From 6c7a6f8e222e4fb39a11c220b63e785f2037d428 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Thu, 16 Jan 2014 08:55:06 +0100 Subject: fix added real source of stork modules --- id/server/stork2-saml-engine/src/.svn/all-wcprops | 5 + id/server/stork2-saml-engine/src/.svn/entries | 34 + .../stork2-saml-engine/src/main/.svn/all-wcprops | 5 + id/server/stork2-saml-engine/src/main/.svn/entries | 31 + .../src/main/java/.svn/all-wcprops | 5 + .../stork2-saml-engine/src/main/java/.svn/entries | 34 + .../src/main/java/META-INF/.svn/all-wcprops | 11 + .../src/main/java/META-INF/.svn/entries | 62 + .../META-INF/.svn/text-base/MANIFEST.MF.svn-base | 3 + .../src/main/java/META-INF/MANIFEST.MF | 3 + .../src/main/java/eu/.svn/all-wcprops | 5 + .../src/main/java/eu/.svn/entries | 31 + .../src/main/java/eu/stork/.svn/all-wcprops | 5 + .../src/main/java/eu/stork/.svn/entries | 31 + .../src/main/java/eu/stork/peps/.svn/all-wcprops | 5 + .../src/main/java/eu/stork/peps/.svn/entries | 37 + .../main/java/eu/stork/peps/auth/.svn/all-wcprops | 5 + .../src/main/java/eu/stork/peps/auth/.svn/entries | 31 + .../eu/stork/peps/auth/engine/.svn/all-wcprops | 35 + .../java/eu/stork/peps/auth/engine/.svn/entries | 201 ++ .../engine/.svn/text-base/SAMLEngine.java.svn-base | 409 +++ .../.svn/text-base/SAMLEngineUtils.java.svn-base | 833 ++++++ .../.svn/text-base/STORKSAMLEngine.java.svn-base | 2983 ++++++++++++++++++++ .../.svn/text-base/X509PrincipalUtil.java.svn-base | 69 + .../.svn/text-base/package-info.java.svn-base | 19 + .../java/eu/stork/peps/auth/engine/SAMLEngine.java | 409 +++ .../eu/stork/peps/auth/engine/SAMLEngineUtils.java | 833 ++++++ .../eu/stork/peps/auth/engine/STORKSAMLEngine.java | 2983 ++++++++++++++++++++ .../stork/peps/auth/engine/X509PrincipalUtil.java | 69 + .../stork/peps/auth/engine/core/.svn/all-wcprops | 119 + .../eu/stork/peps/auth/engine/core/.svn/entries | 680 +++++ .../AuthenticationAttributes.java.svn-base | 57 + .../text-base/CitizenCountryCode.java.svn-base | 56 + .../text-base/EIDCrossBorderShare.java.svn-base | 58 + .../text-base/EIDCrossSectorShare.java.svn-base | 56 + .../.svn/text-base/EIDSectorShare.java.svn-base | 57 + .../core/.svn/text-base/QAAAttribute.java.svn-base | 63 + .../text-base/RequestedAttribute.java.svn-base | 140 + .../text-base/RequestedAttributes.java.svn-base | 51 + .../core/.svn/text-base/SAMLCore.java.svn-base | 98 + .../.svn/text-base/SAMLEngineSignI.java.svn-base | 88 + .../.svn/text-base/SPApplication.java.svn-base | 56 + .../core/.svn/text-base/SPCountry.java.svn-base | 56 + .../engine/core/.svn/text-base/SPID.java.svn-base | 56 + .../.svn/text-base/SPInformation.java.svn-base | 56 + .../.svn/text-base/SPInstitution.java.svn-base | 56 + .../core/.svn/text-base/SPSector.java.svn-base | 56 + .../.svn/text-base/STORKSAMLCore.java.svn-base | 508 ++++ .../VIDPAuthenticationAttributes.java.svn-base | 72 + .../core/.svn/text-base/package-info.java.svn-base | 19 + .../auth/engine/core/AuthenticationAttributes.java | 57 + .../peps/auth/engine/core/CitizenCountryCode.java | 56 + .../peps/auth/engine/core/EIDCrossBorderShare.java | 58 + .../peps/auth/engine/core/EIDCrossSectorShare.java | 56 + .../peps/auth/engine/core/EIDSectorShare.java | 57 + .../stork/peps/auth/engine/core/QAAAttribute.java | 63 + .../peps/auth/engine/core/RequestedAttribute.java | 140 + .../peps/auth/engine/core/RequestedAttributes.java | 51 + .../eu/stork/peps/auth/engine/core/SAMLCore.java | 98 + .../peps/auth/engine/core/SAMLEngineSignI.java | 88 + .../stork/peps/auth/engine/core/SPApplication.java | 56 + .../eu/stork/peps/auth/engine/core/SPCountry.java | 56 + .../java/eu/stork/peps/auth/engine/core/SPID.java | 56 + .../stork/peps/auth/engine/core/SPInformation.java | 56 + .../stork/peps/auth/engine/core/SPInstitution.java | 56 + .../eu/stork/peps/auth/engine/core/SPSector.java | 56 + .../stork/peps/auth/engine/core/STORKSAMLCore.java | 508 ++++ .../engine/core/VIDPAuthenticationAttributes.java | 72 + .../peps/auth/engine/core/impl/.svn/all-wcprops | 395 +++ .../stork/peps/auth/engine/core/impl/.svn/entries | 2238 +++++++++++++++ .../AuthenticationAttributesBuilder.java.svn-base | 56 + .../AuthenticationAttributesImpl.java.svn-base | 109 + ...uthenticationAttributesMarshaller.java.svn-base | 30 + ...henticationAttributesUnmarshaller.java.svn-base | 54 + .../CitizenCountryCodeBuilder.java.svn-base | 50 + .../text-base/CitizenCountryCodeImpl.java.svn-base | 82 + .../CitizenCountryCodeMarshaller.java.svn-base | 45 + .../CitizenCountryCodeUnmarshaller.java.svn-base | 41 + .../EIDCrossBorderShareBuilder.java.svn-base | 52 + .../EIDCrossBorderShareImpl.java.svn-base | 87 + .../EIDCrossBorderShareMarshaller.java.svn-base | 47 + .../EIDCrossBorderShareUnmarshaller.java.svn-base | 43 + .../EIDCrossSectorShareBuilder.java.svn-base | 52 + .../EIDCrossSectorShareImpl.java.svn-base | 89 + .../EIDCrossSectorShareMarshaller.java.svn-base | 46 + .../EIDCrossSectorShareUnmarshaller.java.svn-base | 47 + .../text-base/EIDSectorShareBuilder.java.svn-base | 51 + .../text-base/EIDSectorShareImpl.java.svn-base | 85 + .../EIDSectorShareMarshaller.java.svn-base | 46 + .../EIDSectorShareUnmarshaller.java.svn-base | 47 + .../text-base/QAAAttributeBuilder.java.svn-base | 52 + .../.svn/text-base/QAAAttributeImpl.java.svn-base | 84 + .../text-base/QAAAttributeMarshaller.java.svn-base | 45 + .../QAAAttributeUnmarshaller.java.svn-base | 41 + .../RequestedAttributeBuilder.java.svn-base | 54 + .../text-base/RequestedAttributeImpl.java.svn-base | 220 ++ .../RequestedAttributeMarshaller.java.svn-base | 89 + .../RequestedAttributeUnmarshaller.java.svn-base | 96 + .../RequestedAttributesBuilder.java.svn-base | 54 + .../RequestedAttributesImpl.java.svn-base | 95 + .../RequestedAttributesMarshaller.java.svn-base | 33 + .../RequestedAttributesUnmarshaller.java.svn-base | 52 + .../text-base/SPApplicationBuilder.java.svn-base | 51 + .../.svn/text-base/SPApplicationImpl.java.svn-base | 84 + .../SPApplicationMarshaller.java.svn-base | 46 + .../SPApplicationUnmarshaller.java.svn-base | 42 + .../.svn/text-base/SPCountryBuilder.java.svn-base | 52 + .../.svn/text-base/SPCountryImpl.java.svn-base | 82 + .../text-base/SPCountryMarshaller.java.svn-base | 45 + .../text-base/SPCountryUnmarshaller.java.svn-base | 42 + .../impl/.svn/text-base/SPIDBuilder.java.svn-base | 50 + .../impl/.svn/text-base/SPIDImpl.java.svn-base | 82 + .../.svn/text-base/SPIDMarshaller.java.svn-base | 45 + .../.svn/text-base/SPIDUnmarshaller.java.svn-base | 41 + .../text-base/SPInformationBuilder.java.svn-base | 41 + .../.svn/text-base/SPInformationImpl.java.svn-base | 110 + .../SPInformationMarshaller.java.svn-base | 33 + .../SPInformationUnmarshaller.java.svn-base | 52 + .../text-base/SPInstitutionBuilder.java.svn-base | 51 + .../.svn/text-base/SPInstitutionImpl.java.svn-base | 84 + .../SPInstitutionMarshaller.java.svn-base | 46 + .../SPInstitutionUnmarshaller.java.svn-base | 41 + .../.svn/text-base/SPSectorBuilder.java.svn-base | 50 + .../impl/.svn/text-base/SPSectorImpl.java.svn-base | 84 + .../text-base/SPSectorMarshaller.java.svn-base | 45 + .../text-base/SPSectorUnmarshaller.java.svn-base | 42 + .../core/impl/.svn/text-base/SignHW.java.svn-base | 399 +++ .../.svn/text-base/SignModuleFactory.java.svn-base | 64 + .../core/impl/.svn/text-base/SignP12.java.svn-base | 468 +++ .../core/impl/.svn/text-base/SignSW.java.svn-base | 423 +++ ...DPAuthenticationAttributesBuilder.java.svn-base | 41 + .../VIDPAuthenticationAttributesImpl.java.svn-base | 132 + ...uthenticationAttributesMarshaller.java.svn-base | 33 + ...henticationAttributesUnmarshaller.java.svn-base | 55 + .../impl/.svn/text-base/package-info.java.svn-base | 19 + .../core/impl/AuthenticationAttributesBuilder.java | 56 + .../core/impl/AuthenticationAttributesImpl.java | 109 + .../impl/AuthenticationAttributesMarshaller.java | 30 + .../impl/AuthenticationAttributesUnmarshaller.java | 54 + .../core/impl/CitizenCountryCodeBuilder.java | 50 + .../engine/core/impl/CitizenCountryCodeImpl.java | 82 + .../core/impl/CitizenCountryCodeMarshaller.java | 45 + .../core/impl/CitizenCountryCodeUnmarshaller.java | 41 + .../core/impl/EIDCrossBorderShareBuilder.java | 52 + .../engine/core/impl/EIDCrossBorderShareImpl.java | 87 + .../core/impl/EIDCrossBorderShareMarshaller.java | 47 + .../core/impl/EIDCrossBorderShareUnmarshaller.java | 43 + .../core/impl/EIDCrossSectorShareBuilder.java | 52 + .../engine/core/impl/EIDCrossSectorShareImpl.java | 89 + .../core/impl/EIDCrossSectorShareMarshaller.java | 46 + .../core/impl/EIDCrossSectorShareUnmarshaller.java | 47 + .../engine/core/impl/EIDSectorShareBuilder.java | 51 + .../auth/engine/core/impl/EIDSectorShareImpl.java | 85 + .../engine/core/impl/EIDSectorShareMarshaller.java | 46 + .../core/impl/EIDSectorShareUnmarshaller.java | 47 + .../auth/engine/core/impl/QAAAttributeBuilder.java | 52 + .../auth/engine/core/impl/QAAAttributeImpl.java | 84 + .../engine/core/impl/QAAAttributeMarshaller.java | 45 + .../engine/core/impl/QAAAttributeUnmarshaller.java | 41 + .../core/impl/RequestedAttributeBuilder.java | 54 + .../engine/core/impl/RequestedAttributeImpl.java | 220 ++ .../core/impl/RequestedAttributeMarshaller.java | 89 + .../core/impl/RequestedAttributeUnmarshaller.java | 96 + .../core/impl/RequestedAttributesBuilder.java | 54 + .../engine/core/impl/RequestedAttributesImpl.java | 95 + .../core/impl/RequestedAttributesMarshaller.java | 33 + .../core/impl/RequestedAttributesUnmarshaller.java | 52 + .../engine/core/impl/SPApplicationBuilder.java | 51 + .../auth/engine/core/impl/SPApplicationImpl.java | 84 + .../engine/core/impl/SPApplicationMarshaller.java | 46 + .../core/impl/SPApplicationUnmarshaller.java | 42 + .../auth/engine/core/impl/SPCountryBuilder.java | 52 + .../peps/auth/engine/core/impl/SPCountryImpl.java | 82 + .../auth/engine/core/impl/SPCountryMarshaller.java | 45 + .../engine/core/impl/SPCountryUnmarshaller.java | 42 + .../peps/auth/engine/core/impl/SPIDBuilder.java | 50 + .../stork/peps/auth/engine/core/impl/SPIDImpl.java | 82 + .../peps/auth/engine/core/impl/SPIDMarshaller.java | 45 + .../auth/engine/core/impl/SPIDUnmarshaller.java | 41 + .../engine/core/impl/SPInformationBuilder.java | 41 + .../auth/engine/core/impl/SPInformationImpl.java | 110 + .../engine/core/impl/SPInformationMarshaller.java | 33 + .../core/impl/SPInformationUnmarshaller.java | 52 + .../engine/core/impl/SPInstitutionBuilder.java | 51 + .../auth/engine/core/impl/SPInstitutionImpl.java | 84 + .../engine/core/impl/SPInstitutionMarshaller.java | 46 + .../core/impl/SPInstitutionUnmarshaller.java | 41 + .../auth/engine/core/impl/SPSectorBuilder.java | 50 + .../peps/auth/engine/core/impl/SPSectorImpl.java | 84 + .../auth/engine/core/impl/SPSectorMarshaller.java | 45 + .../engine/core/impl/SPSectorUnmarshaller.java | 42 + .../stork/peps/auth/engine/core/impl/SignHW.java | 399 +++ .../auth/engine/core/impl/SignModuleFactory.java | 64 + .../stork/peps/auth/engine/core/impl/SignP12.java | 468 +++ .../stork/peps/auth/engine/core/impl/SignSW.java | 423 +++ .../impl/VIDPAuthenticationAttributesBuilder.java | 41 + .../impl/VIDPAuthenticationAttributesImpl.java | 132 + .../VIDPAuthenticationAttributesMarshaller.java | 33 + .../VIDPAuthenticationAttributesUnmarshaller.java | 55 + .../peps/auth/engine/core/impl/package-info.java | 19 + .../stork/peps/auth/engine/core/package-info.java | 19 + .../auth/engine/core/validator/.svn/all-wcprops | 23 + .../peps/auth/engine/core/validator/.svn/entries | 130 + .../ExtensionsSchemaValidator.java.svn-base | 61 + .../QAAAttributeSchemaValidator.java.svn-base | 65 + .../.svn/text-base/package-info.java.svn-base | 19 + .../core/validator/ExtensionsSchemaValidator.java | 61 + .../validator/QAAAttributeSchemaValidator.java | 65 + .../auth/engine/core/validator/package-info.java | 19 + .../eu/stork/peps/auth/engine/package-info.java | 19 + .../eu/stork/peps/configuration/.svn/all-wcprops | 41 + .../java/eu/stork/peps/configuration/.svn/entries | 232 ++ .../text-base/ConfigurationCreator.java.svn-base | 127 + .../text-base/ConfigurationEngine.java.svn-base | 69 + .../text-base/ConfigurationReader.java.svn-base | 224 ++ .../text-base/ConfigurationSingleton.java.svn-base | 74 + .../.svn/text-base/InstanceEngine.java.svn-base | 70 + .../.svn/text-base/package-info.java.svn-base | 19 + .../peps/configuration/ConfigurationCreator.java | 127 + .../peps/configuration/ConfigurationEngine.java | 69 + .../peps/configuration/ConfigurationReader.java | 225 ++ .../peps/configuration/ConfigurationSingleton.java | 74 + .../stork/peps/configuration/InstanceEngine.java | 70 + .../eu/stork/peps/configuration/package-info.java | 19 + .../java/eu/stork/peps/exceptions/.svn/all-wcprops | 29 + .../java/eu/stork/peps/exceptions/.svn/entries | 164 ++ .../text-base/SAMLEngineException.java.svn-base | 57 + .../STORKSAMLEngineException.java.svn-base | 135 + .../STORKSAMLEngineRuntimeException.java.svn-base | 56 + .../.svn/text-base/package-info.java.svn-base | 19 + .../stork/peps/exceptions/SAMLEngineException.java | 57 + .../peps/exceptions/STORKSAMLEngineException.java | 135 + .../STORKSAMLEngineRuntimeException.java | 56 + .../eu/stork/peps/exceptions/package-info.java | 19 + .../stork2-saml-engine/src/test/.svn/all-wcprops | 5 + id/server/stork2-saml-engine/src/test/.svn/entries | 34 + .../src/test/java/.svn/all-wcprops | 5 + .../stork2-saml-engine/src/test/java/.svn/entries | 31 + .../src/test/java/META-INF/MANIFEST.MF | 3 + .../src/test/java/eu/.svn/all-wcprops | 5 + .../src/test/java/eu/.svn/entries | 31 + .../src/test/java/eu/stork/.svn/all-wcprops | 5 + .../src/test/java/eu/stork/.svn/entries | 31 + .../src/test/java/eu/stork/peps/.svn/all-wcprops | 5 + .../src/test/java/eu/stork/peps/.svn/entries | 31 + .../test/java/eu/stork/peps/test/.svn/all-wcprops | 5 + .../src/test/java/eu/stork/peps/test/.svn/entries | 31 + .../eu/stork/peps/test/simple/.svn/all-wcprops | 47 + .../java/eu/stork/peps/test/simple/.svn/entries | 266 ++ .../.svn/text-base/SSETestUtils.java.svn-base | 173 ++ .../.svn/text-base/SimpleBaseTest.java.svn-base | 62 + .../StorkAttrQueryRequestTest.java.svn-base | 790 ++++++ .../StorkAttrQueryResponseTest.java.svn-base | 920 ++++++ .../text-base/StorkAuthRequestTest.java.svn-base | 966 +++++++ .../.svn/text-base/StorkResponseTest.java.svn-base | 931 ++++++ .../.svn/text-base/package-info.java.svn-base | 20 + .../eu/stork/peps/test/simple/SSETestUtils.java | 173 ++ .../eu/stork/peps/test/simple/SimpleBaseTest.java | 62 + .../test/simple/StorkAttrQueryRequestTest.java | 790 ++++++ .../test/simple/StorkAttrQueryResponseTest.java | 920 ++++++ .../peps/test/simple/StorkAuthRequestTest.java | 966 +++++++ .../stork/peps/test/simple/StorkResponseTest.java | 931 ++++++ .../eu/stork/peps/test/simple/package-info.java | 20 + .../src/test/resources/.svn/all-wcprops | 101 + .../src/test/resources/.svn/entries | 575 ++++ .../.svn/prop-base/keyStoreCountry0.jks.svn-base | 5 + .../.svn/prop-base/keyStoreCountry1.jks.svn-base | 5 + .../.svn/prop-base/keyStoreCountry2.jks.svn-base | 5 + .../.svn/prop-base/keyStoreCountry3.jks.svn-base | 5 + .../.svn/text-base/SamlEngine.xml.svn-base | 63 + .../.svn/text-base/SignModule_Conf0.xml.svn-base | 12 + .../.svn/text-base/SignModule_Conf1.xml.svn-base | 12 + .../.svn/text-base/SignModule_Conf2.xml.svn-base | 12 + .../.svn/text-base/SignModule_Conf3.xml.svn-base | 12 + .../.svn/text-base/SignModule_P11.xml.svn-base | 11 + .../text-base/StorkSamlEngine_Conf0.xml.svn-base | 91 + .../text-base/StorkSamlEngine_Conf1.xml.svn-base | 91 + .../text-base/StorkSamlEngine_Conf2.xml.svn-base | 64 + .../text-base/StorkSamlEngine_Conf3.xml.svn-base | 61 + .../.svn/text-base/keyStoreCountry0.jks.svn-base | Bin 0 -> 1376 bytes .../.svn/text-base/keyStoreCountry1.jks.svn-base | Bin 0 -> 1313 bytes .../.svn/text-base/keyStoreCountry2.jks.svn-base | Bin 0 -> 1313 bytes .../.svn/text-base/keyStoreCountry3.jks.svn-base | Bin 0 -> 1313 bytes .../.svn/text-base/logback-test.xml.svn-base | 23 + .../resources/.svn/text-base/p11Conf.cfg.svn-base | 24 + .../src/test/resources/SamlEngine.xml | 81 + .../src/test/resources/SignModule_Conf0.xml | 12 + .../src/test/resources/SignModule_Conf1.xml | 12 + .../src/test/resources/SignModule_Conf2.xml | 12 + .../src/test/resources/SignModule_Conf3.xml | 12 + .../src/test/resources/SignModule_P11.xml | 11 + .../src/test/resources/SignModule_demo.xml | 12 + .../src/test/resources/StorkSamlEngine_Conf0.xml | 91 + .../src/test/resources/StorkSamlEngine_Conf1.xml | 91 + .../src/test/resources/StorkSamlEngine_Conf2.xml | 64 + .../src/test/resources/StorkSamlEngine_Conf3.xml | 61 + .../src/test/resources/StorkSamlEngine_demo.xml | 91 + .../src/test/resources/data/.svn/all-wcprops | 5 + .../src/test/resources/data/.svn/entries | 31 + .../src/test/resources/data/eu/.svn/all-wcprops | 5 + .../src/test/resources/data/eu/.svn/entries | 31 + .../test/resources/data/eu/stork/.svn/all-wcprops | 5 + .../src/test/resources/data/eu/stork/.svn/entries | 31 + .../data/eu/stork/STORKSAMLEngine/.svn/all-wcprops | 41 + .../data/eu/stork/STORKSAMLEngine/.svn/entries | 232 ++ .../.svn/text-base/AttrQueryRequest.xml.svn-base | 11 + .../AttrQueryRequestTagDelete.xml.svn-base | 15 + .../.svn/text-base/AttrQueryResponse.xml.svn-base | 10 + .../.svn/text-base/AuthnRequest.xml.svn-base | 26 + .../text-base/AuthnRequestTagDelete.xml.svn-base | 14 + .../AuthnRequestTagDeleteEncoded.xml.svn-base | 14 + .../eu/stork/STORKSAMLEngine/AttrQueryRequest.xml | 11 + .../STORKSAMLEngine/AttrQueryRequestTagDelete.xml | 15 + .../eu/stork/STORKSAMLEngine/AttrQueryResponse.xml | 10 + .../data/eu/stork/STORKSAMLEngine/AuthnRequest.xml | 26 + .../STORKSAMLEngine/AuthnRequestTagDelete.xml | 14 + .../AuthnRequestTagDeleteEncoded.xml | 14 + .../src/test/resources/keyStoreCountry0.jks | Bin 0 -> 1376 bytes .../src/test/resources/keyStoreCountry1.jks | Bin 0 -> 1313 bytes .../src/test/resources/keyStoreCountry2.jks | Bin 0 -> 1313 bytes .../src/test/resources/keyStoreCountry3.jks | Bin 0 -> 1313 bytes .../src/test/resources/logback-test.xml | 23 + .../src/test/resources/p11Conf.cfg | 24 + .../src/test/resources/storkDemoKeys.jks | Bin 0 -> 4592 bytes 324 files changed, 39252 insertions(+) create mode 100644 id/server/stork2-saml-engine/src/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/META-INF/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/META-INF/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/META-INF/.svn/text-base/MANIFEST.MF.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/SAMLEngine.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/SAMLEngineUtils.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/STORKSAMLEngine.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/X509PrincipalUtil.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/AuthenticationAttributes.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/CitizenCountryCode.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDCrossBorderShare.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDCrossSectorShare.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDSectorShare.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/QAAAttribute.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/RequestedAttribute.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/RequestedAttributes.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SAMLCore.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SAMLEngineSignI.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPApplication.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPCountry.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPID.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPInformation.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPInstitution.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPSector.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/STORKSAMLCore.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/VIDPAuthenticationAttributes.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignHW.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignModuleFactory.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignP12.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignSW.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesBuilder.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesImpl.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesMarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesUnmarshaller.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/ExtensionsSchemaValidator.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/QAAAttributeSchemaValidator.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationCreator.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationEngine.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationReader.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationSingleton.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/InstanceEngine.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/SAMLEngineException.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/STORKSAMLEngineException.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/STORKSAMLEngineRuntimeException.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java create mode 100644 id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java create mode 100644 id/server/stork2-saml-engine/src/test/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/java/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/java/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/java/META-INF/MANIFEST.MF create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/SSETestUtils.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/SimpleBaseTest.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAttrQueryRequestTest.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAttrQueryResponseTest.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAuthRequestTest.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkResponseTest.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java create mode 100644 id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry0.jks.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry1.jks.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry2.jks.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry3.jks.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SamlEngine.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf0.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf1.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf2.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf3.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_P11.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf0.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf1.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf2.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf3.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry0.jks.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry1.jks.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry2.jks.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry3.jks.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/logback-test.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/.svn/text-base/p11Conf.cfg.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/SignModule_demo.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_demo.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/all-wcprops create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/entries create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryRequest.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryRequestTagDelete.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryResponse.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequest.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequestTagDelete.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequestTagDeleteEncoded.xml.svn-base create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks create mode 100644 id/server/stork2-saml-engine/src/test/resources/keyStoreCountry1.jks create mode 100644 id/server/stork2-saml-engine/src/test/resources/keyStoreCountry2.jks create mode 100644 id/server/stork2-saml-engine/src/test/resources/keyStoreCountry3.jks create mode 100644 id/server/stork2-saml-engine/src/test/resources/logback-test.xml create mode 100644 id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg create mode 100644 id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks (limited to 'id/server/stork2-saml-engine/src') diff --git a/id/server/stork2-saml-engine/src/.svn/all-wcprops b/id/server/stork2-saml-engine/src/.svn/all-wcprops new file mode 100644 index 000000000..a663100ff --- /dev/null +++ b/id/server/stork2-saml-engine/src/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 52 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src +END diff --git a/id/server/stork2-saml-engine/src/.svn/entries b/id/server/stork2-saml-engine/src/.svn/entries new file mode 100644 index 000000000..7c9d1968f --- /dev/null +++ b/id/server/stork2-saml-engine/src/.svn/entries @@ -0,0 +1,34 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +test +dir + +main +dir + diff --git a/id/server/stork2-saml-engine/src/main/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/.svn/all-wcprops new file mode 100644 index 000000000..f9f3d279b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 56 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main +END diff --git a/id/server/stork2-saml-engine/src/main/.svn/entries b/id/server/stork2-saml-engine/src/main/.svn/entries new file mode 100644 index 000000000..dc9f007e9 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +java +dir + diff --git a/id/server/stork2-saml-engine/src/main/java/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/.svn/all-wcprops new file mode 100644 index 000000000..243067f06 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 61 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java +END diff --git a/id/server/stork2-saml-engine/src/main/java/.svn/entries b/id/server/stork2-saml-engine/src/main/java/.svn/entries new file mode 100644 index 000000000..e4a01af0d --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/.svn/entries @@ -0,0 +1,34 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +META-INF +dir + +eu +dir + diff --git a/id/server/stork2-saml-engine/src/main/java/META-INF/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/META-INF/.svn/all-wcprops new file mode 100644 index 000000000..8de21c7f2 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/META-INF/.svn/all-wcprops @@ -0,0 +1,11 @@ +K 25 +svn:wc:ra_dav:version-url +V 70 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/META-INF +END +MANIFEST.MF +K 25 +svn:wc:ra_dav:version-url +V 82 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/META-INF/MANIFEST.MF +END diff --git a/id/server/stork2-saml-engine/src/main/java/META-INF/.svn/entries b/id/server/stork2-saml-engine/src/main/java/META-INF/.svn/entries new file mode 100644 index 000000000..7ba7a8b7d --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/META-INF/.svn/entries @@ -0,0 +1,62 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/META-INF +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +MANIFEST.MF +file + + + + +2013-12-20T12:27:57.282475Z +b10f37c8bb1803d98c127a01d1a71cc5 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +39 + diff --git a/id/server/stork2-saml-engine/src/main/java/META-INF/.svn/text-base/MANIFEST.MF.svn-base b/id/server/stork2-saml-engine/src/main/java/META-INF/.svn/text-base/MANIFEST.MF.svn-base new file mode 100644 index 000000000..5e9495128 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/META-INF/.svn/text-base/MANIFEST.MF.svn-base @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + diff --git a/id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF b/id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF new file mode 100644 index 000000000..5e9495128 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/META-INF/MANIFEST.MF @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/eu/.svn/all-wcprops new file mode 100644 index 000000000..c2550210f --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 64 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu +END diff --git a/id/server/stork2-saml-engine/src/main/java/eu/.svn/entries b/id/server/stork2-saml-engine/src/main/java/eu/.svn/entries new file mode 100644 index 000000000..842aef3b7 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/eu +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +stork +dir + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/eu/stork/.svn/all-wcprops new file mode 100644 index 000000000..4e9c9df08 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 70 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork +END diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/.svn/entries b/id/server/stork2-saml-engine/src/main/java/eu/stork/.svn/entries new file mode 100644 index 000000000..15424fef8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/eu/stork +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +peps +dir + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/.svn/all-wcprops new file mode 100644 index 000000000..f6653073c --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 75 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps +END diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/.svn/entries b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/.svn/entries new file mode 100644 index 000000000..e80eb4f1f --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/.svn/entries @@ -0,0 +1,37 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/eu/stork/peps +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +auth +dir + +exceptions +dir + +configuration +dir + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/.svn/all-wcprops new file mode 100644 index 000000000..ea1d0ba15 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 80 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth +END diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/.svn/entries b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/.svn/entries new file mode 100644 index 000000000..274a429ea --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/eu/stork/peps/auth +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +engine +dir + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/all-wcprops new file mode 100644 index 000000000..a5df7ea64 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/all-wcprops @@ -0,0 +1,35 @@ +K 25 +svn:wc:ra_dav:version-url +V 87 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine +END +SAMLEngine.java +K 25 +svn:wc:ra_dav:version-url +V 103 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java +END +SAMLEngineUtils.java +K 25 +svn:wc:ra_dav:version-url +V 108 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 105 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/package-info.java +END +STORKSAMLEngine.java +K 25 +svn:wc:ra_dav:version-url +V 108 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java +END +X509PrincipalUtil.java +K 25 +svn:wc:ra_dav:version-url +V 110 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java +END diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/entries b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/entries new file mode 100644 index 000000000..ee72945c7 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/entries @@ -0,0 +1,201 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +SAMLEngine.java +file + + + + +2013-12-20T12:27:57.446475Z +06e800364af96f515b5e2b2e6da3c423 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +13855 + +SAMLEngineUtils.java +file + + + + +2013-12-20T12:27:57.446475Z +de13d8f36c3a8d7c25ed55f94f43a663 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +28573 + +package-info.java +file + + + + +2013-12-20T12:27:57.446475Z +db9d14c008d5504a156cfa955db13657 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +796 + +STORKSAMLEngine.java +file + + + + +2013-12-20T12:27:57.446475Z +4899e34f046f8a1ba1292c1e0c2f972f +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +106833 + +X509PrincipalUtil.java +file + + + + +2013-12-20T12:27:57.446475Z +5b1c22a27ba0a0bfd4c0bd4ef1890205 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2296 + +core +dir + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/SAMLEngine.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/SAMLEngine.java.svn-base new file mode 100644 index 000000000..f8f50fc74 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/SAMLEngine.java.svn-base @@ -0,0 +1,409 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine; + +import java.io.ByteArrayInputStream; +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; +import java.util.HashMap; +import java.util.Map; +import java.util.Properties; + +import javax.xml.XMLConstants; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.opensaml.Configuration; +import org.opensaml.DefaultBootstrap; +import org.opensaml.common.SAMLObject; +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.xml.ConfigurationException; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.Marshaller; +import org.opensaml.xml.io.MarshallerFactory; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.io.Unmarshaller; +import org.opensaml.xml.io.UnmarshallerFactory; +import org.opensaml.xml.io.UnmarshallingException; +import org.opensaml.xml.parse.BasicParserPool; +import org.opensaml.xml.parse.XMLParserException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SAMLEngineSignI; +import eu.stork.peps.auth.engine.core.STORKSAMLCore; +import eu.stork.peps.auth.engine.core.impl.SignModuleFactory; +import eu.stork.peps.configuration.ConfigurationCreator; +import eu.stork.peps.configuration.ConfigurationReader; +import eu.stork.peps.configuration.InstanceEngine; +import eu.stork.peps.exceptions.SAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * Class that wraps the operations over SAML tokens, both generation and + * validation of SAML requests and SAML responses. Compliant with "OASIS Secure + * Assertion Markup Language (SAML) 2.0, May 2005", but taking into account + * STORK specific requirements. + * + * @author fjquevedo + * @author iinigo + */ + +public class SAMLEngine { + + /** The Document Builder Factory. */ + private static javax.xml.parsers.DocumentBuilderFactory dbf = null; + + /** The instance of every engine SAML. */ + private static Map instanceConfigs; + + /** The instances of SAML engine. */ + private static Map> instances; + + /** The logger. */ + private static final Logger LOG = LoggerFactory.getLogger(SAMLEngine.class + .getName()); + + /** The Constant MODULE_SIGN_CONF. */ + private static final String MODULE_SIGN_CONF = "SignatureConf"; + + /** The Constant SAML_ENGINE_SIGN_CLASS. */ + private static final String SAML_ENGINE_SIGN_CLASS = "class"; + + /** The Constant SAML_ENGINE_CONF. */ + private static final String SAML_ENGINE_CONF = "SamlEngineConf"; + + /** The Constant SAML_ENGINE_FILE_CONF. */ + private static final String SAML_ENGINE_FILE_CONF = "fileConfiguration"; + + /** The codification of characters. */ + private static final String CHARACTER_ENCODING = "UTF-8"; + + /** The SAML core. */ + private STORKSAMLCore samlCore; + + /** The Module of Signature. */ + private SAMLEngineSignI signer; + + + /** Initializes the SAML engine. */ + /** Configure Document Builder Factory. */ + + static { + startUp(); + loadDocumentFactory(); + } + + /** + * Load document factory. + */ + private static void loadDocumentFactory() { + + try { + dbf = javax.xml.parsers.DocumentBuilderFactory.newInstance(); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + dbf.setNamespaceAware(true); + dbf.setIgnoringComments(true); + } catch (ParserConfigurationException e) { + LOG.error("Error parser configuration."); + throw new STORKSAMLEngineRuntimeException(e); + } + + } + + /** + * Method that initializes the basic services for the SAML Engine, like the + * OpenSAML library and the BouncyCastle provider. + */ + private static void startUp() { + + LOG.info("SAMLEngine: Initialize OpenSAML"); + + try { + DefaultBootstrap.bootstrap(); + } catch (ConfigurationException e) { + LOG.error("Problem initializing the OpenSAML library."); + throw new STORKSAMLEngineRuntimeException(e); + } + + LOG.debug("Read all file configurations. (instances of SAMLEngine)"); + try { + instanceConfigs = ConfigurationReader.readConfiguration(); + } catch (SAMLEngineException e) { + LOG.error("Error read configuration file."); + throw new STORKSAMLEngineRuntimeException(e); + } + + LOG.debug("Create all instaces of saml engine. (instances of SAMLEngine)"); + try { + instances = ConfigurationCreator + .createConfiguration(instanceConfigs); + } catch (STORKSAMLEngineException e) { + LOG.error("Error initializing instances from Stork SAML engine."); + throw new STORKSAMLEngineRuntimeException(e); + } + } + + /** + * Instantiates a new SAML engine. + */ + private SAMLEngine() { + + } + + /** + * Instantiates a new SAML engine. + * + * @param nameInstance the name instance + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + protected SAMLEngine(final String nameInstance) + throws STORKSAMLEngineException { + LOG.info("Loading Specific Configuration."); + + LOG.debug("Create intance of saml messages."); + + Map instance = instances.get(nameInstance); + + if (instance == null || instance.isEmpty()) { + LOG.error("Instance: " + nameInstance + " not exist."); + throw new STORKSAMLEngineException("Instance: " + nameInstance + + " not exist."); + } + + Properties properties = (Properties) instance.get(SAML_ENGINE_CONF); + + if (properties == null) { + LOG.error("SamlEngine.xml: not exist."); + throw new STORKSAMLEngineException("SamlEngine.xml: not exist."); + } + + samlCore = new STORKSAMLCore(properties); + + final HashMap propertiesSign = (HashMap) instance + .get(MODULE_SIGN_CONF); + + LOG.debug("Loading Module of sign."); + signer = SignModuleFactory.getInstance(propertiesSign + .get(SAML_ENGINE_SIGN_CLASS)); + + try { + LOG.info("Initialize module of sign."); + signer.init(propertiesSign.get(SAML_ENGINE_FILE_CONF)); + LOG.info("Load cryptographic service provider of module of sign."); + signer.loadCryptServiceProvider(); + } catch (SAMLEngineException e) { + LOG.error("Error create signature module: " + + propertiesSign.get(SAML_ENGINE_FILE_CONF)); + LOG.info("Exception" + e); + throw new STORKSAMLEngineException(e); + } + } + + /** + * Gets the Signer properties. + * + * @return the SAML Sign properties + */ + protected SAMLEngineSignI getSigner() { + return signer; + } + + /** + * Gets the SAML core properties. + * + * @return the SAML core properties + */ + protected final STORKSAMLCore getSamlCoreProperties() { + return samlCore; + } + + /** + * Method that transform the received SAML object into a byte array + * representation. + * + * @param samlToken the SAML token. + * + * @return the byte[] of the SAML token. + * + * @throws SAMLEngineException the SAML engine exception + */ + private byte[] marshall(final XMLObject samlToken) + throws SAMLEngineException { + + try { + javax.xml.parsers.DocumentBuilder docBuilder = null; + + final MarshallerFactory marshallerFactory = Configuration + .getMarshallerFactory(); + + final Marshaller marshaller = marshallerFactory + .getMarshaller(samlToken); + + docBuilder = dbf.newDocumentBuilder(); + + final Document doc = docBuilder.newDocument(); + + marshaller.marshall(samlToken, doc); + + // Obtain a byte array representation of the marshalled SAML object + final DOMSource domSource = new DOMSource(doc); + final StringWriter writer = new StringWriter(); + final StreamResult result = new StreamResult(writer); + final TransformerFactory transFactory = TransformerFactory + .newInstance(); + Transformer transformer; + + transformer = transFactory.newTransformer(); + transformer.transform(domSource, result); + LOG.debug("SAML request \n"+ writer.toString()); + return writer.toString().getBytes(CHARACTER_ENCODING); + + } catch (ParserConfigurationException e) { + LOG.error("ParserConfigurationException."); + throw new SAMLEngineException(e); + } catch (MarshallingException e) { + LOG.error("MarshallingException."); + throw new SAMLEngineException(e); + } catch (TransformerConfigurationException e) { + LOG.error("TransformerConfigurationException."); + throw new SAMLEngineException(e); + } catch (TransformerException e) { + LOG.error("TransformerException."); + throw new SAMLEngineException(e); + } catch (UnsupportedEncodingException e) { + LOG.error("UnsupportedEncodingException: " + CHARACTER_ENCODING); + throw new SAMLEngineException(e); + } + } + + /** + * Method that signs a SAML Token. + * + * @param tokenSaml the token SAML + * + * @return the SAML object sign + * + * @throws SAMLEngineException the SAML engine exception + */ + private SignableSAMLObject sign(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.debug("Sign SamlToken."); + signer.sign(tokenSaml); + return tokenSaml; + } + + /** + * Sign and transform to byte array. + * + * @param samlToken the SAML token + * + * @return the byte[] of the SAML token + * + * @throws SAMLEngineException the SAML engine exception + */ + protected final byte[] signAndMarshall(final SignableSAMLObject samlToken) + throws SAMLEngineException { + LOG.debug("Marshall Saml Token."); + SignableSAMLObject signElement = sign(samlToken); + return marshall(signElement); + } + + /** + * Method that unmarshalls a SAML Object from a byte array representation to + * an XML Object. + * + * @param samlToken Byte array representation of a SAML Object + * + * @return XML Object (superclass of SAMLObject) + * + * @throws SAMLEngineException the SAML engine exception + */ + protected final XMLObject unmarshall(final byte[] samlToken) + throws SAMLEngineException { + try { + // Get parser pool manager + final BasicParserPool ppMgr = new BasicParserPool(); + // Note: this is necessary due to an unresolved Xerces deferred DOM + // issue/bug + final HashMap features = new HashMap(); + features.put(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE); + ppMgr.setBuilderFeatures(features); + + ppMgr.setNamespaceAware(true); + + // Parse SAMLToken + Document document = ppMgr.parse(new ByteArrayInputStream(samlToken)); + if (document != null){ + final Element root = document.getDocumentElement(); + // Get appropriate unmarshaller + final UnmarshallerFactory unmarshallerFact = Configuration.getUnmarshallerFactory(); + // Unmarshall using the SAML Token root element + if (unmarshallerFact != null && root != null){ + final Unmarshaller unmarshaller = unmarshallerFact.getUnmarshaller(root); + try { + return unmarshaller.unmarshall(root); + } catch (NullPointerException e){ + LOG.error("Error element tag incomplet or null."); + throw new SAMLEngineException("NullPointerException", e); + } + } else { + LOG.error("Error element tag incomplet or null."); + throw new SAMLEngineException("NullPointerException : unmarshallerFact or root is null"); + } + } else { + LOG.error("Error element tag incomplet or null."); + throw new SAMLEngineException("NullPointerException : document is null"); + } + } catch (XMLParserException e) { + LOG.error("XML Parsing Error.", e); + throw new SAMLEngineException(e); + } catch (UnmarshallingException e) { + LOG.error("TransformerException.", e); + throw new SAMLEngineException(e); + } catch (NullPointerException e) { + LOG.error("Error element tag incomplet or null.", e); + throw new SAMLEngineException(e); + } + } + + /** + * Method that validates an XML Signature contained in a SAML Token. + * + * @param samlToken the SAML token + * + * @return the SAML object + * + * @throws SAMLEngineException the SAML engine exception + */ + protected final SAMLObject validateSignature( + final SignableSAMLObject samlToken) throws SAMLEngineException { + + LOG.info("Validate Signature"); + signer.validateSignature(samlToken); + + return samlToken; + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/SAMLEngineUtils.