From 98dbb23fa5dcd9518beb56fd2410667b385b5524 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 17 Jul 2015 09:18:28 +0200 Subject: first beta version of new MOA-ID WebGUI module for configuration --- .../moa/id/auth/AuthenticationServer.java | 2 +- .../moa/id/auth/MOAIDAuthConstants.java | 11 +++++----- .../id/auth/builder/AuthenticationDataBuilder.java | 2 +- .../moa/id/auth/builder/DataURLBuilder.java | 3 ++- .../StartAuthentificationParameterParser.java | 2 +- .../moa/id/auth/servlet/AuthServlet.java | 2 +- .../servlet/GenerateIFrameTemplateServlet.java | 9 ++++---- .../id/auth/servlet/IDPSingleLogOutServlet.java | 13 ++++++------ .../auth/servlet/ProcessEngineSignalServlet.java | 10 ++++----- .../moa/id/auth/servlet/RedirectServlet.java | 11 +++++----- .../moa/id/config/ConfigurationUtils.java | 1 - .../auth/AuthConfigurationProviderFactory.java | 18 +++++++++++++--- .../moa/id/config/auth/OAAuthParameter.java | 11 +++++----- .../PropertyBasedAuthConfigurationProvider.java | 19 +++++++++-------- .../moa/id/entrypoints/DispatcherServlet.java | 7 ++++--- .../moa/id/moduls/AuthenticationManager.java | 2 +- .../at/gv/egovernment/moa/id/moduls/IAction.java | 2 +- .../moa/id/protocols/pvp2x/PVP2XProtocol.java | 2 +- .../moa/id/protocols/pvp2x/SingleLogOutAction.java | 7 ++++--- .../builder/attributes/IPVPAttributeBuilder.java | 3 +-- .../moa/id/protocols/saml1/GetArtifactAction.java | 9 ++++---- .../moa/id/protocols/saml1/SAML1Protocol.java | 2 +- .../protocols/stork2/AttributeProviderFactory.java | 10 ++------- .../moa/id/protocols/stork2/STORKProtocol.java | 2 +- .../moa/id/util/ParamValidatorUtils.java | 2 +- .../moa/id/util/legacy/LegacyHelper.java | 2 +- .../main/resources/moaid.configuration.beans.xml | 24 ++++++++++++++++++++++ .../resources/properties/id_messages_de.properties | 3 ++- .../protocol_response_statuscodes_de.properties | 1 + .../src/test/java/test/tlenz/simpletest.java | 22 ++++++++++++++++++++ 30 files changed, 137 insertions(+), 77 deletions(-) (limited to 'id/server/idserverlib') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index f62c21ed9..54484a854 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -99,7 +99,7 @@ import at.gv.util.xsd.srzgw.MISType.Filters; * @version $Id: AuthenticationServer.java 1273 2012-02-27 14:50:18Z kstranacher * $ */ -public class AuthenticationServer implements MOAIDAuthConstants { +public class AuthenticationServer extends MOAIDAuthConstants { /** * single instance diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java index 5223a181d..3d12bae61 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java @@ -9,6 +9,9 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; +import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration; + import iaik.asn1.ObjectID; @@ -18,7 +21,7 @@ import iaik.asn1.ObjectID; * @author Paul Ivancsics * @version $Id$ */ -public interface MOAIDAuthConstants { +public class MOAIDAuthConstants extends MOAIDConstants{ /** servlet parameter "Target" */ public static final String PARAM_TARGET = "Target"; @@ -113,9 +116,7 @@ public interface MOAIDAuthConstants { // /** the number of the certifcate extension for party organ representatives */ // public static final String PARTY_ORGAN_REPRESENTATION_OID_NUMBER = PARTY_REPRESENTATION_OID_NUMBER + ".10"; - - public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+"; - + /** OW */ public static final String OW_ORGANWALTER = PARTY_REPRESENTATION_OID_NUMBER + ".4"; @@ -143,8 +144,6 @@ public interface MOAIDAuthConstants { public static final String PARAM_APPLET_HEIGTH = "heigth"; public static final String PARAM_APPLET_WIDTH = "width"; - public static final String TESTCREDENTIALROOTOID = "1.2.40.0.10.2.4.1"; - public static final Map COUNTRYCODE_XX_TO_NAME = Collections.unmodifiableMap(new HashMap() { private static final long serialVersionUID = 1L; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index ffadc2631..573f2e09f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -116,7 +116,7 @@ import at.gv.util.xsd.szr.PersonInfoType; * @author tlenz * */ -public class AuthenticationDataBuilder implements MOAIDAuthConstants { +public class AuthenticationDataBuilder extends MOAIDAuthConstants { public static IAuthData buildAuthenticationData(IRequest protocolRequest, AuthenticationSession session, List reqAttributes) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java index 924051e2a..899b0fd15 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java @@ -46,6 +46,7 @@ package at.gv.egovernment.moa.id.auth.builder; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.servlet.AuthServlet; /** @@ -96,7 +97,7 @@ public class DataURLBuilder { dataURL = authBaseURL + authServletName; - dataURL = addParameter(dataURL, AuthServlet.PARAM_SESSIONID, sessionID); + dataURL = addParameter(dataURL, MOAIDAuthConstants.PARAM_SESSIONID, sessionID); return dataURL; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java index a26dec969..3b903009c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java @@ -44,7 +44,7 @@ import at.gv.egovernment.moa.util.FileUtils; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; -public class StartAuthentificationParameterParser implements MOAIDAuthConstants{ +public class StartAuthentificationParameterParser extends MOAIDAuthConstants{ public static void parse(AuthenticationSession moasession, String target, diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java index c4c4b2691..43f4f90ff 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java @@ -96,7 +96,7 @@ import at.gv.egovernment.moa.util.URLDecoder; * @author Paul Ivancsics * @version $Id$ */ -public class AuthServlet extends HttpServlet implements MOAIDAuthConstants { +public class AuthServlet extends HttpServlet { /** * diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java index 5802ce3b9..7b55564c4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java @@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringEscapeUtils; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; @@ -64,10 +65,10 @@ public class GenerateIFrameTemplateServlet extends AuthServlet { String pendingRequestID = null; try { - String bkuid = req.getParameter(PARAM_BKU); - String useMandate = req.getParameter(PARAM_USEMANDATE); - String ccc = req.getParameter(PARAM_CCC); - String moasessionid = req.getParameter(PARAM_SESSIONID); + String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU); + String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE); + String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC); + String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); moasessionid = StringEscapeUtils.escapeHtml(moasessionid); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java index 626c95b19..0a6d30be7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java @@ -32,6 +32,7 @@ import org.apache.velocity.VelocityContext; import org.opensaml.saml2.core.LogoutResponse; import org.opensaml.saml2.metadata.SingleLogoutService; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -64,9 +65,9 @@ public class IDPSingleLogOutServlet extends AuthServlet { SSOManager ssomanager = SSOManager.getInstance(); String ssoid = ssomanager.getSSOSessionID(req); - Object restartProcessObj = req.getParameter(PARAM_SLORESTART); + Object restartProcessObj = req.getParameter(MOAIDAuthConstants.PARAM_SLORESTART); - Object tokkenObj = req.getParameter(PARAM_SLOSTATUS); + Object tokkenObj = req.getParameter(MOAIDAuthConstants.PARAM_SLOSTATUS); String tokken = null; String status = null; if (tokkenObj != null && tokkenObj instanceof String) { @@ -78,7 +79,7 @@ public class IDPSingleLogOutServlet extends AuthServlet { } VelocityContext context = new VelocityContext(); - if (SLOSTATUS_SUCCESS.equals(status)) + if (MOAIDAuthConstants.SLOSTATUS_SUCCESS.equals(status)) context.put("successMsg", MOAIDMessageProvider.getInstance().getMessage("slo.00", null)); else @@ -148,12 +149,12 @@ public class IDPSingleLogOutServlet extends AuthServlet { String statusCode = null; if (sloContainer.getSloFailedOAs() == null || sloContainer.getSloFailedOAs().size() == 0) - statusCode = SLOSTATUS_SUCCESS; + statusCode = MOAIDAuthConstants.SLOSTATUS_SUCCESS; else - statusCode = SLOSTATUS_ERROR; + statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR; AssertionStorage.getInstance().put(artifact, statusCode); - redirectURL = addURLParameter(redirectURL, PARAM_SLOSTATUS, artifact); + redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact); } //redirect to Redirect Servlet diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java index 43b6c03d4..0b6180d0f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java @@ -33,10 +33,10 @@ public class ProcessEngineSignalServlet extends AuthServlet { * The HttpServletResponse. */ private void setNoCachingHeaders(HttpServletResponse