocations(verifyInfoboxParameter.getSchemaLocations()); -// infoboxValidatorParams.setApplicationSpecificParams(verifyInfoboxParameter.getApplicationSpecificParams()); -// // authentication session parameters -// infoboxValidatorParams.setBkuURL(session.getBkuURL()); -// infoboxValidatorParams.setTarget(session.getTarget()); -// infoboxValidatorParams.setDomainIdentifier(oaParam.getIdentityLinkDomainIdentifier()); -// infoboxValidatorParams.setBusinessApplication(session.getBusinessService()); -// // parameters from the identity link -// infoboxValidatorParams.setFamilyName(identityLink.getFamilyName()); -// infoboxValidatorParams.setGivenName(identityLink.getGivenName()); -// infoboxValidatorParams.setDateOfBirth(identityLink.getDateOfBirth()); -// if (verifyInfoboxParameter.getProvideStammzahl()) { -// infoboxValidatorParams.setIdentificationValue(identityLink.getIdentificationValue()); -// } -// infoboxValidatorParams.setIdentificationType(identityLink.getIdentificationType()); -// infoboxValidatorParams.setPublicKeys(identityLink.getPublicKey()); -// if (verifyInfoboxParameter.getProvideIdentityLink()) { -// Element identityLinkElem = (Element)identityLink.getSamlAssertion().cloneNode(true); -// if (!verifyInfoboxParameter.getProvideStammzahl()) { -// Element identificationValueElem = -// (Element)XPathUtils.selectSingleNode(identityLinkElem, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); -// if (identificationValueElem != null) { -// identificationValueElem.getFirstChild().setNodeValue(""); -// } -// } -// infoboxValidatorParams.setIdentityLink(identityLinkElem); -// } -// -// //TODO: check if this is Protocol specific -// //infoboxValidatorParams.setHideStammzahl(!oaParam.getProvideStammzahl()); -// infoboxValidatorParams.setHideStammzahl(true); -// -// return infoboxValidatorParams; -// } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java index 3282036b4..789651f16 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java @@ -3,15 +3,13 @@ package at.gv.egovernment.moa.id.auth.builder; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; +import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URI; import org.apache.commons.io.IOUtils; -import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; @@ -42,22 +40,17 @@ public class LoginFormBuilder { private static String MANDATEVISIBLE = "#MANDATEVISIBLE#"; private static String MANDATECHECKED = "#MANDATECHECKED#"; - - private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate"; private static String getTemplate() { String template = null; - + InputStream input = null; + try { String pathLocation; - - InputStream input; - - String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); - + String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; try { @@ -83,11 +76,17 @@ public class LoginFormBuilder { template = template.replace(BKU_ONLINE, OAAuthParameter.ONLINEBKU); template = template.replace(BKU_HANDY, OAAuthParameter.HANDYBKU); template = template.replace(BKU_LOCAL, OAAuthParameter.LOCALBKU); - - input.close(); - + } catch (Exception e) { Logger.error("Failed to read template", e); + + } finally { + try { + input.close(); + + } catch (IOException e) { + Logger.warn("SendAssertionTemplate inputstream can not be closed.", e); + } } return template; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java index 6d10f5519..c9b82334e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/RedirectFormBuilder.java @@ -5,8 +5,6 @@ import java.io.StringWriter; import org.apache.commons.io.IOUtils; -import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet; -import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.logging.Logger; public class RedirectFormBuilder { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java index d48ff2677..2618b7d17 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java @@ -45,7 +45,7 @@ public class SAMLArtifactBuilder { /** * The generic configuration parameter for an alternative SourceID. */ - private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID"; +// private static final String GENERIC_CONFIG_PARAM_SOURCEID = "AuthenticationServer.SourceID"; /** * Constructor for SAMLArtifactBuilder. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java index 1796af94b..cd8750ad0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java @@ -3,14 +3,13 @@ package at.gv.egovernment.moa.id.auth.builder; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; +import java.io.IOException; import java.io.InputStream; import java.io.StringWriter; import java.net.URI; import org.apache.commons.io.IOUtils; -import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet; -import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; @@ -37,14 +36,13 @@ public class SendAssertionFormBuilder { private static String getTemplate() { - String template = null; + String template = null; + InputStream input = null; try { String pathLocation; - InputStream input; - - String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); - + + String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir(); pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL; try { @@ -67,8 +65,17 @@ public class SendAssertionFormBuilder { IOUtils.copy(input, writer); template = writer.toString(); template = template.replace(URL, SERVLET); + } catch (Exception e) { Logger.error("Failed to read template", e); + + } finally { + try { + input.close(); + + } catch (IOException e) { + Logger.warn("SendAssertionTemplate inputstream can not be closed.", e); + } } return template; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java index 41440f323..4cb174e1c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java @@ -175,7 +175,7 @@ public class AuthenticationSession implements Serializable { * SAML attributes from an extended infobox validation to be appended to the * SAML assertion delivered to the final online application. */ - private List extendedSAMLAttributesOA; + private List extendedSAMLAttributesOA; /** * The boolean value for either a target or a wbPK is provided as SAML @@ -187,7 +187,7 @@ public class AuthenticationSession implements Serializable { * SAML attributes from an extended infobox validation to be appended to the * SAML assertion of the AUTHBlock. */ - private List extendedSAMLAttributesAUTH; + private List extendedSAMLAttributesAUTH; /** * If infobox validators are needed after signing, they can be stored in @@ -598,7 +598,10 @@ public class AuthenticationSession implements Serializable { * @return The SAML Attributes to be appended to the AUTHBlock. Maybe * null. */ - public List getExtendedSAMLAttributesAUTH() { + public List getExtendedSAMLAttributesAUTH() { + if (extendedSAMLAttributesAUTH == null) + extendedSAMLAttributesAUTH = new ArrayList(); + return extendedSAMLAttributesAUTH; } @@ -608,7 +611,7 @@ public class AuthenticationSession implements Serializable { * @param extendedSAMLAttributesAUTH * The SAML Attributes to be appended to the AUTHBlock. */ - public void setExtendedSAMLAttributesAUTH(List extendedSAMLAttributesAUTH) { + public void setExtendedSAMLAttributesAUTH(List extendedSAMLAttributesAUTH) { this.extendedSAMLAttributesAUTH = extendedSAMLAttributesAUTH; } @@ -619,7 +622,7 @@ public class AuthenticationSession implements Serializable { * @return The SAML Attributes to be appended to the SAML assertion * delivered to the online application */ - public List getExtendedSAMLAttributesOA() { + public List getExtendedSAMLAttributesOA() { return extendedSAMLAttributesOA; } @@ -631,7 +634,7 @@ public class AuthenticationSession implements Serializable { * The SAML Attributes to be appended to the SAML assertion * delivered to the online application. */ - public void setExtendedSAMLAttributesOA(List extendedSAMLAttributesOA) { + public void setExtendedSAMLAttributesOA(List extendedSAMLAttributesOA) { this.extendedSAMLAttributesOA = extendedSAMLAttributesOA; } @@ -688,27 +691,27 @@ public class AuthenticationSession implements Serializable { return infoboxValidators.iterator(); } - /** - * Adds an infobox validator class to the stored infobox validators. - * - * @param infoboxIdentifier - * the identifier of the infobox the validator belongs to - * @param infoboxFriendlyName - * the friendly name of the infobox - * @param infoboxValidator - * the infobox validator to add - */ - public Iterator addInfoboxValidator(String infoboxIdentifier, - String infoboxFriendlyName, InfoboxValidator infoboxValidator) { - if (infoboxValidators == null) - infoboxValidators = new ArrayList(); - Vector v = new Vector(3); - v.add(infoboxIdentifier); - v.add(infoboxFriendlyName); - v.add(infoboxValidator); - infoboxValidators.add(v); - return infoboxValidators.iterator(); - } +// /** +// * Adds an infobox validator class to the stored infobox validators. +// * +// * @param infoboxIdentifier +// * the identifier of the infobox the validator belongs to +// * @param infoboxFriendlyName +// * the friendly name of the infobox +// * @param infoboxValidator +// * the infobox validator to add +// */ +// public Iterator addInfoboxValidator(String infoboxIdentifier, +// String infoboxFriendlyName, InfoboxValidator infoboxValidator) { +// if (infoboxValidators == null) +// infoboxValidators = new ArrayList(); +// Vector v = new Vector(3); +// v.add(infoboxIdentifier); +// v.add(infoboxFriendlyName); +// v.add(infoboxValidator); +// infoboxValidators.add(v); +// return infoboxValidators.iterator(); +// } /** * Tests for pending input events of the infobox validators. @@ -730,46 +733,46 @@ public class AuthenticationSession implements Serializable { return result; } - /** - * Returns the first pending infobox validator. - * - * @return the infobox validator class - */ - public InfoboxValidator getFirstPendingValidator() { - Iterator iter = getInfoboxValidatorIterator(); - if (iter != null) { - while (iter.hasNext()) { - Vector infoboxValidatorVector = (Vector) iter.next(); - InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - .get(2); - String form = infoboxvalidator.getForm(); - if (!ParepUtils.isEmpty(form)) - return infoboxvalidator; - } - } - return null; - } +// /** +// * Returns the first pending infobox validator. +// * +// * @return the infobox validator class +// */ +// public InfoboxValidator getFirstPendingValidator() { +// Iterator iter = getInfoboxValidatorIterator(); +// if (iter != null) { +// while (iter.hasNext()) { +// Vector infoboxValidatorVector = (Vector) iter.next(); +// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector +// .get(2); +// String form = infoboxvalidator.getForm(); +// if (!ParepUtils.isEmpty(form)) +// return infoboxvalidator; +// } +// } +// return null; +// } - /** - * Returns the input form of the first pending infobox validator input - * processor. - * - * @return the form to show - */ - public String getFirstValidatorInputForm() { - Iterator iter = getInfoboxValidatorIterator(); - if (iter != null) { - while (iter.hasNext()) { - Vector infoboxValidatorVector = (Vector) iter.next(); - InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - .get(2); - String form = infoboxvalidator.getForm(); - if (!ParepUtils.isEmpty(form)) - return form; - } - } - return null; - } +// /** +// * Returns the input form of the first pending infobox validator input +// * processor. +// * +// * @return the form to show +// */ +// public String getFirstValidatorInputForm() { +// Iterator iter = getInfoboxValidatorIterator(); +// if (iter != null) { +// while (iter.hasNext()) { +// Vector infoboxValidatorVector = (Vector) iter.next(); +// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector +// .get(2); +// String form = infoboxvalidator.getForm(); +// if (!ParepUtils.isEmpty(form)) +// return form; +// } +// } +// return null; +// } /** * Returns domain identifier (the register and number in the register diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java index 339f8a993..5bfb6ede8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/CreateXMLSignatureResponseParser.java @@ -25,13 +25,10 @@ package at.gv.egovernment.moa.id.auth.parser; import java.io.ByteArrayInputStream; -import java.io.IOException; import java.io.InputStream; import java.util.ArrayList; import java.util.List; -import javax.xml.transform.TransformerException; - import org.w3c.dom.Element; import org.w3c.dom.NodeList; import org.w3c.dom.traversal.NodeIterator; @@ -200,7 +197,7 @@ public class CreateXMLSignatureResponseParser { cResp.setSamlAssertion((Element) XPathUtils.selectSingleNode(sigResponse_, "/" + slPrefix + SAML_ASSERTION_XPATH)); NodeIterator attrIter = XPathUtils.selectNodeIterator(sigResponse_, "/" + slPrefix + SAML_ATTRIBUTE_XPATH); Element samlAttr; - List samlAttributes = new ArrayList(); + List samlAttributes = new ArrayList(); while ((samlAttr = (Element) attrIter.nextNode()) != null) { String attrName = XPathUtils.getAttributeValue(samlAttr, "@AttributeName", ""); String attrNamespace = XPathUtils.getAttributeValue(samlAttr, "@AttributeNamespace", ""); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java index 517fff9d2..27ac16157 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java @@ -50,14 +50,11 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.entrypoints.DispatcherServlet; import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; -import at.gv.egovernment.moa.id.storage.ExceptionStoreImpl; import at.gv.egovernment.moa.id.storage.IExceptionStore; import at.gv.egovernment.moa.id.util.ServletUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.BoolUtils; import at.gv.egovernment.moa.util.URLDecoder; /** @@ -257,10 +254,10 @@ public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { * @throws FileUploadException * if parsing request parameters fails. */ - protected Map getParameters(HttpServletRequest req) throws IOException, + protected Map getParameters(HttpServletRequest req) throws IOException, FileUploadException { - Map parameters = new HashMap(); + Map parameters = new HashMap(); if (ServletFileUpload.isMultipartContent(req)) { // request is encoded as mulitpart/form-data diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index 04c2aaa0e..cdd5cd384 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -2,19 +2,11 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; import java.io.PrintWriter; -import java.util.Arrays; -import java.util.List; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.commons.lang.StringEscapeUtils; -import org.bouncycastle.asn1.x509.Target; - -import com.trilead.ssh2.Session; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; import at.gv.egovernment.moa.id.auth.builder.StartAuthenticationBuilder; @@ -27,7 +19,6 @@ import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.logging.Logger; @@ -72,7 +63,7 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { moasession = AuthenticationSessionStoreage.getSession(moasessionid); - String newmoasessionid = AuthenticationSessionStoreage.changeSessionID(moasession); + AuthenticationSessionStoreage.changeSessionID(moasession); } catch (MOADatabaseException e) { Logger.info("MOASession with SessionID="+ moasessionid + " is not found in Database"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java index 866c69715..222faec37 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetForeignIDServlet.java @@ -114,7 +114,7 @@ public class GetForeignIDServlet extends AuthServlet { resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - Map parameters; + Map parameters; String pendingRequestID = null; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java index e1d823eff..0e68dccf6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java @@ -34,15 +34,12 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.TransformerException; import org.apache.commons.lang.StringEscapeUtils; -import org.w3c.dom.Element; import org.xml.sax.SAXException; import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; @@ -60,7 +57,6 @@ import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.URLEncoder; /** * Servlet requested for getting the foreign eID provided by the security layer @@ -165,7 +161,7 @@ public class GetMISSessionIDServlet extends AuthServlet { AuthConfigurationProvider.getInstance(), connectionParameters); - List list = MISSimpleClient.sendGetMandatesRequest( + List list = MISSimpleClient.sendGetMandatesRequest( connectionParameters.getUrl(), misSessionID, sslFactory); if (list == null) { @@ -190,7 +186,7 @@ public class GetMISSessionIDServlet extends AuthServlet { //check if it is a parsable XML byte[] byteMandate = mandate.getMandate(); String stringMandate = new String(byteMandate); - Element mandateDoc = DOMUtils.parseDocument(stringMandate, false, + DOMUtils.parseDocument(stringMandate, false, null, null).getDocumentElement(); // extract RepresentationType diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java index b54774e1e..9c72cfff2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/LogOutServlet.java @@ -25,48 +25,19 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; -import java.io.PrintWriter; -import java.util.List; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import javax.swing.text.StyleContext.SmallAttributeSet; -import org.apache.commons.lang.StringEscapeUtils; -import org.opensaml.saml2.metadata.RequestedAttribute; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.auth.stork.STORKAuthnRequestProcessor; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.config.stork.CPEPS; -import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.moduls.AuthenticationManager; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; -import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.StringUtils; -import eu.stork.mw.messages.saml.STORKAuthnRequest; -import eu.stork.vidp.messages.builder.STORKMessagesBuilder; -import eu.stork.vidp.messages.exception.SAMLException; -import eu.stork.vidp.messages.exception.SAMLValidationException; -import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel; -import eu.stork.vidp.messages.stork.RequestedAttributes; public class LogOutServlet extends AuthServlet { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java index b96fa519f..0deeaa681 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/MonitoringServlet.java @@ -13,10 +13,13 @@ import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.monitoring.TestManager; import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.MiscUtil; public class MonitoringServlet extends AuthServlet { private static final long serialVersionUID = 1L; + private static final String REQUEST_ATTR_MODULE = "module"; + protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { @@ -29,17 +32,49 @@ public class MonitoringServlet extends AuthServlet { TestManager tests = TestManager.getInstance(); + String modulename = req.getParameter(REQUEST_ATTR_MODULE); + if (MiscUtil.isEmpty(modulename)) { - List error = tests.executeTests(); - if (error != null && error.size() > 0) { - createErrorMessage(req, resp, error); + List error = tests.executeTests(); + if (error != null && error.size() > 0) { + createErrorMessage(req, resp, error); + + } else { + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentType("text/html;charset=UTF-8"); + resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess())); + Logger.info("Monitoring Servlet finished without errors"); + } } else { - resp.setStatus(HttpServletResponse.SC_OK); - resp.setContentType("text/html;charset=UTF-8"); - Logger.info("Monitoring Servlet finished without errors"); - } + if (tests.existsModule(modulename)) { + List errors = tests.executeTest(modulename); + if (errors != null && errors.size() > 0) { + createErrorMessage(req, resp, errors); + + } else { + resp.setStatus(HttpServletResponse.SC_OK); + resp.setContentType("text/html;charset=UTF-8"); + resp.getWriter().write(getHtml(config.getMonitoringMessageSuccess())); + Logger.info("Monitoring Servlet finished without errors"); + } + + } else { + Logger.warn("NO Testmodule exists with modulename " + modulename); + resp.setStatus(HttpServletResponse.SC_NOT_FOUND); + resp.setContentType("text/html;charset=UTF-8"); + PrintWriter out; + try { + out = new PrintWriter(resp.getOutputStream()); + out.write("NO Testmodule exists with modulename " + modulename); + out.flush(); + + } catch (IOException e) { + Logger.warn("Internal Monitoring Servlet Error. ", e); + } + } + } } } catch (ConfigurationException e) { @@ -62,4 +97,8 @@ public class MonitoringServlet extends AuthServlet { Logger.warn("Internal Monitoring Servlet Error. ", e); } } + + private String getHtml(String text) { + return "Reponse" + text +""; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java deleted file mode 100644 index 0409719da..