From ac531e30d13d6714e2ac61f7329e6adc130aa288 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 24 May 2019 12:23:41 +0200 Subject: untested switch to EAAF-components 1.0.7 --- .../ssotransfer/data/SSOTransferAuthenticationData.java | 12 ++++++++++++ .../modules/ssotransfer/servlet/SSOTransferServlet.java | 16 ++++++++-------- .../ssotransfer/servlet/SSOTransferSignalServlet.java | 5 +++-- .../task/InitializeRestoreSSOSessionTask.java | 2 +- .../modules/ssotransfer/task/RestoreSSOSessionTask.java | 2 +- .../moa/id/auth/modules/ssotransfer/utils/GUIUtils.java | 17 +++++++++-------- 6 files changed, 34 insertions(+), 20 deletions(-) (limited to 'id/server/modules/moa-id-module-ssoTransfer/src') diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java index e7280f847..efbfd8472 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java @@ -393,5 +393,17 @@ public class SSOTransferAuthenticationData implements IMOAAuthData { return null; } + @Override + public String getEncryptedSourceId() { + // TODO Auto-generated method stub + return null; + } + + @Override + public String getEncryptedSourceIdType() { + // TODO Auto-generated method stub + return null; + } + } diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java index dc2baab7d..3ab826bcd 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java @@ -158,7 +158,7 @@ public class SSOTransferServlet{ DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, null); - internalCreateQRCodeForTransfer(resp, authURL, + internalCreateQRCodeForTransfer(req, resp, authURL, "123456", "/TestTransmitSSOSession", config); } catch (MOAIDException | MOADatabaseException e) { @@ -423,7 +423,7 @@ public class SSOTransferServlet{ String ssoSessionId = authenticationSessionStorage.getInternalSSOSessionWithSSOID(ssoid); if(ssoSessionId != null) { - internalCreateQRCodeForTransfer(resp, authURL, + internalCreateQRCodeForTransfer(req, resp, authURL, ssoSessionId, SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config); @@ -432,10 +432,10 @@ public class SSOTransferServlet{ } - config.putCustomParameter("errorMsg", + config.putCustomParameter(null, "errorMsg", "No active Single Sign-On session found! SSO Session transfer is not possible."); - guiBuilder.build(resp, config, "SSO-Transfer-Module"); + guiBuilder.build(req, resp, config, "SSO-Transfer-Module"); } catch (MOAIDException | MOADatabaseException e) { e.printStackTrace(); @@ -518,7 +518,7 @@ public class SSOTransferServlet{ } - private void internalCreateQRCodeForTransfer(HttpServletResponse resp, String authURL, + private void internalCreateQRCodeForTransfer(HttpServletRequest req, HttpServletResponse resp, String authURL, String moaSessionID, String servletEndPoint, DefaultGUIFormBuilderConfiguration config) throws Exception { SSOTransferContainer container = new SSOTransferContainer(); String token = Random.nextRandom(); @@ -572,12 +572,12 @@ public class SSOTransferServlet{ ByteArrayOutputStream qrStream = QRCode.from(qrResult.toString()).to(ImageType.GIF).withSize(350, 350).stream(); String base64EncodedImage = Base64Utils.encode(qrStream.toByteArray()); - config.putCustomParameter("QRImage", base64EncodedImage); + config.putCustomParameter(null, "QRImage", base64EncodedImage); - config.putCustomParameterWithOutEscaption("successMsg", "Scan the QR-Code with your SSO-Transfer App to start the transfer operation."); + config.putCustomParameterWithOutEscaption(null, "successMsg", "Scan the QR-Code with your SSO-Transfer App to start the transfer operation."); - guiBuilder.build(resp, config, "SSO-Session Transfer-Module"); + guiBuilder.build(req, resp, config, "SSO-Session Transfer-Module"); } diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java index bf215373d..169eb464b 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java @@ -33,6 +33,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.exceptions.EAAFException; import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController; import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; @@ -53,13 +54,13 @@ public class SSOTransferSignalServlet extends AbstractProcessEngineSignalControl @RequestMapping(value = { "/SSOTransferSignalEndpoint" }, method = {RequestMethod.POST, RequestMethod.GET}) - public void performSSOTransfer(HttpServletRequest req, HttpServletResponse resp) throws IOException { + public void performSSOTransfer(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { signalProcessManagement(req, resp); } @Override - protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException { + protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException { String pendingRequestID = StringEscapeUtils.escapeHtml(getPendingRequestId(req)); IRequest pendingReq = null; try { diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java index 921e3844b..7132eb08e 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java @@ -85,7 +85,7 @@ public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask { Pair dhKeyIDP = ssoTransferUtils.createSpecificKey(dhSpec.getP(), dhSpec.getG()); String nonce = Random.nextLongRandom(); - GUIUtils.buildSSOTransferGUI(guiBuilder, response, authURL, + GUIUtils.buildSSOTransferGUI(guiBuilder, request, response, authURL, pendingReq.getPendingRequestId(), nonce, dhKeyIDP.getF()); //store DH params and nonce to pending-request diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java index 90b74ebd7..d89d0bd2b 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java @@ -267,7 +267,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask { } - GUIUtils.buildSSOTransferGUI(guiBuilder, response, + GUIUtils.buildSSOTransferGUI(guiBuilder, request, response, authURL, pendingReq.getPendingRequestId(), nonce, container.getDhParams().getF()); } catch (IOException | MOAIDException e) { diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java index 1a4a9b80b..2814874bd 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java @@ -26,6 +26,7 @@ import java.io.ByteArrayOutputStream; import java.io.IOException; import javax.crypto.spec.DHPublicKeySpec; +import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.google.gson.JsonObject; @@ -50,9 +51,9 @@ public class GUIUtils { public static final int REFESH_TIMEOUT = 5 * 