resp) { - resp.setHeader(HEADER_EXPIRES, HEADER_VALUE_EXPIRES); - resp.setHeader(HEADER_PRAGMA, HEADER_VALUE_PRAGMA); - resp.setHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL); - resp.addHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL_IE); + resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, MOAIDAuthConstants.HEADER_VALUE_EXPIRES); + resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, MOAIDAuthConstants.HEADER_VALUE_PRAGMA); + resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL); + resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE); } /** @@ -95,7 +95,7 @@ public class ProcessEngineSignalServlet extends AuthServlet { * @return The current MOA session id. */ public String getMoaSessionId(HttpServletRequest request) { - return StringEscapeUtils.escapeHtml(request.getParameter(PARAM_SESSIONID)); + return StringEscapeUtils.escapeHtml(request.getParameter(MOAIDAuthConstants.PARAM_SESSIONID)); } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java index 7266a3302..431a7e0f7 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java @@ -29,6 +29,7 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; @@ -55,9 +56,9 @@ public class RedirectServlet extends AuthServlet{ Logger.debug("Receive " + RedirectServlet.class + " Request"); String url = req.getParameter(REDIRCT_PARAM_URL); - String target = req.getParameter(PARAM_TARGET); - String artifact = req.getParameter(PARAM_SAMLARTIFACT); - String interIDP = req.getParameter(INTERFEDERATION_IDP); + String target = req.getParameter(MOAIDAuthConstants.PARAM_TARGET); + String artifact = req.getParameter(MOAIDAuthConstants.PARAM_SAMLARTIFACT); + String interIDP = req.getParameter(MOAIDAuthConstants.INTERFEDERATION_IDP); Logger.debug("Check URL against online-applications"); OAAuthParameter oa = null; @@ -85,12 +86,12 @@ public class RedirectServlet extends AuthServlet{ if (MiscUtil.isNotEmpty(target)) { // redirectURL = addURLParameter(redirectURL, PARAM_TARGET, // URLEncoder.encode(session.getTarget(), "UTF-8")); - url = addURLParameter(url, PARAM_TARGET, + url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(target, "UTF-8")); } - url = addURLParameter(url, PARAM_SAMLARTIFACT, + url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(artifact, "UTF-8")); url = resp.encodeRedirectURL(url); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java index d4cb909d9..d36a4318a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java @@ -27,7 +27,6 @@ import java.io.UnsupportedEncodingException; import java.util.ArrayList; import java.util.List; -import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java index 8fad1bc83..38135b028 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java @@ -22,6 +22,10 @@ */ package at.gv.egovernment.moa.id.config.auth; +import java.net.URI; +import java.net.URISyntaxException; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConfigurationProvider; import at.gv.egovernment.moa.logging.Logger; @@ -50,13 +54,21 @@ public class AuthConfigurationProviderFactory { * @throws ConfigurationException */ public static AuthConfiguration reload() throws ConfigurationException { - String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); + String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME); if (fileName == null) { throw new ConfigurationException("config.01", null); } Logger.info("Loading MOA-ID-AUTH configuration " + fileName); - - instance = new PropertyBasedAuthConfigurationProvider(fileName); + + try { + URI fileURI = new URI(fileName); + instance = new PropertyBasedAuthConfigurationProvider(fileURI); + + } catch (URISyntaxException e){ + Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix."); + throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, fileName}); + + } return instance; } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index 3bf631108..4587f0bc3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -59,6 +59,7 @@ import java.util.Set; import org.apache.commons.lang.SerializationUtils; import at.gv.egovernment.moa.id.auth.exception.BuildException; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils; import at.gv.egovernment.moa.id.commons.validation.TargetValidator; @@ -113,11 +114,11 @@ public String getIdentityLinkDomainIdentifier() { String type = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE); String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE); if (MiscUtil.isNotEmpty(type) && MiscUtil.isNotEmpty(value)) { - if (MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK.equals(type)) { - return MOAIDConfigurationConstants.PREFIX_STORK + "AT" + "+" + value; + if (MOAIDConstants.IDENIFICATIONTYPE_STORK.equals(type)) { + return MOAIDConstants.PREFIX_STORK + "AT" + "+" + value; } else { - return MOAIDConfigurationConstants.PREFIX_WPBK + type + "+" + value; + return MOAIDConstants.PREFIX_WPBK + type + "+" + value; } } @@ -567,7 +568,7 @@ public Collection getStorkAPs() { @Override public byte[] getBKUSelectionTemplate() { try { - String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION); + String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA); if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) { return Base64Utils.decode(bkuSelectionTemplateBase64, false); @@ -587,7 +588,7 @@ public byte[] getBKUSelectionTemplate() { @Override public byte[] getSendAssertionTemplate() { try { - String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION); + String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA); if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) { return Base64Utils.decode(bkuSelectionTemplateBase64, false); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java index 9535c9aa3..9fc03e2df 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java @@ -62,7 +62,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide * @param fileName the path to the properties file * @throws ConfigurationException if an error occurs during loading the properties file. */ - public PropertyBasedAuthConfigurationProvider(String fileName) throws ConfigurationException { + public PropertyBasedAuthConfigurationProvider(URI fileName) throws ConfigurationException { File propertiesFile = new File(fileName); rootConfigFileDir = propertiesFile.getParent(); try { @@ -72,14 +72,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide throw new ConfigurationException("config.03", null, t); } - - System.getProperties().setProperty("location", "file:" + fileName); - context = new ClassPathXmlApplicationContext( - new String[] { "moaid.configuration.beans.xml", - "configuration.beans.xml" - }); - AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); - acbFactory.autowireBean(this); FileInputStream in = null; try { @@ -87,6 +79,15 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide properties.load(in); super.initial(properties); +// JPAPropertiesWithJavaConfig.setLocalProperties(configProp); +// System.getProperties().setProperty("location", "file:" + fileName); + context = new ClassPathXmlApplicationContext( + new String[] { "moaid.configuration.beans.xml", + "configuration.beans.xml" + }); + AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory(); + acbFactory.autowireBean(this); + } catch (FileNotFoundException e) { throw new ConfigurationException("config.03", null, e); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index 2e0aa5486..15dbf818d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; @@ -279,7 +280,7 @@ public class DispatcherServlet extends AuthServlet{ //create interfederated MOASession String sessionID = AuthenticationSessionStoreage.createInterfederatedSession(protocolRequest, true, ssoId); - req.getParameterMap().put(PARAM_SESSIONID, new String[]{ sessionID }); + req.getParameterMap().put(MOAIDAuthConstants.PARAM_SESSIONID, new String[]{ sessionID }); Logger.info("PreProcessing of SSO interfederation response complete. "); @@ -459,7 +460,7 @@ public class DispatcherServlet extends AuthServlet{ } } else { - moasessionID = (String) req.getParameter(PARAM_SESSIONID); + moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); moasession = AuthenticationSessionStoreage.getSession(moasessionID); } @@ -475,7 +476,7 @@ public class DispatcherServlet extends AuthServlet{ } } else { - moasessionID = (String) req.getParameter(PARAM_SESSIONID); + moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID); moasession = AuthenticationSessionStoreage.getSession(moasessionID); moasessionID = AuthenticationSessionStoreage.changeSessionID(moasession); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java index e4a358cdb..25aaf4310 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -103,7 +103,7 @@ import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -public class AuthenticationManager implements MOAIDAuthConstants { +public class AuthenticationManager extends MOAIDAuthConstants { private static final AuthenticationManager INSTANCE = new AuthenticationManager(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java index 529e2ab81..fda92d71a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java @@ -31,7 +31,7 @@ import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.data.SLOInformationInterface; -public