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessValidatorInputServlet.java +++ /dev/null @@ -1,268 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.servlet; - -import java.io.IOException; -import java.io.OutputStream; -import java.util.Map; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.fileupload.FileUploadException; -import org.apache.commons.lang.StringEscapeUtils; - -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.builder.GetVerifyAuthBlockFormBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.ValidateException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; -import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator; -import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.FileUtils; - -/** - * Servlet requested for processing user input forms of infobox validators - * - * Utilizes the {@link AuthenticationServer}. - * - * @author Peter Danner - * @version $Id: ProcessValidatorInputServlet.java 769 2007-01-10 15:37:52Z peter.danner $ - */ -public class ProcessValidatorInputServlet extends AuthServlet { - - public static final long serialVersionUID = 1; - - /** - * Constructor for VerifyIdentityLinkServlet. - */ - public ProcessValidatorInputServlet() { - super(); - } - - /** - * Shows the user input forms of infobox validators - * - * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest, HttpServletResponse) - */ - protected void doGet(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - - Logger.debug("GET ProcessInput"); - resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); - resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); - resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); - - Map parameters; - try { - parameters = getParameters(req); - } catch (FileUploadException e) { - Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); - throw new IOException(e.getMessage()); - } - String sessionID = req.getParameter(PARAM_SESSIONID); - if (sessionID==null) sessionID = (String) req.getAttribute(PARAM_SESSIONID); - if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID); - if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID+"_"); - - // escape parameter strings - sessionID = StringEscapeUtils.escapeHtml(sessionID); - - try { - - if (!ParamValidatorUtils.isValidSessionID(sessionID)) - throw new WrongParametersException("ProcessInput", PARAM_SESSIONID, "auth.12"); - - AuthenticationSession session = AuthenticationServer.getSession(sessionID); - InfoboxValidator infoboxvalidator = session.getFirstPendingValidator(); - String outputStream; - String dataURL = new DataURLBuilder().buildDataURL( - session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, sessionID); - if (infoboxvalidator!=null) { - outputStream = infoboxvalidator.getForm(); - // replace strings the validators can not know - outputStream = ParepUtils.replaceAll(outputStream, "", session.getAuthURL()); - outputStream = ParepUtils.replaceAll(outputStream, "", sessionID); - outputStream = ParepUtils.replaceAll(outputStream, "", session.getBkuURL()); - outputStream = ParepUtils.replaceAll(outputStream, "", dataURL); - outputStream = ParepUtils.replaceAll(outputStream, "", session.getPushInfobox()); - } else { - throw new ValidateException("validator.65", null); - } - //resp.setStatus(200); - resp.setContentType("text/html;charset=UTF-8"); - OutputStream out = resp.getOutputStream(); - out.write(outputStream.getBytes("UTF-8")); - out.flush(); - out.close(); - Logger.debug("Finished GET ProcessInput"); - } - catch (WrongParametersException ex) { - handleWrongParameters(ex, req, resp); - } - catch (MOAIDException ex) { - handleError(null, ex, req, resp, null); //TODO: is this Class required? - } - } - - /** - * Verifies the user input forms of infobox validators - * - * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest, HttpServletResponse) - */ - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - -// Logger.debug("POST ProcessInput"); -// -// resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES,MOAIDAuthConstants.HEADER_VALUE_EXPIRES); -// resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA,MOAIDAuthConstants.HEADER_VALUE_PRAGMA); -// resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); -// resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL,MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); -// -// Map parameters; -// try { -// parameters = getParameters(req); -// } catch (FileUploadException e) { -// Logger.error("Parsing mulitpart/form-data request parameters failed: " + e.getMessage()); -// throw new IOException(e.getMessage()); -// } -// -// String sessionID = req.getParameter(PARAM_SESSIONID); -// if (sessionID==null) sessionID = (String) req.getAttribute(PARAM_SESSIONID); -// if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID); -// if (sessionID==null) sessionID = (String) parameters.get(PARAM_SESSIONID+"_"); -// -// // escape parameter strings -// sessionID = StringEscapeUtils.escapeHtml(sessionID); -// -// try { -// -// if (!ParamValidatorUtils.isValidSessionID(sessionID)) -// throw new WrongParametersException("ProcessInput", PARAM_SESSIONID, "auth.12"); -// -// AuthenticationSession session = AuthenticationServer.getSession(sessionID); -// AuthenticationServer.processInput(session, parameters); -// String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().getCreateXMLSignatureRequestAuthBlockOrRedirect(session, null, null); -// if (!createXMLSignatureRequestOrRedirect.startsWith("Redirect")) { -// // Now sign the AUTH Block -// String dataURL = new DataURLBuilder().buildDataURL( -// session.getAuthURL(), AuthenticationServer.REQ_VERIFY_AUTH_BLOCK, sessionID); -// -// String htmlForm = null; -// -// boolean doInputProcessorSign = false; // If sign process should be within an extra form, provide a parameter. Otherwise transport through security layer is assumed -// -// String inputProcessorSignForm = req.getParameter("Sign_Form"); -// if (inputProcessorSignForm==null) inputProcessorSignForm = (String) req.getAttribute("Sign_Form"); -// if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form"); -// if (inputProcessorSignForm==null) inputProcessorSignForm = (String) parameters.get("Sign_Form_"); -// // escape parameter strings -// inputProcessorSignForm = StringEscapeUtils.escapeHtml(inputProcessorSignForm); -// if (!ParepUtils.isEmpty(inputProcessorSignForm)) doInputProcessorSign = inputProcessorSignForm.equalsIgnoreCase("true"); -// if (doInputProcessorSign) { -// // Test if we have a user input form sign template -// -// String inputProcessorSignTemplateURL = req.getParameter(PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE); -// -// if (!ParamValidatorUtils.isValidSignUrl(inputProcessorSignTemplateURL)) -// throw new WrongParametersException("ProcessInput", PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE, "auth.12"); -// -// String inputProcessorSignTemplate = null; -// OAAuthParameter oaParam = -// AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getOAURLRequested()); -// // override template url by url from configuration file -// if (oaParam.getInputProcessorSignTemplateURL() != null) { -// inputProcessorSignTemplateURL = oaParam.getInputProcessorSignTemplateURL(); -// } -// if (inputProcessorSignTemplateURL != null) { -// try { -// inputProcessorSignTemplate = new String(FileUtils.readURL(inputProcessorSignTemplateURL)); -// } catch (IOException ex) { -// throw new AuthenticationException( -// "auth.03", -// new Object[] { inputProcessorSignTemplateURL, ex.toString()}, -// ex); -// } -// } -// -// htmlForm = new GetVerifyAuthBlockFormBuilder().build( -// inputProcessorSignTemplate, session.getBkuURL(), createXMLSignatureRequestOrRedirect, dataURL, session.getPushInfobox()); -// htmlForm = ParepUtils.replaceAll(htmlForm, "", session.getAuthURL()); -// htmlForm = ParepUtils.replaceAll(htmlForm, "", sessionID); -// htmlForm = ParepUtils.replaceAll(htmlForm, "", session.getBkuURL()); -// htmlForm = ParepUtils.replaceAll(htmlForm, "", dataURL); -// htmlForm = ParepUtils.replaceAll(htmlForm, "", session.getPushInfobox()); -// resp.setContentType("text/html;charset=UTF-8"); -// } else { -// htmlForm = createXMLSignatureRequestOrRedirect; -// resp.setStatus(307); -// resp.addHeader("Location", dataURL); -// //TODO test impact of explicit setting charset with older versions of BKUs (HotSign) -// resp.setContentType("text/xml;charset=UTF-8"); -// } -// -// OutputStream out = resp.getOutputStream(); -// out.write(htmlForm.getBytes("UTF-8")); -// out.flush(); -// out.close(); -// Logger.debug("Finished POST ProcessInput"); -// } else { -// String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, session.getSessionID()); -// resp.setContentType("text/html"); -// resp.setStatus(302); -// resp.addHeader("Location", redirectURL); -// Logger.debug("REDIRECT TO: " + redirectURL); -// } -// -// try { -// AuthenticationSessionStoreage.storeSession(session); -// -// } catch (MOADatabaseException e) { -// throw new AuthenticationException("", null); -// } -// -// } -// catch (WrongParametersException ex) { -// handleWrongParameters(ex, req, resp); -// } -// catch (MOAIDException ex) { -// handleError(null, ex, req, resp); -// } - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java index 70257414a..324a649e5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/SSOSendAssertionServlet.java @@ -1,33 +1,24 @@ package at.gv.egovernment.moa.id.auth.servlet; import java.io.IOException; -import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import org.apache.commons.lang.StringEscapeUtils; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.ModulUtils; -import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -import at.gv.egovernment.moa.util.URLEncoder; - - public class SSOSendAssertionServlet extends AuthServlet{ diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java index a31f7d37a..b273c6282 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyAuthenticationBlockServlet.java @@ -25,7 +25,6 @@ package at.gv.egovernment.moa.id.auth.servlet; import iaik.pki.PKIException; -import iaik.x509.X509Certificate; import java.io.IOException; import java.security.GeneralSecurityException; @@ -62,7 +61,6 @@ import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId; import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.URLEncoder; /** * Servlet requested for verifying the signed authentication block @@ -139,7 +137,7 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { String pendingRequestID = null; - Map parameters; + Map parameters; try { parameters = getParameters(req); @@ -231,13 +229,13 @@ public class VerifyAuthenticationBlockServlet extends AuthServlet { MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(connectionParameters.getUrl(), idl, cert, oaFriendlyName, redirectURL, mandateReferenceValue, profilesArray, targetType, sslFactory); - String redirectMISGUI = misSessionID.getRedirectURL(); if (misSessionID == null) { Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null."); throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service."); } + String redirectMISGUI = misSessionID.getRedirectURL(); session.setMISSessionID(misSessionID.getSessiondId()); try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java index 863249401..489a24675 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyCertificateServlet.java @@ -110,7 +110,7 @@ public class VerifyCertificateServlet extends AuthServlet { String pendingRequestID = null; - Map parameters; + Map parameters; try { parameters = getParameters(req); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java index b6da20b61..43fca52d1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java @@ -113,7 +113,7 @@ public class VerifyIdentityLinkServlet extends AuthServlet { Logger.debug("POST VerifyIdentityLink"); - Map parameters; + Map parameters; String pendingRequestID = null; try diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java index 7ac704636..f78067b5f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/PEPSConnectorResponseVerifier.java @@ -31,7 +31,6 @@ package at.gv.egovernment.moa.id.auth.stork; import org.opensaml.xml.validation.ValidationException; import org.w3c.dom.Element; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.BuildException; @@ -42,7 +41,6 @@ import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Constants; import eu.stork.mw.messages.saml.STORKResponse; import eu.stork.vidp.messages.exception.SAMLValidationException; import eu.stork.vidp.messages.util.SAMLUtil; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKAuthnRequestProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKAuthnRequestProcessor.java index ff30919bc..e5c55d038 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKAuthnRequestProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKAuthnRequestProcessor.java @@ -6,20 +6,15 @@ package at.gv.egovernment.moa.id.auth.stork; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.lang.StringEscapeUtils; -import org.apache.commons.lang.StringUtils; import org.apache.velocity.app.VelocityEngine; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.saml2.binding.encoding.HTTPPostEncoder; import org.opensaml.saml2.metadata.AssertionConsumerService; import org.opensaml.saml2.metadata.Endpoint; -import org.opensaml.saml2.metadata.RequestedAttribute; import org.opensaml.ws.transport.http.HTTPOutTransport; import org.opensaml.ws.transport.http.HttpServletResponseAdapter; import org.opensaml.xml.security.credential.Credential; -import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet; -import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.logging.Logger; import eu.stork.mw.messages.saml.STORKAuthnRequest; import eu.stork.vidp.messages.builder.STORKMessagesBuilder; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java index a18e41d50..a87e9a8c0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java @@ -3,27 +3,18 @@ */ package at.gv.egovernment.moa.id.auth.stork; -import iaik.x509.X509Certificate; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; import java.util.List; import java.util.Vector; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.xml.namespace.QName; -import javax.xml.transform.TransformerException; import org.opensaml.common.binding.BasicSAMLMessageContext; import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; import org.opensaml.saml2.core.Assertion; import org.opensaml.saml2.core.Attribute; import org.opensaml.saml2.metadata.RequestedAttribute; -import org.opensaml.saml2.metadata.SurName; import org.opensaml.ws.transport.http.HTTPInTransport; import org.opensaml.ws.transport.http.HTTPOutTransport; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; @@ -46,7 +37,6 @@ import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentity import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.DateTimeUtils; import at.gv.egovernment.moa.util.StringUtils; import eu.stork.mw.messages.saml.STORKResponse; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index 449a60fa8..9e98b73b4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -143,7 +143,7 @@ public class CreateXMLSignatureResponseValidator { int offset = 0; // check number of SAML aatributes - List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); + List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); int extendedSAMLAttributesNum = 0; if (extendedSAMLAttributes != null) { extendedSAMLAttributesNum = extendedSAMLAttributes.size(); @@ -288,7 +288,7 @@ public class CreateXMLSignatureResponseValidator { // now check the extended SAML attributes int i = AuthenticationBlockAssertionBuilder.NUM_OF_SAML_ATTRIBUTES + offset; if (extendedSAMLAttributes != null) { - Iterator it = extendedSAMLAttributes.iterator(); + Iterator it = extendedSAMLAttributes.iterator(); while (it.hasNext()) { ExtendedSAMLAttribute extendedSAMLAttribute = (ExtendedSAMLAttribute)it.next(); samlAttribute = samlAttributes[i]; @@ -406,12 +406,12 @@ public class CreateXMLSignatureResponseValidator { SAMLAttribute[] samlAttributes = createXMLSignatureResponse.getSamlAttributes(); boolean foundOA = false; - boolean foundGB = false; - boolean foundWBPK = false; +// boolean foundGB = false; +// boolean foundWBPK = false; int offset = 0; // check number of SAML aatributes - List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); + List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); int extendedSAMLAttributesNum = 0; if (extendedSAMLAttributes != null) { extendedSAMLAttributesNum = extendedSAMLAttributes.size(); @@ -498,7 +498,7 @@ public class CreateXMLSignatureResponseValidator { // now check the extended SAML attributes int i = AuthenticationBlockAssertionBuilder.NUM_OF_SAML_ATTRIBUTES_SSO + offset; if (extendedSAMLAttributes != null) { - Iterator it = extendedSAMLAttributes.iterator(); + Iterator it = extendedSAMLAttributes.iterator(); while (it.hasNext()) { ExtendedSAMLAttribute extendedSAMLAttribute = (ExtendedSAMLAttribute)it.next(); samlAttribute = samlAttributes[i]; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java index 93d1006a7..8ae04023f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/IdentityLinkValidator.java @@ -71,25 +71,25 @@ public class IdentityLinkValidator implements Constants { /** Xpath expression to the SAML:Attribute element */ private static final String ATTRIBUTE_XPATH = ROOT + SAML + "AttributeStatement/" + SAML + "Attribute"; - /** Xpath expression to the SAML:AttributeName attribute */ - private static final String ATTRIBUTE_NAME_XPATH = - ROOT + SAML + "AttributeStatement/" + SAML + "Attribute/@AttributeName"; - /** Xpath expression to the SAML:AttributeNamespace attribute */ - private static final String ATTRIBUTE_NAMESPACE_XPATH = - ROOT - + SAML - + "AttributeStatement/" - + SAML - + "Attribute/@AttributeNamespace"; - /** Xpath expression to the SAML:AttributeValue element */ - private static final String ATTRIBUTE_VALUE_XPATH = - ROOT - + SAML - + "AttributeStatement/" - + SAML - + "Attribute/" - + SAML - + "AttributeValue"; +// /** Xpath expression to the SAML:AttributeName attribute */ +// private static final String ATTRIBUTE_NAME_XPATH = +// ROOT + SAML + "AttributeStatement/" + SAML + "Attribute/@AttributeName"; +// /** Xpath expression to the SAML:AttributeNamespace attribute */ +// private static final String ATTRIBUTE_NAMESPACE_XPATH = +// ROOT +// + SAML +// + "AttributeStatement/" +// + SAML +// + "Attribute/@AttributeNamespace"; +// /** Xpath expression to the SAML:AttributeValue element */ +// private static final String ATTRIBUTE_VALUE_XPATH = +// ROOT +// + SAML +// + "AttributeStatement/" +// + SAML +// + "Attribute/" +// + SAML +// + "AttributeValue"; /** Singleton instance. null, if none has been created. */ private static IdentityLinkValidator instance; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java index c02747e73..1a06ef2f4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java @@ -35,7 +35,6 @@ import java.security.interfaces.RSAPublicKey; import java.util.List; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.exception.ValidateException; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessor.java deleted file mode 100644 index c8020cda4..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessor.java +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.validator.parep; - -import java.util.Map; - -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateMandateRequest; -import at.gv.egovernment.moa.id.auth.validator.parep.config.ParepConfiguration; - -/** - * Input processor for infobox validators. - */ -public interface ParepInputProcessor { - - /** - * Initialize user input processing. This function must initialize the - * processor to remember its state. Fixed values for the current authentication - * session are set here. - * - * @param representationID The id of the provided standardized mandate - * @param parepConfiguration The configuration of the party representation validator - * @param rpFamilyName The family name of the representative - * @param rpGivenName - * @param rpDateOfBirth - * @param request CreateMandateRequest containing the representative and the mandator - */ - - public void initialize( - String representationID, ParepConfiguration parepConfiguration, - String rpFamilyName, String rpGivenName, String rpDateOfBirth, - CreateMandateRequest request); - - /** - * Starting point of user input processing. This function must initialize the - * processor and remember its state. - * - * @param physical Is person a physical person selected - * @param familyName The family name of the mandator - * @param givenName - * @param dateOfBirth - * @param streetName The address of the physical person - * @param buildingNumber - * @param unit - * @param postalCode - * @param municipality - * @param cbFullName - * @param cbIdentificationType - * @param cbIdentificationValue - * @return The initial user input form - */ - public String start( - boolean physical, String familyName, String givenName, String dateOfBirth, - String streetName, String buildingNumber, String unit, String postalCode, String municipality, - String cbFullName, String cbIdentificationType, String cbIdentificationValue); - - /** - * Validation after the user submitted form - * - * @param parameters Returned input field values - * @param extErrortext Error text from SZR-gateway to throw error page or form to correct user input data - * @return User input form if needed, or empty form if everything is ok with the user input. Returns null on error. - */ - public String validate(Map parameters, String extErrortext); - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java deleted file mode 100644 index a154c9ece..