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/SAMLEngineUtils.java.svn-base new file mode 100644 index 000000000..60f7c3091 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/SAMLEngineUtils.java.svn-base @@ -0,0 +1,833 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.UnsupportedEncodingException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import javax.xml.namespace.QName; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.lang.StringUtils; +import org.joda.time.DateTime; +import org.opensaml.Configuration; +import org.opensaml.common.SAMLVersion; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; +import org.opensaml.saml2.common.Extensions; +import org.opensaml.saml2.common.impl.ExtensionsBuilder; +import org.opensaml.saml2.core.Assertion; +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.AttributeQuery; +import org.opensaml.saml2.core.AttributeValue; +import org.opensaml.saml2.core.AuthnContext; +import org.opensaml.saml2.core.AuthnRequest; +import org.opensaml.saml2.core.AuthnStatement; +import org.opensaml.saml2.core.Issuer; +import org.opensaml.saml2.core.NameID; +import org.opensaml.saml2.core.Response; +import org.opensaml.saml2.core.Status; +import org.opensaml.saml2.core.StatusCode; +import org.opensaml.saml2.core.StatusMessage; +import org.opensaml.saml2.core.Subject; +import org.opensaml.saml2.core.SubjectConfirmation; +import org.opensaml.saml2.core.SubjectConfirmationData; +import org.opensaml.saml2.core.SubjectLocality; +import org.opensaml.saml2.core.impl.AssertionBuilder; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.schema.XSAny; +import org.opensaml.xml.schema.XSString; +import org.opensaml.xml.signature.KeyInfo; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.xml.sax.SAXException; + +import eu.stork.peps.auth.engine.core.QAAAttribute; +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import eu.stork.peps.auth.engine.core.SAMLCore; +import eu.stork.peps.auth.engine.core.SPApplication; +import eu.stork.peps.auth.engine.core.SPCountry; +import eu.stork.peps.auth.engine.core.SPInstitution; +import eu.stork.peps.auth.engine.core.SPSector; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * The Class SAMLEngineUtils. + * + * @author fjquevedo + * @author iinigo + */ +public final class SAMLEngineUtils { + + /** The Constant UTF_8. */ + public static final String UTF_8 = "UTF-8"; + + /** The Constant SHA_512. */ + public static final String SHA_512 = "SHA-512"; + + + /** The generator. */ + private static SecureRandomIdentifierGenerator generator; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(SAMLEngineUtils.class.getName()); + + /** + * Method that generates a random value according to NCName grammar. + * + * NCName ::= NCNameStartChar NCNameChar* NCNameChar ::= NameChar - ':' + * NCNameStartChar ::= Letter | '_' NameStartChar ::= ":" | [A-Z] | "_" | + * [a-z] | [#xC0-#xD6] | [#xD8-#xF6] | [#xF8-#x2FF] | [#x370-#x37D] | + * [#x37F-#x1FFF] | [#x200C-#x200D] | [#x2070-#x218F] | [#x2C00-#x2FEF] | + * [#x3001-#xD7FF] | [#xF900-#xFDCF] | [#xFDF0-#xFFFD] | [#x10000-#xEFFFF] + * NameChar ::= NameStartChar | "-" | "." | [0-9] | #xB7 | [#x0300-#x036F] | + * [#x203F-#x2040] Name ::= NameStartChar (NameChar)* Letter ::= BaseChar | + * Ideographic BaseChar ::= [#x0041-#x005A] | [#x0061-#x007A] | + * [#x00C0-#x00D6] | [#x00D8-#x00F6] | [#x00F8-#x00FF] | [#x0100-#x0131] | + * [#x0134-#x013E] | [#x0141-#x0148] | [#x014A-#x017E] | [#x0180-#x01C3] | + * [#x01CD-#x01F0] | [#x01F4-#x01F5] | [#x01FA-#x0217] | [#x0250-#x02A8] | + * [#x02BB-#x02C1] | #x0386 | [#x0388-#x038A] | #x038C | [#x038E-#x03A1] | + * [#x03A3-#x03CE] | [#x03D0-#x03D6] | #x03DA | #x03DC | #x03DE | #x03E0 | + * [#x03E2-#x03F3] | [#x0401-#x040C] | [#x040E-#x044F] | [#x0451-#x045C] | + * [#x045E-#x0481] | [#x0490-#x04C4] | [#x04C7-#x04C8] | [#x04CB-#x04CC] | + * [#x04D0-#x04EB] | [#x04EE-#x04F5] | [#x04F8-#x04F9] | [#x0531-#x0556] | + * #x0559 | [#x0561-#x0586] | [#x05D0-#x05EA] | [#x05F0-#x05F2] | + * [#x0621-#x063A] | [#x0641-#x064A] | [#x0671-#x06B7] | [#x06BA-#x06BE] | + * [#x06C0-#x06CE] | [#x06D0-#x06D3] | #x06D5 | [#x06E5-#x06E6] | + * [#x0905-#x0939] | #x093D | [#x0958-#x0961] | [#x0985-#x098C] | + * [#x098F-#x0990] | [#x0993-#x09A8] | [#x09AA-#x09B0] | #x09B2 | + * [#x09B6-#x09B9] | [#x09DC-#x09DD] | [#x09DF-#x09E1] | [#x09F0-#x09F1] | + * [#x0A05-#x0A0A] | [#x0A0F-#x0A10] | [#x0A13-#x0A28] | [#x0A2A-#x0A30] | + * [#x0A32-#x0A33] | [#x0A35-#x0A36] | [#x0A38-#x0A39] | [#x0A59-#x0A5C] | + * #x0A5E | [#x0A72-#x0A74] | [#x0A85-#x0A8B] | #x0A8D | [#x0A8F-#x0A91] | + * [#x0A93-#x0AA8] | [#x0AAA-#x0AB0] | [#x0AB2-#x0AB3] | [#x0AB5-#x0AB9] | + * #x0ABD | #x0AE0 | [#x0B05-#x0B0C] | [#x0B0F-#x0B10] | [#x0B13-#x0B28] | + * [#x0B2A-#x0B30] | [#x0B32-#x0B33] | [#x0B36-#x0B39] | #x0B3D | + * [#x0B5C-#x0B5D] | [#x0B5F-#x0B61] | [#x0B85-#x0B8A] | [#x0B8E-#x0B90] | + * [#x0B92-#x0B95] | [#x0B99-#x0B9A] | #x0B9C | [#x0B9E-#x0B9F] | + * [#x0BA3-#x0BA4] | [#x0BA8-#x0BAA] | [#x0BAE-#x0BB5] | [#x0BB7-#x0BB9] | + * [#x0C05-#x0C0C] | [#x0C0E-#x0C10] | [#x0C12-#x0C28] | [#x0C2A-#x0C33] | + * [#x0C35-#x0C39] | [#x0C60-#x0C61] | [#x0C85-#x0C8C] | [#x0C8E-#x0C90] | + * [#x0C92-#x0CA8] | [#x0CAA-#x0CB3] | [#x0CB5-#x0CB9] | #x0CDE | + * [#x0CE0-#x0CE1] | [#x0D05-#x0D0C] | [#x0D0E-#x0D10] | [#x0D12-#x0D28] | + * [#x0D2A-#x0D39] | [#x0D60-#x0D61] | [#x0E01-#x0E2E] | #x0E30 | + * [#x0E32-#x0E33] | [#x0E40-#x0E45] | [#x0E81-#x0E82] | #x0E84 | + * [#x0E87-#x0E88] | #x0E8A | #x0E8D | [#x0E94-#x0E97] | [#x0E99-#x0E9F] | + * [#x0EA1-#x0EA3] | #x0EA5 | #x0EA7 | [#x0EAA-#x0EAB] | [#x0EAD-#x0EAE] | + * #x0EB0 | [#x0EB2-#x0EB3] | #x0EBD | [#x0EC0-#x0EC4] | [#x0F40-#x0F47] | + * [#x0F49-#x0F69] | [#x10A0-#x10C5] | [#x10D0-#x10F6] | #x1100 | + * [#x1102-#x1103] | [#x1105-#x1107] | #x1109 | [#x110B-#x110C] | + * [#x110E-#x1112] | #x113C | #x113E | #x1140 | #x114C | #x114E | #x1150 | + * [#x1154-#x1155] | #x1159 | [#x115F-#x1161] | #x1163 | #x1165 | #x1167 | + * #x1169 | [#x116D-#x116E] | [#x1172-#x1173] | #x1175 | #x119E | #x11A8 | + * #x11AB | [#x11AE-#x11AF] | [#x11B7-#x11B8] | #x11BA | [#x11BC-#x11C2] | + * #x11EB | #x11F0 | #x11F9 | [#x1E00-#x1E9B] | [#x1EA0-#x1EF9] | + * [#x1F00-#x1F15] | [#x1F18-#x1F1D] | [#x1F20-#x1F45] | [#x1F48-#x1F4D] | + * [#x1F50-#x1F57] | #x1F59 | #x1F5B | #x1F5D | [#x1F5F-#x1F7D] | + * [#x1F80-#x1FB4] | [#x1FB6-#x1FBC] | #x1FBE | [#x1FC2-#x1FC4] | + * [#x1FC6-#x1FCC] | [#x1FD0-#x1FD3] | [#x1FD6-#x1FDB] | [#x1FE0-#x1FEC] | + * [#x1FF2-#x1FF4] | [#x1FF6-#x1FFC] | #x2126 | [#x212A-#x212B] | #x212E | + * [#x2180-#x2182] | [#x3041-#x3094] | [#x30A1-#x30FA] | [#x3105-#x312C] | + * [#xAC00-#xD7A3] Ideographic ::= [#x4E00-#x9FA5] | #x3007 | + * [#x3021-#x3029] + * + * @return Random ID value + */ + + //Initialization of a generator of identifiers for all token SAML. + + static { + loadRandomIdentifierGenerator(); + } + + + /** + * Load random identifier generator. + * + *@throws STORKSAMLEngineRuntimeException the STORKSAML engine runtime exception + */ + private static void loadRandomIdentifierGenerator() { + + try { + generator = new SecureRandomIdentifierGenerator(); + } catch (NoSuchAlgorithmException ex) { + LOG.error("Error init SecureRandomIdentifierGenerator", ex); + throw new STORKSAMLEngineRuntimeException(ex); + } + + } + + /** + * Creates the SAML object. + * + * @param qname the QName + * + * @return the XML object + */ + public static XMLObject createSamlObject(final QName qname) { + return Configuration.getBuilderFactory().getBuilder(qname).buildObject( + qname); + } + + /** + * Creates the SAML object. + * + * @param qname the quality name + * @param qname1 the qname1 + * + * @return the xML object + */ + public static XMLObject createSamlObject(final QName qname, + final QName qname1) { + return Configuration.getBuilderFactory().getBuilder(qname1) + .buildObject(qname, qname1); + } + + /** + * Encode value with an specific algorithm. + * + * @param value the value + * @param alg the algorithm + * + * @return the string + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static String encode(final String value, final String alg) + throws STORKSAMLEngineException { + LOG.debug("Encode value with " + alg + " algorithm."); + byte[] buffer; + + final StringBuffer hash = new StringBuffer(""); + try { + buffer = value.getBytes(UTF_8); + MessageDigest msgDig; + msgDig = MessageDigest.getInstance(alg); + + + msgDig.update(buffer); + final byte[] digest = msgDig.digest(); + + final int signedByte = 0xff; + for (byte aux : digest) { + final int byt = aux & signedByte; + if (Integer.toHexString(byt).length() == 1) { + hash.append('0'); + } + hash.append(Integer.toHexString(byt)); + } + + } catch (UnsupportedEncodingException e1) { + LOG.error("UnsupportedEncodingException: " + UTF_8); + throw new STORKSAMLEngineException(e1); + } catch (NoSuchAlgorithmException e) { + LOG.error("NoSuchAlgorithmException: " + alg); + throw new STORKSAMLEngineException(e); + } + + return hash.toString(); + } + + /** + * Generate assertion. + * + * @param version the version + * @param identifier the identifier + * @param issueInstant the issue instant + * @param issuer the issuer + * + * @return the assertion + */ + public static Assertion generateAssertion(final SAMLVersion version, + final String identifier, final DateTime issueInstant, + final Issuer issuer) { + final AssertionBuilder assertionBuilder = new AssertionBuilder(); + final Assertion assertion = assertionBuilder.buildObject(); + assertion.setVersion(version); + assertion.setID(identifier); + assertion.setIssueInstant(issueInstant); + + // + assertion.setIssuer(issuer); + return assertion; + } + + /** + * Generate authentication statement. + * + * @param authnInstant the authentication instant + * @param authnContext the authentication context + * + * @return the authentication statement + */ + public static AuthnStatement generateAthnStatement(final DateTime authnInstant, + final AuthnContext authnContext) { + // + final AuthnStatement authnStatement = (AuthnStatement) SAMLEngineUtils + .createSamlObject(AuthnStatement.DEFAULT_ELEMENT_NAME); + + authnStatement.setAuthnInstant(authnInstant); + authnStatement.setAuthnContext(authnContext); + + return authnStatement; + } + + + + + + /** + * Generate attribute from a list of values. + * + * @param name the name of the attribute. + * @param status the status of the parameter: "Available", "NotAvailable" or + * "Withheld". + * @param values the value of the attribute. + * @param isHashing the is hashing with "SHA-512" algorithm. + * @return the attribute + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static Attribute generateAttrComplex(final String name, + final String status, final Map values, + final boolean isHashing) throws STORKSAMLEngineException { + LOG.debug("Generate attribute complex: " + name); + final Attribute attribute = (Attribute) SAMLEngineUtils + .createSamlObject(Attribute.DEFAULT_ELEMENT_NAME); + + attribute.setName(name); + attribute.setNameFormat(Attribute.URI_REFERENCE); + + attribute.getUnknownAttributes().put( + new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus", + SAMLCore.STORK10_PREFIX.getValue()), status); + + if (!values.isEmpty()) { + LOG.debug("Add attribute values."); + + // Create an attribute that contains all XSAny elements. + final XSAny attrValue = (XSAny) SAMLEngineUtils.createSamlObject( + AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME); + + final Iterator> iterator = values.entrySet() + .iterator(); + while (iterator.hasNext()) { + final Map.Entry pairs = iterator.next(); + + final String value = pairs.getValue(); + + if (StringUtils.isNotBlank(value)) { + // Create the attribute statement + final XSAny attrValueSimple = (XSAny) SAMLEngineUtils + .createSamlObject(new QName(SAMLCore.STORK10_NS.getValue(), + pairs.getKey().toString(), + SAMLCore.STORK10_PREFIX.getValue()), XSAny.TYPE_NAME); + + // if it's necessary encode the information. + if (isHashing) { + attrValueSimple + .setTextContent(encode(value, SHA_512)); + } else { + attrValueSimple.setTextContent(value); + } + + attrValue.getUnknownXMLObjects().add(attrValueSimple); + attribute.getAttributeValues().add(attrValue); + } + } + + } + return attribute; + } + + /** + * Generate extension. + * + * @return the extensions + */ + public static Extensions generateExtension() { + final ExtensionsBuilder extensionsBuilder = new ExtensionsBuilder(); + return extensionsBuilder.buildObject( + "urn:oasis:names:tc:SAML:2.0:protocol", "Extensions", "saml2p"); + } + + + + + /** + * Generate issuer. + * + * @return the issuer + */ + public static Issuer generateIssuer() { + return (Issuer) SAMLEngineUtils + .createSamlObject(Issuer.DEFAULT_ELEMENT_NAME); + } + + /** + * Generate key info. + * + * @return the key info + */ + public static KeyInfo generateKeyInfo() { + return (KeyInfo) SAMLEngineUtils + .createSamlObject(KeyInfo.DEFAULT_ELEMENT_NAME); + } + + /** + * Generate name id. + * + * @return the name id + */ + public static NameID generateNameID() { + return (NameID) SAMLEngineUtils + .createSamlObject(NameID.DEFAULT_ELEMENT_NAME); + } + + /** + * Generate name id. + * + * @param nameQualifier the name qualifier + * @param format the format + * @param spNameQualifier the sP name qualifier + * + * @return the name id + */ + public static NameID generateNameID(final String nameQualifier, + final String format, final String spNameQualifier) { + // + final NameID nameId = (NameID) Configuration.getBuilderFactory() + .getBuilder(NameID.DEFAULT_ELEMENT_NAME).buildObject( + NameID.DEFAULT_ELEMENT_NAME); + + // optional + nameId.setNameQualifier(nameQualifier); + + // optional + nameId.setFormat(format); + + // optional + nameId.setSPNameQualifier(spNameQualifier); + + return nameId; + } + + /** + * Generate NCName. + * + * @return the string + */ + public static String generateNCName() { + return generator.generateIdentifier(); + } + + + /** + * Generate the quality authentication assurance level. + * + * @param qaal the level of quality authentication assurance. + * + * @return the quality authentication assurance attribute + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static QAAAttribute generateQAAAttribute(final int qaal) + throws STORKSAMLEngineException { + LOG.debug("Generate QAAAttribute."); + + final QAAAttribute qaaAttribute = (QAAAttribute) SAMLEngineUtils + .createSamlObject(QAAAttribute.DEF_ELEMENT_NAME); + qaaAttribute.setQaaLevel(String.valueOf(qaal)); + return qaaAttribute; + } + + /** + * Generate requested attribute. + * + * @param name the name + * @param friendlyName the friendly name + * @param isRequired the is required + * @param value the value + * + * @return the requested attribute + */ + public static RequestedAttribute generateReqAuthnAttributeSimple( + final String name, final String friendlyName, + final String isRequired, final List value) { + LOG.debug("Generate the requested attribute."); + + final RequestedAttribute requested = (RequestedAttribute) SAMLEngineUtils + .createSamlObject(RequestedAttribute.DEF_ELEMENT_NAME); + requested.setName(name); + requested.setNameFormat(RequestedAttribute.URI_REFERENCE); + + requested.setFriendlyName(friendlyName); + + requested.setIsRequired(isRequired); + + // The value is optional in an authentication request. + if (!value.isEmpty()) { + for (int nextValue = 0; nextValue < value.size(); nextValue++) { + final String valor = value.get(nextValue); + if (StringUtils.isNotBlank(valor)) { + + if(!name.equals("http://www.stork.gov.eu/1.0/signedDoc")){ + + // Create the attribute statement + final XSAny attrValue = (XSAny) SAMLEngineUtils + .createSamlObject( + new QName(SAMLCore.STORK10_NS.getValue(), + "AttributeValue", + SAMLCore.STORK10_PREFIX.getValue()), + XSAny.TYPE_NAME); + + attrValue.setTextContent(valor.trim()); + requested.getAttributeValues().add(attrValue); + + }else{ + + DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance(); + domFactory.setNamespaceAware(true); + Document document = null; + DocumentBuilder builder; + + // Parse the signedDoc value into an XML DOM Document + try { + builder = domFactory.newDocumentBuilder(); + InputStream is; + is = new ByteArrayInputStream(valor.trim().getBytes("UTF-8")); + document = builder.parse(is); + is.close(); + } catch (SAXException e1) { + LOG.error("SAX Error while parsing signModule attribute", e1); + throw new STORKSAMLEngineRuntimeException(e1); + } catch (ParserConfigurationException e2) { + LOG.error("Parser Configuration Error while parsing signModule attribute", e2); + throw new STORKSAMLEngineRuntimeException(e2); + } catch (UnsupportedEncodingException e3) { + LOG.error("Unsupported encoding Error while parsing signModule attribute", e3); + throw new STORKSAMLEngineRuntimeException(e3); + } catch (IOException e4) { + LOG.error("IO Error while parsing signModule attribute", e4); + throw new STORKSAMLEngineRuntimeException(e4); + } + + // Create the XML statement(this will be overwritten with the previous DOM structure) + final XSAny xmlValue = (XSAny) SAMLEngineUtils + .createSamlObject( + new QName(SAMLCore.STORK10_NS.getValue(), + "XMLValue", + SAMLCore.STORK10_PREFIX.getValue()), + XSAny.TYPE_NAME); + + //Set the signedDoc XML content to this element + xmlValue.setDOM(document.getDocumentElement()); + + // Create the attribute statement + final XSAny attrValue = (XSAny) SAMLEngineUtils + .createSamlObject( + new QName(SAMLCore.STORK10_NS.getValue(), + "AttributeValue", + SAMLCore.STORK10_PREFIX.getValue()), + XSAny.TYPE_NAME); + + //Add previous signedDocXML to the AttributeValue Element + attrValue.getUnknownXMLObjects().add(xmlValue); + + requested.getAttributeValues().add(attrValue); + } + + + } + } + } + + return requested; + } + + /** + * Generate response. + * + * @param version the version + * @param identifier the identifier + * @param issueInstant the issue instant + * @param status the status + * + * @return the response + */ + public static Response generateResponse(final SAMLVersion version, + final String identifier, final DateTime issueInstant, + final Status status) { + final Response response = (Response) SAMLEngineUtils + .createSamlObject(Response.DEFAULT_ELEMENT_NAME); + response.setID(identifier); + response.setIssueInstant(issueInstant); + response.setStatus(status); + return response; + } + + /** + * Method that generates a SAML Authentication Request basing on the + * provided information. + * + * @param identifier the identifier + * @param version the version + * @param issueInstant the issue instant + * + * @return the authentication request + */ + public static AuthnRequest generateSAMLAuthnRequest(final String identifier, + final SAMLVersion version, final DateTime issueInstant) { + LOG.debug("Generate basic authentication request."); + final AuthnRequest authnRequest = (AuthnRequest) SAMLEngineUtils + .createSamlObject(AuthnRequest.DEFAULT_ELEMENT_NAME); + + authnRequest.setID(identifier); + authnRequest.setVersion(version); + authnRequest.setIssueInstant(issueInstant); + return authnRequest; + } + + public static AttributeQuery generateSAMLAttrQueryRequest(final String identifier, + final SAMLVersion version, final DateTime issueInstant) { + LOG.debug("Generate attribute query request."); + final AttributeQuery attrQueryRequest = (AttributeQuery) SAMLEngineUtils + .createSamlObject(AttributeQuery.DEFAULT_ELEMENT_NAME); + + attrQueryRequest.setID(identifier); + attrQueryRequest.setVersion(version); + attrQueryRequest.setIssueInstant(issueInstant); + return attrQueryRequest; + } + + /** + * Generate service provider application. + * + * @param spApplication the service provider application + * + * @return the sP application + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static SPApplication generateSPApplication(final String spApplication) + throws STORKSAMLEngineException { + LOG.debug("Generate SPApplication."); + + final SPApplication applicationAttr = (SPApplication) SAMLEngineUtils + .createSamlObject(SPApplication.DEF_ELEMENT_NAME); + applicationAttr.setSPApplication(spApplication); + return applicationAttr; + } + + /** + * Generate service provider country. + * + * @param spCountry the service provider country + * + * @return the service provider country + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static SPCountry generateSPCountry(final String spCountry) + throws STORKSAMLEngineException { + LOG.debug("Generate SPApplication."); + + final SPCountry countryAttribute = (SPCountry) SAMLEngineUtils + .createSamlObject(SPCountry.DEF_ELEMENT_NAME); + countryAttribute.setSPCountry(spCountry); + return countryAttribute; + } + + /** + * Generate service provider institution. + * + * @param spInstitution the service provider institution + * + * @return the service provider institution + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static SPInstitution generateSPInstitution(final String spInstitution) + throws STORKSAMLEngineException { + LOG.debug("Generate SPInstitution."); + + final SPInstitution institutionAttr = (SPInstitution) SAMLEngineUtils + .createSamlObject(SPInstitution.DEF_ELEMENT_NAME); + institutionAttr.setSPInstitution(spInstitution); + return institutionAttr; + } + + /** + * Generate service provider sector. + * + * @param spSector the service provider sector + * + * @return the service provider sector + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static SPSector generateSPSector(final String spSector) + throws STORKSAMLEngineException { + LOG.debug("Generate SPSector."); + + final SPSector sectorAttribute = (SPSector) SAMLEngineUtils + .createSamlObject(SPSector.DEF_ELEMENT_NAME); + sectorAttribute.setSPSector(spSector); + return sectorAttribute; + } + + /** + * Generate status. + * + * @param statusCode the status code + * + * @return the status + */ + public static Status generateStatus(final StatusCode statusCode) { + final Status status = (Status) SAMLEngineUtils + .createSamlObject(Status.DEFAULT_ELEMENT_NAME); + status.setStatusCode(statusCode); + return status; + } + + /** + * Generate status code. + * + * @param value the value + * + * @return the status code + */ + public static StatusCode generateStatusCode(final String value) { + final StatusCode statusCode = (StatusCode) SAMLEngineUtils + .createSamlObject(StatusCode.DEFAULT_ELEMENT_NAME); + statusCode.setValue(value); + return statusCode; + } + + + /** + * Generate status message. + * + * @param message the message + * + * @return the status message + */ + public static StatusMessage generateStatusMessage(final String message) { + final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils + .createSamlObject(StatusMessage.DEFAULT_ELEMENT_NAME); + statusMessage.setMessage(message); + return statusMessage; + } + + /** + * Generate subject. + * + * @return the subject + */ + public static Subject generateSubject() { + return (Subject) SAMLEngineUtils + .createSamlObject(Subject.DEFAULT_ELEMENT_NAME); + } + + /** + * Generate subject confirmation. + * + * @param method the method + * @param data the data + * + * @return the subject confirmation + */ + public static SubjectConfirmation generateSubjectConfirmation( + final String method, final SubjectConfirmationData data) { + final SubjectConfirmation subjectConf = (SubjectConfirmation) Configuration + .getBuilderFactory().getBuilder( + SubjectConfirmation.DEFAULT_ELEMENT_NAME).buildObject( + SubjectConfirmation.DEFAULT_ELEMENT_NAME); + + subjectConf.setMethod(method); + + subjectConf.setSubjectConfirmationData(data); + + return subjectConf; + } + + + /** + * Generate subject confirmation data. + * + * @param notOnOrAfter the not on or after + * @param recipient the recipient + * @param inResponseTo the in response to + * + * @return the subject confirmation data + */ + public static SubjectConfirmationData generateSubjectConfirmationData( + final DateTime notOnOrAfter, final String recipient, + final String inResponseTo) { + final SubjectConfirmationData subjectConfData = (SubjectConfirmationData) SAMLEngineUtils + .createSamlObject(SubjectConfirmationData.DEFAULT_ELEMENT_NAME); + subjectConfData.setNotOnOrAfter(notOnOrAfter); + subjectConfData.setRecipient(recipient); + subjectConfData.setInResponseTo(inResponseTo); + return subjectConfData; + } + + + /** + * Generate subject locality. + * + * @param address the address + * + * @return the subject locality + */ + public static SubjectLocality generateSubjectLocality(final String address) { + final SubjectLocality subjectLocality = (SubjectLocality) SAMLEngineUtils + .createSamlObject(SubjectLocality.DEFAULT_ELEMENT_NAME); + subjectLocality.setAddress(address); + return subjectLocality; + } + + + + + /** + * Method that returns the current time. + * + * @return the current time + */ + public static DateTime getCurrentTime() { + return new DateTime(); + } + + + /** + * Instantiates a new SAML engine utilities. + */ + private SAMLEngineUtils() { + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/STORKSAMLEngine.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/STORKSAMLEngine.java.svn-base new file mode 100644 index 000000000..3cac2f637 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/STORKSAMLEngine.java.svn-base @@ -0,0 +1,2983 @@ +/* + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; + +import javax.xml.namespace.QName; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.lang.StringUtils; +import org.bouncycastle.jce.X509Principal; +import org.joda.time.DateTime; +import org.opensaml.Configuration; +import org.opensaml.common.SAMLVersion; +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.saml2.common.Extensions; +import org.opensaml.saml2.core.Assertion; +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.AttributeQuery; +import org.opensaml.saml2.core.AttributeStatement; +import org.opensaml.saml2.core.AttributeValue; +import org.opensaml.saml2.core.Audience; +import org.opensaml.saml2.core.AudienceRestriction; +import org.opensaml.saml2.core.AuthnContext; +import org.opensaml.saml2.core.AuthnContextDecl; +import org.opensaml.saml2.core.AuthnRequest; +import org.opensaml.saml2.core.AuthnStatement; +import org.opensaml.saml2.core.Conditions; +import org.opensaml.saml2.core.Issuer; +import org.opensaml.saml2.core.NameID; +import org.opensaml.saml2.core.OneTimeUse; +import org.opensaml.saml2.core.Response; +import org.opensaml.saml2.core.Status; +import org.opensaml.saml2.core.StatusCode; +import org.opensaml.saml2.core.StatusMessage; +import org.opensaml.saml2.core.Subject; +import org.opensaml.saml2.core.SubjectConfirmation; +import org.opensaml.saml2.core.SubjectConfirmationData; +import org.opensaml.saml2.core.SubjectLocality; +import org.opensaml.saml2.core.impl.SubjectConfirmationBuilder; +import org.opensaml.xml.Namespace; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.schema.XSAny; +import org.opensaml.xml.schema.impl.XSAnyBuilder; +import org.opensaml.xml.schema.impl.XSAnyImpl; +import org.opensaml.xml.schema.impl.XSAnyMarshaller; +import org.opensaml.xml.schema.impl.XSAnyUnmarshaller; +import org.opensaml.xml.schema.impl.XSStringImpl; +import org.opensaml.xml.signature.KeyInfo; +import org.opensaml.xml.util.Base64; +import org.opensaml.xml.validation.ValidationException; +import org.opensaml.xml.validation.Validator; +import org.opensaml.xml.validation.ValidatorSuite; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.xml.sax.SAXException; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.engine.core.AuthenticationAttributes; +import eu.stork.peps.auth.engine.core.CitizenCountryCode; +import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; +import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; +import eu.stork.peps.auth.engine.core.EIDSectorShare; +import eu.stork.peps.auth.engine.core.QAAAttribute; +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import eu.stork.peps.auth.engine.core.RequestedAttributes; +import eu.stork.peps.auth.engine.core.SAMLCore; +import eu.stork.peps.auth.engine.core.SPApplication; +import eu.stork.peps.auth.engine.core.SPCountry; +import eu.stork.peps.auth.engine.core.SPID; +import eu.stork.peps.auth.engine.core.SPInformation; +import eu.stork.peps.auth.engine.core.SPInstitution; +import eu.stork.peps.auth.engine.core.SPSector; +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; +import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesBuilder; +import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesMarshaller; +import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeBuilder; +import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeMarshaller; +import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareBuilder; +import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareMarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareBuilder; +import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareMarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDSectorShareBuilder; +import eu.stork.peps.auth.engine.core.impl.EIDSectorShareMarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDSectorShareUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.QAAAttributeBuilder; +import eu.stork.peps.auth.engine.core.impl.QAAAttributeMarshaller; +import eu.stork.peps.auth.engine.core.impl.QAAAttributeUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributeBuilder; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributeMarshaller; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributeUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributesBuilder; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributesMarshaller; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributesUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPApplicationBuilder; +import eu.stork.peps.auth.engine.core.impl.SPApplicationMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPApplicationUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPCountryBuilder; +import eu.stork.peps.auth.engine.core.impl.SPCountryMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPCountryUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPIDBuilder; +import eu.stork.peps.auth.engine.core.impl.SPIDMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPIDUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPInformationBuilder; +import eu.stork.peps.auth.engine.core.impl.SPInformationMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPInformationUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPInstitutionBuilder; +import eu.stork.peps.auth.engine.core.impl.SPInstitutionMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPInstitutionUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPSectorBuilder; +import eu.stork.peps.auth.engine.core.impl.SPSectorMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPSectorUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesBuilder; +import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesMarshaller; +import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesUnmarshaller; +import eu.stork.peps.auth.engine.core.validator.ExtensionsSchemaValidator; +import eu.stork.peps.auth.engine.core.validator.QAAAttributeSchemaValidator; +import eu.stork.peps.exceptions.SAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * Class that wraps the operations over SAML tokens, both generation and + * validation of SAML STORK requests and SAML STORK responses. Complaint with + * "OASIS Secure Assertion Markup Language (SAML) 2.0, May 2005", but taking + * into account STORK specific requirements. + * + * @author fjquevedo + * @author iinigo + */ +public final class STORKSAMLEngine extends SAMLEngine { + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(STORKSAMLEngine.class.getName()); + + private static final String ATTRIBUTE_EMPTY_LITERAL = "Attribute name is null or empty."; + /** + * Gets the single instance of STORKSAMLEngine. + * + * @param nameInstance the name instance + * + * @return single instance of STORKSAMLEngine + */ + public static synchronized STORKSAMLEngine getInstance( + final String nameInstance) { + STORKSAMLEngine engine = null; + LOG.info("Get instance: " + nameInstance); + try { + engine = new STORKSAMLEngine(nameInstance.trim()); + } catch (Exception e) { + LOG.error("Error get instance: " + nameInstance); + } + return engine; + } + + /** + * Instantiate a new STORKSAML engine. + * + * @param nameInstance the name instance + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private STORKSAMLEngine(final String nameInstance) + throws STORKSAMLEngineException { + // Initialization OpenSAML. + super(nameInstance); + LOG.info("Register STORK objects provider."); + Configuration.registerObjectProvider(QAAAttribute.DEF_ELEMENT_NAME, + new QAAAttributeBuilder(), new QAAAttributeMarshaller(), + new QAAAttributeUnmarshaller()); + + Configuration.registerObjectProvider(EIDSectorShare.DEF_ELEMENT_NAME, + new EIDSectorShareBuilder(), new EIDSectorShareMarshaller(), + new EIDSectorShareUnmarshaller()); + + Configuration.registerObjectProvider( + EIDCrossSectorShare.DEF_ELEMENT_NAME, + new EIDCrossSectorShareBuilder(), + new EIDCrossSectorShareMarshaller(), + new EIDCrossSectorShareUnmarshaller()); + + Configuration.registerObjectProvider( + EIDCrossBorderShare.DEF_ELEMENT_NAME, + new EIDCrossBorderShareBuilder(), + new EIDCrossBorderShareMarshaller(), + new EIDCrossBorderShareUnmarshaller()); + + Configuration.registerObjectProvider(SPSector.DEF_ELEMENT_NAME, + new SPSectorBuilder(), new SPSectorMarshaller(), + new SPSectorUnmarshaller()); + + Configuration.registerObjectProvider(SPInstitution.DEF_ELEMENT_NAME, + new SPInstitutionBuilder(), new SPInstitutionMarshaller(), + new SPInstitutionUnmarshaller()); + + Configuration.registerObjectProvider(SPApplication.DEF_ELEMENT_NAME, + new SPApplicationBuilder(), new SPApplicationMarshaller(), + new SPApplicationUnmarshaller()); + + Configuration.registerObjectProvider(SPCountry.DEF_ELEMENT_NAME, + new SPCountryBuilder(), new SPCountryMarshaller(), + new SPCountryUnmarshaller()); + + Configuration.registerObjectProvider(XSAny.TYPE_NAME, + new XSAnyBuilder(), new XSAnyMarshaller(), + new XSAnyUnmarshaller()); + + Configuration.registerObjectProvider( + RequestedAttribute.DEF_ELEMENT_NAME, + new RequestedAttributeBuilder(), + new RequestedAttributeMarshaller(), + new RequestedAttributeUnmarshaller()); + + Configuration.registerObjectProvider( + RequestedAttributes.DEF_ELEMENT_NAME, + new RequestedAttributesBuilder(), + new RequestedAttributesMarshaller(), + new RequestedAttributesUnmarshaller()); + + Configuration.registerObjectProvider( + AuthenticationAttributes.DEF_ELEMENT_NAME, + new AuthenticationAttributesBuilder(), + new AuthenticationAttributesMarshaller(), + new AuthenticationAttributesUnmarshaller()); + + Configuration.registerObjectProvider( + VIDPAuthenticationAttributes.DEF_ELEMENT_NAME, + new VIDPAuthenticationAttributesBuilder(), + new VIDPAuthenticationAttributesMarshaller(), + new VIDPAuthenticationAttributesUnmarshaller()); + + Configuration.registerObjectProvider( + CitizenCountryCode.DEF_ELEMENT_NAME, + new CitizenCountryCodeBuilder(), + new CitizenCountryCodeMarshaller(), + new CitizenCountryCodeUnmarshaller()); + + Configuration.registerObjectProvider( + SPID.DEF_ELEMENT_NAME, + new SPIDBuilder(), + new SPIDMarshaller(), + new SPIDUnmarshaller()); + + Configuration.registerObjectProvider( + SPInformation.DEF_ELEMENT_NAME, + new SPInformationBuilder(), + new SPInformationMarshaller(), + new SPInformationUnmarshaller()); + + LOG.info("Register STORK object validators."); + final ValidatorSuite validatorSuite = new ValidatorSuite( + QAAAttribute.DEF_LOCAL_NAME); + + validatorSuite.registerValidator(QAAAttribute.DEF_ELEMENT_NAME, + new QAAAttributeSchemaValidator()); + final Extensions extensions = SAMLEngineUtils.generateExtension(); + validatorSuite.registerValidator(extensions.getElementQName(), + new ExtensionsSchemaValidator()); + + Configuration.registerValidatorSuite( + "stork:QualityAuthenticationAssuranceLevel", validatorSuite); + + } + + /** + * Generate authentication response base. + * + * @param status the status + * @param assertConsumerURL the assert consumer URL. + * @param inResponseTo the in response to + * + * @return the response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Response genAuthnRespBase(final Status status, + final String assertConsumerURL, final String inResponseTo) + throws STORKSAMLEngineException { + LOG.debug("Generate Authentication Response base."); + final Response response = SAMLEngineUtils.generateResponse( + SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), + SAMLEngineUtils.getCurrentTime(), status); + + // Set name Spaces + this.setNameSpaces(response); + + // Mandatory STORK + LOG.debug("Generate Issuer"); + final Issuer issuer = SAMLEngineUtils.generateIssuer(); + issuer.setValue(super.getSamlCoreProperties().getResponder()); + + // Format Entity Optional STORK + issuer.setFormat(super.getSamlCoreProperties().getFormatEntity()); + + response.setIssuer(issuer); + + // destination Mandatory Stork + response.setDestination(assertConsumerURL.trim()); + + // inResponseTo Mandatory Stork + response.setInResponseTo(inResponseTo.trim()); + + // Optional STORK + response.setConsent(super.getSamlCoreProperties() + .getConsentAuthnResponse()); + + return response; + } + + /** + * Generate attribute query response base. + * + * @param status the status + * @param destinationURL the assert consumer URL. + * @param inResponseTo the in response to + * + * @return the response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Response genAttrQueryRespBase(final Status status, + final String destinationURL, final String inResponseTo) + throws STORKSAMLEngineException { + LOG.debug("Generate Attribute query Response base."); + final Response response = SAMLEngineUtils.generateResponse( + SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), + SAMLEngineUtils.getCurrentTime(), status); + + // Set name Spaces + this.setNameSpaces(response); + + // Mandatory STORK + LOG.debug("Generate Issuer"); + final Issuer issuer = SAMLEngineUtils.generateIssuer(); + issuer.setValue(super.getSamlCoreProperties().getResponder()); + + // Format Entity Optional STORK + issuer.setFormat(super.getSamlCoreProperties().getFormatEntity()); + + response.setIssuer(issuer); + + // destination Mandatory Stork + response.setDestination(destinationURL.trim()); + + // inResponseTo Mandatory Stork + response.setInResponseTo(inResponseTo.trim()); + + // Optional STORK + response.setConsent(super.getSamlCoreProperties() + .getConsentAuthnResponse()); + + return response; + } + + /** + * Generate assertion. + * + * @param ipAddress the IP address. + * @param assertConsumerURL the assert consumer URL. + * @param inResponseTo the in response to + * @param issuer the issuer + * @param notOnOrAfter the not on or after + * + * @return the assertion + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Assertion generateAssertion(final String ipAddress, + final String assertConsumerURL, final String inResponseTo, + final String issuer, final DateTime notOnOrAfter) + throws STORKSAMLEngineException { + LOG.info("Generate Assertion."); + + // Mandatory STORK + LOG.debug("Generate Issuer to Assertion"); + final Issuer issuerAssertion = SAMLEngineUtils.generateIssuer(); + issuerAssertion.setValue(super.getSamlCoreProperties().getResponder()); + + // Format Entity Optional STORK + issuerAssertion.setFormat(super.getSamlCoreProperties() + .getFormatEntity()); + + final Assertion assertion = SAMLEngineUtils.generateAssertion( + SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), + SAMLEngineUtils.getCurrentTime(), issuerAssertion); + + final Subject subject = SAMLEngineUtils.generateSubject(); + + // Mandatory STORK verified + // String format = NameID.UNSPECIFIED + // specification: 'SAML:2.0' exist + // opensaml: "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" + // opensaml "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" + final String format = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"; + + final String nameQualifier = ""; + + LOG.debug("Generate NameID"); + final NameID nameId = SAMLEngineUtils.generateNameID(super + .getSamlCoreProperties().getResponder(), format, nameQualifier); + nameId.setValue(format); + subject.setNameID(nameId); + + // Mandatory if urn:oasis:names:tc:SAML:2.0:cm:bearer. + // Optional in other case. + LOG.debug("Generate SubjectConfirmationData."); + final SubjectConfirmationData dataBearer = SAMLEngineUtils + .generateSubjectConfirmationData(SAMLEngineUtils + .getCurrentTime(), assertConsumerURL, inResponseTo); + + // Mandatory if urn:oasis:names:tc:SAML:2.0:cm:bearer. + // Optional in other case. + LOG.debug("Generate SubjectConfirmation"); + final SubjectConfirmation subjectConf = SAMLEngineUtils + .generateSubjectConfirmation(SubjectConfirmation.METHOD_BEARER, + dataBearer); + + final ArrayList listSubjectConf = new ArrayList(); + listSubjectConf.add(subjectConf); + + for (final Iterator iter = listSubjectConf + .iterator(); iter.hasNext();) { + final SubjectConfirmation element = iter.next(); + + if (SubjectConfirmation.METHOD_BEARER.equals(element.getMethod())) { + // ipAddress Mandatory if method is Bearer. + + if (StringUtils.isBlank(ipAddress)) { + throw new STORKSAMLEngineException( + "ipAddress is null or empty"); + } + element.getSubjectConfirmationData().setAddress( + ipAddress.trim()); + } + + element.getSubjectConfirmationData() + .setRecipient(assertConsumerURL); + element.getSubjectConfirmationData().setNotOnOrAfter(notOnOrAfter); + } + + // The SAML 2.0 specification allows multiple SubjectConfirmations + subject.getSubjectConfirmations().addAll(listSubjectConf); + + // Mandatory Stork + assertion.setSubject(subject); + + // Conditions that MUST be evaluated when assessing the validity of + // and/or when using the assertion. + final Conditions conditions = this.generateConditions(SAMLEngineUtils + .getCurrentTime(), notOnOrAfter, issuer); + + assertion.setConditions(conditions); + + LOG.debug("Generate stork Authentication Statement."); + final AuthnStatement storkAuthnStat = this + .generateStorkAuthStatement(ipAddress); + assertion.getAuthnStatements().add(storkAuthnStat); + + return assertion; + } + + private String getAttributeName(final PersonalAttribute attribute) throws STORKSAMLEngineException { + if (StringUtils.isBlank(attribute.getName())) { + LOG.error(ATTRIBUTE_EMPTY_LITERAL); + throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); + } + + final String attributeName = super.getSamlCoreProperties() + .getProperty(attribute.getName()); + + if (StringUtils.isBlank(attributeName)) { + LOG.error("Attribute name: {} it is not known.", attribute + .getName()); + throw new STORKSAMLEngineException("Attribute name: " + + attribute.getName() + " it is not known."); + } + return attributeName; + } + /** + * Generate attribute statement. + * + * @param personalAttrList the personal attribute list + * @param isHashing the is hashing + * + * @return the attribute statement + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + * @throws IOException + */ + private AttributeStatement generateAttributeStatement( + final IPersonalAttributeList personalAttrList, + final boolean isHashing) throws STORKSAMLEngineException { + LOG.debug("Generate attribute statement"); + + final AttributeStatement attrStatement = (AttributeStatement) SAMLEngineUtils + .createSamlObject(AttributeStatement.DEFAULT_ELEMENT_NAME); + + for (PersonalAttribute attribute : personalAttrList) { + + String attributeName = getAttributeName(attribute); + + // Verification that only one value it's permitted, simple or + // complex, not both. + + final boolean simpleNull = (attribute.getValue() == null); + final boolean simpleEmpty = (simpleNull || (!simpleNull && attribute + .getValue().isEmpty())); + + final boolean complexNull = (attribute.getComplexValue() == null); + final boolean complexEmpty = (complexNull || (!complexNull && attribute + .getComplexValue().isEmpty())); + + if ((!simpleEmpty && !complexEmpty)) { + throw new STORKSAMLEngineException( + "Attribute name: " + + attribute.getName() + + " must be contain one value, simple or complex value."); + } else { + + if (!simpleEmpty) { + attrStatement.getAttributes().add( + this.generateAttrSimple(attributeName, attribute + .getStatus(), attribute.getValue(), + isHashing)); + } else if (!complexEmpty) { + attrStatement.getAttributes().add( + SAMLEngineUtils.generateAttrComplex(attributeName, + attribute.getStatus(), attribute + .getComplexValue(), isHashing)); + } else if (!simpleNull) { + attrStatement.getAttributes().add( + this.generateAttrSimple(attributeName, attribute + .getStatus(), new ArrayList(), + isHashing)); + } else { + // Add attribute complex. + attrStatement.getAttributes().add( + SAMLEngineUtils.generateAttrComplex(attributeName, + attribute.getStatus(), + new HashMap(), isHashing)); + } + } + } + return attrStatement; + } + private XSAny createAttributeValueForSignedDoc(final String value, final boolean isHashing) throws STORKSAMLEngineException { + DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance(); + domFactory.setNamespaceAware(true); + Document document = null; + DocumentBuilder builder; + + // Parse the signedDoc value into an XML DOM Document + try { + builder = domFactory.newDocumentBuilder(); + InputStream is; + is = new ByteArrayInputStream(value.trim().getBytes("UTF-8")); + document = builder.parse(is); + is.close(); + } catch (SAXException e1) { + LOG.error("SAX Error while parsing signModule attribute", e1); + throw new STORKSAMLEngineRuntimeException(e1); + } catch (ParserConfigurationException e2) { + LOG.error("Parser Configuration Error while parsing signModule attribute", e2); + throw new STORKSAMLEngineRuntimeException(e2); + } catch (UnsupportedEncodingException e3) { + LOG.error("Unsupported encoding Error while parsing signModule attribute", e3); + throw new STORKSAMLEngineRuntimeException(e3); + } catch (IOException e4) { + LOG.error("IO Error while parsing signModule attribute", e4); + throw new STORKSAMLEngineRuntimeException(e4); + } + + // Create the attribute statement + final XSAny xmlValue = (XSAny) SAMLEngineUtils + .createSamlObject( + AttributeValue.DEFAULT_ELEMENT_NAME, + XSAny.TYPE_NAME); + + //Set the signedDoc XML content to this element + xmlValue.setDOM(document.getDocumentElement()); + + // Create the attribute statement + final XSAny attrValue = (XSAny) SAMLEngineUtils + .createSamlObject( + AttributeValue.DEFAULT_ELEMENT_NAME, + XSAny.TYPE_NAME); + + //Add previous signedDocXML to the AttributeValue Element + + // if it's necessary encode the information. + if (!isHashing) { + attrValue.getUnknownXMLObjects().add(xmlValue); + } + return attrValue; + } + + private XSAny createAttributeValueForNonSignedDoc(final String value, final boolean isHashing) throws STORKSAMLEngineException { + // Create the attribute statement + final XSAny attrValue = (XSAny) SAMLEngineUtils + .createSamlObject( + AttributeValue.DEFAULT_ELEMENT_NAME, + XSAny.TYPE_NAME); + // if it's necessary encode the information. + if (isHashing) { + attrValue.setTextContent(SAMLEngineUtils.encode(value, SAMLEngineUtils.SHA_512)); + } else { + attrValue.setTextContent(value); + } + return attrValue; + } + + /** + * Generate attribute from a list of values. + * + * @param name the name of the attribute. + * @param values the value of the attribute. + * @param isHashing the is hashing with "SHA-512" algorithm. + * @param status the status of the parameter: "Available", "NotAvailable" or + * "Withheld". + * + * @return the attribute + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Attribute generateAttrSimple(final String name, + final String status, final List values, + final boolean isHashing) throws STORKSAMLEngineException { + LOG.debug("Generate attribute simple: " + name); + final Attribute attribute = (Attribute) SAMLEngineUtils + .createSamlObject(Attribute.DEFAULT_ELEMENT_NAME); + + attribute.setName(name); + attribute.setNameFormat(Attribute.URI_REFERENCE); + + attribute.getUnknownAttributes().put( + new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus", + SAMLCore.STORK10_PREFIX.getValue()), status); + + if (values != null) { + LOG.debug("Add attribute values."); + for (int i = 0; i < values.size(); i++) { + final String value = values.get(i); + if (StringUtils.isNotBlank(value)) { + XSAny attrValue = null; + if (!name.equals("http://www.stork.gov.eu/1.0/signedDoc")) { + // Create the attribute statement + attrValue = createAttributeValueForNonSignedDoc(value, isHashing); + + } else { + attrValue = createAttributeValueForSignedDoc(value, isHashing); + attribute.getAttributeValues().add(attrValue); + } + attribute.getAttributeValues().add(attrValue); + } + } + } + return attribute; + } + + /** + * Generate conditions that MUST be evaluated when assessing the validity of + * and/or when using the assertion. + * + * @param notBefore the not before + * @param notOnOrAfter the not on or after + * @param audienceURI the audience URI. + * + * @return the conditions + */ + private Conditions generateConditions(final DateTime notBefore, + final DateTime notOnOrAfter, final String audienceURI) { + LOG.debug("Generate conditions."); + final Conditions conditions = (Conditions) SAMLEngineUtils + .createSamlObject(Conditions.DEFAULT_ELEMENT_NAME); + conditions.setNotBefore(notBefore); + conditions.setNotOnOrAfter(notOnOrAfter); + + final AudienceRestriction restrictions = (AudienceRestriction) SAMLEngineUtils + .createSamlObject(AudienceRestriction.DEFAULT_ELEMENT_NAME); + + final Audience audience = (Audience) SAMLEngineUtils + .createSamlObject(Audience.DEFAULT_ELEMENT_NAME); + audience.setAudienceURI(audienceURI); + + restrictions.getAudiences().add(audience); + conditions.getAudienceRestrictions().add(restrictions); + + if (super.getSamlCoreProperties().isOneTimeUse()) { + final OneTimeUse oneTimeUse = (OneTimeUse) SAMLEngineUtils + .createSamlObject(OneTimeUse.DEFAULT_ELEMENT_NAME); + conditions.getConditions().add(oneTimeUse); + } + return conditions; + } + + /** + * Generate personal attribute list. + * + * @param assertion the assertion + * + * @return the personal attribute list + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private IPersonalAttributeList generatePersonalAttributeList( + final Assertion assertion) throws STORKSAMLEngineException { + LOG.debug("Generate personal attribute list from XMLObject."); + final List listExtensions = assertion.getOrderedChildren(); + + boolean find = false; + AttributeStatement requestedAttr = null; + + // Search the attribute statement. + for (int i = 0; i < listExtensions.size() && !find; i++) { + final XMLObject xml = listExtensions.get(i); + if (xml instanceof AttributeStatement) { + requestedAttr = (AttributeStatement) xml; + find = true; + } + } + + if (!find) { + LOG.error("Error: AttributeStatement it's not present."); + throw new STORKSAMLEngineException( + "AttributeStatement it's not present."); + } + + final List reqAttrs = requestedAttr.getAttributes(); + + final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); + String attributeName; + + // Process the attributes. + for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { + final Attribute attribute = reqAttrs.get(nextAttribute); + + final PersonalAttribute personalAttribute = new PersonalAttribute(); + + attributeName = attribute.getName(); + personalAttribute.setName(attributeName.substring(attributeName + .lastIndexOf('/') + 1)); + + personalAttribute.setStatus(attribute.getUnknownAttributes().get( + new QName(SAMLCore.STORK10_NS.getValue(), + "AttributeStatus", SAMLCore.STORK10_PREFIX + .getValue()))); + + final ArrayList simpleValues = new ArrayList(); + final HashMap multiValues = new HashMap(); + + final List values = attribute.getOrderedChildren(); + + + // Process the values. + for (int nextValue = 0; nextValue < values.size(); nextValue++) { + + final XMLObject xmlObject = values.get(nextValue); + + if (xmlObject instanceof XSStringImpl) { + + // Process simple value. + simpleValues.add(((XSStringImpl) xmlObject).getValue()); + + } else if (xmlObject instanceof XSAnyImpl) { + + if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { + + final XSAnyImpl xmlString = (XSAnyImpl) values + .get(nextValue); + + TransformerFactory transFactory = TransformerFactory + .newInstance(); + Transformer transformer = null; + try { + transformer = transFactory.newTransformer(); + transformer.setOutputProperty( + OutputKeys.OMIT_XML_DECLARATION, "yes"); + } catch (TransformerConfigurationException e) { + LOG.error("Error transformer configuration exception", e); + } + StringWriter buffer = new StringWriter(); + try { + if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){ + transformer.transform(new DOMSource(xmlString + .getUnknownXMLObjects().get(0).getDOM()), + new StreamResult(buffer)); + } + } catch (TransformerException e) { + LOG.error("Error transformer exception", e); + } + String str = buffer.toString(); + + simpleValues.add(str); + + } else if (attributeName + .equals("http://www.stork.gov.eu/1.0/canonicalResidenceAddress")) + { + LOG.info("canonicalResidenceAddress found"); + // Process complex value. + final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; + + for (int nextComplexValue = 0; nextComplexValue < complexValue + .getUnknownXMLObjects().size(); nextComplexValue++) { + + final XSAnyImpl simple = (XSAnyImpl) complexValue + .getUnknownXMLObjects().get( + nextComplexValue); + + multiValues.put(simple.getElementQName() + .getLocalPart(), simple.getTextContent()); + } + + } + else if (attributeName + .equals("http://www.stork.gov.eu/1.0/newAttribute2")) + { + LOG.info("newAttribute2 found"); + // Process complex value. + final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; + + for (int nextComplexValue = 0; nextComplexValue < complexValue + .getUnknownXMLObjects().size(); nextComplexValue++) { + + final XSAnyImpl simple = (XSAnyImpl) complexValue + .getUnknownXMLObjects().get( + nextComplexValue); + + multiValues.put(simple.getElementQName() + .getLocalPart(), simple.getTextContent()); + } + } + else if (attributeName + .equals("http://www.stork.gov.eu/1.0/hasDegree")) + { + LOG.info("hasDegree found"); + // Process complex value. + final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; + + for (int nextComplexValue = 0; nextComplexValue < complexValue + .getUnknownXMLObjects().size(); nextComplexValue++) { + + final XSAnyImpl simple = (XSAnyImpl) complexValue + .getUnknownXMLObjects().get( + nextComplexValue); + + multiValues.put(simple.getElementQName() + .getLocalPart(), simple.getTextContent()); + } + } + else if(attributeName + .equals("http://www.stork.gov.eu/1.0/mandateContent")) + { + LOG.info("mandateContent found"); + // Process complex value. + final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; + + for (int nextComplexValue = 0; nextComplexValue < complexValue + .getUnknownXMLObjects().size(); nextComplexValue++) { + + final XSAnyImpl simple = (XSAnyImpl) complexValue + .getUnknownXMLObjects().get( + nextComplexValue); + + multiValues.put(simple.getElementQName() + .getLocalPart(), simple.getTextContent()); + } + } + else { + // Process simple value. + simpleValues.add(((XSAnyImpl) xmlObject) + .getTextContent()); + } + + } else { + LOG.error("Error: attribute value it's unknown."); + throw new STORKSAMLEngineException( + "Attribute value it's unknown."); + } + } + + personalAttribute.setValue(simpleValues); + personalAttribute.setComplexValue(multiValues); + personalAttrList.add(personalAttribute); + } + + return personalAttrList; + } + + /** + * Generate stork authentication request. + * + * @param request the request that contain all parameters for generate an + * authentication request. + * + * @return the STORK authentication request that has been processed. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAuthnRequest generateSTORKAuthnRequest( + final STORKAuthnRequest request) throws STORKSAMLEngineException { + LOG.info("Generate SAMLAuthnRequest."); + + // Validate Parameters mandatories + validateParamAuthnReq(request); + + final AuthnRequest authnRequestAux = SAMLEngineUtils + .generateSAMLAuthnRequest(SAMLEngineUtils.generateNCName(), + SAMLVersion.VERSION_20, SAMLEngineUtils + .getCurrentTime()); + + // Set name spaces. + setNameSpaces(authnRequestAux); + + // Add parameter Mandatory STORK + authnRequestAux.setForceAuthn(Boolean.TRUE); + + // Add parameter Mandatory STORK + authnRequestAux.setIsPassive(Boolean.FALSE); + + authnRequestAux.setAssertionConsumerServiceURL(request + .getAssertionConsumerServiceURL()); + + authnRequestAux.setProviderName(request.getProviderName()); + + // Add protocol binding + authnRequestAux.setProtocolBinding(super.getSamlCoreProperties() + .getProtocolBinding()); + + // Add parameter optional STORK + // Destination is mandatory if the destination is a C-PEPS + // The application must to know if the destination is a C-PEPS. + if (StringUtils.isNotBlank(request.getDestination())) { + authnRequestAux.setDestination(request.getDestination()); + } + + // Consent is optional. Set from SAMLEngine.xml - consent. + authnRequestAux.setConsent(super.getSamlCoreProperties() + .getConsentAuthnRequest()); + + final Issuer issuer = SAMLEngineUtils.generateIssuer(); + + if(request.getIssuer()!=null){ + issuer.setValue(request.getIssuer()); + } else { + issuer.setValue(super.getSamlCoreProperties().getRequester()); + } + + // Optional STORK + final String formatEntity = super.getSamlCoreProperties() + .getFormatEntity(); + if (StringUtils.isNotBlank(formatEntity)) { + issuer.setFormat(formatEntity); + } + + authnRequestAux.setIssuer(issuer); + + // Generate stork extensions. + final Extensions storkExtensions = this + .generateSTORKExtensions(request); + // add the extensions to the SAMLAuthnRequest + authnRequestAux.setExtensions(storkExtensions); + + // the result contains an authentication request token (byte[]), + // identifier of the token, and all parameters from the request. + final STORKAuthnRequest authRequest = processExtensions(authnRequestAux + .getExtensions()); + + try { + authRequest.setTokenSaml(super.signAndMarshall(authnRequestAux)); + } catch (SAMLEngineException e) { + LOG.error("Sign and Marshall.", e); + throw new STORKSAMLEngineException(e); + } + + authRequest.setSamlId(authnRequestAux.getID()); + authRequest.setDestination(authnRequestAux.getDestination()); + authRequest.setAssertionConsumerServiceURL(authnRequestAux + .getAssertionConsumerServiceURL()); + + authRequest.setProviderName(authnRequestAux.getProviderName()); + authRequest.setIssuer(authnRequestAux.getIssuer().getValue()); + + return authRequest; + } + + /** + * Generate stork authentication response. + * + * @param request the request + * @param responseAuthReq the response authentication request + * @param ipAddress the IP address + * @param isHashing the is hashing + * + * @return the sTORK authentication response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAuthnResponse generateSTORKAuthnResponse( + final STORKAuthnRequest request, + final STORKAuthnResponse responseAuthReq, final String ipAddress, + final boolean isHashing) throws STORKSAMLEngineException { + LOG.info("generateSTORKAuthnResponse"); + + // Validate parameters + validateParamResponse(request, responseAuthReq); + + // Mandatory SAML + LOG.debug("Generate StatusCode"); + final StatusCode statusCode = SAMLEngineUtils + .generateStatusCode(StatusCode.SUCCESS_URI); + + LOG.debug("Generate Status"); + final Status status = SAMLEngineUtils.generateStatus(statusCode); + + LOG.debug("Generate StatusMessage"); + final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils + .generateStatusMessage(StatusCode.SUCCESS_URI); + + status.setStatusMessage(statusMessage); + + LOG.debug("Generate Response"); + + // RESPONSE + final Response response = genAuthnRespBase(status, request + .getAssertionConsumerServiceURL(), request.getSamlId()); + + DateTime notOnOrAfter = new DateTime(); + + notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() + .getTimeNotOnOrAfter()); + + final Assertion assertion = this.generateAssertion(ipAddress, request + .getAssertionConsumerServiceURL(), request.getSamlId(), request + .getIssuer(), notOnOrAfter); + + final AttributeStatement attrStatement = this + .generateAttributeStatement(responseAuthReq + .getPersonalAttributeList(), isHashing); + + assertion.getAttributeStatements().add(attrStatement); + + // Add assertions + response.getAssertions().add(assertion); + + final STORKAuthnResponse authresponse = new STORKAuthnResponse(); + + try { + authresponse.setTokenSaml(super.signAndMarshall(response)); + authresponse.setSamlId(response.getID()); + } catch (SAMLEngineException e) { + LOG.error("Sign and Marshall.", e); + throw new STORKSAMLEngineException(e); + } + return authresponse; + } + + /** + * Generate stork authentication response fail. + * + * @param request the request + * @param response the response + * @param ipAddress the IP address + * @param isHashing the is hashing + * + * @return the sTORK authentication response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAuthnResponse generateSTORKAuthnResponseFail( + final STORKAuthnRequest request, final STORKAuthnResponse response, + final String ipAddress, final boolean isHashing) + throws STORKSAMLEngineException { + LOG.info("generateSTORKAuthnResponseFail"); + + validateParamResponseFail(request, response); + + // Mandatory + final StatusCode statusCode = SAMLEngineUtils + .generateStatusCode(response.getStatusCode()); + + // Mandatory SAML + LOG.debug("Generate StatusCode."); + // Subordinate code it's optional in case not covered into next codes: + // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed + // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue + // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy + // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied + // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported + + if (StringUtils.isNotBlank(response.getSubStatusCode())) { + final StatusCode newStatusCode = SAMLEngineUtils + .generateStatusCode(response.getSubStatusCode()); + statusCode.setStatusCode(newStatusCode); + } + + LOG.debug("Generate Status."); + final Status status = SAMLEngineUtils.generateStatus(statusCode); + + if (StringUtils.isNotBlank(response.getMessage())) { + final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils + .generateStatusMessage(response.getMessage()); + + status.setStatusMessage(statusMessage); + } + + LOG.debug("Generate Response."); + // RESPONSE + final Response responseFail = genAuthnRespBase(status, request + .getAssertionConsumerServiceURL(), request.getSamlId()); + + DateTime notOnOrAfter = new DateTime(); + + notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() + .getTimeNotOnOrAfter()); + + final Assertion assertion = this.generateAssertion(ipAddress, request + .getAssertionConsumerServiceURL(), request.getSamlId(), request + .getIssuer(), notOnOrAfter); + + responseFail.getAssertions().add(assertion); + + LOG.debug("Sign and Marshall ResponseFail."); + + final STORKAuthnResponse storkResponse = new STORKAuthnResponse(); + + try { + storkResponse.setTokenSaml(super.signAndMarshall(responseFail)); + storkResponse.setSamlId(responseFail.getID()); + } catch (SAMLEngineException e) { + LOG.error("SAMLEngineException.", e); + throw new STORKSAMLEngineException(e); + } + return storkResponse; + } + + /** + * Generate stork attribute query request. + * + * @param request the request that contain all parameters for generate an + * attribute query request. + * + * @return the STORK attribute query request that has been processed. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAttrQueryRequest generateSTORKAttrQueryRequest( + final STORKAttrQueryRequest request) throws STORKSAMLEngineException { + LOG.info("Generate STORKAttrQueryRequest."); + + // Validate Parameters mandatories + validateParamAttrQueryReq(request); + + final AttributeQuery attrQueryRequestAux = SAMLEngineUtils + .generateSAMLAttrQueryRequest(SAMLEngineUtils.generateNCName(), + SAMLVersion.VERSION_20, SAMLEngineUtils + .getCurrentTime()); + + // Set name spaces. + setNameSpaces(attrQueryRequestAux); + + + // Add parameter optional STORK + // Destination is mandatory if the destination is a C-PEPS + // The application must to know if the destination is a C-PEPS. + if (StringUtils.isNotBlank(request.getDestination())) { + attrQueryRequestAux.setDestination(request.getDestination()); + } + + // Consent is optional. Set from SAMLEngine.xml - consent. + attrQueryRequestAux.setConsent(super.getSamlCoreProperties() + .getConsentAuthnRequest()); + + final Issuer issuer = SAMLEngineUtils.generateIssuer(); + + //Set the subject - needed for attribute query validation + Subject subject = SAMLEngineUtils.generateSubject(); + SubjectConfirmationBuilder builder = new SubjectConfirmationBuilder(); + SubjectConfirmation subjectConfirmation = builder.buildObject(); + subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer"); + subject.getSubjectConfirmations().add(subjectConfirmation); + attrQueryRequestAux.setSubject(subject); + + if(request.getIssuer()!=null){ + issuer.setValue(request.getIssuer()); + } else { + issuer.setValue(super.getSamlCoreProperties().getRequester()); + } + + // Optional STORK + final String formatEntity = super.getSamlCoreProperties() + .getFormatEntity(); + if (StringUtils.isNotBlank(formatEntity)) { + issuer.setFormat(formatEntity); + } + + attrQueryRequestAux.setIssuer(issuer); + + // Generate stork extensions. + final Extensions storkExtensions = this + .generateSTORKAttrExtensions(request); + // add the extensions to the SAMLAuthnRequest + attrQueryRequestAux.setExtensions(storkExtensions); + + // the result contains an authentication request token (byte[]), + // identifier of the token, and all parameters from the request. + final STORKAttrQueryRequest attrQueryRequest = processAttrExtensions(attrQueryRequestAux + .getExtensions()); + + try { + attrQueryRequest.setTokenSaml(super.signAndMarshall(attrQueryRequestAux)); + } catch (SAMLEngineException e) { + LOG.error("Sign and Marshall.", e); + throw new STORKSAMLEngineException(e); + } + + attrQueryRequest.setSamlId(attrQueryRequestAux.getID()); + attrQueryRequest.setDestination(attrQueryRequestAux.getDestination()); + + attrQueryRequest.setIssuer(attrQueryRequestAux.getIssuer().getValue()); + + return attrQueryRequest; + } + + /** + * Generate stork attribute query response. + * + * @param request the request + * @param responseAttrQueryReq the response authentication request + * @param ipAddress the IP address + * @param isHashing the is hashing + * + * @return the sTORK authentication response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAttrQueryResponse generateSTORKAttrQueryResponse( + final STORKAttrQueryRequest request, + final STORKAttrQueryResponse responseAttrQueryReq, final String ipAddress, + final String destinationUrl, final boolean isHashing) throws STORKSAMLEngineException { + LOG.info("generateSTORKAttrQueryResponse"); + + // Validate parameters + validateParamAttrQueryResponse(request, responseAttrQueryReq); + + // Mandatory SAML + LOG.debug("Generate StatusCode"); + final StatusCode statusCode = SAMLEngineUtils + .generateStatusCode(StatusCode.SUCCESS_URI); + + LOG.debug("Generate Status"); + final Status status = SAMLEngineUtils.generateStatus(statusCode); + + LOG.debug("Generate StatusMessage"); + final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils + .generateStatusMessage(StatusCode.SUCCESS_URI); + + status.setStatusMessage(statusMessage); + + LOG.debug("Generate Response"); + + // RESPONSE + final Response response = genAuthnRespBase(status, destinationUrl, + request.getSamlId()); + + DateTime notOnOrAfter = new DateTime(); + + notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() + .getTimeNotOnOrAfter()); + + final Assertion assertion = this.generateAssertion(ipAddress, "" + ,request.getSamlId(), request.getIssuer(), notOnOrAfter); + + final AttributeStatement attrStatement = this + .generateAttributeStatement(responseAttrQueryReq + .getPersonalAttributeList(), isHashing); + + assertion.getAttributeStatements().add(attrStatement); + + // Add assertions + response.getAssertions().add(assertion); + + final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse(); + + try { + attrQueryResponse.setTokenSaml(super.signAndMarshall(response)); + attrQueryResponse.setSamlId(response.getID()); + } catch (SAMLEngineException e) { + LOG.error("Sign and Marshall.", e); + throw new STORKSAMLEngineException(e); + } + return attrQueryResponse; + } + + /** + * Generate stork attribute query response fail. + * + * @param request the request + * @param response the response + * @param ipAddress the IP address + * @param isHashing the is hashing + * + * @return the STORK attribute query response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAttrQueryResponse generateSTORKAttrQueryResponseFail( + final STORKAttrQueryRequest request, final STORKAttrQueryResponse response, + final String ipAddress, final String destinationUrl, final boolean isHashing) + throws STORKSAMLEngineException { + LOG.info("generateSTORKAttrQueryResponseFail"); + + validateParamAttrQueryResponseFail(request, response); + + // Mandatory + final StatusCode statusCode = SAMLEngineUtils + .generateStatusCode(response.getStatusCode()); + + // Mandatory SAML + LOG.debug("Generate StatusCode."); + // Subordinate code it's optional in case not covered into next codes: + // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed + // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue + // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy + // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied + // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported + + if (StringUtils.isNotBlank(response.getSubStatusCode())) { + final StatusCode newStatusCode = SAMLEngineUtils + .generateStatusCode(response.getSubStatusCode()); + statusCode.setStatusCode(newStatusCode); + } + + LOG.debug("Generate Status."); + final Status status = SAMLEngineUtils.generateStatus(statusCode); + + if (StringUtils.isNotBlank(response.getMessage())) { + final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils + .generateStatusMessage(response.getMessage()); + + status.setStatusMessage(statusMessage); + } + + LOG.debug("Generate Response."); + // RESPONSE + final Response responseFail = genAuthnRespBase(status, destinationUrl, + request.getSamlId()); + + DateTime notOnOrAfter = new DateTime(); + + notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() + .getTimeNotOnOrAfter()); + + final Assertion assertion = this.generateAssertion(ipAddress, "", + request.getSamlId(), request + .getIssuer(), notOnOrAfter); + + responseFail.getAssertions().add(assertion); + + LOG.debug("Sign and Marshall ResponseFail."); + + final STORKAttrQueryResponse storkResponse = new STORKAttrQueryResponse(); + + try { + storkResponse.setTokenSaml(super.signAndMarshall(responseFail)); + storkResponse.setSamlId(responseFail.getID()); + } catch (SAMLEngineException e) { + LOG.error("SAMLEngineException.", e); + throw new STORKSAMLEngineException(e); + } + return storkResponse; + } + + /** + * Generate stork authentication statement for the authentication statement. + * + * @param ipAddress the IP address + * + * @return the authentication statement + */ + private AuthnStatement generateStorkAuthStatement(final String ipAddress) { + LOG.debug("Generate stork authenticate statement."); + final SubjectLocality subjectLocality = SAMLEngineUtils + .generateSubjectLocality(ipAddress); + + final AuthnContext authnContext = (AuthnContext) SAMLEngineUtils + .createSamlObject(AuthnContext.DEFAULT_ELEMENT_NAME); + + final AuthnContextDecl authnContextDecl = (AuthnContextDecl) SAMLEngineUtils + .createSamlObject(AuthnContextDecl.DEFAULT_ELEMENT_NAME); + + authnContext.setAuthnContextDecl(authnContextDecl); + + final AuthnStatement authnStatement = SAMLEngineUtils + .generateAthnStatement(new DateTime(), authnContext); + + // Optional STORK + authnStatement.setSessionIndex(null); + authnStatement.setSubjectLocality(subjectLocality); + + return authnStatement; + } + + /** + * Generate stork extensions. + * + * @param request the request + * + * @return the extensions + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Extensions generateSTORKExtensions(final STORKAuthnRequest request) + throws STORKSAMLEngineException { + LOG.debug("Generate STORKExtensions"); + + final Extensions extensions = SAMLEngineUtils.generateExtension(); + + LOG.debug("Generate QAAAttribute"); + final QAAAttribute qaaAttribute = SAMLEngineUtils + .generateQAAAttribute(request.getQaa()); + extensions.getUnknownXMLObjects().add(qaaAttribute); + + + if (StringUtils.isNotEmpty(request + .getSpSector())) { + // Add information about service provider. + LOG.debug("Generate SPSector"); + final SPSector sector = SAMLEngineUtils.generateSPSector(request + .getSpSector()); + extensions.getUnknownXMLObjects().add(sector); + } + + //Delete from specification. Kept for compatibility with Provider Name value + LOG.debug("Generate SPInstitution"); + final SPInstitution institution = SAMLEngineUtils + .generateSPInstitution(request.getProviderName()); + extensions.getUnknownXMLObjects().add(institution); + + + if (StringUtils.isNotEmpty(request.getSpApplication())) { + LOG.debug("Generate SPApplication"); + final SPApplication application = SAMLEngineUtils + .generateSPApplication(request.getSpApplication()); + extensions.getUnknownXMLObjects().add(application); + } + + if (StringUtils.isNotEmpty(request.getSpCountry())) { + LOG.debug("Generate SPCountry"); + final SPCountry country = SAMLEngineUtils.generateSPCountry(request + .getSpCountry()); + extensions.getUnknownXMLObjects().add(country); + } + + //eIDSectorShare: optional; default value: false. + String valueSectorShare = super.getSamlCoreProperties() + .iseIDSectorShare(); + + if (StringUtils.isNotEmpty(valueSectorShare)) { + // Add information about the use of the SAML message. + LOG.debug("Generate EIDSectorShare"); + final EIDSectorShare eIdSectorShare = (EIDSectorShare) SAMLEngineUtils + .createSamlObject(EIDSectorShare.DEF_ELEMENT_NAME); + + eIdSectorShare.setEIDSectorShare(String.valueOf(Boolean.valueOf(valueSectorShare))); + + extensions.getUnknownXMLObjects().add(eIdSectorShare); + } + + String valueCrossSectorShare = super.getSamlCoreProperties() + .iseIDCrossSectorShare(); + + if (StringUtils.isNotEmpty(valueCrossSectorShare)) { + LOG.debug("Generate EIDCrossSectorShare"); + final EIDCrossSectorShare eIdCrossSecShare = (EIDCrossSectorShare) SAMLEngineUtils + .createSamlObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); + eIdCrossSecShare.setEIDCrossSectorShare(String.valueOf(Boolean.valueOf(valueCrossSectorShare))); + extensions.getUnknownXMLObjects().add(eIdCrossSecShare); + } + + + String valueCrossBorderShare = super.getSamlCoreProperties() + .iseIDCrossBorderShare(); + + if (StringUtils.isNotEmpty(valueCrossBorderShare)) { + LOG.debug("Generate EIDCrossBorderShare"); + final EIDCrossBorderShare eIdCrossBordShare = (EIDCrossBorderShare) SAMLEngineUtils + .createSamlObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); + eIdCrossBordShare.setEIDCrossBorderShare(String.valueOf(Boolean.valueOf(valueCrossBorderShare))); + extensions.getUnknownXMLObjects().add(eIdCrossBordShare); + } + + + // Add information about requested attributes. + LOG.debug("Generate RequestedAttributes."); + final RequestedAttributes reqAttributes = (RequestedAttributes) SAMLEngineUtils + .createSamlObject(RequestedAttributes.DEF_ELEMENT_NAME); + + LOG.debug("SAML Engine configuration properties load."); + final Iterator iterator = request + .getPersonalAttributeList().iterator(); + + while (iterator.hasNext()) { + + final PersonalAttribute attribute = iterator.next(); + + if (attribute == null || StringUtils.isBlank(attribute.getName())) { + LOG.error(ATTRIBUTE_EMPTY_LITERAL); + throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); + } + + // Verified if exits the attribute name. + final String attributeName = super.getSamlCoreProperties() + .getProperty(attribute.getName()); + + if (StringUtils.isBlank(attributeName)) { + LOG.debug("Attribute name: {} was not found.", attribute + .getName()); + throw new STORKSAMLEngineException("Attribute name: " + + attribute.getName() + " was not found."); + } + + // Friendly name it's an optional attribute. + String friendlyName = null; + + if (super.getSamlCoreProperties().isFriendlyName()) { + friendlyName = attribute.getName(); + } + + + String isRequired = null; + if (super.getSamlCoreProperties().isRequired()) { + isRequired = String.valueOf(attribute.isRequired()); + } + + + LOG.debug("Generate requested attribute: " + attributeName); + final RequestedAttribute requestedAttr = SAMLEngineUtils + .generateReqAuthnAttributeSimple(attributeName, + friendlyName, isRequired, attribute + .getValue()); + + // Add requested attribute. + reqAttributes.getAttributes().add(requestedAttr); + } + + // Add requested attributes. + extensions.getUnknownXMLObjects().add(reqAttributes); + + CitizenCountryCode citizenCountryCode = null; + if (request.getCitizenCountryCode() != null && StringUtils.isNotBlank(request.getCitizenCountryCode())){ + LOG.debug("Generate CitizenCountryCode"); + citizenCountryCode = (CitizenCountryCode) SAMLEngineUtils + .createSamlObject(CitizenCountryCode.DEF_ELEMENT_NAME); + + citizenCountryCode.setCitizenCountryCode(request + .getCitizenCountryCode().toUpperCase()); + } + + SPID spid = null; + if(request.getSPID()!=null && StringUtils.isNotBlank(request.getSPID())) { + LOG.debug("Generate SPID"); + spid = (SPID) SAMLEngineUtils + .createSamlObject(SPID.DEF_ELEMENT_NAME); + + spid.setSPID(request.getSPID().toUpperCase()); + } + + AuthenticationAttributes authenticationAttr = (AuthenticationAttributes) SAMLEngineUtils + .createSamlObject(AuthenticationAttributes.DEF_ELEMENT_NAME); + + final VIDPAuthenticationAttributes vIDPauthenticationAttr = (VIDPAuthenticationAttributes) SAMLEngineUtils + .createSamlObject(VIDPAuthenticationAttributes.DEF_ELEMENT_NAME); + + final SPInformation spInformation = (SPInformation) SAMLEngineUtils + .createSamlObject(SPInformation.DEF_ELEMENT_NAME); + + if(citizenCountryCode!=null){ + vIDPauthenticationAttr.setCitizenCountryCode(citizenCountryCode); + } + + if(spid!=null){ + spInformation.setSPID(spid); + } + + vIDPauthenticationAttr.setSPInformation(spInformation); + + authenticationAttr + .setVIDPAuthenticationAttributes(vIDPauthenticationAttr); + extensions.getUnknownXMLObjects().add(authenticationAttr); + + + return extensions; + + } + + /** + * Generate stork extensions. + * + * @param request the attribute query request + * + * @return the extensions + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Extensions generateSTORKAttrExtensions(final STORKAttrQueryRequest request) + throws STORKSAMLEngineException { + LOG.debug("Generate STORKExtensions"); + + final Extensions extensions = SAMLEngineUtils.generateExtension(); + + LOG.debug("Generate QAAAttribute"); + final QAAAttribute qaaAttribute = SAMLEngineUtils + .generateQAAAttribute(request.getQaa()); + extensions.getUnknownXMLObjects().add(qaaAttribute); + + + if (StringUtils.isNotEmpty(request + .getSpSector())) { + // Add information about service provider. + LOG.debug("Generate SPSector"); + final SPSector sector = SAMLEngineUtils.generateSPSector(request + .getSpSector()); + extensions.getUnknownXMLObjects().add(sector); + } + + + if (StringUtils.isNotEmpty(request.getSpApplication())) { + LOG.debug("Generate SPApplication"); + final SPApplication application = SAMLEngineUtils + .generateSPApplication(request.getSpApplication()); + extensions.getUnknownXMLObjects().add(application); + } + + if (StringUtils.isNotEmpty(request.getSpCountry())) { + LOG.debug("Generate SPCountry"); + final SPCountry country = SAMLEngineUtils.generateSPCountry(request + .getSpCountry()); + extensions.getUnknownXMLObjects().add(country); + } + + final EIDSectorShare eIdSectorShare = (EIDSectorShare) SAMLEngineUtils + .createSamlObject(EIDSectorShare.DEF_ELEMENT_NAME); + + eIdSectorShare.setEIDSectorShare(String.valueOf(request.isEIDSectorShare())); + + extensions.getUnknownXMLObjects().add(eIdSectorShare); + + final EIDCrossSectorShare eIdCrossSecShare = (EIDCrossSectorShare) SAMLEngineUtils + .createSamlObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); + eIdCrossSecShare.setEIDCrossSectorShare(String.valueOf(request.isEIDCrossSectorShare())); + extensions.getUnknownXMLObjects().add(eIdCrossSecShare); + + final EIDCrossBorderShare eIdCrossBordShare = (EIDCrossBorderShare) SAMLEngineUtils + .createSamlObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); + eIdCrossBordShare.setEIDCrossBorderShare(String.valueOf(request.isEIDCrossBorderShare())); + extensions.getUnknownXMLObjects().add(eIdCrossBordShare); + + + // Add information about requested attributes. + LOG.debug("Generate RequestedAttributes."); + final RequestedAttributes reqAttributes = (RequestedAttributes) SAMLEngineUtils + .createSamlObject(RequestedAttributes.DEF_ELEMENT_NAME); + + LOG.debug("SAML Engine configuration properties load."); + final Iterator iterator = request + .getPersonalAttributeList().iterator(); + + while (iterator.hasNext()) { + + final PersonalAttribute attribute = iterator.next(); + + if (attribute == null || StringUtils.isBlank(attribute.getName())) { + LOG.error(ATTRIBUTE_EMPTY_LITERAL); + throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); + } + + // Verified if exits the attribute name. + final String attributeName = super.getSamlCoreProperties() + .getProperty(attribute.getName()); + + if (StringUtils.isBlank(attributeName)) { + LOG.debug("Attribute name: {} was not found.", attribute + .getName()); + throw new STORKSAMLEngineException("Attribute name: " + + attribute.getName() + " was not found."); + } + + // Friendly name it's an optional attribute. + String friendlyName = null; + + if (super.getSamlCoreProperties().isFriendlyName()) { + friendlyName = attribute.getName(); + } + + + String isRequired = null; + if (super.getSamlCoreProperties().isRequired()) { + isRequired = String.valueOf(attribute.isRequired()); + } + + + LOG.debug("Generate requested attribute: " + attributeName); + final RequestedAttribute requestedAttr = SAMLEngineUtils + .generateReqAuthnAttributeSimple(attributeName, + friendlyName, isRequired, attribute + .getValue()); + + // Add requested attribute. + reqAttributes.getAttributes().add(requestedAttr); + } + + // Add requested attributes. + extensions.getUnknownXMLObjects().add(reqAttributes); + + CitizenCountryCode citizenCountryCode = null; + if (request.getCitizenCountryCode() != null && StringUtils.isNotBlank(request.getCitizenCountryCode())){ + LOG.debug("Generate CitizenCountryCode"); + citizenCountryCode = (CitizenCountryCode) SAMLEngineUtils + .createSamlObject(CitizenCountryCode.DEF_ELEMENT_NAME); + + citizenCountryCode.setCitizenCountryCode(request + .getCitizenCountryCode().toUpperCase()); + } + + SPID spid = null; + if(request.getSPID()!