interface IAction extends MOAIDAuthConstants { +public interface IAction { public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) throws MOAIDException; public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java index 6b5e6a0f3..e9b18348c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java @@ -99,7 +99,7 @@ import at.gv.egovernment.moa.id.util.VelocityLogAdapter; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; -public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants { +public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo { public static final String NAME = PVP2XProtocol.class.getName(); public static final String PATH = "id_pvp2x"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java index 9884d2a8a..b567798fa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java @@ -60,6 +60,7 @@ import org.opensaml.xml.XMLObject; import org.opensaml.xml.security.SecurityException; import org.opensaml.xml.security.x509.X509Credential; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; @@ -265,12 +266,12 @@ public class SingleLogOutAction implements IAction { String statusCode = null; if (sloContainer.getSloFailedOAs() == null || sloContainer.getSloFailedOAs().size() == 0) - statusCode = SLOSTATUS_SUCCESS; + statusCode = MOAIDAuthConstants.SLOSTATUS_SUCCESS; else - statusCode = SLOSTATUS_ERROR; + statusCode = MOAIDAuthConstants.SLOSTATUS_ERROR; AssertionStorage.getInstance().put(artifact, statusCode); - redirectURL = addURLParameter(redirectURL, PARAM_SLOSTATUS, artifact); + redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact); } //redirect to Redirect Servlet diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java index 8adf5cad9..72775ec02 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java @@ -22,9 +22,8 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes; -import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; -interface IPVPAttributeBuilder extends PVPConstants, MOAIDAuthConstants, IAttributeBuilder { +interface IPVPAttributeBuilder extends PVPConstants, IAttributeBuilder { } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java index 5b1f49411..2019b0d20 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java @@ -27,6 +27,7 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; @@ -83,8 +84,8 @@ public class GetArtifactAction implements IAction { String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet"; url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8")); if (!oaParam.getBusinessService()) - url = addURLParameter(url, PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8")); - url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); + url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8")); + url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); url = httpResp.encodeRedirectURL(url); httpResp.setContentType("text/html"); @@ -94,12 +95,12 @@ public class GetArtifactAction implements IAction { } else { String redirectURL = oaURL; if (!oaParam.getBusinessService()) { - redirectURL = addURLParameter(redirectURL, PARAM_TARGET, + redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8")); } - redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, + redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8")); redirectURL = httpResp.encodeRedirectURL(redirectURL); httpResp.setContentType("text/html"); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java index bc38735ac..cdc50d8a3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java @@ -49,7 +49,7 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.URLEncoder; -public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants { +public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo { public static final String NAME = SAML1Protocol.class.getName(); public static final String PATH = "id_saml1"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index f0b0f58de..de1924ba1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -22,6 +22,7 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.commons.MOAIDConstants; import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin; import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider; @@ -50,14 +51,7 @@ public class AttributeProviderFactory { * @return the available plugins */ public static List getAvailablePlugins() { - List result = new