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepInputProcessorImpl.java +++ /dev/null @@ -1,337 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -/** - * - */ -package at.gv.egovernment.moa.id.auth.validator.parep; - -import java.io.ByteArrayOutputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.InputStream; -import java.text.ParseException; -import java.text.SimpleDateFormat; -import java.util.Map; - -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateMandateRequest; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; -import at.gv.egovernment.moa.id.auth.validator.parep.config.ParepConfiguration; -import at.gv.egovernment.moa.logging.Logger; - -/** - * Implements the standard party representation infobox validator input processor - * - * @author Peter Danner - * - */ -public class ParepInputProcessorImpl implements ParepInputProcessor{ - - /** the requested representation ID (currently * or OID) */ - private String representationID; - - /** contains the configuration of the owning validator */ - private ParepConfiguration parepConfiguration; - - /** Family name of the representative */ - private String rpFamilyName; - - /** Given name of the representative */ - private String rpGivenName; - - /** The representatives date of birth */ - private String rpDateOfBirth; - - /** The current CreateMandateRequest to the SZR-gateway */ - private CreateMandateRequest request; - - /* - * (non-Javadoc) - * - * @see at.gv.egovernment.moa.id.auth.validator.parep.ParepInputProcessor#initialize(String, ParepConfiguration, String, String, String, CreateMandateRequest) - */ - public void initialize( - String representationID, ParepConfiguration parepConfiguration, - String rpFamilyName, String rpGivenName, String rpDateOfBirth, - CreateMandateRequest request) - { - // Initialization - this.representationID = representationID; - this.parepConfiguration = parepConfiguration; - this.rpFamilyName = rpFamilyName; - this.rpGivenName = rpGivenName; - this.rpDateOfBirth = rpDateOfBirth; - this.request = request; - } - -public String start(boolean physical, String familyName, String givenName, - String dateOfBirth, String streetName, String buildingNumber, - String unit, String postalCode, String municipality, String cbFullName, - String cbIdentificationType, String cbIdentificationValue) { - // TODO Auto-generated method stub - return null; -} - -public String validate(Map parameters, String extErrortext) { - // TODO Auto-generated method stub - return null; -} - - //TODO: check correctness -// /* -// * (non-Javadoc) -// * -// * @see at.gv.egovernment.moa.id.auth.validator.parep.ParepInputProcessor#start(boolean, String, String, String, String, String, String, String, String, String, String, String) -// */ -// public String start( -// boolean physical, String familyName, String givenName, String dateOfBirth, -// String streetName, String buildingNumber, String unit, String postalCode, String municipality, -// String cbFullName, String cbIdentificationType, String cbIdentificationValue) -// { -// // Load the form -// String form = loadForm( -// physical, familyName, givenName, dateOfBirth, -// streetName, buildingNumber, unit, postalCode, municipality, -// cbFullName, cbIdentificationType, cbIdentificationValue, ""); -// try { -// request.setMandator(familyName, givenName, dateOfBirth, postalCode, municipality, streetName, buildingNumber, unit, physical, cbFullName, -// cbIdentificationType, cbIdentificationValue); -// } catch (SZRGWClientException e) { -// //e.printStackTrace(); -// Logger.info(e); -// return null; -// } -// return form; -// } -// -// /* -// * (non-Javadoc) -// * -// * @see at.gv.egovernment.moa.id.auth.validator.parep.ParepInputProcessor#validate(Map, String) -// */ -// public String validate(Map parameters, String extErrortext) -// { -// -// // Process the gotten parameters -// String form = null; -// boolean formNecessary = false; -// if (!ParepUtils.isEmpty(extErrortext)) formNecessary = true; -// String locErrortext = "Folgende Parameter fehlen: "; -// -// String familyName = (String) parameters.get("familyname_"); -// if (null == familyName) familyName =""; -// String givenName = (String) parameters.get("givenname_"); -// if (null == givenName) givenName =""; -// boolean physical = "true".equals(parameters.get("physical_")); -// String dobday = (String) parameters.get("dobday_"); -// if (null!=dobday && dobday.equalsIgnoreCase("TT")) dobday=""; -// String dobmonth = (String) parameters.get("dobmonth_"); -// if (null!=dobmonth && dobmonth.equalsIgnoreCase("MM")) dobmonth=""; -// String dobyear = (String) parameters.get("dobyear_"); -// if (null!=dobyear && dobyear.equalsIgnoreCase("JJJJ")) dobyear=""; -// String dateOfBirth = ""; -// dobyear = (" ".substring(0, 4-dobyear.length()) + dobyear); -// dobmonth = (" ".substring(0, 2-dobmonth.length()) + dobmonth); -// dobday = (" ".substring(0, 2-dobday.length()) + dobday); -// dateOfBirth = dobyear + "-" + dobmonth + "-" + dobday; -// String cbFullName = (String) parameters.get("fullname_"); -// if (null == cbFullName) cbFullName =""; -// String cbIdentificationType = (String) parameters.get("cbidentificationtype_"); -// if (null == cbIdentificationType) cbIdentificationType =""; -// String cbIdentificationValue = (String) parameters.get("cbidentificationvalue_"); -// if (null == cbIdentificationValue) cbIdentificationValue =""; -// String postalCode = (String) parameters.get("postalcode_"); -// if (null == postalCode) postalCode =""; -// String municipality = (String) parameters.get("municipality_"); -// if (null == municipality) municipality =""; -// String streetName = (String) parameters.get("streetname_"); -// if (null == streetName) streetName =""; -// String buildingNumber = (String) parameters.get("buildingnumber_"); -// if (null == buildingNumber) buildingNumber =""; -// String unit = (String) parameters.get("unit_"); -// if (null == unit) unit =""; -// -// if (physical) { -// if (ParepUtils.isEmpty(familyName)) { -// formNecessary = true; -// locErrortext = locErrortext + "Familienname"; -// } -// if (ParepUtils.isEmpty(givenName)) { -// formNecessary = true; -// if (!locErrortext.endsWith(": ")) locErrortext = locErrortext + ", "; -// locErrortext = locErrortext + "Vorname"; -// } -// // Auf existierendes Datum prüfen -// SimpleDateFormat format = new SimpleDateFormat("yyyy-MM-dd"); -// format.setLenient(false); // Wir wollen keine künstliche Pareserintelligenz, nur Datum prüfen -// try { -// format.parse(dateOfBirth); -// } -// catch(ParseException pe) -// { -// formNecessary = true; -// if (!locErrortext.endsWith("fehlen: ")) locErrortext = locErrortext + ", "; -// locErrortext = locErrortext + "korrektes Geburtsdatum"; -// } -// } else { -// if (ParepUtils.isEmpty(cbFullName) || ParepUtils.isEmpty(cbIdentificationType) || ParepUtils.isEmpty(cbIdentificationValue)) { -// formNecessary = true; -// if (ParepUtils.isEmpty(cbFullName)) { -// locErrortext = locErrortext + "Name der Organisation"; -// } -// if (ParepUtils.isEmpty(cbIdentificationType)) { -// if (!locErrortext.endsWith("fehlen: ")) locErrortext = locErrortext + ", "; -// locErrortext = locErrortext + "Auswahl des Registers"; -// } -// if (ParepUtils.isEmpty(cbIdentificationValue)) { -// if (!locErrortext.endsWith("fehlen: ")) locErrortext = locErrortext + ", "; -// locErrortext = locErrortext + "Ordnungsnummer im ausgewählten Register"; -// } -// } -// } -// try { -// request.setMandator(familyName, givenName, dateOfBirth, postalCode, municipality, streetName, buildingNumber, unit, physical, cbFullName, -// cbIdentificationType, cbIdentificationValue); -// if (formNecessary) { -// // Daten noch nicht vollständig oder anderer Fehler -// if (locErrortext.endsWith("fehlen: ")) locErrortext =""; -// String error = ""; -// if (!ParepUtils.isEmpty(extErrortext)) { -// error = extErrortext; -// if (!ParepUtils.isEmpty(locErrortext)) error = error + "; "; -// } -// if (!ParepUtils.isEmpty(locErrortext)) error = error + locErrortext; -// if (!ParepUtils.isEmpty(error)) { -// error = "
\"Rufezeichen\"  " + error + "
"; -// } -// form = loadForm(physical, familyName, givenName, dateOfBirth, streetName, buildingNumber, unit, postalCode, municipality, cbFullName, cbIdentificationType, cbIdentificationValue, error); -// if (form == null) { -// return null; -// } -// } else { -// return ""; // everything is ok -// } -// } catch (Exception e) { -// //e.printStackTrace(); -// Logger.info(e); -// return null; -// } -// return form; -// } -// -// /** -// * Loads the empty user input form and replaces tag occurences with given variables -// * -// * @param physical -// * @param familyName -// * @param givenName -// * @param dateOfBirth -// * @param streetName -// * @param buildingNumber -// * @param unit -// * @param postalCode -// * @param municipality -// * @param cbFullName -// * @param cbIdentificationType -// * @param cbIdentificationValue -// * @param errorText -// * @return -// */ -// private String loadForm( -// boolean physical, String familyName, String givenName, String dateOfBirth, -// String streetName, String buildingNumber, String unit, String postalCode, String municipality, -// String cbFullName, String cbIdentificationType, String cbIdentificationValue, String errorText) -// { -// String form = ""; -// try { -// String fileName = parepConfiguration.getInputProcessorTemplate(representationID); -// InputStream instream = null; -// File file = new File(fileName); -// if (file.exists()) { -// //if this resolves to a file, load it -// instream = new FileInputStream(fileName); -// } else { -// fileName = parepConfiguration.getFullDirectoryName(fileName); -// if (fileName.startsWith("file:\\")) fileName = fileName.substring(6); -// file = new File(fileName); -// if (file.exists()) { -// //if this resolves to a file, load it -// instream = new FileInputStream(fileName); -// } else { -// //else load a named resource in our classloader. -// instream = this.getClass().getResourceAsStream(parepConfiguration.getInputProcessorTemplate(representationID)); -// if (instream == null) { -// Logger.error("Form Prozessor Input Template \"" + fileName + "\" fehlt"); -// return null; -// } -// } -// } -// ByteArrayOutputStream bos = new ByteArrayOutputStream(); -// ParepUtils.dumpInputOutputStream(instream, bos); -// form = bos.toString("UTF-8"); -// } catch(Exception e) { -// Logger.error("Fehler beim Einlesen des Input-Templates.", e); -// } -// -// if (!ParepUtils.isEmpty(form)) { -// boolean cbEnabled = parepConfiguration.isRepresentingCorporateParty(representationID); -// boolean physEnabled = parepConfiguration.isRepresentingPhysicalParty(representationID); -// boolean reducedSelection = (!physEnabled || !cbEnabled); -// if (reducedSelection) { -// physical = !cbEnabled;//wird somit umgesetzt falls jur. Person nicht vetretbar -// } -// if (ParepUtils.isEmpty(dateOfBirth)) dateOfBirth = "JJJJ-MM-TT"; -// form = ParepUtils.replaceAll(form, "", rpGivenName); -// form = ParepUtils.replaceAll(form, "", rpFamilyName); -// form = ParepUtils.replaceAll(form, "", rpDateOfBirth.substring(0,4)); -// form = ParepUtils.replaceAll(form, "", rpDateOfBirth.substring(5,7)); -// form = ParepUtils.replaceAll(form, "", rpDateOfBirth.substring(8,10)); -// //darf zw. phys. und jur. Person gewählt werden: -// //form = replaceAll(form, "seldisabled=\"\"", reducedSelection ? "disabled=\"true\"" : ""); -// form = ParepUtils.replaceAll(form, "physdisabled=\"\"", physEnabled ? "" : "disabled=\"true\""); -// form = ParepUtils.replaceAll(form, "physselected=\"\"", physical ? "checked=\"checked\"" : ""); -// form = ParepUtils.replaceAll(form, "", givenName); -// form = ParepUtils.replaceAll(form, "", familyName); -// form = ParepUtils.replaceAll(form, "", dateOfBirth.substring(0,4).trim()); -// form = ParepUtils.replaceAll(form, "", dateOfBirth.substring(5,7).trim()); -// form = ParepUtils.replaceAll(form, "", dateOfBirth.substring(8,10).trim()); -// form = ParepUtils.replaceAll(form, "", streetName); -// form = ParepUtils.replaceAll(form, "", buildingNumber); -// form = ParepUtils.replaceAll(form, "", unit); -// form = ParepUtils.replaceAll(form, "", postalCode); -// form = ParepUtils.replaceAll(form, "", municipality); -// form = ParepUtils.replaceAll(form, "cbdisabled=\"\"", cbEnabled ? "" : "disabled=\"true\""); -// form = ParepUtils.replaceAll(form, "", cbFullName); -// form = ParepUtils.replaceAll(form, "cbseldisabled=\"\"", cbEnabled ? "" : "disabled=\"disabled\""); -// form = ParepUtils.replaceAll(form, "cbselected=\"\"", physical ? "" : "checked=\"checked\""); -// form = ParepUtils.replaceAll(form, "fnselected=\"\"", cbIdentificationType.equals("urn:publicid:gv.at:baseid+XFN") ? "selected=\"selected\"" : ""); -// form = ParepUtils.replaceAll(form, "vrselected=\"\"", cbIdentificationType.equals("urn:publicid:gv.at:baseid+XVR") ? "selected=\"selected\"" : ""); -// form = ParepUtils.replaceAll(form, "ersbselected=\"\"", cbIdentificationType.equals("urn:publicid:gv.at:baseid+XERSB") ? "selected=\"selected\"" : ""); -// form = ParepUtils.replaceAll(form, "", cbIdentificationValue); -// form = ParepUtils.replaceAll(form, "", errorText); -// } -// return form; -// } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java index 60d54cf45..c77d9b7bd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepUtils.java @@ -254,7 +254,7 @@ public class ParepUtils { Element nameSpaceNode = mandator.getOwnerDocument().createElement("NameSpaceNode"); nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); - String s = DOMUtils.serializeNode(mandator); + DOMUtils.serializeNode(mandator); // check if physical person Element physicalPerson = (Element) XPathAPI.selectSingleNode(mandator, "descendant-or-self::pr:PhysicalPerson", nameSpaceNode); @@ -511,25 +511,25 @@ public class ParepUtils { } } - /* - * - */ - private static Element extractRepresentative(Element mandate) throws SZRGWClientException { - try { - Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode"); - nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS); - Element mandator = (Element) XPathAPI.selectSingleNode(mandate, "//md:Representative/child::*[1]", nameSpaceNode); - String nsPrefix = mandator.getPrefix(); - String nsUri = mandator.getNamespaceURI(); - - Element mandatorClone = (Element) mandator.cloneNode(true); - mandatorClone.setAttribute("xmlns:" + nsPrefix, nsUri); - - return mandatorClone; - } catch (Exception e) { - throw new SZRGWClientException(e); - } - } +// /* +// * +// */ +// private static Element extractRepresentative(Element mandate) throws SZRGWClientException { +// try { +// Element nameSpaceNode = mandate.getOwnerDocument().createElement("NameSpaceNode"); +// nameSpaceNode.setAttribute("xmlns:md", SZRGWConstants.MANDATE_NS); +// Element mandator = (Element) XPathAPI.selectSingleNode(mandate, "//md:Representative/child::*[1]", nameSpaceNode); +// String nsPrefix = mandator.getPrefix(); +// String nsUri = mandator.getNamespaceURI(); +// +// Element mandatorClone = (Element) mandator.cloneNode(true); +// mandatorClone.setAttribute("xmlns:" + nsPrefix, nsUri); +// +// return mandatorClone; +// } catch (Exception e) { +// throw new SZRGWClientException(e); +// } +// } /** * Serializes a XML element to a given output stream. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java deleted file mode 100644 index 81604eb07..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/ParepValidator.java +++ /dev/null @@ -1,643 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.validator.parep; - -import java.io.File; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Vector; - -import org.w3c.dom.Element; - -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; -import at.gv.egovernment.moa.id.auth.data.InfoboxToken; -import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult; -import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResultImpl; -import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams; -import at.gv.egovernment.moa.id.auth.exception.ValidateException; -import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateMandateRequest; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateMandateResponse; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; -import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants; -import at.gv.egovernment.moa.id.auth.validator.parep.config.ParepConfiguration; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.util.SSLUtils; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Constants; - -/** - * This class implements a MOA-ID Infobox Validator for validating - * a standardized XML mandate using the SZR-gateway. - * - * @author Peter Danner - */ -public class ParepValidator implements InfoboxValidator { - - public final static String EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION = "OIDTextualDescription"; - public final static String EXT_SAML_MANDATE_OID = "OID"; - public final static String EXT_SAML_MANDATE_RAW = "Mandate"; - public final static String EXT_SAML_MANDATE_NAME = "MandatorName"; - public final static String EXT_SAML_MANDATE_DOB = "MandatorDateOfBirth"; - public final static String EXT_SAML_MANDATE_WBPK = "MandatorWbpk"; - public final static String EXT_SAML_MANDATE_REPRESENTATIONTYPE = "RepresentationType"; - public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter"; - public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier"; - - - public InfoboxValidationResult validate(InfoboxValidatorParams params) - throws ValidateException { - // TODO Auto-generated method stub - return null; - } - - public InfoboxValidationResult validate(Map parameters) - throws ValidateException { - // TODO Auto-generated method stub - return null; - } - - public InfoboxValidationResult validate(Element samlAssertion) - throws ValidateException { - // TODO Auto-generated method stub - return null; - } - - public String getForm() { - // TODO Auto-generated method stub - return null; - } - - - //TODO: check correctness!!!! -// /** activates debug settings */ -// private boolean PAREP_DEBUG = false; -// -// /** contains the parameters the validator initially was called with */ -// private InfoboxValidatorParams params = null; -// -// /** contains the configuration of the validator */ -// private ParepConfiguration parepConfiguration = null; -// -// /** the requested representation ID (currently * or OID) */ -// private String representationID = null; -// -// /** holds the information of the SZR-request */ -// private CreateMandateRequest request = null; -// -// /** List of extended SAML attributes. */ -// private Vector extendedSamlAttributes = new Vector(); -// -// /** the class which processes the user input */ -// private ParepInputProcessor inputProcessor = null; -// -// /** The form if user input is necessary */ -// private String form = null; -// -// /** unspecified error of parep-validator (must not know more about)*/ -// private final static String COMMON_ERROR = "Es ist ein Fehler bei der �berpr�fung f�r berufsm��ige Parteienvetretung aufgetreten"; -// -// /** Default class to gather remaining mandator data. */ -// public final static String PAREP_INPUT_PROCESSOR = "at.gv.egovernment.moa.id.auth.validator.parep.ParepInputProcessorImpl"; -// -// /** Default template to gather remaining mandator data. */ -// public final static String PAREP_INPUT_TEMPLATE = "/resources/templates/ParepMinTemplate.html"; -// -// /** kind of representation text in AUTH block*/ -// public final static String STANDARD_REPRESENTATION_TEXT = "berufsm��ige(r) Parteienvertreter(in)"; -// -// /** Names of the produced SAML-attributes. */ -// public final static String EXT_SAML_MANDATE_RAW = "Mandate"; -// public final static String EXT_SAML_MANDATE_NAME = "MandatorName"; -// public final static String EXT_SAML_MANDATE_DOB = "MandatorDateOfBirth"; -// public final static String EXT_SAML_MANDATE_WBPK = "MandatorWbpk"; -// public final static String EXT_SAML_MANDATE_REPRESENTATIONTYPE = "RepresentationType"; -// public final static String EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION = "OIDTextualDescription"; -// public final static String EXT_SAML_MANDATE_OID = "OID"; -// -// /** */ -// public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter"; -// -// /** register and register number for non physical persons - the domain identifier for business applications*/ -// public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier"; -// -// /** -// * Parses the XML configuration element and creates the validators configuration -// * Use this function if you want to preconfigure the validator. -// * -// * @param configElem -// * the XML configuration element to parse. -// * @throws ConfigurationException -// * if an error occurs during the configuration process -// */ -// public void Configure(Element configElem) throws ConfigurationException { -// if (this.parepConfiguration == null) { -// Logger.debug("Lade Konfiguration."); -// parepConfiguration = new ParepConfiguration(configElem); -// Logger.debug("Konfiguration erfolgreich geladen."); -// } -// } -// -// /* -// * (non-Javadoc) -// * -// * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#validate(at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams) -// */ -// public InfoboxValidationResult validate(InfoboxValidatorParams params) throws ValidateException { -// -// InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null); -// -// try { -// Logger.debug("Starte Organwalter-/berufsmäßige Parteienvertreterprüfung."); -// this.params = params; -// -// Element mandate = extractPrimaryToken(this.params.getInfoboxTokenList()); -// // ParepUtils.serializeElement(mandate, System.out); -// this.representationID = ParepUtils.extractRepresentativeID(mandate); -// if (ParepUtils.isEmpty(representationID)) { -// validationResult.setErrorMessage("Fehlende oder falsche MandateID in standardisierter Vollmacht"); -// return validationResult; -// } -// -// // überprüfen der Identifikation (Type/Value). -// String identificationType = this.params.getIdentificationType(); -// String identificationValue = this.params.getIdentificationValue(); -// if (this.params.getBusinessApplication()) { -// if (representationID.startsWith(MOAIDAuthConstants.PARTY_ORGAN_REPRESENTATION_OID_NUMBER)) { -// validationResult.setErrorMessage("Eine Vertretung durch Organwalter im privatwirtschaftlichen Bereich ist nicht vorgesehen."); -// return validationResult; -// -// } else { -// Logger.debug("Parteienvertreter wird mit wbPK identifiziert"); -// } -// } else { -// if (representationID.startsWith(MOAIDAuthConstants.PARTY_ORGAN_REPRESENTATION_OID_NUMBER)) { -// //Für Organwalter wird die Stammzahl zur Berechnung der Organwalter-bPK benötigt -// if (!Constants.URN_PREFIX_BASEID.equals(this.params.getIdentificationType())) { -// Logger.error("Für eine Vertretung durch Organwalter ist es notwendig dessen Stammzahl an das Stammzahlenregister-Gateway zu �bermitteln. In der MOA-ID Konfiguration muss die �bermittlung Stammzahl aktiviert sein."); -// validationResult.setErrorMessage("Die standardisierte Vollmacht wird von diesem Server nicht akzeptiert."); -// return validationResult; -// } else { -// Logger.debug("Organwalter wird mit Stammzahl identifiziert"); -// } -// } else { -// if (Constants.URN_PREFIX_BASEID.equals(this.params.getIdentificationType())) { -// // bPK berechnen, da dem SZR-Gateway das Target nicht bekannt ist -// identificationType = Constants.URN_PREFIX_CDID; -// String bpkBase64 = new BPKBuilder().buildBPK(this.params.getIdentificationValue(), this.params.getTarget()); -// identificationValue = bpkBase64; -// Logger.debug("bPK für Parteienvertreter wurde berechnet. Parteienvertreter wird mit bPK identifiziert"); -// } else { -// Logger.debug("Parteienvertreter wird mit bPK identifiziert"); -// } -// } -// } -// -// Configure(this.params.getApplicationSpecificParams()); -// // check if we have a configured party representative for that -// if (!parepConfiguration.isPartyRepresentative(representationID)) { -// Logger.info("Kein berufsmäßiger Parteienvertreter für MandateID \"" + representationID + "\" konfiguriert."); -// validationResult.setErrorMessage("Die standardisierte Vollmacht wird von diesem Server nicht akzeptiert."); -// return validationResult; -// } -// -// // Vertreter -// this.request = new CreateMandateRequest(); -// request.setRepresentative(this.params, identificationType, identificationValue); -// // ParepUtils.serializeElement(request.getRepresentative(), System.out); -// //ParepUtils.saveElementToFile(request.getRepresentative(), new File("c:/representative.xml")); -// -// Logger.debug("Prüfe vorausgefüllte Daten..."); -// boolean physical = true; -// String familyName = ""; -// String givenName = ""; -// String dateOfBirth = ""; -// String cbFullName = ""; -// String cbIdentificationType = ""; -// String cbIdentificationValue = ""; -// String postalCode = ""; -// String municipality = ""; -// String streetName = ""; -// String buildingNumber = ""; -// String unit = ""; -// -// boolean formNecessary = false; -// // Vertretener (erstes Vorkommen) -// Element mandator = ParepUtils.extractMandator(mandate); -// if (mandator != null) { -// // ParepUtils.serializeElement(mandator, System.out); -// // ParepUtils.saveElementToFile(mandator, new File("c:/mandator.xml")); -// if (ParepUtils.isPhysicalPerson(mandator)) { -// familyName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()"); -// givenName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()"); -// dateOfBirth = ParepUtils.extractMandatorDateOfBirth(mandator); -// } else { -// physical = false; -// cbFullName = ParepUtils.extractMandatorFullName(mandator); -// cbIdentificationType = ParepUtils.getIdentification(mandator, "Type"); -// cbIdentificationValue = ParepUtils.extractMandatorWbpk(mandator); -// } -// postalCode = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:PostalCode/text()"); -// municipality = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:Municipality/text()"); -// streetName = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:StreetName/text()"); -// buildingNumber = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:BuildingNumber/text()"); -// unit = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:Unit/text()"); -// -// } -// if (physical) { -// if (!parepConfiguration.isRepresentingPhysicalParty(representationID)) { -// validationResult.setErrorMessage("Vertretung von natürlichen Personen für diese standardisierte Vollmacht nicht erlaubt."); -// return validationResult; -// } -// if (ParepUtils.isEmpty(familyName) || ParepUtils.isEmpty(givenName) || ParepUtils.isEmpty(dateOfBirth)) { -// formNecessary = true; -// } -// } else { -// if (!parepConfiguration.isRepresentingCorporateParty(representationID)) { -// validationResult.setErrorMessage("Vertretung von juristischen Personen für diese standardisierte Vollmacht nicht erlaubt."); -// return validationResult; -// } -// if (ParepUtils.isEmpty(cbFullName) || ParepUtils.isEmpty(cbIdentificationType) || ParepUtils.isEmpty(cbIdentificationValue)) { -// formNecessary = true; -// } -// } -// -// //Zeigen wir, dass die Daten �bernommen wurden: -// if (parepConfiguration.isAlwaysShowForm()) formNecessary=true; -// -// // Input processor -// this.form = ""; -// if (formNecessary) { -// ParepInputProcessor inputProcessor= getInputProcessor(); -// this.form = inputProcessor.start( -// physical, familyName, givenName, dateOfBirth, streetName, buildingNumber, unit, postalCode, municipality, -// cbFullName, cbIdentificationType, cbIdentificationValue); -// if (this.form == null) { -// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR); -// return validationResult; -// } -// } else { -// // Request vorbereiten mit vorgegebenen Daten -// request.setMandator(familyName, givenName, dateOfBirth, postalCode, municipality, streetName, buildingNumber, unit, physical, cbFullName, -// cbIdentificationType, cbIdentificationValue); -// } -// -// -// // ParepUtils.serializeElement(request.getMandator(), System.out); -// // ParepUtils.saveElementToFile(request.getMandator(), new File("c:/mandator.xml")); -// -// addAuthBlockExtendedSamlAttributes(); -// validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes()); -// Logger.debug("�berpr�fung der vertretenen Partei erfolgreich beendet"); -// validationResult.setValid(true); -// return validationResult; -// } catch (Exception e) { -// e.printStackTrace(); -// Logger.info(e); -// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR); -// return validationResult; -// } -// } -// -// /* -// * (non-Javadoc) -// * -// * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#validate(java.util.Map) -// */ -// public InfoboxValidationResult validate(Map parameters) throws ValidateException { -// -// InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null); -// Logger.debug("Intermediate processing von Organwalter-/berufsmäßige Parteienvertreterprüfung"); -// Logger.debug("Prüfe im Formular ausgefüllte Daten..."); -// if (PAREP_DEBUG) Logger.debug("Got parameters from user input form: " + parameters.toString()); -// -// // Input processor -// ParepInputProcessor inputProcessor= getInputProcessor(); -// this.form = inputProcessor.validate(parameters, null); -// if (this.form == null) { -// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR); -// return validationResult; -// } -// -// addAuthBlockExtendedSamlAttributes(); -// validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes()); -// validationResult.setValid(true); -// Logger.debug("Intermediate processing von Organwalter-/berufsmäßige Parteienvertreterprüfung erfolgreich beendet"); -// return validationResult; -// } -// -// /* -// * (non-Javadoc) -// * -// * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#validate(org.w3c.dom.Element) -// */ -// public InfoboxValidationResult validate(Element samlAssertion) throws ValidateException { -// -// InfoboxValidationResultImpl validationResult = new InfoboxValidationResultImpl(false, null, null); -// Logger.debug("Post processing von Organwalter-/berufsm��ige Parteienvertreterpr�fung"); -// this.form = ""; -// try { -// -// -// request.setSignature(samlAssertion); -// -////DPO debug -//// Element mandate = (ParepUtils.readDocFromIs(new FileInputStream("c:/vertetervollmacht_1.2.40.0.10.3.1_origin-fixed.xml"))).getDocumentElement(); -//// String id = representationID; -//// CreateMandateResponse response; -//// if (true) { -//// if (this.params.getHideStammzahl()) { -//// if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +"_origin.xml")); -//// // Achtung: Es wird hier nicht spezifikationskonform vorgegangen, damit im Kompatibilit�tsmodus Personendaten ersetzt werden k�nnen. -//// // W�rden die Stammzahlen gel�scht (geblindet) werden, w�rde der Identifikationswert des Vertretenen g�nzlich fehlen. -//// // Im Falle einen business Anwendung berechnet MOA-ID nach R�ckkehr das wbPK -//// ParepUtils.HideStammZahlen(mandate, this.params.getBusinessApplication(), this.params.getTarget(), this.params.getDomainIdentifier(), false); -//// } -//// if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +".xml")); -// -// //ParepUtils.serializeElement(request.toElement(), System.out); -// if (PAREP_DEBUG) ParepUtils.saveElementToFile(request.toElement(), new File("c:/gwrequest.xml")); -// -// // configure szrgw client -// Logger.debug("Lade SZR-GW Client."); -// SZRGWClient client = new SZRGWClient(); -// // System.out.println("Parameters: " + cfg.getConnectionParameters()); -// Logger.debug("Initialisiere Verbindung..."); -// ConnectionParameter connectionParameters = parepConfiguration.getConnectionParameters(representationID); -// // Logger.debug("Connection Parameters: " + connectionParameters); -// Logger.debug("SZR-GW URL: " + connectionParameters.getUrl()); -// client.setAddress(connectionParameters.getUrl()); -// if (connectionParameters.getUrl().toLowerCase().startsWith("https:")) { -// Logger.debug("Initialisiere SSL Verbindung"); -// client.setSSLSocketFactory(SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters)); -// } -// -// Logger.debug("Starte Kommunikation mit dem Stammzahlenregister Gateway..."); -// CreateMandateResponse response; -// Element requ = request.toElement(); -// try { -// response = client.createMandateResponse(requ); -// } catch (SZRGWClientException e) { -// // give him a second try - Nach dem Starten des Tomcat wird beim ersten Mal das Client-Zertifikat offenbar vom HTTPClient nicht mitgeschickt. -// client = new SZRGWClient(connectionParameters.getUrl()); -// if (connectionParameters.getUrl().toLowerCase().startsWith("https:")) client.setSSLSocketFactory(SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters)); -// response = client.createMandateResponse(requ); -// } -// Logger.debug("SZR-Gateway Response Code: " + response.getResultCode()+ " " + response.getInfo()!=null ? response.getInfo():""); -// if (response.getResultCode()==2000) { -// if(response.getMandate()==null) { -// Logger.error("Keine Vollmacht vom SZR-Gateway erhalten"); -// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR); -// return validationResult; -// } -// -// -// //DPO debug output (2lines) -// String id = representationID; -// if (id.equals("*")) id="standardisiert"; -// -// Element mandate = response.getMandate(); -// // Replace Stammzahlen -// if (PAREP_DEBUG) ParepUtils.saveElementToFile(response.getMandate(), new File("c:/vertetervollmacht_"+ id +"_origin.xml")); -// if (this.params.getHideStammzahl()) { -// ParepUtils.HideStammZahlen(mandate, this.params.getBusinessApplication(), this.params.getTarget(), this.params.getDomainIdentifier(), false); -// if (PAREP_DEBUG) ParepUtils.saveElementToFile(mandate, new File("c:/vertetervollmacht_"+ id +"_hideStammzahl.xml")); -// } -// -// extendedSamlAttributes.clear(); -// // Vollmacht -// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_RAW, mandate, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); -// -// validationResult.setExtendedSamlAttributes(getExtendedSamlAttributes()); -// validationResult.setValid(true); -// Logger.debug("Post processing von Organwalter-/berufsm��ige Parteienvertreterpr�fung erfolgreich beendet"); -// } else { -// String errorMsg = "Fehler " + response.getResultCode() + " bei Stammzahlenregister-Gateway Anfrage"; -// String responseInfo = response.getInfo(); -// if (response.getResultCode()>=4000 && response.getResultCode()<4999) { -// if (!ParepUtils.isEmpty(responseInfo)) errorMsg = errorMsg + ": " + responseInfo; -// validationResult.setErrorMessage(errorMsg); -// } else if (response.getResultCode()>=5000 && response.getResultCode()<=5999) { -// // Person not found -// ParepInputProcessor inputProcessor= getInputProcessor(); -// switch (response.getResultCode()) { -// case 5230: -// errorMsg = "Keine mit den Eingaben übereinstimmende Person vorhanden. Bitte ergänzen/ändern Sie ihre Angaben."; -// break; -// case 5231: -// errorMsg = "Die Person konnte nicht eindeutig identifiziert werden. Es existieren mehrere Personen zu Ihrer Suchanfrage. Bitte ergänzen/ändern Sie ihre Angaben."; -// break; -// default: -// if (!ParepUtils.isEmpty(responseInfo)) errorMsg = errorMsg + ": " + responseInfo; -// } -// this.form = inputProcessor.validate(generateParameters(), errorMsg); -// if (this.form == null) { -// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR); -// return validationResult; -// } -// validationResult.setValid(true); -// } else { -// // Do not inform the user too much -// Logger.error(errorMsg); -// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR); -// } -// -// } -// return validationResult; -// } catch (Exception e) { -// e.printStackTrace(); -// Logger.info(e); -// validationResult.setErrorMessage(ParepValidator.COMMON_ERROR); -// return validationResult; -// } -// } -// -// /** -// * provides the primary infobox token of the given list. -// * -// * @param infoBoxTokens -// * the list of infobox tokens. -// * @return -// * the XML element of the primary token. -// * @throws ValidateException -// * if an error occurs or list is not suitable. -// */ -// public static Element extractPrimaryToken(List infoBoxTokens) throws ValidateException { -// if (infoBoxTokens == null || infoBoxTokens.size() == 0) { -// throw new ValidateException("validator.62", null); -// } -// for (int i = 0; i < infoBoxTokens.size(); i++) { -// InfoboxToken token = (InfoboxToken) infoBoxTokens.get(i); -// if (token.isPrimary()) { -// return token.getXMLToken(); -// } -// } -// throw new ValidateException("validator.62", null); -// } -// -// /* -// * @see at.gv.egovernment.moa.id.auth.validator.InfoboxValidator#getExtendedSamlAttributes() -// */ -// public ExtendedSAMLAttribute[] getExtendedSamlAttributes() { -// ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes.size()]; -// extendedSamlAttributes.copyInto(ret); -// Logger.debug("ParepValidator ExtendedSAML Attributes: " + ret.length); -// return ret; -// } -// -// -// /** -// * @return The next pending user input form, which is "" if no form is to be shown, and null on errors. -// */ -// public String getForm() { -// return this.form; -// } -// -// /** -// * Gets the user form input processor (class) assigned to the current party representative -// * If the method is called for the first time it initializes the input processor. -// * -// * @return The user form input processor -// */ -// private ParepInputProcessor getInputProcessor() { -// -// if (this.inputProcessor!=null) return inputProcessor; -// String inputProcessorName = parepConfiguration.getInputProcessorClass(representationID); -// ParepInputProcessor inputProcessor = null; -// try { -// Class inputProcessorClass = Class.forName(inputProcessorName); -// inputProcessor= (ParepInputProcessor) inputProcessorClass.newInstance(); -// inputProcessor.initialize(representationID, parepConfiguration, this.params.getFamilyName(), this.params.getGivenName(), this.params.getDateOfBirth(), request); -// } catch (Exception e) { -// Logger.error("Could not load input processor class \"" + inputProcessorName + "\": " + e.getMessage()); -// } -// this.inputProcessor = inputProcessor; -// return inputProcessor; -// } -// -// /** -// * Generates the parameter list, which is needed to simulate a return from -// * an user form. -// * -// * @return the form parameters -// */ -// private Map generateParameters() { -// Map parameters = new HashMap(); -// boolean physical = true; -// String familyName = ""; -// String givenName = ""; -// String dateOfBirth = ""; -// String cbFullName = ""; -// String cbIdentificationType = ""; -// String cbIdentificationValue = ""; -// String postalCode = ""; -// String municipality = ""; -// String streetName = ""; -// String buildingNumber = ""; -// String unit = ""; -// -// try { -// // Vertretener (erstes Vorkommen) -// Element mandator = request.getMandator(); -// if (mandator != null) { -// if (ParepUtils.isPhysicalPerson(mandator)) { -// familyName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()"); -// givenName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()"); -// dateOfBirth = ParepUtils.extractMandatorDateOfBirth(mandator); -// } else { -// physical = false; -// cbFullName = ParepUtils.extractMandatorFullName(mandator); -// cbIdentificationType = ParepUtils.getIdentification(mandator, "Type"); -// cbIdentificationValue = ParepUtils.extractMandatorWbpk(mandator); -// } -// postalCode = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:PostalCode/text()"); -// municipality = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:Municipality/text()"); -// streetName = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:StreetName/text()"); -// buildingNumber = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:BuildingNumber/text()"); -// unit = ParepUtils.extractText(mandator, "descendant-or-self::pr:PostalAddress/pr:DeliveryAddress/pr:Unit/text()"); -// } -// } catch (Exception e) { -// Logger.error("Could not extract Mandator form SZR-gateway request"); -// } -// parameters.put("familyname_", familyName); -// parameters.put("givenname_", givenName); -// parameters.put("dateofbirth_", dateOfBirth); -// parameters.put("dobyear_", dateOfBirth.substring(0,4)); -// parameters.put("dobmonth_", dateOfBirth.substring(5,7)); -// parameters.put("dobday_", dateOfBirth.substring(8,10)); -// parameters.put("physical_", physical ? "true" : "false"); -// parameters.put("fullname_", cbFullName); -// parameters.put("cbidentificationtype_", cbIdentificationType); -// parameters.put("cbidentificationvalue_", cbIdentificationValue); -// parameters.put("postalcode_", postalCode); -// parameters.put("municipality_", municipality); -// parameters.put("streetname_", streetName); -// parameters.put("buildingnumber_", buildingNumber); -// parameters.put("unit_", unit); -// return parameters; -// } -// -// /** -// * Adds the AUTH block related SAML attributes to the validation result. -// * This is needed always before the AUTH block is to be signed, because the -// * name of the mandator has to be set -// */ -// private void addAuthBlockExtendedSamlAttributes() { -// extendedSamlAttributes.clear(); -// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_REPRESENTATIONTYPE, parepConfiguration.getRepresentationText(representationID), SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); -// Element mandator = request.getMandator(); -// // Name -// String name = ParepUtils.extractMandatorName(mandator); -// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_NAME, name, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); -// // Geburtsdatum -// String dob = ParepUtils.extractMandatorDateOfBirth(mandator); -// if (dob != null && !"".equals(dob)) { -// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_DOB, dob, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); -// } -// // (w)bpk -// String wbpk = ParepUtils.extractMandatorWbpk(mandator); -// if (!ParepUtils.isEmpty(wbpk)) { -// if (!ParepUtils.isPhysicalPerson(mandator)){ -// String idType = ParepUtils.extractMandatorIdentificationType(mandator); -// if (!ParepUtils.isEmpty(idType) && idType.startsWith(Constants.URN_PREFIX_BASEID + "+X")) { -// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_CB_BASE_ID, ParepUtils.getRegisterString(idType) + ": " + wbpk, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); -// } -// } else if (this.params.getBusinessApplication()) { -// extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_WBPK, wbpk, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); -// } -// } -// } -// -//// public static void main(String[] args) throws Exception { -//// } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/PartyRepresentative.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/PartyRepresentative.java deleted file mode 100644 index fc845f579..