1000; //5 sec public static void buildSSOTransferGUI( - IGUIFormBuilder guiBuilder, HttpServletResponse httpResp, + IGUIFormBuilder guiBuilder, HttpServletRequest httpReq,HttpServletResponse httpResp, String authURL, String pendingReqID) throws ConfigurationException, IOException { - buildSSOTransferGUI(guiBuilder, httpResp, authURL, pendingReqID, null, null); + buildSSOTransferGUI(guiBuilder, httpReq, httpResp, authURL, pendingReqID, null, null); } @@ -66,7 +67,7 @@ public class GUIUtils { * @throws ConfigurationException * @throws IOException */ - public static void buildSSOTransferGUI(IGUIFormBuilder guiBuilder, HttpServletResponse response, String authURL, + public static void buildSSOTransferGUI(IGUIFormBuilder guiBuilder, HttpServletRequest request, HttpServletResponse response, String authURL, String requestID, String nonce, DHPublicKeySpec dhKeyIDP) throws ConfigurationException, IOException { try { String containerURL = authURL @@ -103,12 +104,12 @@ public class GUIUtils { DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, null); - config.putCustomParameter("QRImage", base64EncodedImage); - config.putCustomParameterWithOutEscaption("successMsg", "Select the SSO Session in your SSO-Transfer App and scan the QR-Code to start the process."); - config.putCustomParameterWithOutEscaption("timeoutURL", containerURL); - config.putCustomParameter("timeout", String.valueOf(REFESH_TIMEOUT)); + config.putCustomParameter(null, "QRImage", base64EncodedImage); + config.putCustomParameterWithOutEscaption(null, "successMsg", "Select the SSO Session in your SSO-Transfer App and scan the QR-Code to start the process."); + config.putCustomParameterWithOutEscaption(null, "timeoutURL", containerURL); + config.putCustomParameter(null, "timeout", String.valueOf(REFESH_TIMEOUT)); - guiBuilder.build(response, config, "SSO-Transfer-Module"); + guiBuilder.build(request, response, config, "SSO-Transfer-Module"); } catch (GUIBuildException e) { Logger.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage(), e); -- cgit v1.2.3 From 66859cd53d4181350525e91c4d35071932675ca7 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 29 May 2019 14:04:44 +0200 Subject: refactoring from MOA-ID 3.4.x to MOA E-ID Proxy 4.0.x --- .../ssotransfer/data/SSOTransferAuthenticationData.java | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'id/server/modules/moa-id-module-ssoTransfer/src') diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java index efbfd8472..912ad5859 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java @@ -28,6 +28,7 @@ import java.util.List; import org.w3c.dom.Element; +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES; import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink; import at.gv.egiz.eaaf.core.impl.data.Pair; import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants; @@ -405,5 +406,17 @@ public class SSOTransferAuthenticationData implements IMOAAuthData { return null; } + @Override + public byte[] getEIDToken() { + // TODO Auto-generated method stub + return null; + } + + @Override + public EID_IDENTITY_STATUS_LEVEL_VALUES getEIDStatus() { + // TODO Auto-generated method stub + return null; + } + } -- cgit v1.2.3 From be9690f51d848930ef61c7eb4ecf05ea1dc7f2b7 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 7 Jun 2019 10:45:07 +0200 Subject: update AuthenticationDataBuilder to support Prof.Rep bPKs in E-ID Proxy mode --- .../modules/ssotransfer/data/SSOTransferAuthenticationData.java | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'id/server/modules/moa-id-module-ssoTransfer/src') diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java index 912ad5859..b22dfa3a7 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java @@ -418,5 +418,11 @@ public class SSOTransferAuthenticationData implements IMOAAuthData { return null; } + @Override + public String getVdaEndPointUrl() { + // TODO Auto-generated method stub + return null; + } + } -- cgit v1.2.3 From e4fa532f93f10115e1f39c97cc96e5950a048884 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 11 Dec 2019 16:01:38 +0100 Subject: update to EAAF-Components 1.0.13.1 Enforce E-ID authentication based on Service-Provider configuration --- .../moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'id/server/modules/moa-id-module-ssoTransfer/src') diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java index b9d08a20f..2d7e209ca 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java @@ -22,6 +22,7 @@ */ package at.gv.egovernment.moa.id.auth.modules.ssotransfer; +import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule; import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext; @@ -53,7 +54,7 @@ public class SSOTransferAuthModuleImpl implements AuthModule{ * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext) */ @Override - public String selectProcess(ExecutionContext context) { + public String selectProcess(ExecutionContext context, IRequest pendingReq) { Object restoreSSOSessionObj = context.get("restoreSSOSession"); if (restoreSSOSessionObj != null && restoreSSOSessionObj instanceof String) { boolean restoreSSOSession = (boolean) Boolean.parseBoolean((String)restoreSSOSessionObj); -- cgit v1.2.3 From 1292f854aa98b167a849dc0f202a1957a5ce2514 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 13 Dec 2019 09:56:15 +0100 Subject: set NeedConsentFlag to 'false' if authentication was done without SSO --- .../moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java | 3 +++ 1 file changed, 3 insertions(+) (limited to 'id/server/modules/moa-id-module-ssoTransfer/src') diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java index d89d0bd2b..8839d5a94 100644 --- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java +++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java @@ -189,6 +189,9 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask { AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class); ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moaSession, attributeExtractor); + //set NeedConsent to false, because user gives consont during authentication + pendingReq.setNeedUserConsent(false); + // store MOASession into database requestStoreage.storePendingRequest(pendingReq); -- cgit v1.2.3