ArrayList(); - result.add("StorkAttributeRequestProvider"); - result.add("EHvdAttributeProvider_deprecated"); - result.add("EHvdAttributeProvider"); - result.add("SignedDocAttributeRequestProvider"); - result.add("MandateAttributeRequestProvider"); - result.add("PVPAuthenticationProvider"); - return result; + return MOAIDConstants.ALLOWED_STORKATTRIBUTEPROVIDERS; } /** diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 9eab99c52..42cf04877 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -45,7 +45,7 @@ import java.util.HashMap; * * @author bsuzic */ -public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { +public class STORKProtocol extends MOAIDAuthConstants implements IModulInfo { public static final String NAME = STORKProtocol.class.getName(); public static final String PATH = "id_stork2"; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java index 64ae95093..47010a735 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java @@ -72,7 +72,7 @@ import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; -public class ParamValidatorUtils implements MOAIDAuthConstants{ +public class ParamValidatorUtils extends MOAIDAuthConstants{ /** * Checks if the given target is valid diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java index 9ce44fe15..dd4e67bcd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java @@ -30,7 +30,7 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; -public class LegacyHelper implements MOAIDAuthConstants{ +public class LegacyHelper extends MOAIDAuthConstants{ public static boolean isUseMandateRequested(HttpServletRequest req) throws WrongParametersException { diff --git a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml index cdfde11b1..e9e4eb23d 100644 --- a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml +++ b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml @@ -9,6 +9,30 @@ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd"> + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index fc1aa714e..827eeec8d 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -75,7 +75,8 @@ config.19=Kein Schl\u00FCssel f\u00FCr die Resignierung der Personenbindung gefu config.20=Umgebungsvariable "moa.id.proxy.configuration" nicht gesetzt config.21=F\u00FCr diese Online Applikation sind keine Vollmachtsprofile hinterlegt. config.22=F\u00FCr den Interfederation-Gateway mit der ID {0} ist kein Endpunkt zur Weiterleitung konfiguriert. -config.23=Fehler beim initialisieren von OpenSAML +config.23=Fehler beim initialisieren von OpenSAML +config.24=MOA-ID-Auth Configfile {1} does not start with {0} prefix. parser.00=Leichter Fehler beim Parsen: {0} parser.01=Fehler beim Parsen: {0} diff --git a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties index faafa6fd2..59a29d9bd 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties @@ -55,6 +55,7 @@ config.20=9199 config.21=9006 config.22=9008 config.23=9199 +config.24=9199 parser.00=1101 parser.01=1101 diff --git a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java index 6e1f612c8..fd1473b1f 100644 --- a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java +++ b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java @@ -1,10 +1,19 @@ package test.tlenz; +import java.io.FileInputStream; +import java.io.InputStream; + +import org.w3c.dom.Element; + import iaik.asn1.structures.Name; import iaik.utils.RFC2253NameParser; import iaik.utils.RFC2253NameParserException; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; import at.gv.egovernment.moa.id.data.AuthenticationRole; import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; +import at.gv.egovernment.moa.id.util.IdentityLinkReSigner; +import at.gv.egovernment.moa.util.DOMUtils; /******************************************************************************* * Copyright 2014 Federal Chancellery Austria @@ -49,6 +58,19 @@ import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; public class simpletest { // public static void main(String[] args) { + try { + InputStream s = new FileInputStream("D:/idl_test/identity_link.xml"); + Element idlTemplate = DOMUtils.parseXmlValidating(s); + + //resign IDL + IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance(); + Element resignedilAssertion = identitylinkresigner.resignIdentityLink(idlTemplate, "IDLSigning"); + IdentityLink identityLink = new IdentityLinkAssertionParser(resignedilAssertion).parseIdentityLink(); + + } catch (Exception e) { + System.out.println(e.getMessage()); + + } String subjectName = "serialNumber=896929130327, givenName=OCSP, SN=Responder 03-1, CN=OCSP Responder 03-1, C=AT"; -- cgit v1.2.3