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/PartyRepresentative.java +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -/** - * - */ -package at.gv.egovernment.moa.id.auth.validator.parep; - -import at.gv.egovernment.moa.id.config.ConnectionParameter; - -/** - * @author Peter Danner - * - */ -public class PartyRepresentative { - - /** Object Identifier **/ - private String oid; - - private boolean representPhysicalParty; - - private boolean representCorporateParty; - - /** - * Text for representation description in SAML Assertion (Auth-Block) - * */ - private String representationText; - - /** - * SZR-GW connection parameters. - */ - private ConnectionParameter connectionParameters = null; - - private String inputProcessorClass = null; - private String inputProcessorTemplate = null; - - /** - * Constructor - */ -public PartyRepresentative() { - this.oid = null; - this.representPhysicalParty = false; - this.representCorporateParty = false; - this.connectionParameters = null; - this.representationText = null; -} - -/** - * Constructor - */ - public PartyRepresentative(boolean representPhysicalParty, boolean representCorporateParty) { - this.oid = null; - this.representPhysicalParty = representPhysicalParty; - this.representCorporateParty = representCorporateParty; - this.connectionParameters = null; - this.representationText = null; - this.inputProcessorClass = null; - this.inputProcessorTemplate = null; - } - - /** - * @return the oid - */ - public String getOid() { - return oid; - } - - /** - * @param oid the oid to set - */ - public void setOid(String oid) { - this.oid = oid; - } - - /** - * @return the representPhysicalParty - */ - public boolean isRepresentingPhysicalParty() { - return representPhysicalParty; - } - - /** - * @param representPhysicalParty the representPhysicalParty to set - */ - public void setRepresentingPhysicalParty(boolean representPhysicalParty) { - this.representPhysicalParty = representPhysicalParty; - } - - /** - * @return the representCorporateParty - */ - public boolean isRepresentingCorporateParty() { - return representCorporateParty; - } - - /** - * @param representCorporateParty the representCorporateParty to set - */ - public void setRepresentingCorporateParty(boolean representCorporateParty) { - this.representCorporateParty = representCorporateParty; - } - - /** - * @return the connectionParameters - */ - public ConnectionParameter getConnectionParameters() { - return connectionParameters; - } - - /** - * @param connectionParameters the connectionParameters to set - */ - public void setConnectionParameters(ConnectionParameter connectionParameters) { - this.connectionParameters = connectionParameters; - } - - - /** - * @return the representationText - */ - public String getRepresentationText() { - return representationText; - } - - - /** - * @param representationText the representationText to set - */ - public void setRepresentationText(String representationText) { - this.representationText = representationText; - } - - /** - * @return the inputProcessorClass - */ - public String getInputProcessorClass() { - return inputProcessorClass; - } - - /** - * @param inputProcessorClass the inputProcessorClass to set - */ - public void setInputProcessorClass(String inputProcessorClass) { - this.inputProcessorClass = inputProcessorClass; - } - - /** - * @return the inputProcessorTemplate - */ - public String getInputProcessorTemplate() { - return inputProcessorTemplate; - } - - /** - * @param inputProcessorTemplate the inputProcessorTemplate to set - */ - public void setInputProcessorTemplate(String inputProcessorTemplate) { - this.inputProcessorTemplate = inputProcessorTemplate; - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateRequest.java deleted file mode 100644 index 53f786eb3..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/client/szrgw/CreateMandateRequest.java +++ /dev/null @@ -1,281 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw; - -import java.util.ArrayList; -import java.util.List; - -import org.apache.xpath.XPathAPI; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - -import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams; -import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.util.Constants; - -/** - * This class implements a detailed CreateMandateRequest that - * will be sent to SZR-gateway. - * - * @author Peter Danner - */ -public class CreateMandateRequest { - - /** - * The Request. - */ - private Document document; - - /** - * List of mandate representatives as XML element. - */ - private List representatives; - - /** - * The mandator. - */ - private Element mandator; - - /** - * The representative. - */ - private Element representative; - - /** - * The signature to verify by the SZR-gateway - */ - private Element signature; - - - - /** - * Creates the CreateMandateRequest element that will - * be sent to SZR-gateway - * - * @return the CreateMandateRequest element. - */ - public Element toElement() throws SZRGWClientException{ - - this.document = ParepUtils.createEmptyDocument(); - Element root = this.document.createElement(SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.CREATE_MANDATE_REQUEST); - root.setAttribute("xmlns" + SZRGWConstants.SZRGW_POSTFIX, SZRGWConstants.SZRGW_REQUEST_NS); - root.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); - if (this.representative!=null) root.appendChild(this.document.importNode(this.representative, true)); - if (this.mandator!=null) root.appendChild(this.document.importNode(this.mandator, true)); - if (this.signature!=null) root.appendChild(this.document.importNode(this.signature, true)); - - return root; - } - - /** - * Adds a representative. - * - * @param representative an XML representative to add. - */ - public void addRepresentative(Element representative) { - if (representatives == null) { - representatives = new ArrayList(); - } - representatives.add(representative); - } - - /** - * Gets the representative. - * - * @return the representative. - */ - public Element getRepresentative() { - return representative; - } - - /** - * Gets the mandator. - * - * @return the mandator. - */ - public Element getMandator() { - return mandator; - } - - /** - * Sets the mandator. - * - * @param mandator the mandator. - */ - public void setMandator(Element mandator) { - this.mandator = mandator; - } - - /** - * Sets the Mandator. - * - * @param familyName the family name of the mandator. - */ - public void setMandator(String familyName, String givenName, String dateOfBirth, - String postalCode, String municipality, String streetName, String buildingNumber, String unit, - boolean physical, String cbFullName, String cbIdentificationType, String cbIdentificationValue) throws SZRGWClientException { - - Document mandatorDocument = ParepUtils.createEmptyDocument(); - - Element mandatorElem = mandatorDocument.createElementNS(SZRGWConstants.SZRGW_REQUEST_NS, SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.MANDATOR); -// mandatorElem.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); -/// mandatorElem.setAttribute("xmlns" + SZRGWConstants.SZRGW_POSTFIX, SZRGWConstants.SZRGW_REQUEST_NS); - - if (physical) { - Element physicalPersonElem = mandatorDocument.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.PHYSICALPERSON); - physicalPersonElem.appendChild(createNameElem(mandatorDocument, givenName, familyName)); - physicalPersonElem.appendChild(createPersonDataElem(mandatorDocument, SZRGWConstants.DATEOFBIRTH, dateOfBirth)); - mandatorElem.appendChild(physicalPersonElem); - Element postalAddressElement = createPostalAddressElem(mandatorDocument, postalCode, municipality, streetName, buildingNumber, unit); - if (null!=postalAddressElement) mandatorElem.appendChild(postalAddressElement); - } else { - Element corporateBodyElem = mandatorDocument.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.CORPORATEBODY); - corporateBodyElem.appendChild(createIdentificationElem(mandatorDocument, cbIdentificationType, cbIdentificationValue)); - corporateBodyElem.appendChild(createPersonDataElem(mandatorDocument, SZRGWConstants.FULLNAME, cbFullName)); - mandatorElem.appendChild(corporateBodyElem); - } - - - this.mandator = mandatorElem; - } - - private Element createPersonDataElem(Document document, String elementName, String elementValue) { - Element elem = document.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + elementName); - Node value = document.createTextNode(elementValue); - elem.appendChild(value); - return elem; - } - - private Element createIdentificationElem(Document document, String identificationType, String identificationValue) { - Element identificationElem = document.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.IDENTIFICATION); - identificationElem.appendChild(createPersonDataElem(document, SZRGWConstants.VALUE, identificationValue)); - identificationElem.appendChild(createPersonDataElem(document, SZRGWConstants.TYPE, identificationType)); - return identificationElem; - } - private Element createNameElem(Document document, String givenName, String familyName) { - Element nameElem = document.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.NAME); - nameElem.appendChild(createPersonDataElem(document, SZRGWConstants.GIVENNAME, givenName)); - nameElem.appendChild(createPersonDataElem(document, SZRGWConstants.FAMILYNAME, familyName)); - return nameElem; - } - private Element createPostalAddressElem(Document document, String postalCode, String municipality, String streetName, String buildingNumber, String unit) { - - if (ParepUtils.isEmpty(postalCode) && ParepUtils.isEmpty(municipality) && ParepUtils.isEmpty(streetName) - && ParepUtils.isEmpty(buildingNumber) && ParepUtils.isEmpty(unit)) return null; - Element postalAddressElem = document.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.POSTALADDRESS); - - if (!ParepUtils.isEmpty(postalCode)) { - postalAddressElem.appendChild(createPersonDataElem(document, SZRGWConstants.POSTALCODE, postalCode)); - } - if (!ParepUtils.isEmpty(municipality)) { - postalAddressElem.appendChild(createPersonDataElem(document, SZRGWConstants.MUNICIPALITY, municipality)); - } - if (!ParepUtils.isEmpty(streetName) || !ParepUtils.isEmpty(buildingNumber) || !ParepUtils.isEmpty(unit)) { - Element deliveryAddressElem = document.createElementNS(Constants.PD_NS_URI, SZRGWConstants.PD_PREFIX + SZRGWConstants.DELIVERYADDRESS); - - if (!ParepUtils.isEmpty(streetName)) { - deliveryAddressElem.appendChild(createPersonDataElem(document, SZRGWConstants.STREETNAME, streetName)); - } - if (!ParepUtils.isEmpty(buildingNumber)) { - deliveryAddressElem.appendChild(createPersonDataElem(document, SZRGWConstants.BUILDINGNUMBER, buildingNumber)); - } - if (!ParepUtils.isEmpty(unit)) { - deliveryAddressElem.appendChild(createPersonDataElem(document, SZRGWConstants.UNIT, unit)); - } - postalAddressElem.appendChild(deliveryAddressElem); - } - return postalAddressElem; - } - - - - /** - * Sets the Representative. - * - * @param params InfoboxValidatorParams contain the data of the representative. - * @param identificationType the type of the identification of the representative (has to be urn:publicid:gv.at:cdid). - * @param identificationValue the identification value (bPK). - */ - public void setRepresentative(InfoboxValidatorParams params, String identificationType, String identificationValue) throws SZRGWClientException { - - Document representativeDocument = ParepUtils.createEmptyDocument(); - - Element representativeElem = representativeDocument.createElementNS(SZRGWConstants.SZRGW_REQUEST_NS, SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.REPRESENTATIVE); -// representativeElem.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); -// representativeElem.setAttribute("xmlns" + SZRGWConstants.SZRGW_POSTFIX, SZRGWConstants.SZRGW_REQUEST_NS); - - //Old Version 0.0.1 of SZR-Gateway -// representativeElem.appendChild(createIdentificationElem(representativeDocument, identificationType, identificationValue)); -// representativeElem.appendChild(createNameElem(representativeDocument, params.getGivenName(), params.getFamilyName())); -// representativeElem.appendChild(createPersonDataElem(representativeDocument, SZRGWConstants.DATEOFBIRTH, params.getDateOfBirth())); - - //New since version 0.0.2 of SZR-Gateway: - // we need to send an identity link and must replace its identification value - representativeElem.appendChild(representativeElem.getOwnerDocument().importNode(params.getIdentityLink(), true)); - try { - Element nameSpaceNode = representativeElem.getOwnerDocument().createElement("NameSpaceNode"); - nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, Constants.PD_NS_URI); - nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.SAML_POSTFIX, Constants.SAML_NS_URI); - nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.SZRGW_POSTFIX, SZRGWConstants.SZRGW_REQUEST_NS); - Node identificationValueNode = XPathAPI.selectSingleNode(representativeElem, "descendant-or-self::" + SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.REPRESENTATIVE + "/" +SZRGWConstants.SAML_PREFIX + "Assertion/saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person/pr:Identification/pr:Value/text()", nameSpaceNode); - if (identificationValueNode != null) { - identificationValueNode.setNodeValue(identificationValue); - } else { - throw new SZRGWClientException("validator.63", null); - } - Node identificationTypeNode = XPathAPI.selectSingleNode(representativeElem, "descendant-or-self::" + SZRGWConstants.SZRGW_PREFIX + SZRGWConstants.REPRESENTATIVE + "/" +SZRGWConstants.SAML_PREFIX + "Assertion/saml:AttributeStatement/saml:Subject/saml:SubjectConfirmation/saml:SubjectConfirmationData/pr:Person/pr:Identification/pr:Type/text()", nameSpaceNode); - if (identificationTypeNode != null) { - identificationTypeNode.setNodeValue(identificationType); - } else { - throw new SZRGWClientException("validator.63", null); - } - } catch (Exception e) { - throw new SZRGWClientException("validator.63", null); - } - this.representative = representativeElem; - } - - /** - * @return the signature - */ - public Element getSignature() { - return signature; - } - - /** - * @param signature the signature to set - */ - public void setSignature(Element signature) throws SZRGWClientException{ - Document signatureDocument = ParepUtils.createEmptyDocument(); - Element signatureElem = signatureDocument.createElementNS(SZRGWConstants.SZRGW_REQUEST_NS, SZRGWConstants.SZRGW_PREFIX + "Signature"); - //SZR-gateway takes the first Signature - //signatureElem.setAttribute("SignatureLocation", "//saml:Assertion/dsig:Signature"); - signatureElem.appendChild(signatureDocument.importNode(signature, true)); - this.signature = signatureElem; - } - - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/config/ParepConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/config/ParepConfiguration.java deleted file mode 100644 index ee5a57914..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/parep/config/ParepConfiguration.java +++ /dev/null @@ -1,436 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.auth.validator.parep.config; - -import java.io.File; -import java.io.FileInputStream; -import java.util.HashMap; - -import org.apache.xpath.XPathAPI; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -import at.gv.egovernment.moa.id.auth.validator.parep.ParepValidator; -import at.gv.egovernment.moa.id.auth.validator.parep.PartyRepresentative; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; -import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Constants; - -/** - * This class implements the Configuration. - * - * @author Peter Danner - */ -public class ParepConfiguration { - - - //TODO: check correctness!!!! - /** -// * System property for config file. -// */ -// public final static String PAREP_VALIDATOR_CONFIG = "parep.validator.config"; -// -// /** -// * SZR-GW connection parameters. -// */ -// private ConnectionParameter standardConnectionParameters; -// -// /** -// * Input field processor. -// */ -// private String standardInputProcessorClass; -// -// /** -// * Input field processor template. -// */ -// private String standardInputProcessorTemplate; -// -// /** -// * Configured party representatives. -// */ -// private HashMap partyRepresentatives; -// -// /** -// * The configuration element. -// */ -// private Element configElement = null; -// -// /** -// * Defines whether the user input form must be shown on each -// * request or not (also predefined mandates) -// */ -// private boolean alwaysShowForm = false; -// -// /** -// * The configuration base directory. -// */ -// private String baseDir_; -// -// /** -// * Gets the SZR-GW connection parameters. -// * -// * @return the connection parameters. -// */ -// public ConnectionParameter getConnectionParameters(String representationID) { -// if (partyRepresentatives == null || "*".equals(representationID)) -// return standardConnectionParameters; -// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID); -// ConnectionParameter connectionParameters = pr.getConnectionParameters(); -// if (connectionParameters==null) connectionParameters = standardConnectionParameters; -// return connectionParameters; -// } -// -// /** -// * Sets the SZR-GW connection parameters for standard connection. -// * -// * @param connectionParameters -// * the connection parameters. -// */ -// public void setStandardConnectionParameters(ConnectionParameter connectionParameters) { -// this.standardConnectionParameters = connectionParameters; -// } -// -// /* -// * -// */ -// public String getFullDirectoryName(String fileString) { -// return makeAbsoluteURL(fileString, baseDir_); -// } -// -// /* -// * -// */ -// private static String makeAbsoluteURL(String url, String root) { -// // if url is relative to rootConfigFileDirName make it absolute -// -// File keyFile; -// String newURL = url; -// -// if (null == url) -// return null; -// -// if (url.startsWith("http:/") || url.startsWith("https:/") || url.startsWith("ftp:/") || url.startsWith("file:/") || url.startsWith("file:\\")) { -// return url; -// } else { -// // check if absolute - if not make it absolute -// keyFile = new File(url); -// if (!keyFile.isAbsolute()) { -// keyFile = new File(root, url); -// newURL = keyFile.getPath(); -// } -// return newURL; -// } -// } -// -// /** -// * Initializes the configuration with a given XML configuration element found -// * in the MOA-ID configuration. -// * -// * @param configElem -// * the configuration element. -// * @throws ConfigurationException -// * if an error occurs initializing the configuration. -// */ -// public ParepConfiguration(Element configElem) throws ConfigurationException { -// -// partyRepresentatives = new HashMap(); -// partyRepresentatives.put("*", new PartyRepresentative(true, true)); -// -// String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); -// -// try { -// -// baseDir_ = (new File(fileName)).getParentFile().toURL().toString(); -// Logger.trace("Config base directory: " + baseDir_); -// // check for configuration in system properties -// if (System.getProperty(PAREP_VALIDATOR_CONFIG) != null) { -// Document doc = ParepUtils.readDocFromIs(new FileInputStream(System.getProperty(PAREP_VALIDATOR_CONFIG))); -// this.configElement = doc.getDocumentElement(); -// } else { -// this.configElement = configElem; -// } -// } catch (Exception e) { -// throw new ConfigurationException("Allgemeiner Fehler beim Einlesen der ParepValidatorConfiguration", null, e); -// } -// load(); -// } -// -// /* -// * -// */ -// private void load() throws ConfigurationException { -// Logger.debug("Parse ParepValidator Konfiguration"); -// try { -// Element nameSpaceNode = configElement.getOwnerDocument().createElement("NameSpaceNode"); -// nameSpaceNode.setAttribute("xmlns:" + Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI); -// // nameSpaceNode.setAttribute("xmlns:sgw", -// // SZRGWConstants.SZRGW_PROFILE_NS); -// -// Node inputProcessorNode = XPathAPI.selectSingleNode(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentation/" -// + Constants.MOA_ID_CONFIG_PREFIX + ":InputProcessor", nameSpaceNode); -// if (inputProcessorNode != null) { -// this.standardInputProcessorTemplate = ((Element) inputProcessorNode).getAttribute("template"); -// Node inputProcessorClassNode = XPathAPI.selectSingleNode(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentation/" -// + Constants.MOA_ID_CONFIG_PREFIX + ":InputProcessor/text()", nameSpaceNode); -// if (inputProcessorClassNode != null) { -// this.standardInputProcessorClass = inputProcessorClassNode.getNodeValue(); -// } -// } -// Node alwaysShowFormNode = XPathAPI.selectSingleNode(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentation/" -// + Constants.MOA_ID_CONFIG_PREFIX + ":AlwaysShowForm/text()", nameSpaceNode); -// if (alwaysShowFormNode != null) { -// this.setAlwaysShowForm(alwaysShowFormNode.getNodeValue()); -// } -// -// // load connection parameters -// Logger.debug("Lade SZR-Gateway Standard Verbindungsparameter"); -// Element connectionParamElement = (Element) XPathAPI.selectSingleNode(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentation/" -// + Constants.MOA_ID_CONFIG_PREFIX + ":ConnectionParameter", nameSpaceNode); -// if (connectionParamElement != null) { -// // parse connection parameters -// // ParepUtils.serializeElement(connectionParamElement, System.out); -// this.standardConnectionParameters = buildConnectionParameter(connectionParamElement, nameSpaceNode); -// } -// -// Logger.trace("Lade Konfiguration der Parteienvertreter"); -// NodeList