=null && StringUtils.isNotBlank(request.getSPID())) { + LOG.debug("Generate SPID"); + spid = (SPID) SAMLEngineUtils + .createSamlObject(SPID.DEF_ELEMENT_NAME); + + spid.setSPID(request.getSPID().toUpperCase()); + } + + + return extensions; + + } + + /** + * Gets the alias from X.509 Certificate at keystore. + * + * @param keyInfo the key info + * @param storkOwnKeyStore + * @param storkOwnKeyStore + * + * @return the alias + */ + private String getAlias(final KeyInfo keyInfo, KeyStore storkOwnKeyStore) { + + LOG.debug("Recover alias information"); + + String alias = null; + try { + final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo + .getX509Datas().get(0).getX509Certificates().get(0); + + // Transform the KeyInfo to X509Certificate. + CertificateFactory certFact; + certFact = CertificateFactory.getInstance("X.509"); + + final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 + .decode(xmlCert.getValue())); + + final X509Certificate cert = (X509Certificate) certFact + .generateCertificate(bis); + + final String tokenSerialNumber = cert.getSerialNumber().toString(16); + final X509Principal tokenIssuerDN = new X509Principal(cert.getIssuerDN().getName()); + + + String aliasCert; + X509Certificate certificate; + boolean find = false; + + for (final Enumeration e = storkOwnKeyStore.aliases(); e + .hasMoreElements() + && !find; ) { + aliasCert = e.nextElement(); + certificate = (X509Certificate) storkOwnKeyStore + .getCertificate(aliasCert); + + final String serialNum = certificate.getSerialNumber() + .toString(16); + + X509Principal issuerDN = new X509Principal(certificate + .getIssuerDN().getName()); + + if(serialNum.equalsIgnoreCase(tokenSerialNumber) + && X509PrincipalUtil.equals2(issuerDN, tokenIssuerDN)){ + alias = aliasCert; + find = true; + } + + } + + } catch (KeyStoreException e) { + LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); + } catch (CertificateException e) { + LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); + } catch (RuntimeException e) { + LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); + } + return alias; + } + + /** + * Gets the country from X.509 Certificate. + * + * @param keyInfo the key info + * + * @return the country + */ + private String getCountry(final KeyInfo keyInfo) { + LOG.debug("Recover country information."); + + String result = ""; + try { + final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo + .getX509Datas().get(0).getX509Certificates().get(0); + + // Transform the KeyInfo to X509Certificate. + CertificateFactory certFact; + certFact = CertificateFactory.getInstance("X.509"); + + final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 + .decode(xmlCert.getValue())); + + final X509Certificate cert = (X509Certificate) certFact + .generateCertificate(bis); + + String distName = cert.getSubjectDN().toString(); + + distName = StringUtils.deleteWhitespace(StringUtils + .upperCase(distName)); + + final String countryCode = "C="; + final int init = distName.indexOf(countryCode); + + if (init > StringUtils.INDEX_NOT_FOUND) { // Exist country code. + int end = distName.indexOf(',', init); + + if (end <= StringUtils.INDEX_NOT_FOUND) { + end = distName.length(); + } + + if (init < end && end > StringUtils.INDEX_NOT_FOUND) { + result = distName.substring(init + countryCode.length(), + end); + //It must be a two characters value + if(result.length()>2){ + result = result.substring(0, 2); + } + } + } + + } catch (CertificateException e) { + LOG.error("Procces getCountry from certificate."); + } + return result.trim(); + } + + /** + * Process all elements XMLObjects from the extensions. + * + * @param extensions the extensions from the authentication request. + * + * @return the STORK authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private STORKAuthnRequest processExtensions(final Extensions extensions) + throws STORKSAMLEngineException { + LOG.debug("Procces the extensions."); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + final QAAAttribute qaa = (QAAAttribute) extensions + .getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME).get(0); + request.setQaa(Integer.parseInt(qaa.getQaaLevel())); + + List optionalElements = extensions.getUnknownXMLObjects( + SPSector.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPSector sector = (SPSector) extensions.getUnknownXMLObjects( + SPSector.DEF_ELEMENT_NAME).get(0); + request.setSpSector(sector.getSPSector()); + } + + optionalElements = extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPApplication application = (SPApplication) extensions + .getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME).get(0); + request.setSpApplication(application.getSPApplication()); + } + + optionalElements = extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPCountry application = (SPCountry) extensions + .getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME).get(0); + request.setSpCountry(application.getSPCountry()); + } + + + List listCrossBorderShare = extensions + .getUnknownXMLObjects(EIDCrossBorderShare.DEF_ELEMENT_NAME); + + if (!listCrossBorderShare .isEmpty()) { + final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) listCrossBorderShare.get(0); + request.setEIDCrossBorderShare(Boolean.parseBoolean(crossBorderShare + .getEIDCrossBorderShare())); + } + + + List listCrosSectorShare = extensions + .getUnknownXMLObjects(EIDCrossSectorShare.DEF_ELEMENT_NAME); + + if (!listCrosSectorShare.isEmpty()) { + final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) listCrosSectorShare.get(0); + request.setEIDCrossSectorShare(Boolean.parseBoolean(crossSectorShare + .getEIDCrossSectorShare())); + } + + List listSectorShareExtension = extensions + .getUnknownXMLObjects(EIDSectorShare.DEF_ELEMENT_NAME); + if (!listSectorShareExtension.isEmpty()) { + final EIDSectorShare sectorShare = (EIDSectorShare) listSectorShareExtension.get(0); + request.setEIDSectorShare(Boolean.parseBoolean(sectorShare.getEIDSectorShare())); + } + + + + List authAttrs = extensions + .getUnknownXMLObjects(AuthenticationAttributes.DEF_ELEMENT_NAME); + + if (authAttrs != null && !authAttrs.isEmpty()) { + + final AuthenticationAttributes authnAttr = (AuthenticationAttributes) authAttrs + .get(0); + + VIDPAuthenticationAttributes vidpAuthnAttr = null; + if (authnAttr != null && !authAttrs.isEmpty()){ + vidpAuthnAttr = authnAttr.getVIDPAuthenticationAttributes(); + } + + CitizenCountryCode citizenCountryCodeElement = null; + SPInformation spInformation = null; + if (vidpAuthnAttr != null){ + citizenCountryCodeElement = vidpAuthnAttr.getCitizenCountryCode(); + spInformation = vidpAuthnAttr.getSPInformation(); + } + + String citizenCountryCode = null; + if(citizenCountryCodeElement!=null){ + citizenCountryCode = citizenCountryCodeElement.getCitizenCountryCode(); + } + + if(citizenCountryCode!= null && StringUtils.isNotBlank(citizenCountryCode)){ + request.setCitizenCountryCode(citizenCountryCode); + } + + SPID spidElement = null; + if (spInformation != null){ + spidElement = spInformation.getSPID(); + } + + String spid = null; + if(spidElement!=null){ + spid = spidElement.getSPID(); + } + + if (spid != null && StringUtils.isNotBlank(spid)) { + request.setSPID(spid); + } + } + + if (extensions + .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) == null) { + LOG.error("Extensions not contains any requested attribute."); + throw new STORKSAMLEngineException( + "Extensions not contains any requested attribute."); + } + + final RequestedAttributes requestedAttr = (RequestedAttributes) extensions + .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) + .get(0); + + final List reqAttrs = requestedAttr.getAttributes(); + + final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); + + String attributeName; + for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { + final RequestedAttribute attribute = reqAttrs.get(nextAttribute); + final PersonalAttribute personalAttribute = new PersonalAttribute(); + personalAttribute.setIsRequired(Boolean.valueOf(attribute.isRequired())); + personalAttribute.setFriendlyName(attribute.getFriendlyName()); + attributeName = attribute.getName(); + + // recover the last name from the string. + personalAttribute.setName(attributeName.substring(attributeName + .lastIndexOf('/') + 1)); + + final ArrayList valores = new ArrayList(); + final List values = attribute.getOrderedChildren(); + + for (int nextSimpleValue = 0; nextSimpleValue < values.size(); nextSimpleValue++) { + + // Process attributes simples. An AuthenticationRequest only + // must contains simple values. + + final XMLObject xmlObject = values.get(nextSimpleValue); + + if(xmlObject instanceof XSStringImpl){ + + final XSStringImpl xmlString = (XSStringImpl) values + .get(nextSimpleValue); + valores.add(xmlString.getValue()); + + }else{ + + if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { + + final XSAnyImpl xmlString = (XSAnyImpl) values + .get(nextSimpleValue); + + TransformerFactory transFactory = TransformerFactory.newInstance(); + Transformer transformer = null; + try { + transformer = transFactory.newTransformer(); + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + } catch (TransformerConfigurationException e) { + LOG.error("Error transformer configuration exception", e); + } + StringWriter buffer = new StringWriter(); + try { + if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){ + transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()), + new StreamResult(buffer)); + } + } catch (TransformerException e) { + LOG.error("Error transformer exception", e); + } + String str = buffer.toString(); + + valores.add(str); + + }else{ + + final XSAnyImpl xmlString = (XSAnyImpl) values + .get(nextSimpleValue); + valores.add(xmlString.getTextContent()); + } + + + + } + } + personalAttribute.setValue(valores); + personalAttrList.add(personalAttribute); + } + + request.setPersonalAttributeList(personalAttrList); + + return request; + } + + + /** + * Process all elements XMLObjects from the extensions. + * + * @param extensions the extensions from the authentication request. + * + * @return the STORK authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private STORKAttrQueryRequest processAttrExtensions(final Extensions extensions) + throws STORKSAMLEngineException { + LOG.debug("Procces the atribute query extensions."); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + final QAAAttribute qaa = (QAAAttribute) extensions + .getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME).get(0); + request.setQaa(Integer.parseInt(qaa.getQaaLevel())); + + List optionalElements = extensions.getUnknownXMLObjects( + SPSector.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPSector sector = (SPSector) extensions.getUnknownXMLObjects( + SPSector.DEF_ELEMENT_NAME).get(0); + request.setSpSector(sector.getSPSector()); + } + + optionalElements = extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPApplication application = (SPApplication) extensions + .getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME).get(0); + request.setSpApplication(application.getSPApplication()); + } + + optionalElements = extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPCountry application = (SPCountry) extensions + .getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME).get(0); + request.setSpCountry(application.getSPCountry()); + } + + + List listCrossBorderShare = extensions + .getUnknownXMLObjects(EIDCrossBorderShare.DEF_ELEMENT_NAME); + + if (!listCrossBorderShare .isEmpty()) { + final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) listCrossBorderShare.get(0); + request.setEIDCrossBorderShare(Boolean.parseBoolean(crossBorderShare + .getEIDCrossBorderShare())); + } + + + List listCrosSectorShare = extensions + .getUnknownXMLObjects(EIDCrossSectorShare.DEF_ELEMENT_NAME); + + if (!listCrosSectorShare.isEmpty()) { + final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) listCrosSectorShare.get(0); + request.setEIDCrossSectorShare(Boolean.parseBoolean(crossSectorShare + .getEIDCrossSectorShare())); + } + + List listSectorShareExtension = extensions + .getUnknownXMLObjects(EIDSectorShare.DEF_ELEMENT_NAME); + if (!listSectorShareExtension.isEmpty()) { + final EIDSectorShare sectorShare = (EIDSectorShare) listSectorShareExtension.get(0); + request.setEIDSectorShare(Boolean.parseBoolean(sectorShare.getEIDSectorShare())); + } + + + + List authAttrs = extensions + .getUnknownXMLObjects(AuthenticationAttributes.DEF_ELEMENT_NAME); + + if (authAttrs != null && !authAttrs.isEmpty()) { + + final AuthenticationAttributes authnAttr = (AuthenticationAttributes) authAttrs + .get(0); + + VIDPAuthenticationAttributes vidpAuthnAttr = null; + if (authnAttr != null && !authAttrs.isEmpty()){ + vidpAuthnAttr = authnAttr.getVIDPAuthenticationAttributes(); + } + + CitizenCountryCode citizenCountryCodeElement = null; + SPInformation spInformation = null; + if (vidpAuthnAttr != null){ + citizenCountryCodeElement = vidpAuthnAttr.getCitizenCountryCode(); + spInformation = vidpAuthnAttr.getSPInformation(); + } + + String citizenCountryCode = null; + if(citizenCountryCodeElement!=null){ + citizenCountryCode = citizenCountryCodeElement.getCitizenCountryCode(); + } + + if(citizenCountryCode!= null && StringUtils.isNotBlank(citizenCountryCode)){ + request.setCitizenCountryCode(citizenCountryCode); + } + + SPID spidElement = null; + if (spInformation != null){ + spidElement = spInformation.getSPID(); + } + + String spid = null; + if(spidElement!=null){ + spid = spidElement.getSPID(); + } + + if (spid != null && StringUtils.isNotBlank(spid)) { + request.setSPID(spid); + } + } + + if (extensions + .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) == null) { + LOG.error("Extensions not contains any requested attribute."); + throw new STORKSAMLEngineException( + "Extensions not contains any requested attribute."); + } + + final RequestedAttributes requestedAttr = (RequestedAttributes) extensions + .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) + .get(0); + + final List reqAttrs = requestedAttr.getAttributes(); + + final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); + + String attributeName; + for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { + final RequestedAttribute attribute = reqAttrs.get(nextAttribute); + final PersonalAttribute personalAttribute = new PersonalAttribute(); + personalAttribute.setIsRequired(Boolean.valueOf(attribute.isRequired())); + personalAttribute.setFriendlyName(attribute.getFriendlyName()); + attributeName = attribute.getName(); + + // recover the last name from the string. + personalAttribute.setName(attributeName.substring(attributeName + .lastIndexOf('/') + 1)); + + final ArrayList valores = new ArrayList(); + final List values = attribute.getOrderedChildren(); + + for (int nextSimpleValue = 0; nextSimpleValue < values.size(); nextSimpleValue++) { + + // Process attributes simples. An AuthenticationRequest only + // must contains simple values. + + final XMLObject xmlObject = values.get(nextSimpleValue); + + if(xmlObject instanceof XSStringImpl){ + + final XSStringImpl xmlString = (XSStringImpl) values + .get(nextSimpleValue); + valores.add(xmlString.getValue()); + + }else{ + + if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { + + final XSAnyImpl xmlString = (XSAnyImpl) values + .get(nextSimpleValue); + + TransformerFactory transFactory = TransformerFactory.newInstance(); + Transformer transformer = null; + try { + transformer = transFactory.newTransformer(); + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + } catch (TransformerConfigurationException e) { + LOG.error("Error transformer configuration exception", e); + } + StringWriter buffer = new StringWriter(); + try { + if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){ + transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()), + new StreamResult(buffer)); + } + } catch (TransformerException e) { + LOG.error("Error transformer exception", e); + } + String str = buffer.toString(); + + valores.add(str); + + }else{ + + final XSAnyImpl xmlString = (XSAnyImpl) values + .get(nextSimpleValue); + valores.add(xmlString.getTextContent()); + } + + + + } + } + personalAttribute.setValue(valores); + personalAttrList.add(personalAttribute); + } + + request.setPersonalAttributeList(personalAttrList); + + return request; + } + + /** + * Sets the name spaces. + * + * @param tokenSaml the new name spaces + */ + private void setNameSpaces(final XMLObject tokenSaml) { + LOG.debug("Set namespaces."); + + final Namespace saml2 = new Namespace(SAMLConstants.SAML20_NS, + SAMLConstants.SAML20_PREFIX); + tokenSaml.addNamespace(saml2); + + final Namespace digSig = new Namespace( + "http://www.w3.org/2000/09/xmldsig#", "ds"); + tokenSaml.addNamespace(digSig); + + final Namespace storkp = new Namespace(SAMLCore.STORK10P_NS.getValue(), + SAMLCore.STORK10P_PREFIX.getValue()); + tokenSaml.addNamespace(storkp); + + final Namespace stork = new Namespace(SAMLCore.STORK10_NS.getValue(), + SAMLCore.STORK10_PREFIX.getValue()); + + tokenSaml.addNamespace(stork); + } + + /** + * Validate parameters from authentication request. + * + * @param request the request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamAuthnReq(final STORKAuthnRequest request) + throws STORKSAMLEngineException { + LOG.info("Validate parameters from authentication request."); + + // URL to which Authentication Response must be sent. + if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { + throw new STORKSAMLEngineException( + "StorkSamlEngine: Assertion Consumer Service URL it's mandatory."); + } + + // the name of the original service provider requesting the + // authentication. + if (StringUtils.isBlank(request.getProviderName())) { + throw new STORKSAMLEngineException( + "StorkSamlEngine: Service Provider it's mandatory."); + } + + // object that contain all attributes requesting. + if (request.getPersonalAttributeList() == null + || request.getPersonalAttributeList().isEmpty()) { + throw new STORKSAMLEngineException( + "attributeQueries is null or empty."); + } + + // Quality authentication assurance level. + if ((request.getQaa() < QAAAttribute.MIN_VALUE) + || (request.getQaa() > QAAAttribute.MAX_VALUE)) { + throw new STORKSAMLEngineException("Qaal: " + request.getQaa() + + ", is invalid."); + } + + } + + /** + * Validate parameters from authentication request. + * + * @param request the request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamAttrQueryReq(final STORKAttrQueryRequest request) + throws STORKSAMLEngineException { + LOG.info("Validate parameters from attribute query request."); + + // URL to which Authentication Response must be sent. + /*if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { + throw new STORKSAMLEngineException( + "StorkSamlEngine: Assertion Consumer Service URL it's mandatory."); + }*/ + + // the name of the original service provider requesting the + // authentication. + /*if (StringUtils.isBlank(request.getProviderName())) { + throw new STORKSAMLEngineException( + "StorkSamlEngine: Service Provider it's mandatory."); + }*/ + + // object that contain all attributes requesting. + if (request.getPersonalAttributeList() == null + || request.getPersonalAttributeList().isEmpty()) { + throw new STORKSAMLEngineException( + "attributeQueries is null or empty."); + } + + // Quality authentication assurance level. + if ((request.getQaa() < QAAAttribute.MIN_VALUE) + || (request.getQaa() > QAAAttribute.MAX_VALUE)) { + throw new STORKSAMLEngineException("Qaal: " + request.getQaa() + + ", is invalid."); + } + + } + + + /** + * Validate parameters from response. + * + * @param request the request + * @param responseAuthReq the response authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamResponse(final STORKAuthnRequest request, + final STORKAuthnResponse responseAuthReq) + throws STORKSAMLEngineException { + LOG.info("Validate parameters response."); + if (StringUtils.isBlank(request.getIssuer())) { + throw new STORKSAMLEngineException( + "Issuer must be not empty or null."); + } + + if (responseAuthReq.getPersonalAttributeList() == null + || responseAuthReq.getPersonalAttributeList().isEmpty()) { + LOG.error("PersonalAttributeList is null or empty."); + throw new STORKSAMLEngineException( + "PersonalAttributeList is null or empty."); + } + + if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { + throw new STORKSAMLEngineException( + "assertionConsumerServiceURL is null or empty."); + } + + if (StringUtils.isBlank(request.getSamlId())) { + throw new STORKSAMLEngineException("request ID is null or empty."); + } + } + + /** + * Validate parameters from response. + * + * @param request the request + * @param responseAttrQueryReq the response authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamAttrQueryResponse(final STORKAttrQueryRequest request, + final STORKAttrQueryResponse responseAttrQueryReq) + throws STORKSAMLEngineException { + LOG.info("Validate attribute querey parameters response."); + if (StringUtils.isBlank(request.getIssuer())) { + throw new STORKSAMLEngineException( + "Issuer must be not empty or null."); + } + + if (responseAttrQueryReq.getPersonalAttributeList() == null + || responseAttrQueryReq.getPersonalAttributeList().isEmpty()) { + LOG.error("PersonalAttributeList is null or empty."); + throw new STORKSAMLEngineException( + "PersonalAttributeList is null or empty."); + } + + /*if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { + throw new STORKSAMLEngineException( + "assertionConsumerServiceURL is null or empty."); + }*/ + + if (StringUtils.isBlank(request.getSamlId())) { + throw new STORKSAMLEngineException("request ID is null or empty."); + } + } + + /** + * Validate parameter from response fail. + * + * @param request the request + * @param response the response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamResponseFail(final STORKAuthnRequest request, + final STORKAuthnResponse response) throws STORKSAMLEngineException { + LOG.info("Validate parameters response fail."); + if (StringUtils.isBlank(response.getStatusCode())) { + throw new STORKSAMLEngineException("Code error it's null or empty."); + } + + if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { + throw new STORKSAMLEngineException( + "assertionConsumerServiceURL is null or empty."); + } + + if (StringUtils.isBlank(request.getSamlId())) { + throw new STORKSAMLEngineException("request ID is null or empty."); + } + } + + /** + * Validate parameter from response fail. + * + * @param request the request + * @param response the response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamAttrQueryResponseFail(final STORKAttrQueryRequest request, + final STORKAttrQueryResponse response) throws STORKSAMLEngineException { + LOG.info("Validate parameters response fail."); + if (StringUtils.isBlank(response.getStatusCode())) { + throw new STORKSAMLEngineException("Code error it's null or empty."); + } + + if (StringUtils.isBlank(request.getSamlId())) { + throw new STORKSAMLEngineException("request ID is null or empty."); + } + } + + /** + * Validate stork authentication request. + * + * @param tokenSaml the token SAML + * + * @return the sTORK authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAuthnRequest validateSTORKAuthnRequest(final byte[] tokenSaml) + throws STORKSAMLEngineException { + LOG.info("validateSTORKAuthnRequest"); + + final AuthnRequest samlRequest = (AuthnRequest) validateStorkSaml(tokenSaml); + + LOG.debug("Validate Extensions."); + final Validator validatorExt = new ExtensionsSchemaValidator(); + try { + validatorExt.validate(samlRequest.getExtensions()); + } catch (ValidationException e) { + LOG.error("ValidationException: validate Extensions.", e); + throw new STORKSAMLEngineException(e); + } + + LOG.debug("Generate STORKAuthnRequest."); + final STORKAuthnRequest authnRequest = processExtensions(samlRequest + .getExtensions()); + + authnRequest.setCountry(this.getCountry(samlRequest.getSignature() + .getKeyInfo())); + + authnRequest.setAlias(this.getAlias(samlRequest.getSignature() + .getKeyInfo(), super.getSigner().getTrustStore())); + + authnRequest.setSamlId(samlRequest.getID()); + authnRequest.setDestination(samlRequest.getDestination()); + authnRequest.setAssertionConsumerServiceURL(samlRequest + .getAssertionConsumerServiceURL()); + + authnRequest.setProviderName(samlRequest.getProviderName()); + authnRequest.setIssuer(samlRequest.getIssuer().getValue()); + + //Delete unknown elements from requested ones + final Iterator iterator = authnRequest.getPersonalAttributeList().iterator(); + IPersonalAttributeList cleanPerAttrList = (PersonalAttributeList) authnRequest.getPersonalAttributeList(); + while (iterator.hasNext()) { + + final PersonalAttribute attribute = iterator.next(); + + // Verify if the attribute name exits. + final String attributeName = super.getSamlCoreProperties() + .getProperty(attribute.getName()); + + if (StringUtils.isBlank(attributeName)) { + LOG.info("Attribute name: {} was not found. It will be removed from the request object", attribute.getName()); + cleanPerAttrList.remove(attribute.getName()); + } + + } + authnRequest.setPersonalAttributeList(cleanPerAttrList); + + return authnRequest; + + } + + /** + * Validate stork authentication request. + * + * @param tokenSaml the token SAML + * + * @return the sTORK authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAttrQueryRequest validateSTORKAttrQueryRequest(final byte[] tokenSaml) + throws STORKSAMLEngineException { + LOG.info("validateSTORKAttrQueryRequest"); + + final AttributeQuery samlRequest = (AttributeQuery) validateStorkSaml(tokenSaml); + + LOG.debug("Validate Extensions."); + final Validator validatorExt = new ExtensionsSchemaValidator(); + try { + validatorExt.validate(samlRequest.getExtensions()); + } catch (ValidationException e) { + LOG.error("ValidationException: validate Extensions.", e); + throw new STORKSAMLEngineException(e); + } + + LOG.debug("Generate STORKAttrQueryRequest."); + final STORKAttrQueryRequest attrRequest = processAttrExtensions(samlRequest + .getExtensions()); + + attrRequest.setCountry(this.getCountry(samlRequest.getSignature() + .getKeyInfo())); + + attrRequest.setAlias(this.getAlias(samlRequest.getSignature() + .getKeyInfo(), super.getSigner().getTrustStore())); + + attrRequest.setSamlId(samlRequest.getID()); + attrRequest.setDestination(samlRequest.getDestination()); + /*attrRequest.setAssertionConsumerServiceURL(samlRequest + .getAssertionConsumerServiceURL()); + + authnRequest.setProviderName(samlRequest.getProviderName());*/ + attrRequest.setIssuer(samlRequest.getIssuer().getValue()); + + //Delete unknown elements from requested ones + final Iterator iterator = attrRequest.getPersonalAttributeList().iterator(); + IPersonalAttributeList cleanPerAttrList = (PersonalAttributeList) attrRequest.getPersonalAttributeList(); + while (iterator.hasNext()) { + + final PersonalAttribute attribute = iterator.next(); + + // Verify if the attribute name exits. + final String attributeName = super.getSamlCoreProperties() + .getProperty(attribute.getName()); + + if (StringUtils.isBlank(attributeName)) { + LOG.info("Attribute name: {} was not found. It will be removed from the request object", attribute.getName()); + cleanPerAttrList.remove(attribute.getName()); + } + + } + attrRequest.setPersonalAttributeList(cleanPerAttrList); + + return attrRequest; + + } + + /** + * Validate stork authentication response. + * + * @param tokenSaml the token SAML + * @param userIP the user IP + * + * @return the Stork authentication response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAuthnResponse validateSTORKAuthnResponse( + final byte[] tokenSaml, final String userIP) + throws STORKSAMLEngineException { + + LOG.info("validateSTORKAuthnResponse"); + final Response samlResponse = (Response) validateStorkSaml(tokenSaml); + + LOG.debug("Create StorkAuthResponse."); + final STORKAuthnResponse authnResponse = new STORKAuthnResponse(); + + authnResponse.setCountry(this.getCountry(samlResponse.getSignature() + .getKeyInfo())); + + LOG.debug("Set ID."); + authnResponse.setSamlId(samlResponse.getID()); + LOG.debug("Set InResponseTo."); + authnResponse.setInResponseTo(samlResponse.getInResponseTo()); + LOG.debug("Set statusCode."); + authnResponse.setStatusCode(samlResponse.getStatus().getStatusCode() + .getValue()); + + // Subordinate code. + if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) { + authnResponse.setSubStatusCode(samlResponse.getStatus() + .getStatusCode().getStatusCode().getValue()); + } + + if (samlResponse.getStatus().getStatusMessage() != null) { + LOG.debug("Set statusMessage."); + authnResponse.setMessage(samlResponse.getStatus() + .getStatusMessage().getMessage()); + } + + LOG.debug("validateStorkResponse"); + final Assertion assertion = (Assertion) validateStorkResponse( + samlResponse, userIP); + + if(assertion!=null){ + final DateTime serverDate = new DateTime(); + + if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) { + LOG.error("Token date expired (getNotOnOrAfter = " + + assertion.getConditions().getNotOnOrAfter() + + ", server_date: " + serverDate + ")"); + throw new STORKSAMLEngineException( + "Token date expired (getNotOnOrAfter = " + + assertion.getConditions().getNotOnOrAfter() + + " ), server_date: " + serverDate); + } + + LOG.debug("Set notOnOrAfter."); + authnResponse.setNotOnOrAfter(assertion.getConditions() + .getNotOnOrAfter()); + + LOG.debug("Set notBefore."); + authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); + + authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); + + authnResponse.setAudienceRestriction(((AudienceRestriction) assertion + .getConditions().getAudienceRestrictions().get(0)) + .getAudiences().get(0).getAudienceURI()); + } + + // Case no error. + if (assertion!=null && StatusCode.SUCCESS_URI.equalsIgnoreCase(authnResponse + .getStatusCode())) { + LOG.debug("Status Success. Set PersonalAttributeList."); + authnResponse + .setPersonalAttributeList(generatePersonalAttributeList(assertion)); + authnResponse.setFail(false); + } else { + LOG.debug("Status Fail."); + authnResponse.setFail(true); + } + LOG.debug("Return result."); + return authnResponse; + + } + + /** + * Validate stork attribute query response. + * + * @param tokenSaml the token SAML + * @param userIP the user IP + * + * @return the Stork attribute query response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAttrQueryResponse validateSTORKAttrQueryResponse( + final byte[] tokenSaml, final String userIP) + throws STORKSAMLEngineException { + + LOG.info("validateSTORKAttrQueryResponse"); + final Response samlResponse = (Response) validateStorkSaml(tokenSaml); + + LOG.debug("Create StorkAttrQueryResponse."); + final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse(); + + attrQueryResponse.setCountry(this.getCountry(samlResponse.getSignature() + .getKeyInfo())); + + LOG.debug("Set ID."); + attrQueryResponse.setSamlId(samlResponse.getID()); + LOG.debug("Set InResponseTo."); + attrQueryResponse.setInResponseTo(samlResponse.getInResponseTo()); + LOG.debug("Set statusCode."); + attrQueryResponse.setStatusCode(samlResponse.getStatus().getStatusCode() + .getValue()); + + // Subordinate code. + if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) { + attrQueryResponse.setSubStatusCode(samlResponse.getStatus() + .getStatusCode().getStatusCode().getValue()); + } + + if (samlResponse.getStatus().getStatusMessage() != null) { + LOG.debug("Set statusMessage."); + attrQueryResponse.setMessage(samlResponse.getStatus() + .getStatusMessage().getMessage()); + } + + LOG.debug("validateStorkResponse"); + final Assertion assertion = (Assertion) validateStorkResponse( + samlResponse, userIP); + + if(assertion!=null){ + final DateTime serverDate = new DateTime(); + + if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) { + LOG.error("Token date expired (getNotOnOrAfter = " + + assertion.getConditions().getNotOnOrAfter() + + ", server_date: " + serverDate + ")"); + throw new STORKSAMLEngineException( + "Token date expired (getNotOnOrAfter = " + + assertion.getConditions().getNotOnOrAfter() + + " ), server_date: " + serverDate); + } + + LOG.debug("Set notOnOrAfter."); + attrQueryResponse.setNotOnOrAfter(assertion.getConditions() + .getNotOnOrAfter()); + + LOG.debug("Set notBefore."); + attrQueryResponse.setNotBefore(assertion.getConditions().getNotBefore()); + + attrQueryResponse.setNotBefore(assertion.getConditions().getNotBefore()); + + attrQueryResponse.setAudienceRestriction(((AudienceRestriction) assertion + .getConditions().getAudienceRestrictions().get(0)) + .getAudiences().get(0).getAudienceURI()); + } + + // Case no error. + if (assertion!=null && StatusCode.SUCCESS_URI.equalsIgnoreCase(attrQueryResponse + .getStatusCode())) { + LOG.debug("Status Success. Set PersonalAttributeList."); + attrQueryResponse + .setPersonalAttributeList(generatePersonalAttributeList(assertion)); + attrQueryResponse.setFail(false); + } else { + LOG.debug("Status Fail."); + attrQueryResponse.setFail(true); + } + LOG.debug("Return result."); + return attrQueryResponse; + + } + + /** + * Validate stork response. + * + * @param samlResponse the SAML response + * @param userIP the user IP + * + * @return the assertion + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Assertion validateStorkResponse(final Response samlResponse, + final String userIP) throws STORKSAMLEngineException { + // Exist only one Assertion + + if (samlResponse.getAssertions() == null + || samlResponse.getAssertions().isEmpty()) { + LOG.info("Assertion is null or empty."); //in replace of throw new STORKSAMLEngineException("Assertion is null or empty.") + return null; + } + + final Assertion assertion = (Assertion) samlResponse.getAssertions() + .get(0); + + LOG.debug("Verified method Bearer"); + for (final Iterator iter = assertion.getSubject() + .getSubjectConfirmations().iterator(); iter.hasNext();) { + final SubjectConfirmation element = iter.next(); + final boolean isBearer = SubjectConfirmation.METHOD_BEARER + .equals(element.getMethod()); + + final boolean ipValidate = super.getSamlCoreProperties() + .isIpValidation(); + + if (ipValidate) { + if (isBearer) { + if (StringUtils.isBlank(userIP)) { + LOG.error("browser_ip is null or empty."); + throw new STORKSAMLEngineException( + "browser_ip is null or empty."); + } else if (StringUtils.isBlank(element + .getSubjectConfirmationData().getAddress())) { + LOG.error("token_ip attribute is null or empty."); + throw new STORKSAMLEngineException( + "token_ip attribute is null or empty."); + } + } + + final boolean ipEqual = element.getSubjectConfirmationData() + .getAddress().equals(userIP); + + // Validation ipUser + if (!ipEqual && ipValidate) { + LOG.error("SubjectConfirmation BEARER: "); + throw new STORKSAMLEngineException( + "IPs doesn't match : token_ip (" + + element.getSubjectConfirmationData() + .getAddress() + ") browser_ip (" + + userIP + ")"); + } + } + + } + return assertion; + } + + /** + * Validate stork SAML. + * + * @param tokenSaml the token SAML + * + * @return the signable SAML object + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private SignableSAMLObject validateStorkSaml(final byte[] tokenSaml) + throws STORKSAMLEngineException { + + LOG.info("Validate StorkSaml message."); + + if (tokenSaml == null) { + LOG.error("Saml authentication request is null."); + throw new STORKSAMLEngineException( + "Saml authentication request is null."); + } + + LOG.debug("Generate AuthnRequest from request."); + SignableSAMLObject samlObject; + + try { + samlObject = (SignableSAMLObject) super.unmarshall(tokenSaml); + } catch (SAMLEngineException e) { + LOG.error("SAMLEngineException unmarshall.", e); + throw new STORKSAMLEngineException(e); + } + + boolean validateSign = true; + + if (StringUtils.isNotBlank(super.getSamlCoreProperties().getProperty( + "validateSignature"))) { + validateSign = Boolean.valueOf(super.getSamlCoreProperties() + .getProperty("validateSignature")); + } + + if (validateSign) { + LOG.debug("Validate Signature."); + try { + super.validateSignature(samlObject); + } catch (SAMLEngineException e) { + LOG.error("SAMLEngineException validateSignature.", e); + throw new STORKSAMLEngineException(e); + } + } + + LOG.debug("Validate Schema."); + final ValidatorSuite validatorSuite = Configuration + .getValidatorSuite("saml2-core-schema-validator"); + try { + validatorSuite.validate(samlObject); + } catch (ValidationException e) { + LOG.error("ValidationException.", e); + throw new STORKSAMLEngineException(e); + } + + return samlObject; + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/X509PrincipalUtil.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/X509PrincipalUtil.java.svn-base new file mode 100644 index 000000000..e38cc5f0b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/X509PrincipalUtil.java.svn-base @@ -0,0 +1,69 @@ +package eu.stork.peps.auth.engine; + +import org.bouncycastle.asn1.DERObjectIdentifier; +import org.bouncycastle.jce.X509Principal; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Utility class used to decrease complexity of comparison of 2 X509principal + * + * @author vanegdi + * @version $Revision: 1.00 $, $Date: 2013-05-24 20:53:51 $ + */ +public final class X509PrincipalUtil{ + + private static final DERObjectIdentifier[] DER_OBJECT_IDENTIFIERS_ARRAY= { + X509Principal.CN, + X509Principal.OU, + X509Principal.O, + X509Principal.L, + X509Principal.ST, + X509Principal.C, + X509Principal.E + }; + + private static final Logger LOG = LoggerFactory.getLogger(eu.stork.peps.auth.engine.X509PrincipalUtil.class); + + /** + * Compares 2 X509Principals to detect if they equals + * @param principal1 + * @param principal2 + * @return true if arguments are not null and equals + */ + public static boolean equals(X509Principal principal1, X509Principal principal2) { + boolean continueProcess = true; + if (principal1 == null || principal2 == null){ + return false; + } + + int cpt = 0; + while(continueProcess && cpt < DER_OBJECT_IDENTIFIERS_ARRAY.length){ + continueProcess = continueProcess && x509ValuesByIdentifierEquals(principal1, principal2, DER_OBJECT_IDENTIFIERS_ARRAY[cpt]); + cpt++; + } + return continueProcess; + } + + public static boolean equals2(X509Principal principal1, X509Principal principal2) { + + if (principal1 == null || principal2 == null){ + return false; + } + + if (principal1.getName().equals(principal2.getName())) + return true; + else + return false; + + } + + private static boolean x509ValuesByIdentifierEquals(X509Principal principal1, X509Principal principal2, DERObjectIdentifier identifier){ + return principal1.getValues(identifier).equals(principal2.getValues(identifier)); + } + + private X509PrincipalUtil(){ + // default contructor + LOG.error("Fake X509PrincipalUtil : never be called"); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/package-info.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..d3e353e51 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Provides the classes necessary to create a SAML message. + */ +package eu.stork.peps.auth.engine; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java new file mode 100644 index 000000000..f8f50fc74 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngine.java @@ -0,0 +1,409 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine; + +import java.io.ByteArrayInputStream; +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; +import java.util.HashMap; +import java.util.Map; +import java.util.Properties; + +import javax.xml.XMLConstants; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.opensaml.Configuration; +import org.opensaml.DefaultBootstrap; +import org.opensaml.common.SAMLObject; +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.xml.ConfigurationException; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.Marshaller; +import org.opensaml.xml.io.MarshallerFactory; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.io.Unmarshaller; +import org.opensaml.xml.io.UnmarshallerFactory; +import org.opensaml.xml.io.UnmarshallingException; +import org.opensaml.xml.parse.BasicParserPool; +import org.opensaml.xml.parse.XMLParserException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SAMLEngineSignI; +import eu.stork.peps.auth.engine.core.STORKSAMLCore; +import eu.stork.peps.auth.engine.core.impl.SignModuleFactory; +import eu.stork.peps.configuration.ConfigurationCreator; +import eu.stork.peps.configuration.ConfigurationReader; +import eu.stork.peps.configuration.InstanceEngine; +import eu.stork.peps.exceptions.SAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * Class that wraps the operations over SAML tokens, both generation and + * validation of SAML requests and SAML responses. Compliant with "OASIS Secure + * Assertion Markup Language (SAML) 2.0, May 2005", but taking into account + * STORK specific requirements. + * + * @author fjquevedo + * @author iinigo + */ + +public class SAMLEngine { + + /** The Document Builder Factory. */ + private static javax.xml.parsers.DocumentBuilderFactory dbf = null; + + /** The instance of every engine SAML. */ + private static Map instanceConfigs; + + /** The instances of SAML engine. */ + private static Map> instances; + + /** The logger. */ + private static final Logger LOG = LoggerFactory.getLogger(SAMLEngine.class + .getName()); + + /** The Constant MODULE_SIGN_CONF. */ + private static final String MODULE_SIGN_CONF = "SignatureConf"; + + /** The Constant SAML_ENGINE_SIGN_CLASS. */ + private static final String SAML_ENGINE_SIGN_CLASS = "class"; + + /** The Constant SAML_ENGINE_CONF. */ + private static final String SAML_ENGINE_CONF = "SamlEngineConf"; + + /** The Constant SAML_ENGINE_FILE_CONF. */ + private static final String SAML_ENGINE_FILE_CONF = "fileConfiguration"; + + /** The codification of characters. */ + private static final String CHARACTER_ENCODING = "UTF-8"; + + /** The SAML core. */ + private STORKSAMLCore samlCore; + + /** The Module of Signature. */ + private SAMLEngineSignI signer; + + + /** Initializes the SAML engine. */ + /** Configure Document Builder Factory. */ + + static { + startUp(); + loadDocumentFactory(); + } + + /** + * Load document factory. + */ + private static void loadDocumentFactory() { + + try { + dbf = javax.xml.parsers.DocumentBuilderFactory.newInstance(); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + dbf.setNamespaceAware(true); + dbf.setIgnoringComments(true); + } catch (ParserConfigurationException e) { + LOG.error("Error parser configuration."); + throw new STORKSAMLEngineRuntimeException(e); + } + + } + + /** + * Method that initializes the basic services for the SAML Engine, like the + * OpenSAML library and the BouncyCastle provider. + */ + private static void startUp() { + + LOG.info("SAMLEngine: Initialize OpenSAML"); + + try { + DefaultBootstrap.bootstrap(); + } catch (ConfigurationException e) { + LOG.error("Problem initializing the OpenSAML library."); + throw new STORKSAMLEngineRuntimeException(e); + } + + LOG.debug("Read all file configurations. (instances of SAMLEngine)"); + try { + instanceConfigs = ConfigurationReader.readConfiguration(); + } catch (SAMLEngineException e) { + LOG.error("Error read configuration file."); + throw new STORKSAMLEngineRuntimeException(e); + } + + LOG.debug("Create all instaces of saml engine. (instances of SAMLEngine)"); + try { + instances = ConfigurationCreator + .createConfiguration(instanceConfigs); + } catch (STORKSAMLEngineException e) { + LOG.error("Error initializing instances from Stork SAML engine."); + throw new STORKSAMLEngineRuntimeException(e); + } + } + + /** + * Instantiates a new SAML engine. + */ + private SAMLEngine() { + + } + + /** + * Instantiates a new SAML engine. + * + * @param nameInstance the name instance + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + protected SAMLEngine(final String nameInstance) + throws STORKSAMLEngineException { + LOG.info("Loading Specific Configuration."); + + LOG.debug("Create intance of saml messages."); + + Map instance = instances.get(nameInstance); + + if (instance == null || instance.isEmpty()) { + LOG.error("Instance: " + nameInstance + " not exist."); + throw new STORKSAMLEngineException("Instance: " + nameInstance + + " not exist."); + } + + Properties properties = (Properties) instance.get(SAML_ENGINE_CONF); + + if (properties == null) { + LOG.error("SamlEngine.xml: not exist."); + throw new STORKSAMLEngineException("SamlEngine.xml: not exist."); + } + + samlCore = new STORKSAMLCore(properties); + + final HashMap propertiesSign = (HashMap) instance + .get(MODULE_SIGN_CONF); + + LOG.debug("Loading Module of sign."); + signer = SignModuleFactory.getInstance(propertiesSign + .get(SAML_ENGINE_SIGN_CLASS)); + + try { + LOG.info("Initialize module of sign."); + signer.init(propertiesSign.get(SAML_ENGINE_FILE_CONF)); + LOG.info("Load cryptographic service provider of module of sign."); + signer.loadCryptServiceProvider(); + } catch (SAMLEngineException e) { + LOG.error("Error create signature module: " + + propertiesSign.get(SAML_ENGINE_FILE_CONF)); + LOG.info("Exception" + e); + throw new STORKSAMLEngineException(e); + } + } + + /** + * Gets the Signer properties. + * + * @return the SAML Sign properties + */ + protected SAMLEngineSignI getSigner() { + return signer; + } + + /** + * Gets the SAML core properties. + * + * @return the SAML core properties + */ + protected final STORKSAMLCore getSamlCoreProperties() { + return samlCore; + } + + /** + * Method that transform the received SAML object into a byte array + * representation. + * + * @param samlToken the SAML token. + * + * @return the byte[] of the SAML token. + * + * @throws SAMLEngineException the SAML engine exception + */ + private byte[] marshall(final XMLObject samlToken) + throws SAMLEngineException { + + try { + javax.xml.parsers.DocumentBuilder docBuilder = null; + + final MarshallerFactory marshallerFactory = Configuration + .getMarshallerFactory(); + + final Marshaller marshaller = marshallerFactory + .getMarshaller(samlToken); + + docBuilder = dbf.newDocumentBuilder(); + + final Document doc = docBuilder.newDocument(); + + marshaller.marshall(samlToken, doc); + + // Obtain a byte array representation of the marshalled SAML object + final DOMSource domSource = new DOMSource(doc); + final StringWriter writer = new StringWriter(); + final StreamResult result = new StreamResult(writer); + final TransformerFactory transFactory = TransformerFactory + .newInstance(); + Transformer transformer; + + transformer = transFactory.newTransformer(); + transformer.transform(domSource, result); + LOG.debug("SAML request \n"+ writer.toString()); + return writer.toString().getBytes(CHARACTER_ENCODING); + + } catch (ParserConfigurationException e) { + LOG.error("ParserConfigurationException."); + throw new SAMLEngineException(e); + } catch (MarshallingException e) { + LOG.error("MarshallingException."); + throw new SAMLEngineException(e); + } catch (TransformerConfigurationException e) { + LOG.error("TransformerConfigurationException."); + throw new SAMLEngineException(e); + } catch (TransformerException e) { + LOG.error("TransformerException."); + throw new SAMLEngineException(e); + } catch (UnsupportedEncodingException e) { + LOG.error("UnsupportedEncodingException: " + CHARACTER_ENCODING); + throw new SAMLEngineException(e); + } + } + + /** + * Method that signs a SAML Token. + * + * @param tokenSaml the token SAML + * + * @return the SAML object sign + * + * @throws SAMLEngineException the SAML engine exception + */ + private SignableSAMLObject sign(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.debug("Sign SamlToken."); + signer.sign(tokenSaml); + return tokenSaml; + } + + /** + * Sign and transform to byte array. + * + * @param samlToken the SAML token + * + * @return the byte[] of the SAML token + * + * @throws SAMLEngineException the SAML engine exception + */ + protected final byte[] signAndMarshall(final SignableSAMLObject samlToken) + throws SAMLEngineException { + LOG.debug("Marshall Saml Token."); + SignableSAMLObject signElement = sign(samlToken); + return marshall(signElement); + } + + /** + * Method that unmarshalls a SAML Object from a byte array representation to + * an XML Object. + * + * @param samlToken Byte array representation of a SAML Object + * + * @return XML Object (superclass of SAMLObject) + * + * @throws SAMLEngineException the SAML engine exception + */ + protected final XMLObject unmarshall(final byte[] samlToken) + throws SAMLEngineException { + try { + // Get parser pool manager + final BasicParserPool ppMgr = new BasicParserPool(); + // Note: this is necessary due to an unresolved Xerces deferred DOM + // issue/bug + final HashMap features = new HashMap(); + features.put(XMLConstants.FEATURE_SECURE_PROCESSING, Boolean.TRUE); + ppMgr.setBuilderFeatures(features); + + ppMgr.setNamespaceAware(true); + + // Parse SAMLToken + Document document = ppMgr.parse(new ByteArrayInputStream(samlToken)); + if (document != null){ + final Element root = document.getDocumentElement(); + // Get appropriate unmarshaller + final UnmarshallerFactory unmarshallerFact = Configuration.getUnmarshallerFactory(); + // Unmarshall using the SAML Token root element + if (unmarshallerFact != null && root != null){ + final Unmarshaller unmarshaller = unmarshallerFact.getUnmarshaller(root); + try { + return unmarshaller.unmarshall(root); + } catch (NullPointerException e){ + LOG.error("Error element tag incomplet or null."); + throw new SAMLEngineException("NullPointerException", e); + } + } else { + LOG.error("Error element tag incomplet or null."); + throw new SAMLEngineException("NullPointerException : unmarshallerFact or root is null"); + } + } else { + LOG.error("Error element tag incomplet or null."); + throw new SAMLEngineException("NullPointerException : document is null"); + } + } catch (XMLParserException e) { + LOG.error("XML Parsing Error.", e); + throw new SAMLEngineException(e); + } catch (UnmarshallingException e) { + LOG.error("TransformerException.", e); + throw new SAMLEngineException(e); + } catch (NullPointerException e) { + LOG.error("Error element tag incomplet or null.", e); + throw new SAMLEngineException(e); + } + } + + /** + * Method that validates an XML Signature contained in a SAML Token. + * + * @param samlToken the SAML token + * + * @return the SAML object + * + * @throws SAMLEngineException the SAML engine exception + */ + protected final SAMLObject validateSignature( + final SignableSAMLObject samlToken) throws SAMLEngineException { + + LOG.info("Validate Signature"); + signer.validateSignature(samlToken); + + return samlToken; + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java new file mode 100644 index 000000000..60f7c3091 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/SAMLEngineUtils.java @@ -0,0 +1,833 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.UnsupportedEncodingException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import javax.xml.namespace.QName; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.lang.StringUtils; +import org.joda.time.DateTime; +import org.opensaml.Configuration; +import org.opensaml.common.SAMLVersion; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; +import org.opensaml.saml2.common.Extensions; +import org.opensaml.saml2.common.impl.ExtensionsBuilder; +import org.opensaml.saml2.core.Assertion; +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.AttributeQuery; +import org.opensaml.saml2.core.AttributeValue; +import org.opensaml.saml2.core.AuthnContext; +import org.opensaml.saml2.core.AuthnRequest; +import org.opensaml.saml2.core.AuthnStatement; +import org.opensaml.saml2.core.Issuer; +import org.opensaml.saml2.core.NameID; +import org.opensaml.saml2.core.Response; +import org.opensaml.saml2.core.Status; +import org.opensaml.saml2.core.StatusCode; +import org.opensaml.saml2.core.StatusMessage; +import org.opensaml.saml2.core.Subject; +import org.opensaml.saml2.core.SubjectConfirmation; +import org.opensaml.saml2.core.SubjectConfirmationData; +import org.opensaml.saml2.core.SubjectLocality; +import org.opensaml.saml2.core.impl.AssertionBuilder; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.schema.XSAny; +import org.opensaml.xml.schema.XSString; +import org.opensaml.xml.signature.KeyInfo; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.xml.sax.SAXException; + +import eu.stork.peps.auth.engine.core.QAAAttribute; +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import eu.stork.peps.auth.engine.core.SAMLCore; +import eu.stork.peps.auth.engine.core.SPApplication; +import eu.stork.peps.auth.engine.core.SPCountry; +import eu.stork.peps.auth.engine.core.SPInstitution; +import eu.stork.peps.auth.engine.core.SPSector; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * The Class SAMLEngineUtils. + * + * @author fjquevedo + * @author iinigo + */ +public final class SAMLEngineUtils { + + /** The Constant UTF_8. */ + public static final String UTF_8 = "UTF-8"; + + /** The Constant SHA_512. */ + public static final String SHA_512 = "SHA-512"; + + + /** The generator. */ + private static SecureRandomIdentifierGenerator generator; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(SAMLEngineUtils.class.getName()); + + /** + * Method that generates a random value according to NCName grammar. + * + * NCName ::= NCNameStartChar NCNameChar* NCNameChar ::= NameChar - ':' + * NCNameStartChar ::= Letter | '_' NameStartChar ::= ":" | [A-Z] | "_" | + * [a-z] | [#xC0-#xD6] | [#xD8-#xF6] | [#xF8-#x2FF] | [#x370-#x37D] | + * [#x37F-#x1FFF] | [#x200C-#x200D] | [#x2070-#x218F] | [#x2C00-#x2FEF] | + * [#x3001-#xD7FF] | [#xF900-#xFDCF] | [#xFDF0-#xFFFD] | [#x10000-#xEFFFF] + * NameChar ::= NameStartChar | "-" | "." | [0-9] | #xB7 | [#x0300-#x036F] | + * [#x203F-#x2040] Name ::= NameStartChar (NameChar)* Letter ::= BaseChar | + * Ideographic BaseChar ::= [#x0041-#x005A] | [#x0061-#x007A] | + * [#x00C0-#x00D6] | [#x00D8-#x00F6] | [#x00F8-#x00FF] | [#x0100-#x0131] | + * [#x0134-#x013E] | [#x0141-#x0148] | [#x014A-#x017E] | [#x0180-#x01C3] | + * [#x01CD-#x01F0] | [#x01F4-#x01F5] | [#x01FA-#x0217] | [#x0250-#x02A8] | + * [#x02BB-#x02C1] | #x0386 | [#x0388-#x038A] | #x038C | [#x038E-#x03A1] | + * [#x03A3-#x03CE] | [#x03D0-#x03D6] | #x03DA | #x03DC | #x03DE | #x03E0 | + * [#x03E2-#x03F3] | [#x0401-#x040C] | [#x040E-#x044F] | [#x0451-#x045C] | + * [#x045E-#x0481] | [#x0490-#x04C4] | [#x04C7-#x04C8] | [#x04CB-#x04CC] | + * [#x04D0-#x04EB] | [#x04EE-#x04F5] | [#x04F8-#x04F9] | [#x0531-#x0556] | + * #x0559 | [#x0561-#x0586] | [#x05D0-#x05EA] | [#x05F0-#x05F2] | + * [#x0621-#x063A] | [#x0641-#x064A] | [#x0671-#x06B7] | [#x06BA-#x06BE] | + * [#x06C0-#x06CE] | [#x06D0-#x06D3] | #x06D5 | [#x06E5-#x06E6] | + * [#x0905-#x0939] | #x093D | [#x0958-#x0961] | [#x0985-#x098C] | + * [#x098F-#x0990] | [#x0993-#x09A8] | [#x09AA-#x09B0] | #x09B2 | + * [#x09B6-#x09B9] | [#x09DC-#x09DD] | [#x09DF-#x09E1] | [#x09F0-#x09F1] | + * [#x0A05-#x0A0A] | [#x0A0F-#x0A10] | [#x0A13-#x0A28] | [#x0A2A-#x0A30] | + * [#x0A32-#x0A33] | [#x0A35-#x0A36] | [#x0A38-#x0A39] | [#x0A59-#x0A5C] | + * #x0A5E | [#x0A72-#x0A74] | [#x0A85-#x0A8B] | #x0A8D | [#x0A8F-#x0A91] | + * [#x0A93-#x0AA8] | [#x0AAA-#x0AB0] | [#x0AB2-#x0AB3] | [#x0AB5-#x0AB9] | + * #x0ABD | #x0AE0 | [#x0B05-#x0B0C] | [#x0B0F-#x0B10] | [#x0B13-#x0B28] | + * [#x0B2A-#x0B30] | [#x0B32-#x0B33] | [#x0B36-#x0B39] | #x0B3D | + * [#x0B5C-#x0B5D] | [#x0B5F-#x0B61] | [#x0B85-#x0B8A] | [#x0B8E-#x0B90] | + * [#x0B92-#x0B95] | [#x0B99-#x0B9A] | #x0B9C | [#x0B9E-#x0B9F] | + * [#x0BA3-#x0BA4] | [#x0BA8-#x0BAA] | [#x0BAE-#x0BB5] | [#x0BB7-#x0BB9] | + * [#x0C05-#x0C0C] | [#x0C0E-#x0C10] | [#x0C12-#x0C28] | [#x0C2A-#x0C33] | + * [#x0C35-#x0C39] | [#x0C60-#x0C61] | [#x0C85-#x0C8C] | [#x0C8E-#x0C90] | + * [#x0C92-#x0CA8] | [#x0CAA-#x0CB3] | [#x0CB5-#x0CB9] | #x0CDE | + * [#x0CE0-#x0CE1] | [#x0D05-#x0D0C] | [#x0D0E-#x0D10] | [#x0D12-#x0D28] | + * [#x0D2A-#x0D39] | [#x0D60-#x0D61] | [#x0E01-#x0E2E] | #x0E30 | + * [#x0E32-#x0E33] | [#x0E40-#x0E45] | [#x0E81-#x0E82] | #x0E84 | + * [#x0E87-#x0E88] | #x0E8A | #x0E8D | [#x0E94-#x0E97] | [#x0E99-#x0E9F] | + * [#x0EA1-#x0EA3] | #x0EA5 | #x0EA7 | [#x0EAA-#x0EAB] | [#x0EAD-#x0EAE] | + * #x0EB0 | [#x0EB2-#x0EB3] | #x0EBD | [#x0EC0-#x0EC4] | [#x0F40-#x0F47] | + * [#x0F49-#x0F69] | [#x10A0-#x10C5] | [#x10D0-#x10F6] | #x1100 | + * [#x1102-#x1103] | [#x1105-#x1107] | #x1109 | [#x110B-#x110C] | + * [#x110E-#x1112] | #x113C | #x113E | #x1140 | #x114C | #x114E | #x1150 | + * [#x1154-#x1155] | #x1159 | [#x115F-#x1161] | #x1163 | #x1165 | #x1167 | + * #x1169 | [#x116D-#x116E] | [#x1172-#x1173] | #x1175 | #x119E | #x11A8 | + * #x11AB | [#x11AE-#x11AF] | [#x11B7-#x11B8] | #x11BA | [#x11BC-#x11C2] | + * #x11EB | #x11F0 | #x11F9 | [#x1E00-#x1E9B] | [#x1EA0-#x1EF9] | + * [#x1F00-#x1F15] | [#x1F18-#x1F1D] | [#x1F20-#x1F45] | [#x1F48-#x1F4D] | + * [#x1F50-#x1F57] | #x1F59 | #x1F5B | #x1F5D | [#x1F5F-#x1F7D] | + * [#x1F80-#x1FB4] | [#x1FB6-#x1FBC] | #x1FBE | [#x1FC2-#x1FC4] | + * [#x1FC6-#x1FCC] | [#x1FD0-#x1FD3] | [#x1FD6-#x1FDB] | [#x1FE0-#x1FEC] | + * [#x1FF2-#x1FF4] | [#x1FF6-#x1FFC] | #x2126 | [#x212A-#x212B] | #x212E | + * [#x2180-#x2182] | [#x3041-#x3094] | [#x30A1-#x30FA] | [#x3105-#x312C] | + * [#xAC00-#xD7A3] Ideographic ::= [#x4E00-#x9FA5] | #x3007 | + * [#x3021-#x3029] + * + * @return Random ID value + */ + + //Initialization of a generator of identifiers for all token SAML. + + static { + loadRandomIdentifierGenerator(); + } + + + /** + * Load random identifier generator. + * + *@throws STORKSAMLEngineRuntimeException the STORKSAML engine runtime exception + */ + private static void loadRandomIdentifierGenerator() { + + try { + generator = new SecureRandomIdentifierGenerator(); + } catch (NoSuchAlgorithmException ex) { + LOG.error("Error init SecureRandomIdentifierGenerator", ex); + throw new STORKSAMLEngineRuntimeException(ex); + } + + } + + /** + * Creates the SAML object. + * + * @param qname the QName + * + * @return the XML object + */ + public static XMLObject createSamlObject(final QName qname) { + return Configuration.getBuilderFactory().getBuilder(qname).buildObject( + qname); + } + + /** + * Creates the SAML object. + * + * @param qname the quality name + * @param qname1 the qname1 + * + * @return the xML object + */ + public static XMLObject createSamlObject(final QName qname, + final QName qname1) { + return Configuration.getBuilderFactory().getBuilder(qname1) + .buildObject(qname, qname1); + } + + /** + * Encode value with an specific algorithm. + * + * @param value the value + * @param alg the algorithm + * + * @return the string + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static String encode(final String value, final String alg) + throws STORKSAMLEngineException { + LOG.debug("Encode value with " + alg + " algorithm."); + byte[] buffer; + + final StringBuffer hash = new StringBuffer(""); + try { + buffer = value.getBytes(UTF_8); + MessageDigest msgDig; + msgDig = MessageDigest.getInstance(alg); + + + msgDig.update(buffer); + final byte[] digest = msgDig.digest(); + + final int signedByte = 0xff; + for (byte aux : digest) { + final int byt = aux & signedByte; + if (Integer.toHexString(byt).length() == 1) { + hash.append('0'); + } + hash.append(Integer.toHexString(byt)); + } + + } catch (UnsupportedEncodingException e1) { + LOG.error("UnsupportedEncodingException: " + UTF_8); + throw new STORKSAMLEngineException(e1); + } catch (NoSuchAlgorithmException e) { + LOG.error("NoSuchAlgorithmException: " + alg); + throw new STORKSAMLEngineException(e); + } + + return hash.toString(); + } + + /** + * Generate assertion. + * + * @param version the version + * @param identifier the identifier + * @param issueInstant the issue instant + * @param issuer the issuer + * + * @return the assertion + */ + public static Assertion generateAssertion(final SAMLVersion version, + final String identifier, final DateTime issueInstant, + final Issuer issuer) { + final AssertionBuilder assertionBuilder = new AssertionBuilder(); + final Assertion assertion = assertionBuilder.buildObject(); + assertion.setVersion(version); + assertion.setID(identifier); + assertion.setIssueInstant(issueInstant); + + // + assertion.setIssuer(issuer); + return assertion; + } + + /** + * Generate authentication statement. + * + * @param authnInstant the authentication instant + * @param authnContext the authentication context + * + * @return the authentication statement + */ + public static AuthnStatement generateAthnStatement(final DateTime authnInstant, + final AuthnContext authnContext) { + // + final AuthnStatement authnStatement = (AuthnStatement) SAMLEngineUtils + .createSamlObject(AuthnStatement.DEFAULT_ELEMENT_NAME); + + authnStatement.setAuthnInstant(authnInstant); + authnStatement.setAuthnContext(authnContext); + + return authnStatement; + } + + + + + + /** + * Generate attribute from a list of values. + * + * @param name the name of the attribute. + * @param status the status of the parameter: "Available", "NotAvailable" or + * "Withheld". + * @param values the value of the attribute. + * @param isHashing the is hashing with "SHA-512" algorithm. + * @return the attribute + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static Attribute generateAttrComplex(final String name, + final String status, final Map values, + final boolean isHashing) throws STORKSAMLEngineException { + LOG.debug("Generate attribute complex: " + name); + final Attribute attribute = (Attribute) SAMLEngineUtils + .createSamlObject(Attribute.DEFAULT_ELEMENT_NAME); + + attribute.setName(name); + attribute.setNameFormat(Attribute.URI_REFERENCE); + + attribute.getUnknownAttributes().put( + new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus", + SAMLCore.STORK10_PREFIX.getValue()), status); + + if (!values.isEmpty()) { + LOG.debug("Add attribute values."); + + // Create an attribute that contains all XSAny elements. + final XSAny attrValue = (XSAny) SAMLEngineUtils.createSamlObject( + AttributeValue.DEFAULT_ELEMENT_NAME, XSAny.TYPE_NAME); + + final Iterator> iterator = values.entrySet() + .iterator(); + while (iterator.hasNext()) { + final Map.Entry pairs = iterator.next(); + + final String value = pairs.getValue(); + + if (StringUtils.isNotBlank(value)) { + // Create the attribute statement + final XSAny attrValueSimple = (XSAny) SAMLEngineUtils + .createSamlObject(new QName(SAMLCore.STORK10_NS.getValue(), + pairs.getKey().toString(), + SAMLCore.STORK10_PREFIX.getValue()), XSAny.TYPE_NAME); + + // if it's necessary encode the information. + if (isHashing) { + attrValueSimple + .setTextContent(encode(value, SHA_512)); + } else { + attrValueSimple.setTextContent(value); + } + + attrValue.getUnknownXMLObjects().add(attrValueSimple); + attribute.getAttributeValues().add(attrValue); + } + } + + } + return attribute; + } + + /** + * Generate extension. + * + * @return the extensions + */ + public static Extensions generateExtension() { + final ExtensionsBuilder extensionsBuilder = new ExtensionsBuilder(); + return extensionsBuilder.buildObject( + "urn:oasis:names:tc:SAML:2.0:protocol", "Extensions", "saml2p"); + } + + + + + /** + * Generate issuer. + * + * @return the issuer + */ + public static Issuer generateIssuer() { + return (Issuer) SAMLEngineUtils + .createSamlObject(Issuer.DEFAULT_ELEMENT_NAME); + } + + /** + * Generate key info. + * + * @return the key info + */ + public static KeyInfo generateKeyInfo() { + return (KeyInfo) SAMLEngineUtils + .createSamlObject(KeyInfo.DEFAULT_ELEMENT_NAME); + } + + /** + * Generate name id. + * + * @return the name id + */ + public static NameID generateNameID() { + return (NameID) SAMLEngineUtils + .createSamlObject(NameID.DEFAULT_ELEMENT_NAME); + } + + /** + * Generate name id. + * + * @param nameQualifier the name qualifier + * @param format the format + * @param spNameQualifier the sP name qualifier + * + * @return the name id + */ + public static NameID generateNameID(final String nameQualifier, + final String format, final String spNameQualifier) { + // + final NameID nameId = (NameID) Configuration.getBuilderFactory() + .getBuilder(NameID.DEFAULT_ELEMENT_NAME).buildObject( + NameID.DEFAULT_ELEMENT_NAME); + + // optional + nameId.setNameQualifier(nameQualifier); + + // optional + nameId.setFormat(format); + + // optional + nameId.setSPNameQualifier(spNameQualifier); + + return nameId; + } + + /** + * Generate NCName. + * + * @return the string + */ + public static String generateNCName() { + return generator.generateIdentifier(); + } + + + /** + * Generate the quality authentication assurance level. + * + * @param qaal the level of quality authentication assurance. + * + * @return the quality authentication assurance attribute + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static QAAAttribute generateQAAAttribute(final int qaal) + throws STORKSAMLEngineException { + LOG.debug("Generate QAAAttribute."); + + final QAAAttribute qaaAttribute = (QAAAttribute) SAMLEngineUtils + .createSamlObject(QAAAttribute.DEF_ELEMENT_NAME); + qaaAttribute.setQaaLevel(String.valueOf(qaal)); + return qaaAttribute; + } + + /** + * Generate requested attribute. + * + * @param name the name + * @param friendlyName the friendly name + * @param isRequired the is required + * @param value the value + * + * @return the requested attribute + */ + public static RequestedAttribute generateReqAuthnAttributeSimple( + final String name, final String friendlyName, + final String isRequired, final List value) { + LOG.debug("Generate the requested attribute."); + + final RequestedAttribute requested = (RequestedAttribute) SAMLEngineUtils + .createSamlObject(RequestedAttribute.DEF_ELEMENT_NAME); + requested.setName(name); + requested.setNameFormat(RequestedAttribute.URI_REFERENCE); + + requested.setFriendlyName(friendlyName); + + requested.setIsRequired(isRequired); + + // The value is optional in an authentication request. + if (!value.isEmpty()) { + for (int nextValue = 0; nextValue < value.size(); nextValue++) { + final String valor = value.get(nextValue); + if (StringUtils.isNotBlank(valor)) { + + if(!name.equals("http://www.stork.gov.eu/1.0/signedDoc")){ + + // Create the attribute statement + final XSAny attrValue = (XSAny) SAMLEngineUtils + .createSamlObject( + new QName(SAMLCore.STORK10_NS.getValue(), + "AttributeValue", + SAMLCore.STORK10_PREFIX.getValue()), + XSAny.TYPE_NAME); + + attrValue.setTextContent(valor.trim()); + requested.getAttributeValues().add(attrValue); + + }else{ + + DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance(); + domFactory.setNamespaceAware(true); + Document document = null; + DocumentBuilder builder; + + // Parse the signedDoc value into an XML DOM Document + try { + builder = domFactory.newDocumentBuilder(); + InputStream is; + is = new ByteArrayInputStream(valor.trim().getBytes("UTF-8")); + document = builder.parse(is); + is.close(); + } catch (SAXException e1) { + LOG.error("SAX Error while parsing signModule attribute", e1); + throw new STORKSAMLEngineRuntimeException(e1); + } catch (ParserConfigurationException e2) { + LOG.error("Parser Configuration Error while parsing signModule attribute", e2); + throw new STORKSAMLEngineRuntimeException(e2); + } catch (UnsupportedEncodingException e3) { + LOG.error("Unsupported encoding Error while parsing signModule attribute", e3); + throw new STORKSAMLEngineRuntimeException(e3); + } catch (IOException e4) { + LOG.error("IO Error while parsing signModule attribute", e4); + throw new STORKSAMLEngineRuntimeException(e4); + } + + // Create the XML statement(this will be overwritten with the previous DOM structure) + final XSAny xmlValue = (XSAny) SAMLEngineUtils + .createSamlObject( + new QName(SAMLCore.STORK10_NS.getValue(), + "XMLValue", + SAMLCore.STORK10_PREFIX.getValue()), + XSAny.TYPE_NAME); + + //Set the signedDoc XML content to this element + xmlValue.setDOM(document.getDocumentElement()); + + // Create the attribute statement + final XSAny attrValue = (XSAny) SAMLEngineUtils + .createSamlObject( + new QName(SAMLCore.STORK10_NS.getValue(), + "AttributeValue", + SAMLCore.STORK10_PREFIX.getValue()), + XSAny.TYPE_NAME); + + //Add previous signedDocXML to the AttributeValue Element + attrValue.getUnknownXMLObjects().add(xmlValue); + + requested.getAttributeValues().add(attrValue); + } + + + } + } + } + + return requested; + } + + /** + * Generate response. + * + * @param version the version + * @param identifier the identifier + * @param issueInstant the issue instant + * @param status the status + * + * @return the response + */ + public static Response generateResponse(final SAMLVersion version, + final String identifier, final DateTime issueInstant, + final Status status) { + final Response response = (Response) SAMLEngineUtils + .createSamlObject(Response.DEFAULT_ELEMENT_NAME); + response.setID(identifier); + response.setIssueInstant(issueInstant); + response.setStatus(status); + return response; + } + + /** + * Method that generates a SAML Authentication Request basing on the + * provided information. + * + * @param identifier the identifier + * @param version the version + * @param issueInstant the issue instant + * + * @return the authentication request + */ + public static AuthnRequest generateSAMLAuthnRequest(final String identifier, + final SAMLVersion version, final DateTime issueInstant) { + LOG.debug("Generate basic authentication request."); + final AuthnRequest authnRequest = (AuthnRequest) SAMLEngineUtils + .createSamlObject(AuthnRequest.DEFAULT_ELEMENT_NAME); + + authnRequest.setID(identifier); + authnRequest.setVersion(version); + authnRequest.setIssueInstant(issueInstant); + return authnRequest; + } + + public static AttributeQuery generateSAMLAttrQueryRequest(final String identifier, + final SAMLVersion version, final DateTime issueInstant) { + LOG.debug("Generate attribute query request."); + final AttributeQuery attrQueryRequest = (AttributeQuery) SAMLEngineUtils + .createSamlObject(AttributeQuery.DEFAULT_ELEMENT_NAME); + + attrQueryRequest.setID(identifier); + attrQueryRequest.setVersion(version); + attrQueryRequest.setIssueInstant(issueInstant); + return attrQueryRequest; + } + + /** + * Generate service provider application. + * + * @param spApplication the service provider application + * + * @return the sP application + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static SPApplication generateSPApplication(final String spApplication) + throws STORKSAMLEngineException { + LOG.debug("Generate SPApplication."); + + final SPApplication applicationAttr = (SPApplication) SAMLEngineUtils + .createSamlObject(SPApplication.DEF_ELEMENT_NAME); + applicationAttr.setSPApplication(spApplication); + return applicationAttr; + } + + /** + * Generate service provider country. + * + * @param spCountry the service provider country + * + * @return the service provider country + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static SPCountry generateSPCountry(final String spCountry) + throws STORKSAMLEngineException { + LOG.debug("Generate SPApplication."); + + final SPCountry countryAttribute = (SPCountry) SAMLEngineUtils + .createSamlObject(SPCountry.DEF_ELEMENT_NAME); + countryAttribute.setSPCountry(spCountry); + return countryAttribute; + } + + /** + * Generate service provider institution. + * + * @param spInstitution the service provider institution + * + * @return the service provider institution + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static SPInstitution generateSPInstitution(final String spInstitution) + throws STORKSAMLEngineException { + LOG.debug("Generate SPInstitution."); + + final SPInstitution institutionAttr = (SPInstitution) SAMLEngineUtils + .createSamlObject(SPInstitution.DEF_ELEMENT_NAME); + institutionAttr.setSPInstitution(spInstitution); + return institutionAttr; + } + + /** + * Generate service provider sector. + * + * @param spSector the service provider sector + * + * @return the service provider sector + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static SPSector generateSPSector(final String spSector) + throws STORKSAMLEngineException { + LOG.debug("Generate SPSector."); + + final SPSector sectorAttribute = (SPSector) SAMLEngineUtils + .createSamlObject(SPSector.DEF_ELEMENT_NAME); + sectorAttribute.setSPSector(spSector); + return sectorAttribute; + } + + /** + * Generate status. + * + * @param statusCode the status code + * + * @return the status + */ + public static Status generateStatus(final StatusCode statusCode) { + final Status status = (Status) SAMLEngineUtils + .createSamlObject(Status.DEFAULT_ELEMENT_NAME); + status.setStatusCode(statusCode); + return status; + } + + /** + * Generate status code. + * + * @param value the value + * + * @return the status code + */ + public static StatusCode generateStatusCode(final String value) { + final StatusCode statusCode = (StatusCode) SAMLEngineUtils + .createSamlObject(StatusCode.DEFAULT_ELEMENT_NAME); + statusCode.setValue(value); + return statusCode; + } + + + /** + * Generate status message. + * + * @param message the message + * + * @return the status message + */ + public static StatusMessage generateStatusMessage(final String message) { + final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils + .createSamlObject(StatusMessage.DEFAULT_ELEMENT_NAME); + statusMessage.setMessage(message); + return statusMessage; + } + + /** + * Generate subject. + * + * @return the subject + */ + public static Subject generateSubject() { + return (Subject) SAMLEngineUtils + .createSamlObject(Subject.DEFAULT_ELEMENT_NAME); + } + + /** + * Generate subject confirmation. + * + * @param method the method + * @param data the data + * + * @return the subject confirmation + */ + public static SubjectConfirmation generateSubjectConfirmation( + final String method, final SubjectConfirmationData data) { + final SubjectConfirmation subjectConf = (SubjectConfirmation) Configuration + .getBuilderFactory().getBuilder( + SubjectConfirmation.DEFAULT_ELEMENT_NAME).buildObject( + SubjectConfirmation.DEFAULT_ELEMENT_NAME); + + subjectConf.setMethod(method); + + subjectConf.setSubjectConfirmationData(data); + + return subjectConf; + } + + + /** + * Generate subject confirmation data. + * + * @param notOnOrAfter the not on or after + * @param recipient the recipient + * @param inResponseTo the in response to + * + * @return the subject confirmation data + */ + public static SubjectConfirmationData generateSubjectConfirmationData( + final DateTime notOnOrAfter, final String recipient, + final String inResponseTo) { + final SubjectConfirmationData subjectConfData = (SubjectConfirmationData) SAMLEngineUtils + .createSamlObject(SubjectConfirmationData.DEFAULT_ELEMENT_NAME); + subjectConfData.setNotOnOrAfter(notOnOrAfter); + subjectConfData.setRecipient(recipient); + subjectConfData.setInResponseTo(inResponseTo); + return subjectConfData; + } + + + /** + * Generate subject locality. + * + * @param address the address + * + * @return the subject locality + */ + public static SubjectLocality generateSubjectLocality(final String address) { + final SubjectLocality subjectLocality = (SubjectLocality) SAMLEngineUtils + .createSamlObject(SubjectLocality.DEFAULT_ELEMENT_NAME); + subjectLocality.setAddress(address); + return subjectLocality; + } + + + + + /** + * Method that returns the current time. + * + * @return the current time + */ + public static DateTime getCurrentTime() { + return new DateTime(); + } + + + /** + * Instantiates a new SAML engine utilities. + */ + private SAMLEngineUtils() { + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java new file mode 100644 index 000000000..3cac2f637 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/STORKSAMLEngine.java @@ -0,0 +1,2983 @@ +/* + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.StringWriter; +import java.io.UnsupportedEncodingException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; + +import javax.xml.namespace.QName; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.lang.StringUtils; +import org.bouncycastle.jce.X509Principal; +import org.joda.time.DateTime; +import org.opensaml.Configuration; +import org.opensaml.common.SAMLVersion; +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.saml2.common.Extensions; +import org.opensaml.saml2.core.Assertion; +import org.opensaml.saml2.core.Attribute; +import org.opensaml.saml2.core.AttributeQuery; +import org.opensaml.saml2.core.AttributeStatement; +import org.opensaml.saml2.core.AttributeValue; +import org.opensaml.saml2.core.Audience; +import org.opensaml.saml2.core.AudienceRestriction; +import org.opensaml.saml2.core.AuthnContext; +import org.opensaml.saml2.core.AuthnContextDecl; +import org.opensaml.saml2.core.AuthnRequest; +import org.opensaml.saml2.core.AuthnStatement; +import org.opensaml.saml2.core.Conditions; +import org.opensaml.saml2.core.Issuer; +import org.opensaml.saml2.core.NameID; +import org.opensaml.saml2.core.OneTimeUse; +import org.opensaml.saml2.core.Response; +import org.opensaml.saml2.core.Status; +import org.opensaml.saml2.core.StatusCode; +import org.opensaml.saml2.core.StatusMessage; +import org.opensaml.saml2.core.Subject; +import org.opensaml.saml2.core.SubjectConfirmation; +import org.opensaml.saml2.core.SubjectConfirmationData; +import org.opensaml.saml2.core.SubjectLocality; +import org.opensaml.saml2.core.impl.SubjectConfirmationBuilder; +import org.opensaml.xml.Namespace; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.schema.XSAny; +import org.opensaml.xml.schema.impl.XSAnyBuilder; +import org.opensaml.xml.schema.impl.XSAnyImpl; +import org.opensaml.xml.schema.impl.XSAnyMarshaller; +import org.opensaml.xml.schema.impl.XSAnyUnmarshaller; +import org.opensaml.xml.schema.impl.XSStringImpl; +import org.opensaml.xml.signature.KeyInfo; +import org.opensaml.xml.util.Base64; +import org.opensaml.xml.validation.ValidationException; +import org.opensaml.xml.validation.Validator; +import org.opensaml.xml.validation.ValidatorSuite; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.xml.sax.SAXException; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.engine.core.AuthenticationAttributes; +import eu.stork.peps.auth.engine.core.CitizenCountryCode; +import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; +import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; +import eu.stork.peps.auth.engine.core.EIDSectorShare; +import eu.stork.peps.auth.engine.core.QAAAttribute; +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import eu.stork.peps.auth.engine.core.RequestedAttributes; +import eu.stork.peps.auth.engine.core.SAMLCore; +import eu.stork.peps.auth.engine.core.SPApplication; +import eu.stork.peps.auth.engine.core.SPCountry; +import eu.stork.peps.auth.engine.core.SPID; +import eu.stork.peps.auth.engine.core.SPInformation; +import eu.stork.peps.auth.engine.core.SPInstitution; +import eu.stork.peps.auth.engine.core.SPSector; +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; +import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesBuilder; +import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesMarshaller; +import eu.stork.peps.auth.engine.core.impl.AuthenticationAttributesUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeBuilder; +import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeMarshaller; +import eu.stork.peps.auth.engine.core.impl.CitizenCountryCodeUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareBuilder; +import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareMarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDCrossBorderShareUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareBuilder; +import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareMarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDCrossSectorShareUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDSectorShareBuilder; +import eu.stork.peps.auth.engine.core.impl.EIDSectorShareMarshaller; +import eu.stork.peps.auth.engine.core.impl.EIDSectorShareUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.QAAAttributeBuilder; +import eu.stork.peps.auth.engine.core.impl.QAAAttributeMarshaller; +import eu.stork.peps.auth.engine.core.impl.QAAAttributeUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributeBuilder; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributeMarshaller; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributeUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributesBuilder; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributesMarshaller; +import eu.stork.peps.auth.engine.core.impl.RequestedAttributesUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPApplicationBuilder; +import eu.stork.peps.auth.engine.core.impl.SPApplicationMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPApplicationUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPCountryBuilder; +import eu.stork.peps.auth.engine.core.impl.SPCountryMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPCountryUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPIDBuilder; +import eu.stork.peps.auth.engine.core.impl.SPIDMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPIDUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPInformationBuilder; +import eu.stork.peps.auth.engine.core.impl.SPInformationMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPInformationUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPInstitutionBuilder; +import eu.stork.peps.auth.engine.core.impl.SPInstitutionMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPInstitutionUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.SPSectorBuilder; +import eu.stork.peps.auth.engine.core.impl.SPSectorMarshaller; +import eu.stork.peps.auth.engine.core.impl.SPSectorUnmarshaller; +import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesBuilder; +import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesMarshaller; +import eu.stork.peps.auth.engine.core.impl.VIDPAuthenticationAttributesUnmarshaller; +import eu.stork.peps.auth.engine.core.validator.ExtensionsSchemaValidator; +import eu.stork.peps.auth.engine.core.validator.QAAAttributeSchemaValidator; +import eu.stork.peps.exceptions.SAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * Class that wraps the operations over SAML tokens, both generation and + * validation of SAML STORK requests and SAML STORK responses. Complaint with + * "OASIS Secure Assertion Markup Language (SAML) 2.0, May 2005", but taking + * into account STORK specific requirements. + * + * @author fjquevedo + * @author iinigo + */ +public final class STORKSAMLEngine extends SAMLEngine { + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(STORKSAMLEngine.class.getName()); + + private static final String ATTRIBUTE_EMPTY_LITERAL = "Attribute name is null or empty."; + /** + * Gets the single instance of STORKSAMLEngine. + * + * @param nameInstance the name instance + * + * @return single instance of STORKSAMLEngine + */ + public static synchronized STORKSAMLEngine getInstance( + final String nameInstance) { + STORKSAMLEngine engine = null; + LOG.info("Get instance: " + nameInstance); + try { + engine = new STORKSAMLEngine(nameInstance.trim()); + } catch (Exception e) { + LOG.error("Error get instance: " + nameInstance); + } + return engine; + } + + /** + * Instantiate a new STORKSAML engine. + * + * @param nameInstance the name instance + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private STORKSAMLEngine(final String nameInstance) + throws STORKSAMLEngineException { + // Initialization OpenSAML. + super(nameInstance); + LOG.info("Register STORK objects provider."); + Configuration.registerObjectProvider(QAAAttribute.DEF_ELEMENT_NAME, + new QAAAttributeBuilder(), new QAAAttributeMarshaller(), + new QAAAttributeUnmarshaller()); + + Configuration.registerObjectProvider(EIDSectorShare.DEF_ELEMENT_NAME, + new EIDSectorShareBuilder(), new EIDSectorShareMarshaller(), + new EIDSectorShareUnmarshaller()); + + Configuration.registerObjectProvider( + EIDCrossSectorShare.DEF_ELEMENT_NAME, + new EIDCrossSectorShareBuilder(), + new EIDCrossSectorShareMarshaller(), + new EIDCrossSectorShareUnmarshaller()); + + Configuration.registerObjectProvider( + EIDCrossBorderShare.DEF_ELEMENT_NAME, + new EIDCrossBorderShareBuilder(), + new EIDCrossBorderShareMarshaller(), + new EIDCrossBorderShareUnmarshaller()); + + Configuration.registerObjectProvider(SPSector.DEF_ELEMENT_NAME, + new SPSectorBuilder(), new SPSectorMarshaller(), + new SPSectorUnmarshaller()); + + Configuration.registerObjectProvider(SPInstitution.DEF_ELEMENT_NAME, + new SPInstitutionBuilder(), new SPInstitutionMarshaller(), + new SPInstitutionUnmarshaller()); + + Configuration.registerObjectProvider(SPApplication.DEF_ELEMENT_NAME, + new SPApplicationBuilder(), new SPApplicationMarshaller(), + new SPApplicationUnmarshaller()); + + Configuration.registerObjectProvider(SPCountry.DEF_ELEMENT_NAME, + new SPCountryBuilder(), new SPCountryMarshaller(), + new SPCountryUnmarshaller()); + + Configuration.registerObjectProvider(XSAny.TYPE_NAME, + new XSAnyBuilder(), new XSAnyMarshaller(), + new XSAnyUnmarshaller()); + + Configuration.registerObjectProvider( + RequestedAttribute.DEF_ELEMENT_NAME, + new RequestedAttributeBuilder(), + new RequestedAttributeMarshaller(), + new RequestedAttributeUnmarshaller()); + + Configuration.registerObjectProvider( + RequestedAttributes.DEF_ELEMENT_NAME, + new RequestedAttributesBuilder(), + new RequestedAttributesMarshaller(), + new RequestedAttributesUnmarshaller()); + + Configuration.registerObjectProvider( + AuthenticationAttributes.DEF_ELEMENT_NAME, + new