partyRepresentativeNodeList = XPathAPI.selectNodeList(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentation/" -// + Constants.MOA_ID_CONFIG_PREFIX + ":PartyRepresentative", nameSpaceNode); -// for (int i = 0; i < partyRepresentativeNodeList.getLength(); i++) { -// -// PartyRepresentative partyRepresentative = new PartyRepresentative(); -// -// Element partyRepresentativeElement = (Element) partyRepresentativeNodeList.item(i); -// boolean representPhysicalParty = partyRepresentativeElement.getAttribute("representPhysicalParty").equalsIgnoreCase("true") ? true : false; -// boolean representCorporateParty = partyRepresentativeElement.getAttribute("representCorporateParty").equalsIgnoreCase("true") ? true : false; -// partyRepresentative.setOid(partyRepresentativeElement.getAttribute("oid")); -// partyRepresentative.setRepresentingPhysicalParty(representPhysicalParty); -// partyRepresentative.setRepresentingCorporateParty(representCorporateParty); -// partyRepresentative.setRepresentationText(partyRepresentativeElement.getAttribute("representationText")); -// -// Node inputProcessorSubNode = XPathAPI.selectSingleNode(partyRepresentativeElement, Constants.MOA_ID_CONFIG_PREFIX + ":InputProcessor", nameSpaceNode); -// if (inputProcessorSubNode != null) { -// partyRepresentative.setInputProcessorTemplate(((Element) inputProcessorSubNode).getAttribute("template")); -// Node inputProcessorClassSubNode = XPathAPI.selectSingleNode(partyRepresentativeElement, Constants.MOA_ID_CONFIG_PREFIX -// + ":InputProcessor/text()", nameSpaceNode); -// if (inputProcessorClassSubNode != null) { -// partyRepresentative.setInputProcessorClass(inputProcessorClassSubNode.getNodeValue()); -// } -// } -// -// Element connectionParamSubElement = (Element) XPathAPI.selectSingleNode(partyRepresentativeElement, Constants.MOA_ID_CONFIG_PREFIX -// + ":ConnectionParameter", nameSpaceNode); -// if (connectionParamSubElement == null) { -// if (this.standardConnectionParameters == null) { -// throw new ConfigurationException("Fehler beim Parsen der ParepValidatorConfiguration: SZR-GW Verbindungsparameter zu Parteienvetreter " -// + partyRepresentative.getOid() + " fehlen.", null, null); -// } -// } else { -// // parse connection parameters -// // ParepUtils.serializeElement(connectionParamSubElement, System.out); -// partyRepresentative.setConnectionParameters(buildConnectionParameter(connectionParamSubElement, nameSpaceNode)); -// } -// partyRepresentatives.put(partyRepresentative.getOid(), partyRepresentative); -// Logger.debug("Parteienvertreter: " + partyRepresentative.getOid() + " erfolgreich konfiguriert (representPhysicalParty=" -// + partyRepresentative.isRepresentingPhysicalParty() + ", representCorporateParty=" + partyRepresentative.isRepresentingCorporateParty() -// + ", representationText=" + partyRepresentative.getRepresentationText() -// + ")"); -// } -// -// Logger.debug("ParepValidator Konfiguration erfolgreich geparst."); -// } catch (Exception e) { -// throw new ConfigurationException("Allgemeiner Fehler beim Parsen der MandateValidatorConfiguration", null, e); -// } -// } -// -// /* -// * -// */ -// private ConnectionParameter buildConnectionParameter(Element connParamElement, Element nameSpaceNode) throws ConfigurationException { -// try { -// ConnectionParameter connectionParameter = new ConnectionParameter(); -// -// // parse connection url -// String URL = connParamElement.getAttribute("URL"); -// connectionParameter.setUrl(URL); -// -// // accepted server certificates -// Node accServerCertsNode = XPathAPI.selectSingleNode(connParamElement, Constants.MOA_ID_CONFIG_PREFIX + ":AcceptedServerCertificates/text()", -// nameSpaceNode); -// if (accServerCertsNode != null) { -// -// String serverCertsDir = getFullDirectoryName(accServerCertsNode.getNodeValue()); -// Logger.debug("Full directory name of accepted server certificates: " + serverCertsDir); -// connectionParameter.setAcceptedServerCertificates(serverCertsDir); -// } -// -// // client key store -// Node clientKeyStoreNode = XPathAPI.selectSingleNode(connParamElement, Constants.MOA_ID_CONFIG_PREFIX + ":ClientKeyStore/text()", nameSpaceNode); -// if (clientKeyStoreNode != null) { -// String clientKeystore = getFullDirectoryName(clientKeyStoreNode.getNodeValue()); -// connectionParameter.setClientKeyStore(clientKeystore); -// } -// -// // client key store password -// Node clientKeyStorePasswordNode = XPathAPI.selectSingleNode(connParamElement, Constants.MOA_ID_CONFIG_PREFIX + ":ClientKeyStore/@password", -// nameSpaceNode); -// if (clientKeyStorePasswordNode != null) { -// connectionParameter.setClientKeyStorePassword(clientKeyStorePasswordNode.getNodeValue()); -// } -// -// return connectionParameter; -// } catch (Exception e) { -// throw new ConfigurationException("Allgemeiner Fehler beim Parsen der ParepValidator ConnectionParameter.", null, e); -// } -// } -// -// public boolean isPartyRepresentative(String representationID) { -// if (partyRepresentatives == null) -// return false; -// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID); -// return pr != null; -// } -// -// public boolean isRepresentingCorporateParty(String representationID) { -// if (partyRepresentatives == null) return false; -// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID); -// if (pr == null) return false; -// return pr.isRepresentingCorporateParty(); -// } -// -// public boolean isRepresentingPhysicalParty(String representationID) { -// if (partyRepresentatives == null) return false; -// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID); -// if (pr == null) return false; -// return pr.isRepresentingPhysicalParty(); -// } -// -// public String getRepresentationText(String representationID) { -// String result = ParepValidator.STANDARD_REPRESENTATION_TEXT; -// if (partyRepresentatives != null) { -// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID); -// if (pr != null) { -// if (!ParepUtils.isEmpty(pr.getRepresentationText())) result = pr.getRepresentationText(); -// } -// } -// return result; -// } -// -// /** -// * @return the input processor classname corresponding to representationID -// * @param representationID -// * the representation ID. -// */ -// public String getInputProcessorClass(String representationID) { -// String inputProcessorClass = standardInputProcessorClass; -// if (ParepUtils.isEmpty(inputProcessorClass)) inputProcessorClass = ParepValidator.PAREP_INPUT_PROCESSOR; -// if (!(partyRepresentatives == null || "*".equals(representationID))) { -// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID); -// if (pr!=null) { -// String prInputProcessorClass = pr.getInputProcessorClass(); -// if (!ParepUtils.isEmpty(prInputProcessorClass)) inputProcessorClass = prInputProcessorClass; -// } -// } -// return inputProcessorClass; -// } -// -// /** -// * @param standardInputProcessorClass the standardInputProcessorClass to set -// */ -// public void setStandardInputProcessorClass(String standardInputProcessorClass) { -// this.standardInputProcessorClass = standardInputProcessorClass; -// } -// -// /** -// * @return the InputProcessorTemplate -// */ -// public String getInputProcessorTemplate(String representationID) { -// String inputProcessorTemplate = standardInputProcessorTemplate; -// if (ParepUtils.isEmpty(inputProcessorTemplate)) inputProcessorTemplate = ParepValidator.PAREP_INPUT_TEMPLATE; -// if (!(partyRepresentatives == null || "*".equals(representationID))) { -// PartyRepresentative pr = (PartyRepresentative) partyRepresentatives.get(representationID); -// if (pr!=null) { -// String prInputProcessorTemplate = pr.getInputProcessorTemplate(); -// if (!ParepUtils.isEmpty(prInputProcessorTemplate)) inputProcessorTemplate = prInputProcessorTemplate; -// } -// } -// return inputProcessorTemplate; -// } -// -// /** -// * @param standardInputProcessorTemplate the standardInputProcessorTemplate to set -// */ -// public void setStandardInputProcessorTemplate(String standardInputProcessorTemplate) { -// this.standardInputProcessorTemplate = standardInputProcessorTemplate; -// } -// -// /** -// * @return the alwaysShowForm -// */ -// public boolean isAlwaysShowForm() { -// return alwaysShowForm; -// } -// -// /** -// * @param alwaysShowForm the alwaysShowForm to set -// */ -// public void setAlwaysShowForm(String alwaysShowForm) { -// if (ParepUtils.isEmpty(alwaysShowForm)) { -// this.alwaysShowForm = false; -// } else { -// this.alwaysShowForm = alwaysShowForm.equalsIgnoreCase("true"); -// } -// } -// -// public static boolean isMandateCompatibilityMode(Element configElement) throws ConfigurationException { -// try { -// if (configElement==null) return false; -// Element nameSpaceNode = configElement.getOwnerDocument().createElement("NameSpaceNode"); -// nameSpaceNode.setAttribute("xmlns:" + Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI); -// Node mandateCompatibilityNode = XPathAPI.selectSingleNode(configElement, Constants.MOA_ID_CONFIG_PREFIX + ":CompatibilityMode/text()", nameSpaceNode); -// if (mandateCompatibilityNode != null && !ParepUtils.isEmpty(mandateCompatibilityNode.getNodeValue())) { -// return mandateCompatibilityNode.getNodeValue().equalsIgnoreCase("true"); -// } -// return false; -// } catch (Exception e) { -// throw new ConfigurationException("Allgemeiner Fehler beim Parsen des CompatibilityMode Parameters.", null, e); -// } -// -// } -// -// -//// public static void main(String[] args) throws Exception { -//// System.setProperty(PAREP_VALIDATOR_CONFIG, "c:/Doku/work/Organwalter/ConfigurationSnippetAppSpecific.xml"); -//// System.setProperty("moa.id.configuration", "c:/workspace33moa/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/moa-id/SampleMOAWIDConfiguration_withTestBKsProxy.xml"); -//// System.setProperty("log4j.configuration", "file:c:/workspace33moa/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/moa-id/log4j.properties"); -//// Configuration cfg = new Configuration(null); -//// System.out.println(cfg.getInputProcessorClass("1.2.40.0.10.3.110")); -////} - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java index bf4952113..384c59486 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationProvider.java @@ -72,7 +72,7 @@ public class ConfigurationProvider { * configuration name (a String) to a configuration value (also a * String). */ - protected Map genericConfiguration; + protected Map genericConfiguration; /** The default chaining mode. */ protected String defaultChainingMode; @@ -112,7 +112,7 @@ public class ConfigurationProvider { * @return The mapping of generic configuration properties (a name to value * mapping) from the configuration. */ - public Map getGenericConfiguration() { + public Map getGenericConfiguration() { return genericConfiguration; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/TargetToSectorNameMapper.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/TargetToSectorNameMapper.java index e515152dd..59a24ebf6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/TargetToSectorNameMapper.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/TargetToSectorNameMapper.java @@ -36,7 +36,7 @@ import java.util.Map; */ public class TargetToSectorNameMapper implements TargetsAndSectorNames { - private static Map targetMap = new HashMap(41); + private static Map targetMap = new HashMap(41); static { targetMap.put(TARGET_AR, TARGET_AR_SECTOR); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java index e351cfa7d..53052df96 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigLoader.java @@ -1,11 +1,7 @@ package at.gv.egovernment.moa.id.config.auth; -import iaik.util.logging.Log; - import java.util.Date; -import org.bouncycastle.asn1.pkcs.Pfx; - import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java index 31acee7ba..304771edf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java @@ -110,8 +110,8 @@ import eu.stork.vidp.messages.common.STORKBootstrap; */ public class AuthConfigurationProvider extends ConfigurationProvider { - /** DEFAULT_ENCODING is "UTF-8" */ - private static final String DEFAULT_ENCODING="UTF-8"; +// /** DEFAULT_ENCODING is "UTF-8" */ +// private static final String DEFAULT_ENCODING="UTF-8"; /** * The name of the generic configuration property giving the authentication session time out. */ @@ -927,7 +927,7 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return Boolean.valueOf(prop); } - public String getTestIdentityLinkURL() { + public String getMonitoringTestIdentityLinkURL() { String prop = props.getProperty("configuration.monitoring.test.identitylink.url"); if (MiscUtil.isNotEmpty(prop)) return prop; @@ -935,6 +935,14 @@ public class AuthConfigurationProvider extends ConfigurationProvider { return null; } + public String getMonitoringMessageSuccess() { + String prop = props.getProperty("configuration.monitoring.message.success"); + if (MiscUtil.isNotEmpty(prop)) + return prop; + else + return null; + } + public boolean isAdvancedLoggingActive() { String prop = props.getProperty("configuration.advancedlogging.active", "false"); return Boolean.valueOf(prop); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java deleted file mode 100644 index 41d4d4fae..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameter.java +++ /dev/null @@ -1,411 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.auth; - -import java.io.IOException; -import java.util.Iterator; -import java.util.List; - -import javax.xml.transform.TransformerException; - -import org.apache.xpath.XPathAPI; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; - -import at.gv.egovernment.moa.id.auth.data.Schema; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.StringUtils; - -/** - * This class is a container for parameters that maybe needed for verifying an infobox. - * - * @author Harald Bratko - */ -public class VerifyInfoboxParameter { - - /** - * The default package name (first part) of a infobox validator class. - */ - public static final String DEFAULT_PACKAGE_TRUNK = "at.gv.egovernment.moa.id.auth.validator."; - - /** - * The identifier of the infobox to be verified. This identifier must exactly the - * identifier of the infobox returned by BKU. - */ - protected String identifier_; - - /** - * The friendly name of the infobox. - * This name is used within browser messages, thus it should be the german equivalent of - * the {@link #identifier_ infobox identifier} (e.g. "Stellvertretungen" - * for "Mandates" or "GDAToken" for - * "EHSPToken". - *
If not specified within the config file the {@link #identifier_ infobox identifier} - * will be used. - */ - protected String friendlyName_; - - /** - * The Id of the TrustProfile to be used for validating certificates. - */ - protected String trustProfileID_; - - /** - * The full name of the class to be used for verifying the infobox. - */ - protected String validatorClassName_; - - /** - * Schema location URIs that may be needed by the - * validator to parse infobox tokens. - * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} - * specifying the location of an XML schema. - */ - protected List schemaLocations_; - - /** - * Application specific parameters that may be needed for verifying an infobox. - */ - protected Element applicationSpecificParams_; - - /** - * Specifies if the infobox is be required to be returned by the BKU. - */ - protected boolean required_; - - /** - * Specifies whether the Stammzahl should be passed to the verifying - * application or not. - */ - protected boolean provideStammzahl_; - - /** - * Specifies whether the identity link should be passed to the verifying - * application or not. - */ - protected boolean provideIdentityLink_; - - /** - * Initializes this VerifiyInfoboxParamater with the given identifier and a default - * validator class name. - * - * @param identifier The identifier of the infobox to be verified. - */ - public VerifyInfoboxParameter(String identifier) { - identifier_ = identifier; - StringBuffer sb = new StringBuffer(DEFAULT_PACKAGE_TRUNK); - sb.append(identifier.toLowerCase()); - sb.append("."); - sb.append(identifier.substring(0, 1).toUpperCase()); - sb.append(identifier.substring(1)); - sb.append("Validator"); - validatorClassName_ = sb.toString(); - } - - /** - * Returns application specific parameters. - * Each child element of this element contains a verifying application specific parameter. {@link #applicationSpecificParams_} - * - * @see #applicationSpecificParams_ - * - * @return Application specific parameters. - */ - public Element getApplicationSpecificParams() { - return applicationSpecificParams_; - } - - /** - * Sets the application specific parameters. - * - * @see #applicationSpecificParams_ - * - * @param applicationSpecificParams The application specific parameters to set. - */ - public void setApplicationSpecificParams(Element applicationSpecificParams) { - applicationSpecificParams_ = applicationSpecificParams; - } - - /** - * Appends special application specific parameters for party representation. - * - * @param applicationSpecificParams The application specific parameters for party representation to set. - */ - public void appendParepSpecificParams(Element applicationSpecificParams) { - try { - if (applicationSpecificParams_==null) { - applicationSpecificParams_ = applicationSpecificParams.getOwnerDocument().createElement("ApplicationSpecificParameters"); - } - Element nameSpaceNode = applicationSpecificParams.getOwnerDocument().createElement("NameSpaceNode"); - nameSpaceNode.setAttribute("xmlns:" + Constants.MOA_ID_CONFIG_PREFIX, Constants.MOA_ID_CONFIG_NS_URI); - NodeList nodeList = XPathAPI.selectNodeList(applicationSpecificParams, "*", nameSpaceNode); - if (null!=nodeList) { - for (int i=0; iTrue if the identity link should be passed to the verifying - * application, otherwise false. - */ - public boolean getProvideIdentityLink() { - return provideIdentityLink_; - } - - /** - * Sets the {@link #provideIdentityLink_} parameter. - * - * @param provideIdentityLink True if the identity link should be passed to - * the verifying application, otherwise false. - */ - public void setProvideIdentityLink(boolean provideIdentityLink) { - provideIdentityLink_ = provideIdentityLink; - } - - /** - * Specifies whether the Stammzahl should be passed to the verifying - * application or not. - * - * @return True if the Stammzahl should be passed to the - * verifying application, otherwise false. - */ - public boolean getProvideStammzahl() { - return provideStammzahl_; - } - - /** - * Sets the {@link #provideStammzahl_} parameter. - * - * @param provideStammzahl True if the Stammzahl should be - * passed to the verifying application, otherwise false. - */ - public void setProvideStammzahl(boolean provideStammzahl) { - provideStammzahl_ = provideStammzahl; - } - - /** - * Specifies whether the infobox is required or not. - * - * @return True if the infobox is required to be returned by the BKU, - * otherwise false. - */ - public boolean isRequired() { - return required_; - } - - /** - * Sets the {@link #required_} parameter. - * - * @param required True if the infobox is required to be returned by the - * BKU, otherwise false. - */ - public void setRequired(boolean required) { - required_ = required; - } - - /** - * Schema location URIs that may be needed by the - * validator to parse infobox tokens. - * Each entry in the list is a {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} - * specifying the location of an XML schema. - * - * @return A list of {@link at.gv.egovernment.moa.id.auth.data.Schema Schema} objects - * each of them specifying the location of an XML schema. - */ - public List getSchemaLocations() { - return schemaLocations_; - } - - /** - * Sets the schema locations. - * - * @see #schemaLocations_ - * - * @param schemaLocations The schema location list to be set. - */ - public void setSchemaLocations(List schemaLocations) { - schemaLocations_ = schemaLocations; - } - - /** - * Returns the ID of the trust profile to be used for verifying certificates. - * - * @return The ID of the trust profile to be used for verifying certificates. - * Maybe null. - */ - public String getTrustProfileID() { - return trustProfileID_; - } - - /** - * Sets the ID of the trust profile to be used for verifying certificates. - * - * @param trustProfileID The ID of the trust profile to be used for verifying certificates. - */ - public void setTrustProfileID(String trustProfileID) { - trustProfileID_ = trustProfileID; - } - - /** - * Returns the name of the class to be used for verifying this infobox. - * - * @return The name of the class to be used for verifying this infobox. - */ - public String getValidatorClassName() { - return validatorClassName_; - } - - /** - * Sets the name of the class to be used for verifying this infobox. - * - * @param validatorClassName The name of the class to be used for verifying this infobox. - */ - public void setValidatorClassName(String validatorClassName) { - validatorClassName_ = validatorClassName; - } - - /** - * Get a string representation of this object. - * This method is for debugging purposes only. - * - * @return A string representation of this object. - */ - public String toString() { - - StringBuffer buffer = new StringBuffer(1024); - - buffer.append(" "); - buffer.append("\n"); - if (friendlyName_ != null) { - buffer.append(" "); - buffer.append(friendlyName_); - buffer.append(""); - buffer.append("\n"); - } - if (trustProfileID_ != null) { - buffer.append(" "); - buffer.append(trustProfileID_); - buffer.append(""); - buffer.append("\n"); - } - if (validatorClassName_ != null) { - buffer.append(" "); - buffer.append(validatorClassName_); - buffer.append(""); - buffer.append("\n"); - } - if (schemaLocations_ != null) { - buffer.append(" "); - buffer.append("\n"); - Iterator it = schemaLocations_.iterator(); - while (it.hasNext()) { - buffer.append(" \n"); - } - buffer.append(" "); - buffer.append("\n"); - } - if (applicationSpecificParams_ != null) { - try { - String applicationSpecificParams = DOMUtils.serializeNode(applicationSpecificParams_); - buffer.append(" "); - buffer.append(StringUtils.removeXMLDeclaration(applicationSpecificParams)); - buffer.append("\n"); - } catch (TransformerException e) { - // do nothing - } catch (IOException e) { - // do nothing - } - } - buffer.append(" "); - - - return buffer.toString() ; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java deleted file mode 100644 index 821fb2225..