AuthenticationAttributesBuilder(), + new AuthenticationAttributesMarshaller(), + new AuthenticationAttributesUnmarshaller()); + + Configuration.registerObjectProvider( + VIDPAuthenticationAttributes.DEF_ELEMENT_NAME, + new VIDPAuthenticationAttributesBuilder(), + new VIDPAuthenticationAttributesMarshaller(), + new VIDPAuthenticationAttributesUnmarshaller()); + + Configuration.registerObjectProvider( + CitizenCountryCode.DEF_ELEMENT_NAME, + new CitizenCountryCodeBuilder(), + new CitizenCountryCodeMarshaller(), + new CitizenCountryCodeUnmarshaller()); + + Configuration.registerObjectProvider( + SPID.DEF_ELEMENT_NAME, + new SPIDBuilder(), + new SPIDMarshaller(), + new SPIDUnmarshaller()); + + Configuration.registerObjectProvider( + SPInformation.DEF_ELEMENT_NAME, + new SPInformationBuilder(), + new SPInformationMarshaller(), + new SPInformationUnmarshaller()); + + LOG.info("Register STORK object validators."); + final ValidatorSuite validatorSuite = new ValidatorSuite( + QAAAttribute.DEF_LOCAL_NAME); + + validatorSuite.registerValidator(QAAAttribute.DEF_ELEMENT_NAME, + new QAAAttributeSchemaValidator()); + final Extensions extensions = SAMLEngineUtils.generateExtension(); + validatorSuite.registerValidator(extensions.getElementQName(), + new ExtensionsSchemaValidator()); + + Configuration.registerValidatorSuite( + "stork:QualityAuthenticationAssuranceLevel", validatorSuite); + + } + + /** + * Generate authentication response base. + * + * @param status the status + * @param assertConsumerURL the assert consumer URL. + * @param inResponseTo the in response to + * + * @return the response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Response genAuthnRespBase(final Status status, + final String assertConsumerURL, final String inResponseTo) + throws STORKSAMLEngineException { + LOG.debug("Generate Authentication Response base."); + final Response response = SAMLEngineUtils.generateResponse( + SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), + SAMLEngineUtils.getCurrentTime(), status); + + // Set name Spaces + this.setNameSpaces(response); + + // Mandatory STORK + LOG.debug("Generate Issuer"); + final Issuer issuer = SAMLEngineUtils.generateIssuer(); + issuer.setValue(super.getSamlCoreProperties().getResponder()); + + // Format Entity Optional STORK + issuer.setFormat(super.getSamlCoreProperties().getFormatEntity()); + + response.setIssuer(issuer); + + // destination Mandatory Stork + response.setDestination(assertConsumerURL.trim()); + + // inResponseTo Mandatory Stork + response.setInResponseTo(inResponseTo.trim()); + + // Optional STORK + response.setConsent(super.getSamlCoreProperties() + .getConsentAuthnResponse()); + + return response; + } + + /** + * Generate attribute query response base. + * + * @param status the status + * @param destinationURL the assert consumer URL. + * @param inResponseTo the in response to + * + * @return the response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Response genAttrQueryRespBase(final Status status, + final String destinationURL, final String inResponseTo) + throws STORKSAMLEngineException { + LOG.debug("Generate Attribute query Response base."); + final Response response = SAMLEngineUtils.generateResponse( + SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), + SAMLEngineUtils.getCurrentTime(), status); + + // Set name Spaces + this.setNameSpaces(response); + + // Mandatory STORK + LOG.debug("Generate Issuer"); + final Issuer issuer = SAMLEngineUtils.generateIssuer(); + issuer.setValue(super.getSamlCoreProperties().getResponder()); + + // Format Entity Optional STORK + issuer.setFormat(super.getSamlCoreProperties().getFormatEntity()); + + response.setIssuer(issuer); + + // destination Mandatory Stork + response.setDestination(destinationURL.trim()); + + // inResponseTo Mandatory Stork + response.setInResponseTo(inResponseTo.trim()); + + // Optional STORK + response.setConsent(super.getSamlCoreProperties() + .getConsentAuthnResponse()); + + return response; + } + + /** + * Generate assertion. + * + * @param ipAddress the IP address. + * @param assertConsumerURL the assert consumer URL. + * @param inResponseTo the in response to + * @param issuer the issuer + * @param notOnOrAfter the not on or after + * + * @return the assertion + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Assertion generateAssertion(final String ipAddress, + final String assertConsumerURL, final String inResponseTo, + final String issuer, final DateTime notOnOrAfter) + throws STORKSAMLEngineException { + LOG.info("Generate Assertion."); + + // Mandatory STORK + LOG.debug("Generate Issuer to Assertion"); + final Issuer issuerAssertion = SAMLEngineUtils.generateIssuer(); + issuerAssertion.setValue(super.getSamlCoreProperties().getResponder()); + + // Format Entity Optional STORK + issuerAssertion.setFormat(super.getSamlCoreProperties() + .getFormatEntity()); + + final Assertion assertion = SAMLEngineUtils.generateAssertion( + SAMLVersion.VERSION_20, SAMLEngineUtils.generateNCName(), + SAMLEngineUtils.getCurrentTime(), issuerAssertion); + + final Subject subject = SAMLEngineUtils.generateSubject(); + + // Mandatory STORK verified + // String format = NameID.UNSPECIFIED + // specification: 'SAML:2.0' exist + // opensaml: "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" + // opensaml "urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified" + final String format = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"; + + final String nameQualifier = ""; + + LOG.debug("Generate NameID"); + final NameID nameId = SAMLEngineUtils.generateNameID(super + .getSamlCoreProperties().getResponder(), format, nameQualifier); + nameId.setValue(format); + subject.setNameID(nameId); + + // Mandatory if urn:oasis:names:tc:SAML:2.0:cm:bearer. + // Optional in other case. + LOG.debug("Generate SubjectConfirmationData."); + final SubjectConfirmationData dataBearer = SAMLEngineUtils + .generateSubjectConfirmationData(SAMLEngineUtils + .getCurrentTime(), assertConsumerURL, inResponseTo); + + // Mandatory if urn:oasis:names:tc:SAML:2.0:cm:bearer. + // Optional in other case. + LOG.debug("Generate SubjectConfirmation"); + final SubjectConfirmation subjectConf = SAMLEngineUtils + .generateSubjectConfirmation(SubjectConfirmation.METHOD_BEARER, + dataBearer); + + final ArrayList listSubjectConf = new ArrayList(); + listSubjectConf.add(subjectConf); + + for (final Iterator iter = listSubjectConf + .iterator(); iter.hasNext();) { + final SubjectConfirmation element = iter.next(); + + if (SubjectConfirmation.METHOD_BEARER.equals(element.getMethod())) { + // ipAddress Mandatory if method is Bearer. + + if (StringUtils.isBlank(ipAddress)) { + throw new STORKSAMLEngineException( + "ipAddress is null or empty"); + } + element.getSubjectConfirmationData().setAddress( + ipAddress.trim()); + } + + element.getSubjectConfirmationData() + .setRecipient(assertConsumerURL); + element.getSubjectConfirmationData().setNotOnOrAfter(notOnOrAfter); + } + + // The SAML 2.0 specification allows multiple SubjectConfirmations + subject.getSubjectConfirmations().addAll(listSubjectConf); + + // Mandatory Stork + assertion.setSubject(subject); + + // Conditions that MUST be evaluated when assessing the validity of + // and/or when using the assertion. + final Conditions conditions = this.generateConditions(SAMLEngineUtils + .getCurrentTime(), notOnOrAfter, issuer); + + assertion.setConditions(conditions); + + LOG.debug("Generate stork Authentication Statement."); + final AuthnStatement storkAuthnStat = this + .generateStorkAuthStatement(ipAddress); + assertion.getAuthnStatements().add(storkAuthnStat); + + return assertion; + } + + private String getAttributeName(final PersonalAttribute attribute) throws STORKSAMLEngineException { + if (StringUtils.isBlank(attribute.getName())) { + LOG.error(ATTRIBUTE_EMPTY_LITERAL); + throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); + } + + final String attributeName = super.getSamlCoreProperties() + .getProperty(attribute.getName()); + + if (StringUtils.isBlank(attributeName)) { + LOG.error("Attribute name: {} it is not known.", attribute + .getName()); + throw new STORKSAMLEngineException("Attribute name: " + + attribute.getName() + " it is not known."); + } + return attributeName; + } + /** + * Generate attribute statement. + * + * @param personalAttrList the personal attribute list + * @param isHashing the is hashing + * + * @return the attribute statement + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + * @throws IOException + */ + private AttributeStatement generateAttributeStatement( + final IPersonalAttributeList personalAttrList, + final boolean isHashing) throws STORKSAMLEngineException { + LOG.debug("Generate attribute statement"); + + final AttributeStatement attrStatement = (AttributeStatement) SAMLEngineUtils + .createSamlObject(AttributeStatement.DEFAULT_ELEMENT_NAME); + + for (PersonalAttribute attribute : personalAttrList) { + + String attributeName = getAttributeName(attribute); + + // Verification that only one value it's permitted, simple or + // complex, not both. + + final boolean simpleNull = (attribute.getValue() == null); + final boolean simpleEmpty = (simpleNull || (!simpleNull && attribute + .getValue().isEmpty())); + + final boolean complexNull = (attribute.getComplexValue() == null); + final boolean complexEmpty = (complexNull || (!complexNull && attribute + .getComplexValue().isEmpty())); + + if ((!simpleEmpty && !complexEmpty)) { + throw new STORKSAMLEngineException( + "Attribute name: " + + attribute.getName() + + " must be contain one value, simple or complex value."); + } else { + + if (!simpleEmpty) { + attrStatement.getAttributes().add( + this.generateAttrSimple(attributeName, attribute + .getStatus(), attribute.getValue(), + isHashing)); + } else if (!complexEmpty) { + attrStatement.getAttributes().add( + SAMLEngineUtils.generateAttrComplex(attributeName, + attribute.getStatus(), attribute + .getComplexValue(), isHashing)); + } else if (!simpleNull) { + attrStatement.getAttributes().add( + this.generateAttrSimple(attributeName, attribute + .getStatus(), new ArrayList(), + isHashing)); + } else { + // Add attribute complex. + attrStatement.getAttributes().add( + SAMLEngineUtils.generateAttrComplex(attributeName, + attribute.getStatus(), + new HashMap(), isHashing)); + } + } + } + return attrStatement; + } + private XSAny createAttributeValueForSignedDoc(final String value, final boolean isHashing) throws STORKSAMLEngineException { + DocumentBuilderFactory domFactory = DocumentBuilderFactory.newInstance(); + domFactory.setNamespaceAware(true); + Document document = null; + DocumentBuilder builder; + + // Parse the signedDoc value into an XML DOM Document + try { + builder = domFactory.newDocumentBuilder(); + InputStream is; + is = new ByteArrayInputStream(value.trim().getBytes("UTF-8")); + document = builder.parse(is); + is.close(); + } catch (SAXException e1) { + LOG.error("SAX Error while parsing signModule attribute", e1); + throw new STORKSAMLEngineRuntimeException(e1); + } catch (ParserConfigurationException e2) { + LOG.error("Parser Configuration Error while parsing signModule attribute", e2); + throw new STORKSAMLEngineRuntimeException(e2); + } catch (UnsupportedEncodingException e3) { + LOG.error("Unsupported encoding Error while parsing signModule attribute", e3); + throw new STORKSAMLEngineRuntimeException(e3); + } catch (IOException e4) { + LOG.error("IO Error while parsing signModule attribute", e4); + throw new STORKSAMLEngineRuntimeException(e4); + } + + // Create the attribute statement + final XSAny xmlValue = (XSAny) SAMLEngineUtils + .createSamlObject( + AttributeValue.DEFAULT_ELEMENT_NAME, + XSAny.TYPE_NAME); + + //Set the signedDoc XML content to this element + xmlValue.setDOM(document.getDocumentElement()); + + // Create the attribute statement + final XSAny attrValue = (XSAny) SAMLEngineUtils + .createSamlObject( + AttributeValue.DEFAULT_ELEMENT_NAME, + XSAny.TYPE_NAME); + + //Add previous signedDocXML to the AttributeValue Element + + // if it's necessary encode the information. + if (!isHashing) { + attrValue.getUnknownXMLObjects().add(xmlValue); + } + return attrValue; + } + + private XSAny createAttributeValueForNonSignedDoc(final String value, final boolean isHashing) throws STORKSAMLEngineException { + // Create the attribute statement + final XSAny attrValue = (XSAny) SAMLEngineUtils + .createSamlObject( + AttributeValue.DEFAULT_ELEMENT_NAME, + XSAny.TYPE_NAME); + // if it's necessary encode the information. + if (isHashing) { + attrValue.setTextContent(SAMLEngineUtils.encode(value, SAMLEngineUtils.SHA_512)); + } else { + attrValue.setTextContent(value); + } + return attrValue; + } + + /** + * Generate attribute from a list of values. + * + * @param name the name of the attribute. + * @param values the value of the attribute. + * @param isHashing the is hashing with "SHA-512" algorithm. + * @param status the status of the parameter: "Available", "NotAvailable" or + * "Withheld". + * + * @return the attribute + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Attribute generateAttrSimple(final String name, + final String status, final List values, + final boolean isHashing) throws STORKSAMLEngineException { + LOG.debug("Generate attribute simple: " + name); + final Attribute attribute = (Attribute) SAMLEngineUtils + .createSamlObject(Attribute.DEFAULT_ELEMENT_NAME); + + attribute.setName(name); + attribute.setNameFormat(Attribute.URI_REFERENCE); + + attribute.getUnknownAttributes().put( + new QName(SAMLCore.STORK10_NS.getValue(), "AttributeStatus", + SAMLCore.STORK10_PREFIX.getValue()), status); + + if (values != null) { + LOG.debug("Add attribute values."); + for (int i = 0; i < values.size(); i++) { + final String value = values.get(i); + if (StringUtils.isNotBlank(value)) { + XSAny attrValue = null; + if (!name.equals("http://www.stork.gov.eu/1.0/signedDoc")) { + // Create the attribute statement + attrValue = createAttributeValueForNonSignedDoc(value, isHashing); + + } else { + attrValue = createAttributeValueForSignedDoc(value, isHashing); + attribute.getAttributeValues().add(attrValue); + } + attribute.getAttributeValues().add(attrValue); + } + } + } + return attribute; + } + + /** + * Generate conditions that MUST be evaluated when assessing the validity of + * and/or when using the assertion. + * + * @param notBefore the not before + * @param notOnOrAfter the not on or after + * @param audienceURI the audience URI. + * + * @return the conditions + */ + private Conditions generateConditions(final DateTime notBefore, + final DateTime notOnOrAfter, final String audienceURI) { + LOG.debug("Generate conditions."); + final Conditions conditions = (Conditions) SAMLEngineUtils + .createSamlObject(Conditions.DEFAULT_ELEMENT_NAME); + conditions.setNotBefore(notBefore); + conditions.setNotOnOrAfter(notOnOrAfter); + + final AudienceRestriction restrictions = (AudienceRestriction) SAMLEngineUtils + .createSamlObject(AudienceRestriction.DEFAULT_ELEMENT_NAME); + + final Audience audience = (Audience) SAMLEngineUtils + .createSamlObject(Audience.DEFAULT_ELEMENT_NAME); + audience.setAudienceURI(audienceURI); + + restrictions.getAudiences().add(audience); + conditions.getAudienceRestrictions().add(restrictions); + + if (super.getSamlCoreProperties().isOneTimeUse()) { + final OneTimeUse oneTimeUse = (OneTimeUse) SAMLEngineUtils + .createSamlObject(OneTimeUse.DEFAULT_ELEMENT_NAME); + conditions.getConditions().add(oneTimeUse); + } + return conditions; + } + + /** + * Generate personal attribute list. + * + * @param assertion the assertion + * + * @return the personal attribute list + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private IPersonalAttributeList generatePersonalAttributeList( + final Assertion assertion) throws STORKSAMLEngineException { + LOG.debug("Generate personal attribute list from XMLObject."); + final List listExtensions = assertion.getOrderedChildren(); + + boolean find = false; + AttributeStatement requestedAttr = null; + + // Search the attribute statement. + for (int i = 0; i < listExtensions.size() && !find; i++) { + final XMLObject xml = listExtensions.get(i); + if (xml instanceof AttributeStatement) { + requestedAttr = (AttributeStatement) xml; + find = true; + } + } + + if (!find) { + LOG.error("Error: AttributeStatement it's not present."); + throw new STORKSAMLEngineException( + "AttributeStatement it's not present."); + } + + final List reqAttrs = requestedAttr.getAttributes(); + + final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); + String attributeName; + + // Process the attributes. + for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { + final Attribute attribute = reqAttrs.get(nextAttribute); + + final PersonalAttribute personalAttribute = new PersonalAttribute(); + + attributeName = attribute.getName(); + personalAttribute.setName(attributeName.substring(attributeName + .lastIndexOf('/') + 1)); + + personalAttribute.setStatus(attribute.getUnknownAttributes().get( + new QName(SAMLCore.STORK10_NS.getValue(), + "AttributeStatus", SAMLCore.STORK10_PREFIX + .getValue()))); + + final ArrayList simpleValues = new ArrayList(); + final HashMap multiValues = new HashMap(); + + final List values = attribute.getOrderedChildren(); + + + // Process the values. + for (int nextValue = 0; nextValue < values.size(); nextValue++) { + + final XMLObject xmlObject = values.get(nextValue); + + if (xmlObject instanceof XSStringImpl) { + + // Process simple value. + simpleValues.add(((XSStringImpl) xmlObject).getValue()); + + } else if (xmlObject instanceof XSAnyImpl) { + + if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { + + final XSAnyImpl xmlString = (XSAnyImpl) values + .get(nextValue); + + TransformerFactory transFactory = TransformerFactory + .newInstance(); + Transformer transformer = null; + try { + transformer = transFactory.newTransformer(); + transformer.setOutputProperty( + OutputKeys.OMIT_XML_DECLARATION, "yes"); + } catch (TransformerConfigurationException e) { + LOG.error("Error transformer configuration exception", e); + } + StringWriter buffer = new StringWriter(); + try { + if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){ + transformer.transform(new DOMSource(xmlString + .getUnknownXMLObjects().get(0).getDOM()), + new StreamResult(buffer)); + } + } catch (TransformerException e) { + LOG.error("Error transformer exception", e); + } + String str = buffer.toString(); + + simpleValues.add(str); + + } else if (attributeName + .equals("http://www.stork.gov.eu/1.0/canonicalResidenceAddress")) + { + LOG.info("canonicalResidenceAddress found"); + // Process complex value. + final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; + + for (int nextComplexValue = 0; nextComplexValue < complexValue + .getUnknownXMLObjects().size(); nextComplexValue++) { + + final XSAnyImpl simple = (XSAnyImpl) complexValue + .getUnknownXMLObjects().get( + nextComplexValue); + + multiValues.put(simple.getElementQName() + .getLocalPart(), simple.getTextContent()); + } + + } + else if (attributeName + .equals("http://www.stork.gov.eu/1.0/newAttribute2")) + { + LOG.info("newAttribute2 found"); + // Process complex value. + final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; + + for (int nextComplexValue = 0; nextComplexValue < complexValue + .getUnknownXMLObjects().size(); nextComplexValue++) { + + final XSAnyImpl simple = (XSAnyImpl) complexValue + .getUnknownXMLObjects().get( + nextComplexValue); + + multiValues.put(simple.getElementQName() + .getLocalPart(), simple.getTextContent()); + } + } + else if (attributeName + .equals("http://www.stork.gov.eu/1.0/hasDegree")) + { + LOG.info("hasDegree found"); + // Process complex value. + final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; + + for (int nextComplexValue = 0; nextComplexValue < complexValue + .getUnknownXMLObjects().size(); nextComplexValue++) { + + final XSAnyImpl simple = (XSAnyImpl) complexValue + .getUnknownXMLObjects().get( + nextComplexValue); + + multiValues.put(simple.getElementQName() + .getLocalPart(), simple.getTextContent()); + } + } + else if(attributeName + .equals("http://www.stork.gov.eu/1.0/mandateContent")) + { + LOG.info("mandateContent found"); + // Process complex value. + final XSAnyImpl complexValue = (XSAnyImpl) xmlObject; + + for (int nextComplexValue = 0; nextComplexValue < complexValue + .getUnknownXMLObjects().size(); nextComplexValue++) { + + final XSAnyImpl simple = (XSAnyImpl) complexValue + .getUnknownXMLObjects().get( + nextComplexValue); + + multiValues.put(simple.getElementQName() + .getLocalPart(), simple.getTextContent()); + } + } + else { + // Process simple value. + simpleValues.add(((XSAnyImpl) xmlObject) + .getTextContent()); + } + + } else { + LOG.error("Error: attribute value it's unknown."); + throw new STORKSAMLEngineException( + "Attribute value it's unknown."); + } + } + + personalAttribute.setValue(simpleValues); + personalAttribute.setComplexValue(multiValues); + personalAttrList.add(personalAttribute); + } + + return personalAttrList; + } + + /** + * Generate stork authentication request. + * + * @param request the request that contain all parameters for generate an + * authentication request. + * + * @return the STORK authentication request that has been processed. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAuthnRequest generateSTORKAuthnRequest( + final STORKAuthnRequest request) throws STORKSAMLEngineException { + LOG.info("Generate SAMLAuthnRequest."); + + // Validate Parameters mandatories + validateParamAuthnReq(request); + + final AuthnRequest authnRequestAux = SAMLEngineUtils + .generateSAMLAuthnRequest(SAMLEngineUtils.generateNCName(), + SAMLVersion.VERSION_20, SAMLEngineUtils + .getCurrentTime()); + + // Set name spaces. + setNameSpaces(authnRequestAux); + + // Add parameter Mandatory STORK + authnRequestAux.setForceAuthn(Boolean.TRUE); + + // Add parameter Mandatory STORK + authnRequestAux.setIsPassive(Boolean.FALSE); + + authnRequestAux.setAssertionConsumerServiceURL(request + .getAssertionConsumerServiceURL()); + + authnRequestAux.setProviderName(request.getProviderName()); + + // Add protocol binding + authnRequestAux.setProtocolBinding(super.getSamlCoreProperties() + .getProtocolBinding()); + + // Add parameter optional STORK + // Destination is mandatory if the destination is a C-PEPS + // The application must to know if the destination is a C-PEPS. + if (StringUtils.isNotBlank(request.getDestination())) { + authnRequestAux.setDestination(request.getDestination()); + } + + // Consent is optional. Set from SAMLEngine.xml - consent. + authnRequestAux.setConsent(super.getSamlCoreProperties() + .getConsentAuthnRequest()); + + final Issuer issuer = SAMLEngineUtils.generateIssuer(); + + if(request.getIssuer()!=null){ + issuer.setValue(request.getIssuer()); + } else { + issuer.setValue(super.getSamlCoreProperties().getRequester()); + } + + // Optional STORK + final String formatEntity = super.getSamlCoreProperties() + .getFormatEntity(); + if (StringUtils.isNotBlank(formatEntity)) { + issuer.setFormat(formatEntity); + } + + authnRequestAux.setIssuer(issuer); + + // Generate stork extensions. + final Extensions storkExtensions = this + .generateSTORKExtensions(request); + // add the extensions to the SAMLAuthnRequest + authnRequestAux.setExtensions(storkExtensions); + + // the result contains an authentication request token (byte[]), + // identifier of the token, and all parameters from the request. + final STORKAuthnRequest authRequest = processExtensions(authnRequestAux + .getExtensions()); + + try { + authRequest.setTokenSaml(super.signAndMarshall(authnRequestAux)); + } catch (SAMLEngineException e) { + LOG.error("Sign and Marshall.", e); + throw new STORKSAMLEngineException(e); + } + + authRequest.setSamlId(authnRequestAux.getID()); + authRequest.setDestination(authnRequestAux.getDestination()); + authRequest.setAssertionConsumerServiceURL(authnRequestAux + .getAssertionConsumerServiceURL()); + + authRequest.setProviderName(authnRequestAux.getProviderName()); + authRequest.setIssuer(authnRequestAux.getIssuer().getValue()); + + return authRequest; + } + + /** + * Generate stork authentication response. + * + * @param request the request + * @param responseAuthReq the response authentication request + * @param ipAddress the IP address + * @param isHashing the is hashing + * + * @return the sTORK authentication response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAuthnResponse generateSTORKAuthnResponse( + final STORKAuthnRequest request, + final STORKAuthnResponse responseAuthReq, final String ipAddress, + final boolean isHashing) throws STORKSAMLEngineException { + LOG.info("generateSTORKAuthnResponse"); + + // Validate parameters + validateParamResponse(request, responseAuthReq); + + // Mandatory SAML + LOG.debug("Generate StatusCode"); + final StatusCode statusCode = SAMLEngineUtils + .generateStatusCode(StatusCode.SUCCESS_URI); + + LOG.debug("Generate Status"); + final Status status = SAMLEngineUtils.generateStatus(statusCode); + + LOG.debug("Generate StatusMessage"); + final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils + .generateStatusMessage(StatusCode.SUCCESS_URI); + + status.setStatusMessage(statusMessage); + + LOG.debug("Generate Response"); + + // RESPONSE + final Response response = genAuthnRespBase(status, request + .getAssertionConsumerServiceURL(), request.getSamlId()); + + DateTime notOnOrAfter = new DateTime(); + + notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() + .getTimeNotOnOrAfter()); + + final Assertion assertion = this.generateAssertion(ipAddress, request + .getAssertionConsumerServiceURL(), request.getSamlId(), request + .getIssuer(), notOnOrAfter); + + final AttributeStatement attrStatement = this + .generateAttributeStatement(responseAuthReq + .getPersonalAttributeList(), isHashing); + + assertion.getAttributeStatements().add(attrStatement); + + // Add assertions + response.getAssertions().add(assertion); + + final STORKAuthnResponse authresponse = new STORKAuthnResponse(); + + try { + authresponse.setTokenSaml(super.signAndMarshall(response)); + authresponse.setSamlId(response.getID()); + } catch (SAMLEngineException e) { + LOG.error("Sign and Marshall.", e); + throw new STORKSAMLEngineException(e); + } + return authresponse; + } + + /** + * Generate stork authentication response fail. + * + * @param request the request + * @param response the response + * @param ipAddress the IP address + * @param isHashing the is hashing + * + * @return the sTORK authentication response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAuthnResponse generateSTORKAuthnResponseFail( + final STORKAuthnRequest request, final STORKAuthnResponse response, + final String ipAddress, final boolean isHashing) + throws STORKSAMLEngineException { + LOG.info("generateSTORKAuthnResponseFail"); + + validateParamResponseFail(request, response); + + // Mandatory + final StatusCode statusCode = SAMLEngineUtils + .generateStatusCode(response.getStatusCode()); + + // Mandatory SAML + LOG.debug("Generate StatusCode."); + // Subordinate code it's optional in case not covered into next codes: + // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed + // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue + // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy + // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied + // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported + + if (StringUtils.isNotBlank(response.getSubStatusCode())) { + final StatusCode newStatusCode = SAMLEngineUtils + .generateStatusCode(response.getSubStatusCode()); + statusCode.setStatusCode(newStatusCode); + } + + LOG.debug("Generate Status."); + final Status status = SAMLEngineUtils.generateStatus(statusCode); + + if (StringUtils.isNotBlank(response.getMessage())) { + final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils + .generateStatusMessage(response.getMessage()); + + status.setStatusMessage(statusMessage); + } + + LOG.debug("Generate Response."); + // RESPONSE + final Response responseFail = genAuthnRespBase(status, request + .getAssertionConsumerServiceURL(), request.getSamlId()); + + DateTime notOnOrAfter = new DateTime(); + + notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() + .getTimeNotOnOrAfter()); + + final Assertion assertion = this.generateAssertion(ipAddress, request + .getAssertionConsumerServiceURL(), request.getSamlId(), request + .getIssuer(), notOnOrAfter); + + responseFail.getAssertions().add(assertion); + + LOG.debug("Sign and Marshall ResponseFail."); + + final STORKAuthnResponse storkResponse = new STORKAuthnResponse(); + + try { + storkResponse.setTokenSaml(super.signAndMarshall(responseFail)); + storkResponse.setSamlId(responseFail.getID()); + } catch (SAMLEngineException e) { + LOG.error("SAMLEngineException.", e); + throw new STORKSAMLEngineException(e); + } + return storkResponse; + } + + /** + * Generate stork attribute query request. + * + * @param request the request that contain all parameters for generate an + * attribute query request. + * + * @return the STORK attribute query request that has been processed. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAttrQueryRequest generateSTORKAttrQueryRequest( + final STORKAttrQueryRequest request) throws STORKSAMLEngineException { + LOG.info("Generate STORKAttrQueryRequest."); + + // Validate Parameters mandatories + validateParamAttrQueryReq(request); + + final AttributeQuery attrQueryRequestAux = SAMLEngineUtils + .generateSAMLAttrQueryRequest(SAMLEngineUtils.generateNCName(), + SAMLVersion.VERSION_20, SAMLEngineUtils + .getCurrentTime()); + + // Set name spaces. + setNameSpaces(attrQueryRequestAux); + + + // Add parameter optional STORK + // Destination is mandatory if the destination is a C-PEPS + // The application must to know if the destination is a C-PEPS. + if (StringUtils.isNotBlank(request.getDestination())) { + attrQueryRequestAux.setDestination(request.getDestination()); + } + + // Consent is optional. Set from SAMLEngine.xml - consent. + attrQueryRequestAux.setConsent(super.getSamlCoreProperties() + .getConsentAuthnRequest()); + + final Issuer issuer = SAMLEngineUtils.generateIssuer(); + + //Set the subject - needed for attribute query validation + Subject subject = SAMLEngineUtils.generateSubject(); + SubjectConfirmationBuilder builder = new SubjectConfirmationBuilder(); + SubjectConfirmation subjectConfirmation = builder.buildObject(); + subjectConfirmation.setMethod("urn:oasis:names:tc:SAML:2.0:cm:bearer"); + subject.getSubjectConfirmations().add(subjectConfirmation); + attrQueryRequestAux.setSubject(subject); + + if(request.getIssuer()!=null){ + issuer.setValue(request.getIssuer()); + } else { + issuer.setValue(super.getSamlCoreProperties().getRequester()); + } + + // Optional STORK + final String formatEntity = super.getSamlCoreProperties() + .getFormatEntity(); + if (StringUtils.isNotBlank(formatEntity)) { + issuer.setFormat(formatEntity); + } + + attrQueryRequestAux.setIssuer(issuer); + + // Generate stork extensions. + final Extensions storkExtensions = this + .generateSTORKAttrExtensions(request); + // add the extensions to the SAMLAuthnRequest + attrQueryRequestAux.setExtensions(storkExtensions); + + // the result contains an authentication request token (byte[]), + // identifier of the token, and all parameters from the request. + final STORKAttrQueryRequest attrQueryRequest = processAttrExtensions(attrQueryRequestAux + .getExtensions()); + + try { + attrQueryRequest.setTokenSaml(super.signAndMarshall(attrQueryRequestAux)); + } catch (SAMLEngineException e) { + LOG.error("Sign and Marshall.", e); + throw new STORKSAMLEngineException(e); + } + + attrQueryRequest.setSamlId(attrQueryRequestAux.getID()); + attrQueryRequest.setDestination(attrQueryRequestAux.getDestination()); + + attrQueryRequest.setIssuer(attrQueryRequestAux.getIssuer().getValue()); + + return attrQueryRequest; + } + + /** + * Generate stork attribute query response. + * + * @param request the request + * @param responseAttrQueryReq the response authentication request + * @param ipAddress the IP address + * @param isHashing the is hashing + * + * @return the sTORK authentication response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAttrQueryResponse generateSTORKAttrQueryResponse( + final STORKAttrQueryRequest request, + final STORKAttrQueryResponse responseAttrQueryReq, final String ipAddress, + final String destinationUrl, final boolean isHashing) throws STORKSAMLEngineException { + LOG.info("generateSTORKAttrQueryResponse"); + + // Validate parameters + validateParamAttrQueryResponse(request, responseAttrQueryReq); + + // Mandatory SAML + LOG.debug("Generate StatusCode"); + final StatusCode statusCode = SAMLEngineUtils + .generateStatusCode(StatusCode.SUCCESS_URI); + + LOG.debug("Generate Status"); + final Status status = SAMLEngineUtils.generateStatus(statusCode); + + LOG.debug("Generate StatusMessage"); + final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils + .generateStatusMessage(StatusCode.SUCCESS_URI); + + status.setStatusMessage(statusMessage); + + LOG.debug("Generate Response"); + + // RESPONSE + final Response response = genAuthnRespBase(status, destinationUrl, + request.getSamlId()); + + DateTime notOnOrAfter = new DateTime(); + + notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() + .getTimeNotOnOrAfter()); + + final Assertion assertion = this.generateAssertion(ipAddress, "" + ,request.getSamlId(), request.getIssuer(), notOnOrAfter); + + final AttributeStatement attrStatement = this + .generateAttributeStatement(responseAttrQueryReq + .getPersonalAttributeList(), isHashing); + + assertion.getAttributeStatements().add(attrStatement); + + // Add assertions + response.getAssertions().add(assertion); + + final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse(); + + try { + attrQueryResponse.setTokenSaml(super.signAndMarshall(response)); + attrQueryResponse.setSamlId(response.getID()); + } catch (SAMLEngineException e) { + LOG.error("Sign and Marshall.", e); + throw new STORKSAMLEngineException(e); + } + return attrQueryResponse; + } + + /** + * Generate stork attribute query response fail. + * + * @param request the request + * @param response the response + * @param ipAddress the IP address + * @param isHashing the is hashing + * + * @return the STORK attribute query response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAttrQueryResponse generateSTORKAttrQueryResponseFail( + final STORKAttrQueryRequest request, final STORKAttrQueryResponse response, + final String ipAddress, final String destinationUrl, final boolean isHashing) + throws STORKSAMLEngineException { + LOG.info("generateSTORKAttrQueryResponseFail"); + + validateParamAttrQueryResponseFail(request, response); + + // Mandatory + final StatusCode statusCode = SAMLEngineUtils + .generateStatusCode(response.getStatusCode()); + + // Mandatory SAML + LOG.debug("Generate StatusCode."); + // Subordinate code it's optional in case not covered into next codes: + // - urn:oasis:names:tc:SAML:2.0:status:AuthnFailed + // - urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue + // - urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy + // - urn:oasis:names:tc:SAML:2.0:status:RequestDenied + // - http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported + + if (StringUtils.isNotBlank(response.getSubStatusCode())) { + final StatusCode newStatusCode = SAMLEngineUtils + .generateStatusCode(response.getSubStatusCode()); + statusCode.setStatusCode(newStatusCode); + } + + LOG.debug("Generate Status."); + final Status status = SAMLEngineUtils.generateStatus(statusCode); + + if (StringUtils.isNotBlank(response.getMessage())) { + final StatusMessage statusMessage = (StatusMessage) SAMLEngineUtils + .generateStatusMessage(response.getMessage()); + + status.setStatusMessage(statusMessage); + } + + LOG.debug("Generate Response."); + // RESPONSE + final Response responseFail = genAuthnRespBase(status, destinationUrl, + request.getSamlId()); + + DateTime notOnOrAfter = new DateTime(); + + notOnOrAfter = notOnOrAfter.plusSeconds(super.getSamlCoreProperties() + .getTimeNotOnOrAfter()); + + final Assertion assertion = this.generateAssertion(ipAddress, "", + request.getSamlId(), request + .getIssuer(), notOnOrAfter); + + responseFail.getAssertions().add(assertion); + + LOG.debug("Sign and Marshall ResponseFail."); + + final STORKAttrQueryResponse storkResponse = new STORKAttrQueryResponse(); + + try { + storkResponse.setTokenSaml(super.signAndMarshall(responseFail)); + storkResponse.setSamlId(responseFail.getID()); + } catch (SAMLEngineException e) { + LOG.error("SAMLEngineException.", e); + throw new STORKSAMLEngineException(e); + } + return storkResponse; + } + + /** + * Generate stork authentication statement for the authentication statement. + * + * @param ipAddress the IP address + * + * @return the authentication statement + */ + private AuthnStatement generateStorkAuthStatement(final String ipAddress) { + LOG.debug("Generate stork authenticate statement."); + final SubjectLocality subjectLocality = SAMLEngineUtils + .generateSubjectLocality(ipAddress); + + final AuthnContext authnContext = (AuthnContext) SAMLEngineUtils + .createSamlObject(AuthnContext.DEFAULT_ELEMENT_NAME); + + final AuthnContextDecl authnContextDecl = (AuthnContextDecl) SAMLEngineUtils + .createSamlObject(AuthnContextDecl.DEFAULT_ELEMENT_NAME); + + authnContext.setAuthnContextDecl(authnContextDecl); + + final AuthnStatement authnStatement = SAMLEngineUtils + .generateAthnStatement(new DateTime(), authnContext); + + // Optional STORK + authnStatement.setSessionIndex(null); + authnStatement.setSubjectLocality(subjectLocality); + + return authnStatement; + } + + /** + * Generate stork extensions. + * + * @param request the request + * + * @return the extensions + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Extensions generateSTORKExtensions(final STORKAuthnRequest request) + throws STORKSAMLEngineException { + LOG.debug("Generate STORKExtensions"); + + final Extensions extensions = SAMLEngineUtils.generateExtension(); + + LOG.debug("Generate QAAAttribute"); + final QAAAttribute qaaAttribute = SAMLEngineUtils + .generateQAAAttribute(request.getQaa()); + extensions.getUnknownXMLObjects().add(qaaAttribute); + + + if (StringUtils.isNotEmpty(request + .getSpSector())) { + // Add information about service provider. + LOG.debug("Generate SPSector"); + final SPSector sector = SAMLEngineUtils.generateSPSector(request + .getSpSector()); + extensions.getUnknownXMLObjects().add(sector); + } + + //Delete from specification. Kept for compatibility with Provider Name value + LOG.debug("Generate SPInstitution"); + final SPInstitution institution = SAMLEngineUtils + .generateSPInstitution(request.getProviderName()); + extensions.getUnknownXMLObjects().add(institution); + + + if (StringUtils.isNotEmpty(request.getSpApplication())) { + LOG.debug("Generate SPApplication"); + final SPApplication application = SAMLEngineUtils + .generateSPApplication(request.getSpApplication()); + extensions.getUnknownXMLObjects().add(application); + } + + if (StringUtils.isNotEmpty(request.getSpCountry())) { + LOG.debug("Generate SPCountry"); + final SPCountry country = SAMLEngineUtils.generateSPCountry(request + .getSpCountry()); + extensions.getUnknownXMLObjects().add(country); + } + + //eIDSectorShare: optional; default value: false. + String valueSectorShare = super.getSamlCoreProperties() + .iseIDSectorShare(); + + if (StringUtils.isNotEmpty(valueSectorShare)) { + // Add information about the use of the SAML message. + LOG.debug("Generate EIDSectorShare"); + final EIDSectorShare eIdSectorShare = (EIDSectorShare) SAMLEngineUtils + .createSamlObject(EIDSectorShare.DEF_ELEMENT_NAME); + + eIdSectorShare.setEIDSectorShare(String.valueOf(Boolean.valueOf(valueSectorShare))); + + extensions.getUnknownXMLObjects().add(eIdSectorShare); + } + + String valueCrossSectorShare = super.getSamlCoreProperties() + .iseIDCrossSectorShare(); + + if (StringUtils.isNotEmpty(valueCrossSectorShare)) { + LOG.debug("Generate EIDCrossSectorShare"); + final EIDCrossSectorShare eIdCrossSecShare = (EIDCrossSectorShare) SAMLEngineUtils + .createSamlObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); + eIdCrossSecShare.setEIDCrossSectorShare(String.valueOf(Boolean.valueOf(valueCrossSectorShare))); + extensions.getUnknownXMLObjects().add(eIdCrossSecShare); + } + + + String valueCrossBorderShare = super.getSamlCoreProperties() + .iseIDCrossBorderShare(); + + if (StringUtils.isNotEmpty(valueCrossBorderShare)) { + LOG.debug("Generate EIDCrossBorderShare"); + final EIDCrossBorderShare eIdCrossBordShare = (EIDCrossBorderShare) SAMLEngineUtils + .createSamlObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); + eIdCrossBordShare.setEIDCrossBorderShare(String.valueOf(Boolean.valueOf(valueCrossBorderShare))); + extensions.getUnknownXMLObjects().add(eIdCrossBordShare); + } + + + // Add information about requested attributes. + LOG.debug("Generate RequestedAttributes."); + final RequestedAttributes reqAttributes = (RequestedAttributes) SAMLEngineUtils + .createSamlObject(RequestedAttributes.DEF_ELEMENT_NAME); + + LOG.debug("SAML Engine configuration properties load."); + final Iterator iterator = request + .getPersonalAttributeList().iterator(); + + while (iterator.hasNext()) { + + final PersonalAttribute attribute = iterator.next(); + + if (attribute == null || StringUtils.isBlank(attribute.getName())) { + LOG.error(ATTRIBUTE_EMPTY_LITERAL); + throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); + } + + // Verified if exits the attribute name. + final String attributeName = super.getSamlCoreProperties() + .getProperty(attribute.getName()); + + if (StringUtils.isBlank(attributeName)) { + LOG.debug("Attribute name: {} was not found.", attribute + .getName()); + throw new STORKSAMLEngineException("Attribute name: " + + attribute.getName() + " was not found."); + } + + // Friendly name it's an optional attribute. + String friendlyName = null; + + if (super.getSamlCoreProperties().isFriendlyName()) { + friendlyName = attribute.getName(); + } + + + String isRequired = null; + if (super.getSamlCoreProperties().isRequired()) { + isRequired = String.valueOf(attribute.isRequired()); + } + + + LOG.debug("Generate requested attribute: " + attributeName); + final RequestedAttribute requestedAttr = SAMLEngineUtils + .generateReqAuthnAttributeSimple(attributeName, + friendlyName, isRequired, attribute + .getValue()); + + // Add requested attribute. + reqAttributes.getAttributes().add(requestedAttr); + } + + // Add requested attributes. + extensions.getUnknownXMLObjects().add(reqAttributes); + + CitizenCountryCode citizenCountryCode = null; + if (request.getCitizenCountryCode() != null && StringUtils.isNotBlank(request.getCitizenCountryCode())){ + LOG.debug("Generate CitizenCountryCode"); + citizenCountryCode = (CitizenCountryCode) SAMLEngineUtils + .createSamlObject(CitizenCountryCode.DEF_ELEMENT_NAME); + + citizenCountryCode.setCitizenCountryCode(request + .getCitizenCountryCode().toUpperCase()); + } + + SPID spid = null; + if(request.getSPID()!