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/VerifyInfoboxParameters.java +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright 2003 Federal Chancellery Austria - * MOA-ID has been developed in a cooperation between BRZ, the Federal - * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * - * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by - * the European Commission - subsequent versions of the EUPL (the "Licence"); - * You may not use this work except in compliance with the Licence. - * You may obtain a copy of the Licence at: - * http://www.osor.eu/eupl/ - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the Licence is distributed on an "AS IS" basis, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the Licence for the specific language governing permissions and - * limitations under the Licence. - * - * This product combines work with different licenses. See the "NOTICE" text - * file for details on the various modules and licenses. - * The "NOTICE" text file is part of the distribution. Any derivative works - * that you distribute must include a readable copy of the "NOTICE" text file. - */ - - -package at.gv.egovernment.moa.id.config.auth; - -import java.util.Hashtable; -import java.util.Iterator; -import java.util.List; -import java.util.Map; - -/** - * This class contains the parameters for verifying all the infoboxes configured for an - * online application. - * - * @author Harald Bratko - */ -public class VerifyInfoboxParameters { - - /** - * A map of {@link VerifyInfoboxParameter} objects. - * Each of these objects contains parameters that maybe needed for validating an - * infobox. - */ - protected Map infoboxParameters_; - - /** - * A list of the identifiers of the infoboxes supported by this - * VerifyInfoboxParameters; - */ - protected List identifiers_; - - /** - * Holds the (comma separated) identifiers of those infoboxes MOA-IF is able to validate - * in the context of the actual online application. - * The string will be added as value of the PushInfobox parameter in the - * HTML form used for reading the infoboxes from the BKU. - */ - protected String pushInfobox_; - - /** - * Initializes this VerifyInfoboxParameters with an empty {@link #infoboxParameters_} - * map. - */ - public VerifyInfoboxParameters() { - infoboxParameters_ = new Hashtable(); - pushInfobox_ = ""; - } - - /** - * Initializes this VerifyInfoboxParameters with the given - * infoboxParameters map and builds the {@link #pushInfobox_} string - * from the keys of the given map. - */ - public VerifyInfoboxParameters(List identifiers, Map infoboxParameters) { - identifiers_ = identifiers; - infoboxParameters_ = infoboxParameters; - // build the pushInfobox string - if ((identifiers != null) && (!identifiers.isEmpty())) { - StringBuffer identifiersSB = new StringBuffer(); - int identifiersNum = identifiers.size(); - int i = 1; - Iterator it = identifiers.iterator(); - while (it.hasNext()) { - identifiersSB.append((String)it.next()); - if (i != identifiersNum) { - identifiersSB.append(","); - } - i++; - } - pushInfobox_ = identifiersSB.toString(); - } else { - pushInfobox_ = ""; - } - } - - /** - * Returns the (comma separated) identifiers of the infoboxes configured for the actual - * online application. - * - * @see #pushInfobox_ - * - * @return The (comma separated) identifiers of the infoboxes configured for the actual - * online application. - */ - public String getPushInfobox() { - return pushInfobox_; - } - - /** - * Sets the {@link #pushInfobox_} string. - * - * @param pushInfobox The pushInfobox string to be set. - */ - public void setPushInfobox(String pushInfobox) { - pushInfobox_ = pushInfobox; - } - - /** - * Returns map of {@link VerifyInfoboxParameter} objects. - * Each of these objects contains parameters that maybe needed for validating an - * infobox. - * - * @return The map of {@link VerifyInfoboxParameter} objects. - */ - public Map getInfoboxParameters() { - return infoboxParameters_; - } - - /** - * Sets the map of {@link VerifyInfoboxParameter} objects. - * - * @see #infoboxParameters_ - * - * @param infoboxParameters The infoboxParameters to set. - */ - public void setInfoboxParameters(Map infoboxParameters) { - infoboxParameters_ = infoboxParameters; - } - - /** - * Returns the identifiers of the supported infoboxes. - * - * @return The identifiers. - */ - public List getIdentifiers() { - return identifiers_; - } - - /** - * Sets the identifiers. - * - * @param identifiers The identifiers to set. - */ - public void setIdentifiers(List identifiers) { - identifiers_ = identifiers; - } - -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java index 651690166..c7ab2d4c4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java @@ -1,7 +1,5 @@ package at.gv.egovernment.moa.id.config.legacy; -import iaik.x509.X509Certificate; - import java.io.BufferedInputStream; import java.io.File; import java.io.FileInputStream; @@ -16,22 +14,18 @@ import java.util.Map; import java.util.Properties; import java.util.Set; -import org.bouncycastle.crypto.macs.OldHMac; import org.opensaml.saml2.metadata.RequestedAttribute; -import org.opensaml.xml.XMLObject; import org.w3c.dom.Element; import eu.stork.vidp.messages.util.SAMLUtil; import eu.stork.vidp.messages.util.XMLUtil; -import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentGeneral; import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; import at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModeType; import at.gv.egovernment.moa.id.commons.db.dao.config.ChainingModes; -import at.gv.egovernment.moa.id.commons.db.dao.config.ClientKeyStore; import at.gv.egovernment.moa.id.commons.db.dao.config.ConnectionParameterClientAuthType; import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; @@ -54,7 +48,6 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineMandates; import at.gv.egovernment.moa.id.commons.db.dao.config.Organization; import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.Protocols; -import at.gv.egovernment.moa.id.commons.db.dao.config.RequestedAttributeType; import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter; import at.gv.egovernment.moa.id.commons.db.dao.config.SLRequestTemplates; import at.gv.egovernment.moa.id.commons.db.dao.config.SSO; @@ -74,7 +67,6 @@ import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.data.IssuerAndSerial; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.DOMUtils; @@ -136,7 +128,7 @@ public class BuildFromLegacyConfig { //Load generic Config - Map genericConfiguration = builder.buildGenericConfiguration(); + Map genericConfiguration = builder.buildGenericConfiguration(); GeneralConfiguration authGeneral = new GeneralConfiguration(); if (genericConfiguration.containsKey(GENERIC_CONFIG_PARAM_SOURCEID)) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index d4e08318d..234641b4a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -34,7 +34,6 @@ import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.moduls.SSOManager; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; -import at.gv.egovernment.moa.id.storage.ExceptionStoreImpl; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.id.util.legacy.LegacyHelper; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java index 9b4853439..056001a96 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/pki/jsse/MOAIDTrustManager.java @@ -94,7 +94,7 @@ public class MOAIDTrustManager extends IAIKX509TrustManager { private void buildAcceptedServerCertificates(String acceptedServerCertificateStoreURL) throws IOException, GeneralSecurityException { - List certList = new ArrayList(); + List certList = new ArrayList(); URL storeURL = new URL(acceptedServerCertificateStoreURL); File storeDir = new File(storeURL.getFile()); // list certificate files in directory diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java index 794a1f12f..edccc3780 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/iaik/servertools/observer/ObservableImpl.java @@ -40,7 +40,7 @@ import java.util.List; */ public class ObservableImpl implements Observable { /** a List for all observers */ - private List observers = new ArrayList(); + private List observers = new ArrayList(); /** * @see iaik.pki.store.observer.Observable#addObserver(iaik.pki.store.observer.Observer) @@ -60,7 +60,7 @@ public class ObservableImpl implements Observable { * @see iaik.pki.store.observer.Observable#notify(iaik.pki.store.observer.NotificationData) */ public void notify(NotificationData data) { - Iterator iter = observers.iterator(); + Iterator iter = observers.iterator(); for (iter = observers.iterator(); iter.hasNext();) { Observer observer = (Observer) iter.next(); observer.notify(data); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index 4f901fcc8..cafafddb7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -7,7 +7,6 @@ import java.util.List; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder; import at.gv.egovernment.moa.id.auth.builder.SendAssertionFormBuilder; @@ -16,15 +15,12 @@ import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.auth.parser.StartAuthentificationParameterParser; import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; -import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.HTTPSessionUtils; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.StringUtils; @@ -48,61 +44,6 @@ public class AuthenticationManager extends AuthServlet { } -// public AuthenticationSession getAuthenticationSession( -// HttpSession session) { -// String sessionID = HTTPSessionUtils.getHTTPSessionString(session, -// MOA_SESSION, null); -// if (sessionID != null) { -// try { -// return AuthenticationSessionStoreage.getSession(sessionID); -// -// } catch (MOADatabaseException e) { -// return null; -// } -// } -// return null; -// } - -// /** -// * Checks if the session is authenticated -// * -// * @param request -// * @param response -// * @return -// */ -// public boolean isAuthenticated(HttpServletRequest request, -// HttpServletResponse response) { -// Logger.info("Checking authentication"); -// -// HttpSession session = request.getSession(); -// -// String moaSessionID = HTTPSessionUtils.getHTTPSessionString(session, MOA_SESSION, null); -// -// if(moaSessionID == null) { -// Logger.info("NO MOA Session to logout"); -// return false; -// } -// -//// AuthenticationSession authSession; -//// try { -//// authSession = AuthenticationSessionStoreage -//// .getSession(moaSessionID); -//// -//// } catch (MOADatabaseException e) { -//// Logger.info("NO MOA Authentication data for ID " + moaSessionID); -//// return false; -//// } -//// -//// if(authSession == null) { -//// Logger.info("NO MOA Authentication data for ID " + moaSessionID); -//// return false; -//// } -//// -//// return authSession.isAuthenticated(); -// -// return AuthenticationSessionStoreage.isAuthenticated(moaSessionID); -// } - /** * Checks if this request can authenticate a MOA Session * @@ -112,9 +53,7 @@ public class AuthenticationManager extends AuthServlet { */ public boolean tryPerformAuthentication(HttpServletRequest request, HttpServletResponse response) { - - HttpSession session = request.getSession(); - + String sessionID = (String) request.getParameter(PARAM_SESSIONID); if (sessionID != null) { Logger.info("got MOASession: " + sessionID); @@ -134,8 +73,6 @@ public class AuthenticationManager extends AuthServlet { AuthenticationSessionStoreage.storeSession(authSession); -// HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, -// sessionID); return true; // got authenticated } } @@ -153,10 +90,6 @@ public class AuthenticationManager extends AuthServlet { HttpServletResponse response, String moaSessionID) { Logger.info("Logout"); - HttpSession session = request.getSession(); - - //String moaSessionID = HTTPSessionUtils.getHTTPSessionString(session, MOA_SESSION, null); - if(moaSessionID == null) { moaSessionID = (String) request.getParameter(PARAM_SESSIONID); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java index d33d4693d..d36cf0c5b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/RequestStorage.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.moduls; -import java.util.List; import java.util.Map; import javax.servlet.http.HttpSession; @@ -52,16 +51,12 @@ public class RequestStorage { if (requestmap != null && requestID != null) { synchronized (requestmap) { - - //Map requestmap = getPendingRequest(session); - + if (requestmap.containsKey(requestID)) { requestmap.remove(requestID); Logger.debug(RequestStorage.class.getName()+": Remove PendingRequest with ID " + requestID); } - - //setPendingRequest(session, requestmap); } } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java index 038999c19..7008239ab 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java @@ -1,7 +1,5 @@ package at.gv.egovernment.moa.id.moduls; -import java.security.NoSuchAlgorithmException; -import java.security.SecureRandom; import java.util.List; import javax.servlet.http.Cookie; @@ -11,14 +9,12 @@ import javax.servlet.http.HttpServletResponse; import org.hibernate.Query; import org.hibernate.Session; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; -import at.gv.egovernment.moa.id.util.HTTPSessionUtils; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java index 84aea44a3..e21666bfb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java @@ -106,4 +106,15 @@ public class DatabaseTestModule implements TestModuleInterface{ return "AdvancedLoggingDataBase: " + e.getMessage(); } } + + + public String getName() { + return "DatabaseTest"; + } + + + public void initializeTest(long delayParam, String url) throws Exception { + // TODO Auto-generated method stub + + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java index 9b81d197f..44ecdfde7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java @@ -12,7 +12,6 @@ import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; -import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser; import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; @@ -22,46 +21,49 @@ import at.gv.egovernment.moa.util.MiscUtil; public class IdentityLinkTestModule implements TestModuleInterface { + private static IdentityLink identityLink = null; + + public void initializeTest(long delayParam, String url) throws Exception{ + + if (MiscUtil.isNotEmpty(url)) { + File idlfile = new File(url); + InputStream idlstream = new FileInputStream(idlfile); + identityLink = new IdentityLinkAssertionParser(idlstream).parseIdentityLink(); + } + + } + public List performTests() throws Exception{ Logger.trace("Start MOA-ID IdentityLink Test"); AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + + IdentityLinkValidator.getInstance().validate(identityLink); + // builds a for a call of MOA-SP + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() + .build(identityLink, config + .getMoaSpIdentityLinkTrustProfileID()); - String idlurl = config.getTestIdentityLinkURL(); + // invokes the call + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() + .verifyXMLSignature(domVerifyXMLSignatureRequest); + // parses the + VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( + domVerifyXMLSignatureResponse).parseData(); - if (MiscUtil.isNotEmpty(idlurl)) { - File idlfile = new File(idlurl); - InputStream idlstream = new FileInputStream(idlfile); + VerifyXMLSignatureResponseValidator.getInstance().validate( + verifyXMLSignatureResponse, + config.getIdentityLinkX509SubjectNames(), + VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, + true); - IdentityLink identityLink = new IdentityLinkAssertionParser(idlstream).parseIdentityLink(); - - IdentityLinkValidator.getInstance().validate(identityLink); - // builds a for a call of MOA-SP - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() - .build(identityLink, config - .getMoaSpIdentityLinkTrustProfileID()); - - // invokes the call - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() - .verifyXMLSignature(domVerifyXMLSignatureRequest); - // parses the - VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( - domVerifyXMLSignatureResponse).parseData(); - - VerifyXMLSignatureResponseValidator.getInstance().validate( - verifyXMLSignatureResponse, - config.getIdentityLinkX509SubjectNames(), - VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, - true); - - Logger.trace("Finished MOA-ID IdentityLink Test without errors"); - - return null; - - } else { - Logger.warn("MOA-ID IdentityLink Test can not performed without IdentityLink. Insert IdentityLink file to MOA-ID configuration"); - return null; - } + Logger.trace("Finished MOA-ID IdentityLink Test without errors"); + + return null; + } + + public String getName() { + return "IdentityLinkTest"; } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java index bbebbed57..dadbc494b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestManager.java @@ -1,27 +1,45 @@ package at.gv.egovernment.moa.id.monitoring; -import java.util.ArrayList; import java.util.Arrays; +import java.util.HashMap; import java.util.List; +import java.util.Map; +import at.gv.egovernment.moa.id.config.ConfigurationException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.logging.Logger; public class TestManager { private static TestManager instance; - private List tests = new ArrayList(); + private Map tests = new HashMap(); - public static TestManager getInstance() { + public static TestManager getInstance() throws ConfigurationException { if (instance == null) instance = new TestManager(); return instance; } - private TestManager() { - tests.add(new DatabaseTestModule()); - tests.add(new IdentityLinkTestModule()); + private TestManager() throws ConfigurationException { + + AuthConfigurationProvider config = AuthConfigurationProvider.getInstance(); + + //add Database test + DatabaseTestModule test1 = new DatabaseTestModule(); + tests.put(test1.getName(), test1); + + //add IdentityLink verification test + IdentityLinkTestModule test2 = new IdentityLinkTestModule(); + String idlurl = config.getMonitoringTestIdentityLinkURL(); + try { + test2.initializeTest(0, idlurl); + tests.put(test2.getName(), test2);; + + } catch (Exception e) { + Logger.warn("MOA-ID IdentityLink Test can not performed without IdentityLink. Insert IdentityLink file to MOA-ID configuration", e); + } } public List executeTests() { @@ -30,7 +48,7 @@ public class TestManager { List errors; - for (TestModuleInterface test : tests) { + for (TestModuleInterface test : tests.values()) { try { errors = test.performTests(); if (errors != null && errors.size() > 0) @@ -44,4 +62,27 @@ public class TestManager { return null; } + + public List executeTest(String testname) { + + TestModuleInterface test = tests.get(testname); + + if (test != null) { + try { + return test.performTests(); + + } catch (Exception e) { + Logger.warn("General Testing Eception during Test " + test.getName() + ": ", e); + return Arrays.asList(e.getMessage()); + } + + } else { + Logger.info("TestModule with Name " + testname + " is not implemented"); + return null; + } + } + + public boolean existsModule(String modulename) { + return tests.containsKey(modulename); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java index f4e94fee0..a2b49f34a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/TestModuleInterface.java @@ -5,4 +5,8 @@ import java.util.List; public interface TestModuleInterface { public List performTests() throws Exception; + + public void initializeTest(long delayParam, String url) throws Exception; + + public String getName(); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 39c22b701..bef58ab59 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -29,8 +29,6 @@ import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.moduls.NoPassivAuthenticationException; -import at.gv.egovernment.moa.id.moduls.ServletInfo; -import at.gv.egovernment.moa.id.moduls.ServletType; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IDecoder; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest; @@ -165,7 +163,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { String oaURL = moaRequest.getEntityMetadata().getEntityID(); String binding = consumerService.getBinding(); - String entityID = moaRequest.getEntityMetadata().getEntityID(); +// String entityID = moaRequest.getEntityMetadata().getEntityID(); Logger.info("Dispatch PVP2 Request: OAURL=" + oaURL + " Binding=" + binding); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java index 85861297c..232ad315f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java @@ -16,7 +16,6 @@ import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.saml2.metadata.SingleSignOnService; import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder; -import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; @@ -25,11 +24,9 @@ import org.opensaml.xml.parse.BasicParserPool; import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.security.credential.Credential; -import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; -import at.gv.egovernment.moa.logging.Logger; public class PostBinding implements IDecoder, IEncoder { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java index 86801dde5..418c4a60c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java @@ -15,7 +15,6 @@ import org.opensaml.saml2.core.StatusResponseType; import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.saml2.metadata.SingleSignOnService; import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder; -import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.ws.security.SecurityPolicyResolver; @@ -32,7 +31,6 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider; import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException; import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory; -import at.gv.egovernment.moa.logging.Logger; public class RedirectBinding implements IDecoder, IEncoder { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java index 04ec3eaee..3974e7fd5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java @@ -9,8 +9,6 @@ import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.binding.encoding.HTTPSOAP11Encoder; import org.opensaml.saml2.core.RequestAbstractType; import org.opensaml.saml2.core.StatusResponseType; -import org.opensaml.saml2.metadata.SingleSignOnService; -import org.opensaml.saml2.metadata.impl.SingleSignOnServiceBuilder; import org.opensaml.ws.message.decoder.MessageDecodingException; import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.ws.soap.soap11.decoder.http.HTTPSOAP11Decoder; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java index ed1fb1789..ae5302031 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java @@ -1,7 +1,6 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.builder; import org.opensaml.saml2.core.Attribute; -import org.opensaml.saml2.core.AttributeStatement; import org.opensaml.saml2.core.AttributeValue; import org.opensaml.xml.Configuration; import org.opensaml.xml.XMLObject; @@ -10,14 +9,6 @@ import org.opensaml.xml.schema.XSString; import org.opensaml.xml.schema.impl.XSIntegerBuilder; import org.opensaml.xml.schema.impl.XSStringBuilder; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; -import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.data.AuthenticationData; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOARequest; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; public class CitizenTokenBuilder { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java index 4fb76c377..bb568cd90 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BPKAttributeBuilder.java @@ -5,6 +5,7 @@ import org.opensaml.saml2.core.Attribute; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; public class BPKAttributeBuilder extends BaseAttributeBuilder { @@ -26,6 +27,9 @@ public class BPKAttributeBuilder extends BaseAttributeBuilder { if(bpk.length() > BPK_MAX_LENGTH) { bpk = bpk.substring(0, BPK_MAX_LENGTH); } + + Logger.trace("Authenticate user with bPK/wbPK " + bpk + " and Type=" + type); + return buildStringAttribute(BPK_FRIENDLY_NAME, BPK_NAME, type + ":" + bpk); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BaseAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BaseAttributeBuilder.java index d3c79c939..4accca580 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BaseAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/BaseAttributeBuilder.java @@ -9,10 +9,11 @@ import org.opensaml.xml.schema.XSString; import org.opensaml.xml.schema.impl.XSIntegerBuilder; import org.opensaml.xml.schema.impl.XSStringBuilder; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; -public abstract class BaseAttributeBuilder implements PVPConstants, IAttributeBuilder { +public abstract class BaseAttributeBuilder implements PVPConstants, MOAIDAuthConstants, IAttributeBuilder { protected static XMLObject buildAttributeStringValue(String value) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateProfRepDescAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateProfRepDescAttributeBuilder.java index b7c356112..66ac56d00 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateProfRepDescAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateProfRepDescAttributeBuilder.java @@ -4,7 +4,6 @@ import org.opensaml.saml2.core.Attribute; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.validator.parep.ParepValidator; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException; @@ -26,7 +25,7 @@ public class MandateProfRepDescAttributeBuilder extends BaseAttributeBuilder { } String text = AttributeExtractor.extractSAMLAttributeOA( - ParepValidator.EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, + EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, authSession); if(text == null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateProfRepOIDAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateProfRepOIDAttributeBuilder.java index 740a99649..d708cba95 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateProfRepOIDAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/MandateProfRepOIDAttributeBuilder.java @@ -4,7 +4,6 @@ import org.opensaml.saml2.core.Attribute; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.validator.parep.ParepValidator; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException; @@ -26,7 +25,7 @@ public class MandateProfRepOIDAttributeBuilder extends BaseAttributeBuilder { } String oid = AttributeExtractor.extractSAMLAttributeOA( - ParepValidator.EXT_SAML_MANDATE_OID, + EXT_SAML_MANDATE_OID, authSession); if(oid == null) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java index ebe597ed2..116d3b740 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java @@ -3,13 +3,10 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.config; import iaik.x509.X509Certificate; import java.io.File; -import java.io.FileInputStream; import java.security.cert.CertificateException; import java.util.ArrayList; -import java.util.Iterator; import java.util.List; import java.util.Properties; -import java.util.Set; import org.opensaml.saml2.metadata.Company; import org.opensaml.saml2.metadata.ContactPerson; @@ -28,10 +25,8 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.Contact; import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.PVP2; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; -import at.gv.egovernment.moa.id.protocols.pvp2x.utils.Digester; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; import at.gv.egovernment.moa.logging.Logger; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java index 443b960a0..8bfa3baba 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.metadata; -import java.security.cert.CertificateException; import java.util.ArrayList; import java.util.Collection; import java.util.Date; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java index 582d5aced..1d494c512 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java @@ -16,9 +16,7 @@ import org.opensaml.ws.message.encoder.MessageEncodingException; import org.opensaml.xml.security.SecurityException; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.moduls.AuthenticationManager; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding; import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder; @@ -30,7 +28,6 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedException; import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.InvalidAssertionConsumerServiceException; import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; public class AuthnRequestHandler implements IRequestHandler, PVPConstants { @@ -48,15 +45,6 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants { AuthnRequest authnRequest = (AuthnRequest) obj.getSamlRequest(); EntityDescriptor peerEntity = obj.getEntityMetadata(); -// if (!AuthenticationSessionStoreage.isAuthenticated(authSession.getSessionID())) { -// throw new AuthenticationException("auth.21", new Object[] {}); -// } - -// AuthenticationManager authmanager = AuthenticationManager.getInstance(); -// AuthenticationSession authSession =authmanager.getAuthenticationSession(req.getSession()); - - // authSession.getM - Assertion assertion = PVP2AssertionBuilder.buildAssertion(authnRequest, authSession, peerEntity); Response authResponse = SAML2Utils.createSAMLObject(Response.class); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java index 38251ab56..cf0f48f1c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/CredentialProvider.java @@ -1,22 +1,11 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.signer; -import iaik.pkcs.pkcs12.PKCS12; -import iaik.x509.X509Certificate; - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; import java.security.KeyStore; -import java.security.cert.CertificateException; - -import javax.jws.soap.SOAPBinding.Use; import org.opensaml.xml.security.credential.Credential; import org.opensaml.xml.security.credential.UsageType; import org.opensaml.xml.security.x509.BasicX509Credential; import org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter; -import org.opensaml.xml.security.x509.X509Credential; import org.opensaml.xml.signature.Signature; import org.opensaml.xml.signature.SignatureConstants; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AttributeExtractor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AttributeExtractor.java index a59fc17c5..4ffe0d8a2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AttributeExtractor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AttributeExtractor.java @@ -5,18 +5,16 @@ import java.util.List; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; -import at.gv.egovernment.moa.id.auth.validator.parep.ParepValidator; public class AttributeExtractor { public static String extractSAMLAttributeOA(String name, AuthenticationSession authSession) { - List extAttributes = authSession.getExtendedSAMLAttributesOA(); + List extAttributes = authSession.getExtendedSAMLAttributesOA(); if(extAttributes == null) { return null; } - Iterator extAttributesIt = extAttributes.iterator(); - String value = null; + Iterator extAttributesIt = extAttributes.iterator(); while(extAttributesIt.hasNext()) { Object attr = extAttributesIt.next(); if(attr instanceof ExtendedSAMLAttribute) { @@ -34,12 +32,11 @@ public class AttributeExtractor { public static String extractSAMLAttributeAUTH(String name, AuthenticationSession authSession) { - List extAttributes = authSession.getExtendedSAMLAttributesAUTH(); + List extAttributes = authSession.getExtendedSAMLAttributesAUTH(); if(extAttributes == null) { return null; } - Iterator extAttributesIt = extAttributes.iterator(); - String value = null; + Iterator extAttributesIt = extAttributes.iterator(); while(extAttributesIt.hasNext()) { Object attr = extAttributesIt.next(); if(attr instanceof ExtendedSAMLAttribute) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java index d6ac121b1..7bb5b052f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java @@ -19,8 +19,6 @@ import org.opensaml.xml.io.Marshaller; import org.opensaml.xml.io.MarshallingException; import org.w3c.dom.Document; -import eu.stork.vidp.messages.common.STORKBootstrap; - public class SAML2Utils { public static T createSAMLObject(final Class clazz) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/MetadataSignatureFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/MetadataSignatureFilter.java index 72f14f6e1..e9d41b7ee 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/MetadataSignatureFilter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/MetadataSignatureFilter.java @@ -10,7 +10,6 @@ import org.opensaml.saml2.metadata.EntityDescriptor; import org.opensaml.saml2.metadata.provider.FilterException; import org.opensaml.saml2.metadata.provider.MetadataFilter; import org.opensaml.xml.XMLObject; -import org.opensaml.xml.security.credential.Credential; import org.opensaml.xml.security.x509.BasicX509Credential; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; @@ -33,7 +32,7 @@ public class MetadataSignatureFilter implements MetadataFilter { public void processEntityDescriptorr(EntityDescriptor desc) throws MOAIDException { - String entityID = desc.getEntityID(); +// String entityID = desc.getEntityID(); EntityVerifier.verify(desc); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java index 8df418f9a..628da6773 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/SAMLVerificationEngine.java @@ -3,7 +3,6 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.verification; import org.opensaml.common.xml.SAMLConstants; import org.opensaml.saml2.core.RequestAbstractType; import org.opensaml.saml2.core.Response; -import org.opensaml.saml2.metadata.IDPSSODescriptor; import org.opensaml.saml2.metadata.SPSSODescriptor; import org.opensaml.security.MetadataCriteria; import org.opensaml.security.SAMLSignatureProfileValidator; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/TrustEngineFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/TrustEngineFactory.java index f3c5ed86a..52a838c02 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/TrustEngineFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/TrustEngineFactory.java @@ -3,9 +3,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.verification; import java.util.ArrayList; import java.util.List; -import org.opensaml.saml2.metadata.provider.MetadataProviderException; import org.opensaml.security.MetadataCredentialResolver; -import org.opensaml.xml.security.credential.CredentialResolver; import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver; import org.opensaml.xml.security.keyinfo.KeyInfoCredentialResolver; import org.opensaml.xml.security.keyinfo.KeyInfoProvider; @@ -16,8 +14,6 @@ import org.opensaml.xml.signature.SignatureTrustEngine; import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine; import org.opensaml.xml.signature.impl.PKIXSignatureTrustEngine; -import sun.security.krb5.Credentials; - import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider; import edu.internet2.middleware.shibboleth.common.security.MetadataPKIXValidationInformationResolver; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java index b248fdec9..29914af4b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java @@ -86,7 +86,6 @@ public class GetAuthenticationDataService implements Constants { String statusMessageCode = null; String statusMessage = null; String samlAssertion = ""; - boolean useUTC = false; if (requests.length > 1) { // more than 1 request given as parameter statusCode = "samlp:Requester"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index c9ee281e6..57a23c8f9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -200,7 +200,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { String samlAssertion; if (session.getUseMandate()) { - List oaAttributes = session.getExtendedSAMLAttributesOA(); + List oaAttributes = session.getExtendedSAMLAttributesOA(); if (saml1parameter.isProvideFullMandatorData()) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java index e17c9728d..e40d11128 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java @@ -130,7 +130,7 @@ public class AuthenticationSessionStoreage { Session session = MOASessionDBUtils.getCurrentSession(); - List result; + List result; synchronized (session) { @@ -194,7 +194,7 @@ public class AuthenticationSessionStoreage { try { Session session = MOASessionDBUtils.getCurrentSession(); - List result; + List result; synchronized (session) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java deleted file mode 100644 index 1e9cb9024..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/HTTPSessionUtils.java +++ /dev/null @@ -1,70 +0,0 @@ -package at.gv.egovernment.moa.id.util; - -import java.util.Enumeration; -import java.util.HashMap; -import java.util.Iterator; -import java.util.Set; - -import javax.servlet.http.HttpSession; - -public class HTTPSessionUtils { - -// public static HashMap extractAllProperties(HttpSession session) { -// @SuppressWarnings("unchecked") -// Enumeration keys = (Enumeration)session.getAttributeNames(); -// HashMap properties = new HashMap(); -// -// while(keys.hasMoreElements()) { -// Object keyObject = keys.nextElement(); -// String key = keyObject.toString(); -// Object value = session.getAttribute(key); -// properties.put(key, value); -// } -// -// return properties; -// } -// -// public static void pushAllProperties(HttpSession session, HashMap properties) { -// Set keys = properties.keySet(); -// Iterator keysIterator = keys.iterator(); -// while(keysIterator.hasNext()) { -// String key = keysIterator.next(); -// session.setAttribute(key, properties.get(key)); -// } -// } -// -// public static boolean getHTTPSessionBoolean(HttpSession session, String name, boolean fallback) { -// Object obj = session.getAttribute(name); -// if(obj == null) { -// return fallback; -// } -// -// if(obj instanceof Boolean) { -// Boolean b = (Boolean)obj; -// if(b != null) { -// return b.booleanValue(); -// } -// } -// return fallback; -// } -// -// public static void setHTTPSessionBoolean(HttpSession session, String name, boolean value) { -// session.setAttribute(name, new Boolean(value)); -// } -// -// public static String getHTTPSessionString(HttpSession session, String name, String fallback) { -// Object obj = session.getAttribute(name); -// if(obj == null) { -// return fallback; -// } -// -// if(obj instanceof String) { -// return (String)obj; -// } -// return fallback; -// } -// -// public static void setHTTPSessionString(HttpSession session, String name, String value) { -// session.setAttribute(name, value); -// } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java index 25687fc4f..4d4f5f0e0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java @@ -28,7 +28,6 @@ import java.io.IOException; import java.io.StringReader; import java.net.MalformedURLException; import java.net.URL; -import java.util.Iterator; import java.util.List; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -192,7 +191,7 @@ public class ParamValidatorUtils implements MOAIDAuthConstants{ try { // check if bku url starts with http or https if (bkuURI.startsWith("http") || bkuURI.startsWith("https")) { - URL url =new URL(bkuURI); + new URL(bkuURI); // check if bkuURI is a local BKU if (bkuURI.compareToIgnoreCase("https://localhost:3496/https-security-layer-request") == 0 || diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java index f1d0ecd45..e2a65f162 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/Random.java @@ -27,12 +27,9 @@ package at.gv.egovernment.moa.id.util; import iaik.security.random.SeedGenerator; -import java.io.IOException; import java.nio.ByteBuffer; import java.security.SecureRandom; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Base64Utils; /** * Random number generator used to generate ID's diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java index 0130046de..2dd5519a8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SSLUtils.java @@ -73,13 +73,13 @@ import at.gv.egovernment.moa.logging.Logger; public class SSLUtils { /** SSLSocketFactory store, mapping URL->SSLSocketFactory **/ - private static Map sslSocketFactories = new HashMap(); + private static Map sslSocketFactories = new HashMap(); /** * Initializes the SSLSocketFactory store. */ public static void initialize() { - sslSocketFactories = new HashMap(); + sslSocketFactories = new HashMap(); // JSSE Abhängigkeit //Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider()); Security.addProvider(new IAIK()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java index a942202bf..cfc371f03 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java @@ -1,12 +1,8 @@ package at.gv.egovernment.moa.id.util; -import java.security.InvalidKeyException; -import java.security.NoSuchAlgorithmException; -import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec; import javax.crypto.Cipher; -import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.PBEKeySpec; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java index 8479157a7..8c9045c03 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/client/mis/simple/MISSimpleClient.java @@ -72,7 +72,7 @@ public class MISSimpleClient { } } - public static List sendGetMandatesRequest(String webServiceURL, String sessionId, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException { + public static List sendGetMandatesRequest(String webServiceURL, String sessionId, SSLSocketFactory sSLSocketFactory) throws MISSimpleClientException { if (webServiceURL == null) { throw new NullPointerException("Argument webServiceURL must not be null."); } @@ -107,7 +107,7 @@ public class MISSimpleClient { throw new MISSimpleClientException("No mandates found in response."); } - ArrayList foundMandates = new ArrayList(); + ArrayList foundMandates = new ArrayList(); for (int i=0; i