=null && StringUtils.isNotBlank(request.getSPID())) { + LOG.debug("Generate SPID"); + spid = (SPID) SAMLEngineUtils + .createSamlObject(SPID.DEF_ELEMENT_NAME); + + spid.setSPID(request.getSPID().toUpperCase()); + } + + AuthenticationAttributes authenticationAttr = (AuthenticationAttributes) SAMLEngineUtils + .createSamlObject(AuthenticationAttributes.DEF_ELEMENT_NAME); + + final VIDPAuthenticationAttributes vIDPauthenticationAttr = (VIDPAuthenticationAttributes) SAMLEngineUtils + .createSamlObject(VIDPAuthenticationAttributes.DEF_ELEMENT_NAME); + + final SPInformation spInformation = (SPInformation) SAMLEngineUtils + .createSamlObject(SPInformation.DEF_ELEMENT_NAME); + + if(citizenCountryCode!=null){ + vIDPauthenticationAttr.setCitizenCountryCode(citizenCountryCode); + } + + if(spid!=null){ + spInformation.setSPID(spid); + } + + vIDPauthenticationAttr.setSPInformation(spInformation); + + authenticationAttr + .setVIDPAuthenticationAttributes(vIDPauthenticationAttr); + extensions.getUnknownXMLObjects().add(authenticationAttr); + + + return extensions; + + } + + /** + * Generate stork extensions. + * + * @param request the attribute query request + * + * @return the extensions + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Extensions generateSTORKAttrExtensions(final STORKAttrQueryRequest request) + throws STORKSAMLEngineException { + LOG.debug("Generate STORKExtensions"); + + final Extensions extensions = SAMLEngineUtils.generateExtension(); + + LOG.debug("Generate QAAAttribute"); + final QAAAttribute qaaAttribute = SAMLEngineUtils + .generateQAAAttribute(request.getQaa()); + extensions.getUnknownXMLObjects().add(qaaAttribute); + + + if (StringUtils.isNotEmpty(request + .getSpSector())) { + // Add information about service provider. + LOG.debug("Generate SPSector"); + final SPSector sector = SAMLEngineUtils.generateSPSector(request + .getSpSector()); + extensions.getUnknownXMLObjects().add(sector); + } + + + if (StringUtils.isNotEmpty(request.getSpApplication())) { + LOG.debug("Generate SPApplication"); + final SPApplication application = SAMLEngineUtils + .generateSPApplication(request.getSpApplication()); + extensions.getUnknownXMLObjects().add(application); + } + + if (StringUtils.isNotEmpty(request.getSpCountry())) { + LOG.debug("Generate SPCountry"); + final SPCountry country = SAMLEngineUtils.generateSPCountry(request + .getSpCountry()); + extensions.getUnknownXMLObjects().add(country); + } + + final EIDSectorShare eIdSectorShare = (EIDSectorShare) SAMLEngineUtils + .createSamlObject(EIDSectorShare.DEF_ELEMENT_NAME); + + eIdSectorShare.setEIDSectorShare(String.valueOf(request.isEIDSectorShare())); + + extensions.getUnknownXMLObjects().add(eIdSectorShare); + + final EIDCrossSectorShare eIdCrossSecShare = (EIDCrossSectorShare) SAMLEngineUtils + .createSamlObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); + eIdCrossSecShare.setEIDCrossSectorShare(String.valueOf(request.isEIDCrossSectorShare())); + extensions.getUnknownXMLObjects().add(eIdCrossSecShare); + + final EIDCrossBorderShare eIdCrossBordShare = (EIDCrossBorderShare) SAMLEngineUtils + .createSamlObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); + eIdCrossBordShare.setEIDCrossBorderShare(String.valueOf(request.isEIDCrossBorderShare())); + extensions.getUnknownXMLObjects().add(eIdCrossBordShare); + + + // Add information about requested attributes. + LOG.debug("Generate RequestedAttributes."); + final RequestedAttributes reqAttributes = (RequestedAttributes) SAMLEngineUtils + .createSamlObject(RequestedAttributes.DEF_ELEMENT_NAME); + + LOG.debug("SAML Engine configuration properties load."); + final Iterator iterator = request + .getPersonalAttributeList().iterator(); + + while (iterator.hasNext()) { + + final PersonalAttribute attribute = iterator.next(); + + if (attribute == null || StringUtils.isBlank(attribute.getName())) { + LOG.error(ATTRIBUTE_EMPTY_LITERAL); + throw new STORKSAMLEngineException(ATTRIBUTE_EMPTY_LITERAL); + } + + // Verified if exits the attribute name. + final String attributeName = super.getSamlCoreProperties() + .getProperty(attribute.getName()); + + if (StringUtils.isBlank(attributeName)) { + LOG.debug("Attribute name: {} was not found.", attribute + .getName()); + throw new STORKSAMLEngineException("Attribute name: " + + attribute.getName() + " was not found."); + } + + // Friendly name it's an optional attribute. + String friendlyName = null; + + if (super.getSamlCoreProperties().isFriendlyName()) { + friendlyName = attribute.getName(); + } + + + String isRequired = null; + if (super.getSamlCoreProperties().isRequired()) { + isRequired = String.valueOf(attribute.isRequired()); + } + + + LOG.debug("Generate requested attribute: " + attributeName); + final RequestedAttribute requestedAttr = SAMLEngineUtils + .generateReqAuthnAttributeSimple(attributeName, + friendlyName, isRequired, attribute + .getValue()); + + // Add requested attribute. + reqAttributes.getAttributes().add(requestedAttr); + } + + // Add requested attributes. + extensions.getUnknownXMLObjects().add(reqAttributes); + + CitizenCountryCode citizenCountryCode = null; + if (request.getCitizenCountryCode() != null && StringUtils.isNotBlank(request.getCitizenCountryCode())){ + LOG.debug("Generate CitizenCountryCode"); + citizenCountryCode = (CitizenCountryCode) SAMLEngineUtils + .createSamlObject(CitizenCountryCode.DEF_ELEMENT_NAME); + + citizenCountryCode.setCitizenCountryCode(request + .getCitizenCountryCode().toUpperCase()); + } + + SPID spid = null; + if(request.getSPID()!=null && StringUtils.isNotBlank(request.getSPID())) { + LOG.debug("Generate SPID"); + spid = (SPID) SAMLEngineUtils + .createSamlObject(SPID.DEF_ELEMENT_NAME); + + spid.setSPID(request.getSPID().toUpperCase()); + } + + + return extensions; + + } + + /** + * Gets the alias from X.509 Certificate at keystore. + * + * @param keyInfo the key info + * @param storkOwnKeyStore + * @param storkOwnKeyStore + * + * @return the alias + */ + private String getAlias(final KeyInfo keyInfo, KeyStore storkOwnKeyStore) { + + LOG.debug("Recover alias information"); + + String alias = null; + try { + final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo + .getX509Datas().get(0).getX509Certificates().get(0); + + // Transform the KeyInfo to X509Certificate. + CertificateFactory certFact; + certFact = CertificateFactory.getInstance("X.509"); + + final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 + .decode(xmlCert.getValue())); + + final X509Certificate cert = (X509Certificate) certFact + .generateCertificate(bis); + + final String tokenSerialNumber = cert.getSerialNumber().toString(16); + final X509Principal tokenIssuerDN = new X509Principal(cert.getIssuerDN().getName()); + + + String aliasCert; + X509Certificate certificate; + boolean find = false; + + for (final Enumeration e = storkOwnKeyStore.aliases(); e + .hasMoreElements() + && !find; ) { + aliasCert = e.nextElement(); + certificate = (X509Certificate) storkOwnKeyStore + .getCertificate(aliasCert); + + final String serialNum = certificate.getSerialNumber() + .toString(16); + + X509Principal issuerDN = new X509Principal(certificate + .getIssuerDN().getName()); + + if(serialNum.equalsIgnoreCase(tokenSerialNumber) + && X509PrincipalUtil.equals2(issuerDN, tokenIssuerDN)){ + alias = aliasCert; + find = true; + } + + } + + } catch (KeyStoreException e) { + LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); + } catch (CertificateException e) { + LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); + } catch (RuntimeException e) { + LOG.error("Procces getAlias from certificate associated into the signing keystore..", e); + } + return alias; + } + + /** + * Gets the country from X.509 Certificate. + * + * @param keyInfo the key info + * + * @return the country + */ + private String getCountry(final KeyInfo keyInfo) { + LOG.debug("Recover country information."); + + String result = ""; + try { + final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo + .getX509Datas().get(0).getX509Certificates().get(0); + + // Transform the KeyInfo to X509Certificate. + CertificateFactory certFact; + certFact = CertificateFactory.getInstance("X.509"); + + final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 + .decode(xmlCert.getValue())); + + final X509Certificate cert = (X509Certificate) certFact + .generateCertificate(bis); + + String distName = cert.getSubjectDN().toString(); + + distName = StringUtils.deleteWhitespace(StringUtils + .upperCase(distName)); + + final String countryCode = "C="; + final int init = distName.indexOf(countryCode); + + if (init > StringUtils.INDEX_NOT_FOUND) { // Exist country code. + int end = distName.indexOf(',', init); + + if (end <= StringUtils.INDEX_NOT_FOUND) { + end = distName.length(); + } + + if (init < end && end > StringUtils.INDEX_NOT_FOUND) { + result = distName.substring(init + countryCode.length(), + end); + //It must be a two characters value + if(result.length()>2){ + result = result.substring(0, 2); + } + } + } + + } catch (CertificateException e) { + LOG.error("Procces getCountry from certificate."); + } + return result.trim(); + } + + /** + * Process all elements XMLObjects from the extensions. + * + * @param extensions the extensions from the authentication request. + * + * @return the STORK authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private STORKAuthnRequest processExtensions(final Extensions extensions) + throws STORKSAMLEngineException { + LOG.debug("Procces the extensions."); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + final QAAAttribute qaa = (QAAAttribute) extensions + .getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME).get(0); + request.setQaa(Integer.parseInt(qaa.getQaaLevel())); + + List optionalElements = extensions.getUnknownXMLObjects( + SPSector.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPSector sector = (SPSector) extensions.getUnknownXMLObjects( + SPSector.DEF_ELEMENT_NAME).get(0); + request.setSpSector(sector.getSPSector()); + } + + optionalElements = extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPApplication application = (SPApplication) extensions + .getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME).get(0); + request.setSpApplication(application.getSPApplication()); + } + + optionalElements = extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPCountry application = (SPCountry) extensions + .getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME).get(0); + request.setSpCountry(application.getSPCountry()); + } + + + List listCrossBorderShare = extensions + .getUnknownXMLObjects(EIDCrossBorderShare.DEF_ELEMENT_NAME); + + if (!listCrossBorderShare .isEmpty()) { + final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) listCrossBorderShare.get(0); + request.setEIDCrossBorderShare(Boolean.parseBoolean(crossBorderShare + .getEIDCrossBorderShare())); + } + + + List listCrosSectorShare = extensions + .getUnknownXMLObjects(EIDCrossSectorShare.DEF_ELEMENT_NAME); + + if (!listCrosSectorShare.isEmpty()) { + final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) listCrosSectorShare.get(0); + request.setEIDCrossSectorShare(Boolean.parseBoolean(crossSectorShare + .getEIDCrossSectorShare())); + } + + List listSectorShareExtension = extensions + .getUnknownXMLObjects(EIDSectorShare.DEF_ELEMENT_NAME); + if (!listSectorShareExtension.isEmpty()) { + final EIDSectorShare sectorShare = (EIDSectorShare) listSectorShareExtension.get(0); + request.setEIDSectorShare(Boolean.parseBoolean(sectorShare.getEIDSectorShare())); + } + + + + List authAttrs = extensions + .getUnknownXMLObjects(AuthenticationAttributes.DEF_ELEMENT_NAME); + + if (authAttrs != null && !authAttrs.isEmpty()) { + + final AuthenticationAttributes authnAttr = (AuthenticationAttributes) authAttrs + .get(0); + + VIDPAuthenticationAttributes vidpAuthnAttr = null; + if (authnAttr != null && !authAttrs.isEmpty()){ + vidpAuthnAttr = authnAttr.getVIDPAuthenticationAttributes(); + } + + CitizenCountryCode citizenCountryCodeElement = null; + SPInformation spInformation = null; + if (vidpAuthnAttr != null){ + citizenCountryCodeElement = vidpAuthnAttr.getCitizenCountryCode(); + spInformation = vidpAuthnAttr.getSPInformation(); + } + + String citizenCountryCode = null; + if(citizenCountryCodeElement!=null){ + citizenCountryCode = citizenCountryCodeElement.getCitizenCountryCode(); + } + + if(citizenCountryCode!= null && StringUtils.isNotBlank(citizenCountryCode)){ + request.setCitizenCountryCode(citizenCountryCode); + } + + SPID spidElement = null; + if (spInformation != null){ + spidElement = spInformation.getSPID(); + } + + String spid = null; + if(spidElement!=null){ + spid = spidElement.getSPID(); + } + + if (spid != null && StringUtils.isNotBlank(spid)) { + request.setSPID(spid); + } + } + + if (extensions + .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) == null) { + LOG.error("Extensions not contains any requested attribute."); + throw new STORKSAMLEngineException( + "Extensions not contains any requested attribute."); + } + + final RequestedAttributes requestedAttr = (RequestedAttributes) extensions + .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) + .get(0); + + final List reqAttrs = requestedAttr.getAttributes(); + + final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); + + String attributeName; + for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { + final RequestedAttribute attribute = reqAttrs.get(nextAttribute); + final PersonalAttribute personalAttribute = new PersonalAttribute(); + personalAttribute.setIsRequired(Boolean.valueOf(attribute.isRequired())); + personalAttribute.setFriendlyName(attribute.getFriendlyName()); + attributeName = attribute.getName(); + + // recover the last name from the string. + personalAttribute.setName(attributeName.substring(attributeName + .lastIndexOf('/') + 1)); + + final ArrayList valores = new ArrayList(); + final List values = attribute.getOrderedChildren(); + + for (int nextSimpleValue = 0; nextSimpleValue < values.size(); nextSimpleValue++) { + + // Process attributes simples. An AuthenticationRequest only + // must contains simple values. + + final XMLObject xmlObject = values.get(nextSimpleValue); + + if(xmlObject instanceof XSStringImpl){ + + final XSStringImpl xmlString = (XSStringImpl) values + .get(nextSimpleValue); + valores.add(xmlString.getValue()); + + }else{ + + if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { + + final XSAnyImpl xmlString = (XSAnyImpl) values + .get(nextSimpleValue); + + TransformerFactory transFactory = TransformerFactory.newInstance(); + Transformer transformer = null; + try { + transformer = transFactory.newTransformer(); + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + } catch (TransformerConfigurationException e) { + LOG.error("Error transformer configuration exception", e); + } + StringWriter buffer = new StringWriter(); + try { + if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){ + transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()), + new StreamResult(buffer)); + } + } catch (TransformerException e) { + LOG.error("Error transformer exception", e); + } + String str = buffer.toString(); + + valores.add(str); + + }else{ + + final XSAnyImpl xmlString = (XSAnyImpl) values + .get(nextSimpleValue); + valores.add(xmlString.getTextContent()); + } + + + + } + } + personalAttribute.setValue(valores); + personalAttrList.add(personalAttribute); + } + + request.setPersonalAttributeList(personalAttrList); + + return request; + } + + + /** + * Process all elements XMLObjects from the extensions. + * + * @param extensions the extensions from the authentication request. + * + * @return the STORK authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private STORKAttrQueryRequest processAttrExtensions(final Extensions extensions) + throws STORKSAMLEngineException { + LOG.debug("Procces the atribute query extensions."); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + final QAAAttribute qaa = (QAAAttribute) extensions + .getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME).get(0); + request.setQaa(Integer.parseInt(qaa.getQaaLevel())); + + List optionalElements = extensions.getUnknownXMLObjects( + SPSector.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPSector sector = (SPSector) extensions.getUnknownXMLObjects( + SPSector.DEF_ELEMENT_NAME).get(0); + request.setSpSector(sector.getSPSector()); + } + + optionalElements = extensions.getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPApplication application = (SPApplication) extensions + .getUnknownXMLObjects(SPApplication.DEF_ELEMENT_NAME).get(0); + request.setSpApplication(application.getSPApplication()); + } + + optionalElements = extensions.getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME); + + if (!optionalElements.isEmpty()) { + final SPCountry application = (SPCountry) extensions + .getUnknownXMLObjects(SPCountry.DEF_ELEMENT_NAME).get(0); + request.setSpCountry(application.getSPCountry()); + } + + + List listCrossBorderShare = extensions + .getUnknownXMLObjects(EIDCrossBorderShare.DEF_ELEMENT_NAME); + + if (!listCrossBorderShare .isEmpty()) { + final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) listCrossBorderShare.get(0); + request.setEIDCrossBorderShare(Boolean.parseBoolean(crossBorderShare + .getEIDCrossBorderShare())); + } + + + List listCrosSectorShare = extensions + .getUnknownXMLObjects(EIDCrossSectorShare.DEF_ELEMENT_NAME); + + if (!listCrosSectorShare.isEmpty()) { + final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) listCrosSectorShare.get(0); + request.setEIDCrossSectorShare(Boolean.parseBoolean(crossSectorShare + .getEIDCrossSectorShare())); + } + + List listSectorShareExtension = extensions + .getUnknownXMLObjects(EIDSectorShare.DEF_ELEMENT_NAME); + if (!listSectorShareExtension.isEmpty()) { + final EIDSectorShare sectorShare = (EIDSectorShare) listSectorShareExtension.get(0); + request.setEIDSectorShare(Boolean.parseBoolean(sectorShare.getEIDSectorShare())); + } + + + + List authAttrs = extensions + .getUnknownXMLObjects(AuthenticationAttributes.DEF_ELEMENT_NAME); + + if (authAttrs != null && !authAttrs.isEmpty()) { + + final AuthenticationAttributes authnAttr = (AuthenticationAttributes) authAttrs + .get(0); + + VIDPAuthenticationAttributes vidpAuthnAttr = null; + if (authnAttr != null && !authAttrs.isEmpty()){ + vidpAuthnAttr = authnAttr.getVIDPAuthenticationAttributes(); + } + + CitizenCountryCode citizenCountryCodeElement = null; + SPInformation spInformation = null; + if (vidpAuthnAttr != null){ + citizenCountryCodeElement = vidpAuthnAttr.getCitizenCountryCode(); + spInformation = vidpAuthnAttr.getSPInformation(); + } + + String citizenCountryCode = null; + if(citizenCountryCodeElement!=null){ + citizenCountryCode = citizenCountryCodeElement.getCitizenCountryCode(); + } + + if(citizenCountryCode!= null && StringUtils.isNotBlank(citizenCountryCode)){ + request.setCitizenCountryCode(citizenCountryCode); + } + + SPID spidElement = null; + if (spInformation != null){ + spidElement = spInformation.getSPID(); + } + + String spid = null; + if(spidElement!=null){ + spid = spidElement.getSPID(); + } + + if (spid != null && StringUtils.isNotBlank(spid)) { + request.setSPID(spid); + } + } + + if (extensions + .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) == null) { + LOG.error("Extensions not contains any requested attribute."); + throw new STORKSAMLEngineException( + "Extensions not contains any requested attribute."); + } + + final RequestedAttributes requestedAttr = (RequestedAttributes) extensions + .getUnknownXMLObjects(RequestedAttributes.DEF_ELEMENT_NAME) + .get(0); + + final List reqAttrs = requestedAttr.getAttributes(); + + final IPersonalAttributeList personalAttrList = new PersonalAttributeList(); + + String attributeName; + for (int nextAttribute = 0; nextAttribute < reqAttrs.size(); nextAttribute++) { + final RequestedAttribute attribute = reqAttrs.get(nextAttribute); + final PersonalAttribute personalAttribute = new PersonalAttribute(); + personalAttribute.setIsRequired(Boolean.valueOf(attribute.isRequired())); + personalAttribute.setFriendlyName(attribute.getFriendlyName()); + attributeName = attribute.getName(); + + // recover the last name from the string. + personalAttribute.setName(attributeName.substring(attributeName + .lastIndexOf('/') + 1)); + + final ArrayList valores = new ArrayList(); + final List values = attribute.getOrderedChildren(); + + for (int nextSimpleValue = 0; nextSimpleValue < values.size(); nextSimpleValue++) { + + // Process attributes simples. An AuthenticationRequest only + // must contains simple values. + + final XMLObject xmlObject = values.get(nextSimpleValue); + + if(xmlObject instanceof XSStringImpl){ + + final XSStringImpl xmlString = (XSStringImpl) values + .get(nextSimpleValue); + valores.add(xmlString.getValue()); + + }else{ + + if (attributeName.equals("http://www.stork.gov.eu/1.0/signedDoc")) { + + final XSAnyImpl xmlString = (XSAnyImpl) values + .get(nextSimpleValue); + + TransformerFactory transFactory = TransformerFactory.newInstance(); + Transformer transformer = null; + try { + transformer = transFactory.newTransformer(); + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + } catch (TransformerConfigurationException e) { + LOG.error("Error transformer configuration exception", e); + } + StringWriter buffer = new StringWriter(); + try { + if (xmlString != null && xmlString.getUnknownXMLObjects() != null && xmlString.getUnknownXMLObjects().size() > 0 ){ + transformer.transform(new DOMSource(xmlString.getUnknownXMLObjects().get(0).getDOM()), + new StreamResult(buffer)); + } + } catch (TransformerException e) { + LOG.error("Error transformer exception", e); + } + String str = buffer.toString(); + + valores.add(str); + + }else{ + + final XSAnyImpl xmlString = (XSAnyImpl) values + .get(nextSimpleValue); + valores.add(xmlString.getTextContent()); + } + + + + } + } + personalAttribute.setValue(valores); + personalAttrList.add(personalAttribute); + } + + request.setPersonalAttributeList(personalAttrList); + + return request; + } + + /** + * Sets the name spaces. + * + * @param tokenSaml the new name spaces + */ + private void setNameSpaces(final XMLObject tokenSaml) { + LOG.debug("Set namespaces."); + + final Namespace saml2 = new Namespace(SAMLConstants.SAML20_NS, + SAMLConstants.SAML20_PREFIX); + tokenSaml.addNamespace(saml2); + + final Namespace digSig = new Namespace( + "http://www.w3.org/2000/09/xmldsig#", "ds"); + tokenSaml.addNamespace(digSig); + + final Namespace storkp = new Namespace(SAMLCore.STORK10P_NS.getValue(), + SAMLCore.STORK10P_PREFIX.getValue()); + tokenSaml.addNamespace(storkp); + + final Namespace stork = new Namespace(SAMLCore.STORK10_NS.getValue(), + SAMLCore.STORK10_PREFIX.getValue()); + + tokenSaml.addNamespace(stork); + } + + /** + * Validate parameters from authentication request. + * + * @param request the request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamAuthnReq(final STORKAuthnRequest request) + throws STORKSAMLEngineException { + LOG.info("Validate parameters from authentication request."); + + // URL to which Authentication Response must be sent. + if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { + throw new STORKSAMLEngineException( + "StorkSamlEngine: Assertion Consumer Service URL it's mandatory."); + } + + // the name of the original service provider requesting the + // authentication. + if (StringUtils.isBlank(request.getProviderName())) { + throw new STORKSAMLEngineException( + "StorkSamlEngine: Service Provider it's mandatory."); + } + + // object that contain all attributes requesting. + if (request.getPersonalAttributeList() == null + || request.getPersonalAttributeList().isEmpty()) { + throw new STORKSAMLEngineException( + "attributeQueries is null or empty."); + } + + // Quality authentication assurance level. + if ((request.getQaa() < QAAAttribute.MIN_VALUE) + || (request.getQaa() > QAAAttribute.MAX_VALUE)) { + throw new STORKSAMLEngineException("Qaal: " + request.getQaa() + + ", is invalid."); + } + + } + + /** + * Validate parameters from authentication request. + * + * @param request the request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamAttrQueryReq(final STORKAttrQueryRequest request) + throws STORKSAMLEngineException { + LOG.info("Validate parameters from attribute query request."); + + // URL to which Authentication Response must be sent. + /*if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { + throw new STORKSAMLEngineException( + "StorkSamlEngine: Assertion Consumer Service URL it's mandatory."); + }*/ + + // the name of the original service provider requesting the + // authentication. + /*if (StringUtils.isBlank(request.getProviderName())) { + throw new STORKSAMLEngineException( + "StorkSamlEngine: Service Provider it's mandatory."); + }*/ + + // object that contain all attributes requesting. + if (request.getPersonalAttributeList() == null + || request.getPersonalAttributeList().isEmpty()) { + throw new STORKSAMLEngineException( + "attributeQueries is null or empty."); + } + + // Quality authentication assurance level. + if ((request.getQaa() < QAAAttribute.MIN_VALUE) + || (request.getQaa() > QAAAttribute.MAX_VALUE)) { + throw new STORKSAMLEngineException("Qaal: " + request.getQaa() + + ", is invalid."); + } + + } + + + /** + * Validate parameters from response. + * + * @param request the request + * @param responseAuthReq the response authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamResponse(final STORKAuthnRequest request, + final STORKAuthnResponse responseAuthReq) + throws STORKSAMLEngineException { + LOG.info("Validate parameters response."); + if (StringUtils.isBlank(request.getIssuer())) { + throw new STORKSAMLEngineException( + "Issuer must be not empty or null."); + } + + if (responseAuthReq.getPersonalAttributeList() == null + || responseAuthReq.getPersonalAttributeList().isEmpty()) { + LOG.error("PersonalAttributeList is null or empty."); + throw new STORKSAMLEngineException( + "PersonalAttributeList is null or empty."); + } + + if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { + throw new STORKSAMLEngineException( + "assertionConsumerServiceURL is null or empty."); + } + + if (StringUtils.isBlank(request.getSamlId())) { + throw new STORKSAMLEngineException("request ID is null or empty."); + } + } + + /** + * Validate parameters from response. + * + * @param request the request + * @param responseAttrQueryReq the response authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamAttrQueryResponse(final STORKAttrQueryRequest request, + final STORKAttrQueryResponse responseAttrQueryReq) + throws STORKSAMLEngineException { + LOG.info("Validate attribute querey parameters response."); + if (StringUtils.isBlank(request.getIssuer())) { + throw new STORKSAMLEngineException( + "Issuer must be not empty or null."); + } + + if (responseAttrQueryReq.getPersonalAttributeList() == null + || responseAttrQueryReq.getPersonalAttributeList().isEmpty()) { + LOG.error("PersonalAttributeList is null or empty."); + throw new STORKSAMLEngineException( + "PersonalAttributeList is null or empty."); + } + + /*if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { + throw new STORKSAMLEngineException( + "assertionConsumerServiceURL is null or empty."); + }*/ + + if (StringUtils.isBlank(request.getSamlId())) { + throw new STORKSAMLEngineException("request ID is null or empty."); + } + } + + /** + * Validate parameter from response fail. + * + * @param request the request + * @param response the response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamResponseFail(final STORKAuthnRequest request, + final STORKAuthnResponse response) throws STORKSAMLEngineException { + LOG.info("Validate parameters response fail."); + if (StringUtils.isBlank(response.getStatusCode())) { + throw new STORKSAMLEngineException("Code error it's null or empty."); + } + + if (StringUtils.isBlank(request.getAssertionConsumerServiceURL())) { + throw new STORKSAMLEngineException( + "assertionConsumerServiceURL is null or empty."); + } + + if (StringUtils.isBlank(request.getSamlId())) { + throw new STORKSAMLEngineException("request ID is null or empty."); + } + } + + /** + * Validate parameter from response fail. + * + * @param request the request + * @param response the response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private void validateParamAttrQueryResponseFail(final STORKAttrQueryRequest request, + final STORKAttrQueryResponse response) throws STORKSAMLEngineException { + LOG.info("Validate parameters response fail."); + if (StringUtils.isBlank(response.getStatusCode())) { + throw new STORKSAMLEngineException("Code error it's null or empty."); + } + + if (StringUtils.isBlank(request.getSamlId())) { + throw new STORKSAMLEngineException("request ID is null or empty."); + } + } + + /** + * Validate stork authentication request. + * + * @param tokenSaml the token SAML + * + * @return the sTORK authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAuthnRequest validateSTORKAuthnRequest(final byte[] tokenSaml) + throws STORKSAMLEngineException { + LOG.info("validateSTORKAuthnRequest"); + + final AuthnRequest samlRequest = (AuthnRequest) validateStorkSaml(tokenSaml); + + LOG.debug("Validate Extensions."); + final Validator validatorExt = new ExtensionsSchemaValidator(); + try { + validatorExt.validate(samlRequest.getExtensions()); + } catch (ValidationException e) { + LOG.error("ValidationException: validate Extensions.", e); + throw new STORKSAMLEngineException(e); + } + + LOG.debug("Generate STORKAuthnRequest."); + final STORKAuthnRequest authnRequest = processExtensions(samlRequest + .getExtensions()); + + authnRequest.setCountry(this.getCountry(samlRequest.getSignature() + .getKeyInfo())); + + authnRequest.setAlias(this.getAlias(samlRequest.getSignature() + .getKeyInfo(), super.getSigner().getTrustStore())); + + authnRequest.setSamlId(samlRequest.getID()); + authnRequest.setDestination(samlRequest.getDestination()); + authnRequest.setAssertionConsumerServiceURL(samlRequest + .getAssertionConsumerServiceURL()); + + authnRequest.setProviderName(samlRequest.getProviderName()); + authnRequest.setIssuer(samlRequest.getIssuer().getValue()); + + //Delete unknown elements from requested ones + final Iterator iterator = authnRequest.getPersonalAttributeList().iterator(); + IPersonalAttributeList cleanPerAttrList = (PersonalAttributeList) authnRequest.getPersonalAttributeList(); + while (iterator.hasNext()) { + + final PersonalAttribute attribute = iterator.next(); + + // Verify if the attribute name exits. + final String attributeName = super.getSamlCoreProperties() + .getProperty(attribute.getName()); + + if (StringUtils.isBlank(attributeName)) { + LOG.info("Attribute name: {} was not found. It will be removed from the request object", attribute.getName()); + cleanPerAttrList.remove(attribute.getName()); + } + + } + authnRequest.setPersonalAttributeList(cleanPerAttrList); + + return authnRequest; + + } + + /** + * Validate stork authentication request. + * + * @param tokenSaml the token SAML + * + * @return the sTORK authentication request + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAttrQueryRequest validateSTORKAttrQueryRequest(final byte[] tokenSaml) + throws STORKSAMLEngineException { + LOG.info("validateSTORKAttrQueryRequest"); + + final AttributeQuery samlRequest = (AttributeQuery) validateStorkSaml(tokenSaml); + + LOG.debug("Validate Extensions."); + final Validator validatorExt = new ExtensionsSchemaValidator(); + try { + validatorExt.validate(samlRequest.getExtensions()); + } catch (ValidationException e) { + LOG.error("ValidationException: validate Extensions.", e); + throw new STORKSAMLEngineException(e); + } + + LOG.debug("Generate STORKAttrQueryRequest."); + final STORKAttrQueryRequest attrRequest = processAttrExtensions(samlRequest + .getExtensions()); + + attrRequest.setCountry(this.getCountry(samlRequest.getSignature() + .getKeyInfo())); + + attrRequest.setAlias(this.getAlias(samlRequest.getSignature() + .getKeyInfo(), super.getSigner().getTrustStore())); + + attrRequest.setSamlId(samlRequest.getID()); + attrRequest.setDestination(samlRequest.getDestination()); + /*attrRequest.setAssertionConsumerServiceURL(samlRequest + .getAssertionConsumerServiceURL()); + + authnRequest.setProviderName(samlRequest.getProviderName());*/ + attrRequest.setIssuer(samlRequest.getIssuer().getValue()); + + //Delete unknown elements from requested ones + final Iterator iterator = attrRequest.getPersonalAttributeList().iterator(); + IPersonalAttributeList cleanPerAttrList = (PersonalAttributeList) attrRequest.getPersonalAttributeList(); + while (iterator.hasNext()) { + + final PersonalAttribute attribute = iterator.next(); + + // Verify if the attribute name exits. + final String attributeName = super.getSamlCoreProperties() + .getProperty(attribute.getName()); + + if (StringUtils.isBlank(attributeName)) { + LOG.info("Attribute name: {} was not found. It will be removed from the request object", attribute.getName()); + cleanPerAttrList.remove(attribute.getName()); + } + + } + attrRequest.setPersonalAttributeList(cleanPerAttrList); + + return attrRequest; + + } + + /** + * Validate stork authentication response. + * + * @param tokenSaml the token SAML + * @param userIP the user IP + * + * @return the Stork authentication response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAuthnResponse validateSTORKAuthnResponse( + final byte[] tokenSaml, final String userIP) + throws STORKSAMLEngineException { + + LOG.info("validateSTORKAuthnResponse"); + final Response samlResponse = (Response) validateStorkSaml(tokenSaml); + + LOG.debug("Create StorkAuthResponse."); + final STORKAuthnResponse authnResponse = new STORKAuthnResponse(); + + authnResponse.setCountry(this.getCountry(samlResponse.getSignature() + .getKeyInfo())); + + LOG.debug("Set ID."); + authnResponse.setSamlId(samlResponse.getID()); + LOG.debug("Set InResponseTo."); + authnResponse.setInResponseTo(samlResponse.getInResponseTo()); + LOG.debug("Set statusCode."); + authnResponse.setStatusCode(samlResponse.getStatus().getStatusCode() + .getValue()); + + // Subordinate code. + if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) { + authnResponse.setSubStatusCode(samlResponse.getStatus() + .getStatusCode().getStatusCode().getValue()); + } + + if (samlResponse.getStatus().getStatusMessage() != null) { + LOG.debug("Set statusMessage."); + authnResponse.setMessage(samlResponse.getStatus() + .getStatusMessage().getMessage()); + } + + LOG.debug("validateStorkResponse"); + final Assertion assertion = (Assertion) validateStorkResponse( + samlResponse, userIP); + + if(assertion!=null){ + final DateTime serverDate = new DateTime(); + + if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) { + LOG.error("Token date expired (getNotOnOrAfter = " + + assertion.getConditions().getNotOnOrAfter() + + ", server_date: " + serverDate + ")"); + throw new STORKSAMLEngineException( + "Token date expired (getNotOnOrAfter = " + + assertion.getConditions().getNotOnOrAfter() + + " ), server_date: " + serverDate); + } + + LOG.debug("Set notOnOrAfter."); + authnResponse.setNotOnOrAfter(assertion.getConditions() + .getNotOnOrAfter()); + + LOG.debug("Set notBefore."); + authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); + + authnResponse.setNotBefore(assertion.getConditions().getNotBefore()); + + authnResponse.setAudienceRestriction(((AudienceRestriction) assertion + .getConditions().getAudienceRestrictions().get(0)) + .getAudiences().get(0).getAudienceURI()); + } + + // Case no error. + if (assertion!=null && StatusCode.SUCCESS_URI.equalsIgnoreCase(authnResponse + .getStatusCode())) { + LOG.debug("Status Success. Set PersonalAttributeList."); + authnResponse + .setPersonalAttributeList(generatePersonalAttributeList(assertion)); + authnResponse.setFail(false); + } else { + LOG.debug("Status Fail."); + authnResponse.setFail(true); + } + LOG.debug("Return result."); + return authnResponse; + + } + + /** + * Validate stork attribute query response. + * + * @param tokenSaml the token SAML + * @param userIP the user IP + * + * @return the Stork attribute query response + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public STORKAttrQueryResponse validateSTORKAttrQueryResponse( + final byte[] tokenSaml, final String userIP) + throws STORKSAMLEngineException { + + LOG.info("validateSTORKAttrQueryResponse"); + final Response samlResponse = (Response) validateStorkSaml(tokenSaml); + + LOG.debug("Create StorkAttrQueryResponse."); + final STORKAttrQueryResponse attrQueryResponse = new STORKAttrQueryResponse(); + + attrQueryResponse.setCountry(this.getCountry(samlResponse.getSignature() + .getKeyInfo())); + + LOG.debug("Set ID."); + attrQueryResponse.setSamlId(samlResponse.getID()); + LOG.debug("Set InResponseTo."); + attrQueryResponse.setInResponseTo(samlResponse.getInResponseTo()); + LOG.debug("Set statusCode."); + attrQueryResponse.setStatusCode(samlResponse.getStatus().getStatusCode() + .getValue()); + + // Subordinate code. + if (samlResponse.getStatus().getStatusCode().getStatusCode() != null) { + attrQueryResponse.setSubStatusCode(samlResponse.getStatus() + .getStatusCode().getStatusCode().getValue()); + } + + if (samlResponse.getStatus().getStatusMessage() != null) { + LOG.debug("Set statusMessage."); + attrQueryResponse.setMessage(samlResponse.getStatus() + .getStatusMessage().getMessage()); + } + + LOG.debug("validateStorkResponse"); + final Assertion assertion = (Assertion) validateStorkResponse( + samlResponse, userIP); + + if(assertion!=null){ + final DateTime serverDate = new DateTime(); + + if (assertion.getConditions().getNotOnOrAfter().isBefore(serverDate)) { + LOG.error("Token date expired (getNotOnOrAfter = " + + assertion.getConditions().getNotOnOrAfter() + + ", server_date: " + serverDate + ")"); + throw new STORKSAMLEngineException( + "Token date expired (getNotOnOrAfter = " + + assertion.getConditions().getNotOnOrAfter() + + " ), server_date: " + serverDate); + } + + LOG.debug("Set notOnOrAfter."); + attrQueryResponse.setNotOnOrAfter(assertion.getConditions() + .getNotOnOrAfter()); + + LOG.debug("Set notBefore."); + attrQueryResponse.setNotBefore(assertion.getConditions().getNotBefore()); + + attrQueryResponse.setNotBefore(assertion.getConditions().getNotBefore()); + + attrQueryResponse.setAudienceRestriction(((AudienceRestriction) assertion + .getConditions().getAudienceRestrictions().get(0)) + .getAudiences().get(0).getAudienceURI()); + } + + // Case no error. + if (assertion!=null && StatusCode.SUCCESS_URI.equalsIgnoreCase(attrQueryResponse + .getStatusCode())) { + LOG.debug("Status Success. Set PersonalAttributeList."); + attrQueryResponse + .setPersonalAttributeList(generatePersonalAttributeList(assertion)); + attrQueryResponse.setFail(false); + } else { + LOG.debug("Status Fail."); + attrQueryResponse.setFail(true); + } + LOG.debug("Return result."); + return attrQueryResponse; + + } + + /** + * Validate stork response. + * + * @param samlResponse the SAML response + * @param userIP the user IP + * + * @return the assertion + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private Assertion validateStorkResponse(final Response samlResponse, + final String userIP) throws STORKSAMLEngineException { + // Exist only one Assertion + + if (samlResponse.getAssertions() == null + || samlResponse.getAssertions().isEmpty()) { + LOG.info("Assertion is null or empty."); //in replace of throw new STORKSAMLEngineException("Assertion is null or empty.") + return null; + } + + final Assertion assertion = (Assertion) samlResponse.getAssertions() + .get(0); + + LOG.debug("Verified method Bearer"); + for (final Iterator iter = assertion.getSubject() + .getSubjectConfirmations().iterator(); iter.hasNext();) { + final SubjectConfirmation element = iter.next(); + final boolean isBearer = SubjectConfirmation.METHOD_BEARER + .equals(element.getMethod()); + + final boolean ipValidate = super.getSamlCoreProperties() + .isIpValidation(); + + if (ipValidate) { + if (isBearer) { + if (StringUtils.isBlank(userIP)) { + LOG.error("browser_ip is null or empty."); + throw new STORKSAMLEngineException( + "browser_ip is null or empty."); + } else if (StringUtils.isBlank(element + .getSubjectConfirmationData().getAddress())) { + LOG.error("token_ip attribute is null or empty."); + throw new STORKSAMLEngineException( + "token_ip attribute is null or empty."); + } + } + + final boolean ipEqual = element.getSubjectConfirmationData() + .getAddress().equals(userIP); + + // Validation ipUser + if (!ipEqual && ipValidate) { + LOG.error("SubjectConfirmation BEARER: "); + throw new STORKSAMLEngineException( + "IPs doesn't match : token_ip (" + + element.getSubjectConfirmationData() + .getAddress() + ") browser_ip (" + + userIP + ")"); + } + } + + } + return assertion; + } + + /** + * Validate stork SAML. + * + * @param tokenSaml the token SAML + * + * @return the signable SAML object + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + private SignableSAMLObject validateStorkSaml(final byte[] tokenSaml) + throws STORKSAMLEngineException { + + LOG.info("Validate StorkSaml message."); + + if (tokenSaml == null) { + LOG.error("Saml authentication request is null."); + throw new STORKSAMLEngineException( + "Saml authentication request is null."); + } + + LOG.debug("Generate AuthnRequest from request."); + SignableSAMLObject samlObject; + + try { + samlObject = (SignableSAMLObject) super.unmarshall(tokenSaml); + } catch (SAMLEngineException e) { + LOG.error("SAMLEngineException unmarshall.", e); + throw new STORKSAMLEngineException(e); + } + + boolean validateSign = true; + + if (StringUtils.isNotBlank(super.getSamlCoreProperties().getProperty( + "validateSignature"))) { + validateSign = Boolean.valueOf(super.getSamlCoreProperties() + .getProperty("validateSignature")); + } + + if (validateSign) { + LOG.debug("Validate Signature."); + try { + super.validateSignature(samlObject); + } catch (SAMLEngineException e) { + LOG.error("SAMLEngineException validateSignature.", e); + throw new STORKSAMLEngineException(e); + } + } + + LOG.debug("Validate Schema."); + final ValidatorSuite validatorSuite = Configuration + .getValidatorSuite("saml2-core-schema-validator"); + try { + validatorSuite.validate(samlObject); + } catch (ValidationException e) { + LOG.error("ValidationException.", e); + throw new STORKSAMLEngineException(e); + } + + return samlObject; + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java new file mode 100644 index 000000000..e38cc5f0b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/X509PrincipalUtil.java @@ -0,0 +1,69 @@ +package eu.stork.peps.auth.engine; + +import org.bouncycastle.asn1.DERObjectIdentifier; +import org.bouncycastle.jce.X509Principal; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Utility class used to decrease complexity of comparison of 2 X509principal + * + * @author vanegdi + * @version $Revision: 1.00 $, $Date: 2013-05-24 20:53:51 $ + */ +public final class X509PrincipalUtil{ + + private static final DERObjectIdentifier[] DER_OBJECT_IDENTIFIERS_ARRAY= { + X509Principal.CN, + X509Principal.OU, + X509Principal.O, + X509Principal.L, + X509Principal.ST, + X509Principal.C, + X509Principal.E + }; + + private static final Logger LOG = LoggerFactory.getLogger(eu.stork.peps.auth.engine.X509PrincipalUtil.class); + + /** + * Compares 2 X509Principals to detect if they equals + * @param principal1 + * @param principal2 + * @return true if arguments are not null and equals + */ + public static boolean equals(X509Principal principal1, X509Principal principal2) { + boolean continueProcess = true; + if (principal1 == null || principal2 == null){ + return false; + } + + int cpt = 0; + while(continueProcess && cpt < DER_OBJECT_IDENTIFIERS_ARRAY.length){ + continueProcess = continueProcess && x509ValuesByIdentifierEquals(principal1, principal2, DER_OBJECT_IDENTIFIERS_ARRAY[cpt]); + cpt++; + } + return continueProcess; + } + + public static boolean equals2(X509Principal principal1, X509Principal principal2) { + + if (principal1 == null || principal2 == null){ + return false; + } + + if (principal1.getName().equals(principal2.getName())) + return true; + else + return false; + + } + + private static boolean x509ValuesByIdentifierEquals(X509Principal principal1, X509Principal principal2, DERObjectIdentifier identifier){ + return principal1.getValues(identifier).equals(principal2.getValues(identifier)); + } + + private X509PrincipalUtil(){ + // default contructor + LOG.error("Fake X509PrincipalUtil : never be called"); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/all-wcprops new file mode 100644 index 000000000..5bda1b07b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/all-wcprops @@ -0,0 +1,119 @@ +K 25 +svn:wc:ra_dav:version-url +V 92 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 110 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java +END +CitizenCountryCode.java +K 25 +svn:wc:ra_dav:version-url +V 116 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java +END +RequestedAttribute.java +K 25 +svn:wc:ra_dav:version-url +V 116 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java +END +AuthenticationAttributes.java +K 25 +svn:wc:ra_dav:version-url +V 122 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java +END +QAAAttribute.java +K 25 +svn:wc:ra_dav:version-url +V 110 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java +END +STORKSAMLCore.java +K 25 +svn:wc:ra_dav:version-url +V 111 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java +END +SPInformation.java +K 25 +svn:wc:ra_dav:version-url +V 111 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java +END +SPInstitution.java +K 25 +svn:wc:ra_dav:version-url +V 111 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java +END +EIDCrossBorderShare.java +K 25 +svn:wc:ra_dav:version-url +V 117 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java +END +SPID.java +K 25 +svn:wc:ra_dav:version-url +V 102 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java +END +SPSector.java +K 25 +svn:wc:ra_dav:version-url +V 106 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java +END +EIDSectorShare.java +K 25 +svn:wc:ra_dav:version-url +V 112 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java +END +SAMLCore.java +K 25 +svn:wc:ra_dav:version-url +V 106 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java +END +SPApplication.java +K 25 +svn:wc:ra_dav:version-url +V 111 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java +END +SPCountry.java +K 25 +svn:wc:ra_dav:version-url +V 107 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java +END +RequestedAttributes.java +K 25 +svn:wc:ra_dav:version-url +V 117 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java +END +VIDPAuthenticationAttributes.java +K 25 +svn:wc:ra_dav:version-url +V 126 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java +END +SAMLEngineSignI.java +K 25 +svn:wc:ra_dav:version-url +V 113 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java +END +EIDCrossSectorShare.java +K 25 +svn:wc:ra_dav:version-url +V 117 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java +END diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/entries b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/entries new file mode 100644 index 000000000..72f16fa28 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/entries @@ -0,0 +1,680 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +SPID.java +file + + + + +2013-12-20T12:27:57.446475Z +5befd7eed677372d2acb48b3f66e9f02 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1679 + +SPSector.java +file + + + + +2013-12-20T12:27:57.442475Z +00956c4124a9c9062fd408ab886d0a29 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1767 + +EIDSectorShare.java +file + + + + +2013-12-20T12:27:57.442475Z +4277603e70eeeea24e59449136fee007 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1788 + +SAMLCore.java +file + + + + +2013-12-20T12:27:57.442475Z +3ef05a16db7f280124687fbebbd0ca37 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2633 + +validator +dir + +SPApplication.java +file + + + + +2013-12-20T12:27:57.442475Z +97dc9337dfb28ca32ffb50a3b5329651 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1827 + +SPCountry.java +file + + + + +2013-12-20T12:27:57.442475Z +e955976114b4fa9dba61ebc3fdf3c267 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1779 + +RequestedAttributes.java +file + + + + +2013-12-20T12:27:57.442475Z +d93c2c38f6dec952d22f60827b24ee9e +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1652 + +VIDPAuthenticationAttributes.java +file + + + + +2013-12-20T12:27:57.442475Z +b3a8f3746ce11111d80d9e942339a54e +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2224 + +SAMLEngineSignI.java +file + + + + +2013-12-20T12:27:57.442475Z +fb834797256e1ed6873be19ebe860092 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2429 + +EIDCrossSectorShare.java +file + + + + +2013-12-20T12:27:57.442475Z +a693707c2bb3a43e62d8e3ed20e8844d +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1856 + +impl +dir + +package-info.java +file + + + + +2013-12-20T12:27:57.446475Z +34cf10993955447fa31dd616aa4978c9 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +808 + +CitizenCountryCode.java +file + + + + +2013-12-20T12:27:57.442475Z +a741f6d7c36860e65f64186ef5cd8610 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +1817 + +RequestedAttribute.java +file + + + + +2013-12-20T12:27:57.446475Z +9707a0f5bdad6888a2e021182f80b245 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +3828 + +QAAAttribute.java +file + + + + +2013-12-20T12:27:57.446475Z +f0d7a0516989582d342d5ce2a3f08c9d +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1917 + +AuthenticationAttributes.java +file + + + + +2013-12-20T12:27:57.446475Z +86b9b4aebe1ca7ca90ce818785374ea7 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1948 + +SPInformation.java +file + + + + +2013-12-20T12:27:57.446475Z +0159e00cdec105564bb6ac394355533b +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1705 + +STORKSAMLCore.java +file + + + + +2013-12-20T12:27:57.446475Z +0e02e7a4c0f208fd5f05191fca5ba91a +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +14229 + +SPInstitution.java +file + + + + +2013-12-20T12:27:57.446475Z +21eda2ef1cb604ce4f952fc608e7772f +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1833 + +EIDCrossBorderShare.java +file + + + + +2013-12-20T12:27:57.446475Z +17d390896e4f96f24df0da4ec83321ec +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1861 + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/AuthenticationAttributes.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/AuthenticationAttributes.java.svn-base new file mode 100644 index 000000000..07157073c --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/AuthenticationAttributes.java.svn-base @@ -0,0 +1,57 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface AuthenticationAttributes. + * @author fjquevedo + */ +public interface AuthenticationAttributes extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "AuthenticationAttributes"; + + /** Default element name. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** Local name of the XSI type. */ + String TYPE_LOCAL_NAME = "AuthenticationAttributesType"; + + /** QName of the XSI type. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + + /** + * Gets the citizen country code. + * + * @return the citizen country code + */ + VIDPAuthenticationAttributes getVIDPAuthenticationAttributes(); + + + /** + * Sets the vIDP authentication attributes. + * + * @param newVIDPAuthenticationAttr the new vIDP authentication attributes + */ + void setVIDPAuthenticationAttributes(VIDPAuthenticationAttributes newVIDPAuthenticationAttr); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/CitizenCountryCode.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/CitizenCountryCode.java.svn-base new file mode 100644 index 000000000..859d37feb --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/CitizenCountryCode.java.svn-base @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossBorderShare. + * @author fjquevedo + */ +public interface CitizenCountryCode extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "CitizenCountryCode"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "CitizenCountryCodeType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** + * Gets the SP country. + * + * @return the sP country + */ + String getCitizenCountryCode(); + + + /** + * Sets the citizen country code. + * + * @param citizenCountryCode the new citizen country code + */ + void setCitizenCountryCode(String citizenCountryCode); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDCrossBorderShare.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDCrossBorderShare.java.svn-base new file mode 100644 index 000000000..c892eae78 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDCrossBorderShare.java.svn-base @@ -0,0 +1,58 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossBorderShare. + * @author fjquevedo + */ +public interface EIDCrossBorderShare extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "eIDCrossBorderShare"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "eIDCrossBorderShareType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + + /** + * Gets the eID cross border share. + * + * @return the eID cross border share + */ + String getEIDCrossBorderShare(); + + + /** + * Sets the eID cross border share. + * + * @param eIDCrossBorderShare the new eID cross border share + */ + void setEIDCrossBorderShare(String eIDCrossBorderShare); + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDCrossSectorShare.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDCrossSectorShare.java.svn-base new file mode 100644 index 000000000..f879914f9 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDCrossSectorShare.java.svn-base @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossSectorShare. + * @author fjquevedo + */ +public interface EIDCrossSectorShare extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String ELEM_LOCAL_NAME = "eIDCrossSectorShare"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), ELEM_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "eIDCrossSectorShareType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** + * Gets the eID cross sector share. + * + * @return the eID cross sector share + */ + String getEIDCrossSectorShare(); + + /** + * Sets the eID cross sector share. + * + * @param eIDCrossSectorShare the new eID cross sector share + */ + void setEIDCrossSectorShare(String eIDCrossSectorShare); + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDSectorShare.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDSectorShare.java.svn-base new file mode 100644 index 000000000..dc88f3318 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/EIDSectorShare.java.svn-base @@ -0,0 +1,57 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDSectorShare. + * @author fjquevedo + */ +public interface EIDSectorShare extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "eIDSectorShare"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "eIDSectorShare"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + + /** + * Gets the eID sector share. + * + * @return the eID sector share + */ + String getEIDSectorShare(); + + /** + * Sets the eID sector share. + * + * @param eIDSectorShare the new eID sector share + */ + void setEIDSectorShare(String eIDSectorShare); + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/QAAAttribute.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/QAAAttribute.java.svn-base new file mode 100644 index 000000000..2c09cf85b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/QAAAttribute.java.svn-base @@ -0,0 +1,63 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * STORK Quality Authentication Assurance Level Attribute Interface. + * + * @author fjquevedo + */ +public interface QAAAttribute extends SAMLObject { + + /** Element local name. */ + String DEF_LOCAL_NAME = "QualityAuthenticationAssuranceLevel"; + + /** Default element name. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** Local name of the XSI type. */ + String TYPE_LOCAL_NAME = "QualityAuthenticationAssuranceLevelAbstractType"; + + /** QName of the XSI type. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** The minimum value allowed. */ + int MIN_VALUE = 1; + + /** The Max value allowed. */ + int MAX_VALUE = 4; + + /** + * Gets the qAA level. + * + * @return the qAA level + */ + String getQaaLevel(); + + /** + * Sets the qAA level. + * + * @param qaaLevel the new qAA level + * + */ + void setQaaLevel(String qaaLevel); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/RequestedAttribute.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/RequestedAttribute.java.svn-base new file mode 100644 index 000000000..02be9e104 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/RequestedAttribute.java.svn-base @@ -0,0 +1,140 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import java.util.List; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; +import org.opensaml.xml.AttributeExtensibleXMLObject; +import org.opensaml.xml.schema.XSBooleanValue; +import org.opensaml.xml.XMLObject; + +/** + * The Interface RequestedAttribute. + * + * @author fjquevedo + */ +public interface RequestedAttribute extends SAMLObject, + AttributeExtensibleXMLObject { + + /** Element local name. */ + String DEF_LOCAL_NAME = "RequestedAttribute"; + + /** Default element name. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** Local name of the XSI type. */ + String TYPE_LOCAL_NAME = "RequestedAttributeAbstractType"; + + /** QName of the XSI type. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** NAME_ATTRIB_NAME attribute name. */ + String NAME_ATTRIB_NAME = "Name"; + + /** NAME_FORMAT_ATTRIB_NAME attribute name. */ + String NAME_FORMAT_ATTR = "NameFormat"; + + /** IS_REQUIRED_ATTRIB_NAME attribute name. */ + String IS_REQUIRED_ATTR = "isRequired"; + + /** FRIENDLY_NAME_ATTRIB_NAME attribute name. */ + String FRIENDLY_NAME_ATT = "FriendlyName"; + + /** Unspecified attribute format ID. */ + String UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"; + + /** URI reference attribute format ID. */ + String URI_REFERENCE = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"; + + /** Basic attribute format ID. */ + String BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic"; + + /** + * Gets the name. + * + * @return the name + */ + String getName(); + + /** + * Sets the name. + * + * @param name the new name + */ + void setName(String name); + + /** + * Gets the name format. + * + * @return the name format + */ + String getNameFormat(); + + /** + * Sets the name format. + * + * @param nameFormat the new name format + */ + void setNameFormat(String nameFormat); + + /** + * Gets the friendly name. + * + * @return the friendly name + */ + String getFriendlyName(); + + /** + * Sets the friendly name. + * + * @param friendlyName the new friendly name + */ + void setFriendlyName(String friendlyName); + + /** + * Gets the checks if is required. + * + * @return the checks if is required + */ + String isRequired(); + + /** + * Gets the checks if is required xs boolean. + * + * @return the checks if is required xs boolean + */ + String getIsRequiredXSBoolean(); + + /** + * Sets the checks if is required. + * + * @param newIsRequired the new checks if is required + */ + void setIsRequired(String newIsRequired); + + /** + * Gets the attribute values. + * + * @return the attribute values + */ + List getAttributeValues(); + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/RequestedAttributes.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/RequestedAttributes.java.svn-base new file mode 100644 index 000000000..9004b10f4 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/RequestedAttributes.java.svn-base @@ -0,0 +1,51 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import java.util.List; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface RequestedAttributes. + * + * @author fjquevedo + */ +public interface RequestedAttributes extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "RequestedAttributes"; + + /** Default element name. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** Local name of the XSI type. */ + String TYPE_LOCAL_NAME = "RequestedAttributesType"; + + /** QName of the XSI type. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** + * Gets the attributes. + * + * @return the attributes + */ + List getAttributes(); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SAMLCore.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SAMLCore.java.svn-base new file mode 100644 index 000000000..e511bbaeb --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SAMLCore.java.svn-base @@ -0,0 +1,98 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +/** + * The Enumeration SAMLCore. + * + * @author fjquevedo + */ + +public enum SAMLCore { + + /** The consent authentication request. */ + CONSENT_AUTHN_REQ("consentAuthnRequest"), + + /** The consent authentication response. */ + CONSENT_AUTHN_RES("consentAuthnResponse"), + + /** The FORC e_ auth n_ tag. */ + FORCE_AUTHN_TAG("forceAuthN"), + + /** The I s_ passiv e_ tag. */ + IS_PASSIVE_TAG("isPassive"), + + /** The FORMA t_ entity. */ + FORMAT_ENTITY("formatEntity"), + + /** The FRIENDLY name. */ + FRIENDLY_NAME("friendlyName"), + + /** The IS_REQUIRED AN ATTRIBUTE */ + IS_REQUIRED("isRequired"), + + /** The PRO t_ bindin g_ tag. */ + PROT_BINDING_TAG("protocolBinding"), + + /** The ASSER t_ con s_ tag. */ + ASSERT_CONS_TAG("assertionConsumerServiceURL"), + + /** The REQUESTE r_ tag. */ + REQUESTER_TAG("requester"), + + /** The RESPONDE r_ tag. */ + RESPONDER_TAG("responder"), + + /** The STOR k10_ ns. */ + STORK10_NS("urn:eu:stork:names:tc:STORK:1.0:assertion"), + + /** The STOR k10 p_ ns. */ + STORK10P_NS("urn:eu:stork:names:tc:STORK:1.0:protocol"), + + /** The STOR k10_ prefix. */ + STORK10_PREFIX("stork"), + + /** The STOR k10 p_ prefix. */ + STORK10P_PREFIX("storkp"), + + /** The STOR k10_ bas e_ uri. */ + STORK10_BASE_URI("http://www.stork.gov.eu/1.0/"), + + /** The ON e_ tim e_ use. */ + ONE_TIME_USE("oneTimeUse"); + + /** The value. */ + private String value; + + /** + * Instantiates a new sAML core. + * + * @param fullName the full name + */ + private SAMLCore(final String fullName) { + this.value = fullName; + } + + /** + * Gets the value. + * + * @return the value + */ + public String getValue() { + return value; + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SAMLEngineSignI.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SAMLEngineSignI.java.svn-base new file mode 100644 index 000000000..b382646be --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SAMLEngineSignI.java.svn-base @@ -0,0 +1,88 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import java.security.KeyStore; +import java.security.cert.X509Certificate; + +import org.opensaml.common.SAMLObject; +import org.opensaml.common.SignableSAMLObject; + +import eu.stork.peps.exceptions.SAMLEngineException; + +/** + * The Interface SAMLEngineSignI. + * + * @author fjquevedo + */ +public interface SAMLEngineSignI { + + /** + * Sign. + * + * @param tokenSaml the token SAML + * + * @return the sAML object + * + * @throws SAMLEngineException the SAML engine exception + */ + SAMLObject sign(SignableSAMLObject tokenSaml) throws SAMLEngineException; + + /** + * Gets the certificate. + * + * @return the certificate + */ + X509Certificate getCertificate(); + + /** + * Gets the trustStore used when validating SAMLTokens + * + * @return the trustStore + * + */ + KeyStore getTrustStore(); + + /** + * Validate signature. + * + * @param tokenSaml the token SAML + * + * @return the sAML object + * + * @throws SAMLEngineException the SAML engine exception + */ + SAMLObject validateSignature(SignableSAMLObject tokenSaml) + throws SAMLEngineException; + + /** + * Initialize the signature module. + * + * @param fileConf the configuration file. + * + * @throws SAMLEngineException the STORKSAML engine runtime + * exception + */ + void init(String fileConf) throws SAMLEngineException; + + /** + * Load cryptographic service provider. + * + * @throws SAMLEngineException the SAML engine exception + */ + void loadCryptServiceProvider() throws SAMLEngineException; + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPApplication.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPApplication.java.svn-base new file mode 100644 index 000000000..9ace6d37c --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPApplication.java.svn-base @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface SPApplication. + * + * @author fjquevedo + */ +public interface SPApplication extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "spApplication"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "spApplicationType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** + * Gets the service provider application. + * + * @return the service provider application + */ + String getSPApplication(); + + /** + * Sets the service provider application. + * + * @param spApplication the new service provider application + */ + void setSPApplication(String spApplication); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPCountry.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPCountry.java.svn-base new file mode 100644 index 000000000..569ea48c2 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPCountry.java.svn-base @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface SPCountry. + * + * @author fjquevedo + */ +public interface SPCountry extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "spCountry"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "spCountryType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** + * Gets the service provider country. + * + * @return the service provider country + */ + String getSPCountry(); + + /** + * Sets the service provider country. + * + * @param spCountry the new service provider country + */ + void setSPCountry(String spCountry); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPID.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPID.java.svn-base new file mode 100644 index 000000000..c0cf02ad0 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPID.java.svn-base @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossBorderShare. + * @author iinigo + */ +public interface SPID extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "SPID"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "SPIDType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** + * Gets the SP ID. + * + * @return the SP ID + */ + String getSPID(); + + + /** + * Sets the SP ID. + * + * @param SPID the new SP ID + */ + void setSPID(String newSPID); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPInformation.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPInformation.java.svn-base new file mode 100644 index 000000000..34ba9c9c5 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPInformation.java.svn-base @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossBorderShare. + * @author iinigo + */ +public interface SPInformation extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "SPInformation"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "SPInformationType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** + * Gets the SP Id. + * + * @return the SP Id + */ + SPID getSPID(); + + + /** + * Sets the SP Id. + * + * @param newSPId the new SP Id + */ + void setSPID(SPID newSPID); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPInstitution.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPInstitution.java.svn-base new file mode 100644 index 000000000..33dad474b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPInstitution.java.svn-base @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossBorderShare. + * + * @author fjquevedo + */ +public interface SPInstitution extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "spInstitution"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "spInstitutionType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** + * Gets the service provider institution. + * + * @return the service provider institution + */ + String getSPInstitution(); + + /** + * Sets the service provider institution. + * + * @param spInstitution the new service provider institution + */ + void setSPInstitution(String spInstitution); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPSector.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPSector.java.svn-base new file mode 100644 index 000000000..1f49a4015 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/SPSector.java.svn-base @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface SPSector. + * + * @author fjquevedo + */ +public interface SPSector extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "spSector"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "spSectorType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** + * Gets the service provider sector. + * + * @return the service provider sector + */ + String getSPSector(); + + /** + * Sets the service provider sector. + * + * @param spSector the new service provider sector + */ + void setSPSector(String spSector); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/STORKSAMLCore.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/STORKSAMLCore.java.svn-base new file mode 100644 index 000000000..19c71dd74 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/STORKSAMLCore.java.svn-base @@ -0,0 +1,508 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import java.util.Properties; + +import org.apache.commons.lang.StringUtils; +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.saml2.core.NameIDType; +import org.opensaml.saml2.core.RequestAbstractType; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.exceptions.SAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * The Class SAMLCore. + * + * @author fjquevedo + */ +public final class STORKSAMLCore { + + /** The Constant LOGGER. */ + private static final Logger LOGGER = LoggerFactory + .getLogger(STORKSAMLCore.class.getName()); + + /** The consent authentication request. */ + private String consentAuthnReq = null; + + /** The consent authentication response. */ + private String consentAuthnResp = null; + + /** The id cross border share. */ + private String eIDCrossBordShare = null; + + /** The e id cross sect share. */ + private String eIDCrossSectShare = null; + + /** The e id sector share. */ + private String eIDSectorShare = null; + + /** The format entity. */ + private String formatEntity = null; + + /** The friendly name. */ + private boolean friendlyName = false; + + /** The IP validation. */ + private boolean ipValidation = false; + + /** The one time use. */ + private boolean oneTimeUse = true; + + /** The protocol binding. */ + private String protocolBinding = null; + + /** The requester. */ + private String requester = null; + + + /** The responder. */ + private String responder = null; + + /** The SAML core properties. */ + private Properties samlCoreProp = null; + + /** The time not on or after. */ + private Integer timeNotOnOrAfter = null; + + /** The is required parameter. */ + private boolean isRequired = true; + + private static final String SAML_ENGINE_LITERAL = "SamlEngine.xml: "; + + /** + * Gets the isRequired. + * + * @return the isRequired + */ + public boolean isRequired() { + return isRequired; + } + + /** + * Sets the isRequired. + * + * @param isRequired the required. + */ + public void setRequired(boolean isRequired) { + this.isRequired = isRequired; + } + + /** + * Instantiates a new sAML core. + * + * @param instance the instance + */ + public STORKSAMLCore(final Properties instance) { + loadConfiguration(instance); + } + + /** + * Gets the consent. + * + * @return the consent + */ + public String getConsentAuthnRequest() { + return consentAuthnReq; + } + + /** + * Gets the consent authentication response. + * + * @return the consent authentication response. + */ + public String getConsentAuthnResp() { + return consentAuthnResp; + } + + /** + * Gets the consent authentication response. + * + * @return the consent authentication response + */ + public String getConsentAuthnResponse() { + return consentAuthnResp; + } + + /** + * Gets the format entity. + * + * @return the format entity + */ + public String getFormatEntity() { + return formatEntity; + } + + /** + * Gets the property. + * + * @param key the key + * + * @return the property + */ + public String getProperty(final String key) { + return samlCoreProp.getProperty(key); + } + + /** + * Gets the protocol binding. + * + * @return the protocol binding + */ + public String getProtocolBinding() { + return protocolBinding; + } + + /** + * Gets the requester. + * + * @return the requester + */ + public String getRequester() { + return requester; + } + + /** + * Gets the responder. + * + * @return the responder + */ + public String getResponder() { + return responder; + } + + /** + * Gets the time not on or after. + * + * @return the time not on or after + */ + public Integer getTimeNotOnOrAfter() { + return timeNotOnOrAfter; + } + + /** + * Checks if is e id cross border share. + * + * @return true, if is e id cross border share + */ + public String iseIDCrossBorderShare() { + return eIDCrossBordShare; + } + + /** + * Checks if is e id cross border share. + * + * @return true, if is e id cross border share + */ + public String iseIDCrossBordShare() { + return eIDCrossBordShare; + } + + /** + * Checks if is e id cross sector share. + * + * @return true, if is e id cross sector share + */ + public String iseIDCrossSectorShare() { + return eIDCrossSectShare; + } + + /** + * Checks if is e id cross sect share. + * + * @return true, if is e id cross sect share + */ + public String iseIDCrossSectShare() { + return eIDCrossSectShare; + } + + /** + * Checks if is e id sector share. + * + * @return true, if is e id sector share + */ + public String iseIDSectorShare() { + return eIDSectorShare; + } + + /** + * Checks if is friendly name. + * + * @return true, if checks if is friendly name + */ + public boolean isFriendlyName() { + return friendlyName; + } + + /** + * Checks if is IP validation. + * + * @return true, if is IP validation + */ + public boolean isIpValidation() { + return ipValidation; + } + + /** + * Checks if is one time use. + * + * @return true, if is one time use + */ + public boolean isOneTimeUse() { + return oneTimeUse; + } + + /** + * Method that loads the configuration file for the SAML Engine. + * + * @param instance the instance of the Engine properties. + */ + private void loadConfiguration(final Properties instance) { + + try { + LOGGER.info("SAMLCore: Loading SAMLEngine properties."); + + samlCoreProp = instance; + + final String parameter = samlCoreProp + .getProperty(SAMLCore.FORMAT_ENTITY.getValue()); + + if ("entity".equalsIgnoreCase(parameter)) { + formatEntity = NameIDType.ENTITY; + } + + friendlyName = Boolean.valueOf(samlCoreProp + .getProperty(SAMLCore.FRIENDLY_NAME.getValue())); + + String isRequiredValue = samlCoreProp. + getProperty(SAMLCore.IS_REQUIRED.getValue()); + if (isRequiredValue != null) { + isRequired = Boolean.valueOf(isRequiredValue); + } + + eIDSectorShare = samlCoreProp + .getProperty("eIDSectorShare"); + eIDCrossSectShare = samlCoreProp + .getProperty("eIDCrossSectorShare"); + eIDCrossBordShare = samlCoreProp + .getProperty("eIDCrossBorderShare"); + + ipValidation = Boolean.valueOf(samlCoreProp + .getProperty("ipAddrValidation")); + + final String oneTimeUseProp = samlCoreProp + .getProperty(SAMLCore.ONE_TIME_USE.getValue()); + + if (StringUtils.isNotBlank(oneTimeUseProp)) { + oneTimeUse = Boolean.valueOf(oneTimeUseProp); + } + + // Protocol Binding + loadProtocolBiding(); + + // Consent Authentication Request + consentAuthnReq = samlCoreProp + .getProperty(SAMLCore.CONSENT_AUTHN_REQ.getValue()); + + if ("unspecified".equalsIgnoreCase(consentAuthnReq)) { + consentAuthnReq = RequestAbstractType.UNSPECIFIED_CONSENT; + } + + loadConsentAuthResp(); + + timeNotOnOrAfter = Integer.valueOf(samlCoreProp + .getProperty("timeNotOnOrAfter")); + + if (timeNotOnOrAfter.intValue() < 0) { + LOGGER.error(SAML_ENGINE_LITERAL + "timeNotOnOrAfter" + + " is negative number."); + + throw new SAMLEngineException(SAML_ENGINE_LITERAL + + "timeNotOnOrAfter" + " is negative number."); + } + + requester = samlCoreProp.getProperty(SAMLCore.REQUESTER_TAG.getValue()); + responder = samlCoreProp.getProperty(SAMLCore.RESPONDER_TAG.getValue()); + + } catch (SAMLEngineException e) { + LOGGER.error("SAMLCore: error loadConfiguration. ", e); + throw new STORKSAMLEngineRuntimeException(e); + } catch (RuntimeException e) { + LOGGER.error("SAMLCore: error loadConfiguration. ", e); + throw new STORKSAMLEngineRuntimeException(e); + } + } + + /** + * Load consent authentication response. + */ + private void loadConsentAuthResp() { + // Consent Authentication Response + consentAuthnResp = samlCoreProp + .getProperty(SAMLCore.CONSENT_AUTHN_RES.getValue()); + + if ("obtained".equalsIgnoreCase(consentAuthnResp)) { + consentAuthnResp = RequestAbstractType.OBTAINED_CONSENT; + } else if ("prior".equalsIgnoreCase(consentAuthnResp)) { + consentAuthnResp = RequestAbstractType.PRIOR_CONSENT; + } else if ("curent-implicit".equalsIgnoreCase(consentAuthnResp)) { + consentAuthnResp = + "urn:oasis:names:tc:SAML:2.0:consent:current-implicit"; + } else if ("curent-explicit".equalsIgnoreCase(consentAuthnResp)) { + consentAuthnResp = + "urn:oasis:names:tc:SAML:2.0:consent:current-explicit"; + } else if ("unspecified".equalsIgnoreCase(consentAuthnResp)) { + consentAuthnResp = RequestAbstractType.UNSPECIFIED_CONSENT; + } + } + + /** + * Load protocol biding. + * + * @throws SAMLEngineException the SAML engine exception + */ + private void loadProtocolBiding() throws SAMLEngineException { + // Protocol Binding + protocolBinding = samlCoreProp.getProperty(SAMLCore.PROT_BINDING_TAG.getValue()); + + if (StringUtils.isBlank(protocolBinding)) { + LOGGER.error(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG + + " it's mandatory."); + throw new SAMLEngineException(SAML_ENGINE_LITERAL + + SAMLCore.PROT_BINDING_TAG + " it's mandatory."); + } else if (protocolBinding.equalsIgnoreCase("HTTP-POST")) { + protocolBinding = SAMLConstants.SAML2_POST_BINDING_URI; + } else { + LOGGER.error(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG + + " it's not supporting."); + + throw new SAMLEngineException(SAML_ENGINE_LITERAL + + SAMLCore.PROT_BINDING_TAG + " it's not supporting."); + } + } + + /** + * Sets the consent authentication response. + * + * @param newConsAuthnResp the new consent authentication response + */ + public void setConsentAuthnResp(final String newConsAuthnResp) { + this.consentAuthnResp = newConsAuthnResp; + } + + /** + * Sets an eID that can be shared outside of the Service Provider’s member state. + * + * @param newEIDCrossBord the new eid cross border share + */ + public void setEIDCrossBordShare(final String newEIDCrossBord) { + this.eIDCrossBordShare = newEIDCrossBord; + } + + /** + * Sets an eID that can be shared outside of the Service Provider’s sector. + * + * @param newEIDCrossSect the new eid cross sect share + */ + public void setEIDCrossSectShare(final String newEIDCrossSect) { + this.eIDCrossSectShare = newEIDCrossSect; + } + + /** + * Sets an eID that can be shared within the Service Provider’s sector. + * + * @param newEIDSectorShare the new eid sector share + */ + public void seteIDSectorShare(final String newEIDSectorShare) { + this.eIDSectorShare = newEIDSectorShare; + } + + /** + * Sets the format entity. + * + * @param newFormatEntity the new format entity + */ + public void setFormatEntity(final String newFormatEntity) { + this.formatEntity = newFormatEntity; + } + + /** + * Sets the friendly name. + * + * @param newFriendlyName the new friendly name + */ + public void setFriendlyName(final boolean newFriendlyName) { + this.friendlyName = newFriendlyName; + } + + /** + * Sets the IP validation. + * + * @param newIpValidation the new IP validation + */ + public void setIpValidation(final boolean newIpValidation) { + this.ipValidation = newIpValidation; + } + + /** + * Sets the one time use. + * + * @param newOneTimeUse the new one time use + */ + public void setOneTimeUse(final boolean newOneTimeUse) { + this.oneTimeUse = newOneTimeUse; + } + + /** + * Sets the protocol binding. + * + * @param newProtBinding the new protocol binding + */ + public void setProtocolBinding(final String newProtBinding) { + this.protocolBinding = newProtBinding; + } + + /** + * Sets the requester. + * + * @param newRequester the new requester + */ + public void setRequester(final String newRequester) { + this.requester = newRequester; + } + + /** + * Sets the responder. + * + * @param newResponder the new responder + */ + public void setResponder(final String newResponder) { + this.responder = newResponder; + } + + /** + * Sets the time not on or after. + * + * @param newTimeNotOnOrAft the new time not on or after + */ + public void setTimeNotOnOrAfter(final Integer newTimeNotOnOrAft) { + this.timeNotOnOrAfter = newTimeNotOnOrAft; + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/VIDPAuthenticationAttributes.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/VIDPAuthenticationAttributes.java.svn-base new file mode 100644 index 000000000..3f812393e --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/VIDPAuthenticationAttributes.java.svn-base @@ -0,0 +1,72 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface VIDPAuthenticationAttributes. + * + * @author fjquevedo + */ +public interface VIDPAuthenticationAttributes extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "VIDPAuthenticationAttributes"; + + /** Default element name. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** Local name of the XSI type. */ + String TYPE_LOCAL_NAME = "VIDPAuthenticationAttributesType"; + + /** QName of the XSI type. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + + /** + * Gets the citizen country code. + * + * @return the citizen country code + */ + CitizenCountryCode getCitizenCountryCode(); + + /** + * Sets the citizen country code. + * + * @param newCitizenCountryCode the new citizen country code + */ + void setCitizenCountryCode(CitizenCountryCode newCitizenCountryCode); + + /** + * Gets the SP information + * + * @return the SP information + */ + SPInformation getSPInformation(); + + /** + * Sets the SP information + * + * @param newSPInformation the new SPInformation + */ + void setSPInformation(SPInformation newSPInformation); + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/package-info.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..3393dcf78 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Interfaces for STORK 1.0 core specification types and elements. + */ +package eu.stork.peps.auth.engine.core; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java new file mode 100644 index 000000000..07157073c --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/AuthenticationAttributes.java @@ -0,0 +1,57 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface AuthenticationAttributes. + * @author fjquevedo + */ +public interface AuthenticationAttributes extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "AuthenticationAttributes"; + + /** Default element name. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** Local name of the XSI type. */ + String TYPE_LOCAL_NAME = "AuthenticationAttributesType"; + + /** QName of the XSI type. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + + /** + * Gets the citizen country code. + * + * @return the citizen country code + */ + VIDPAuthenticationAttributes getVIDPAuthenticationAttributes(); + + + /** + * Sets the vIDP authentication attributes. + * + * @param newVIDPAuthenticationAttr the new vIDP authentication attributes + */ + void setVIDPAuthenticationAttributes(VIDPAuthenticationAttributes newVIDPAuthenticationAttr); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java new file mode 100644 index 000000000..859d37feb --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/CitizenCountryCode.java @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossBorderShare. + * @author fjquevedo + */ +public interface CitizenCountryCode extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "CitizenCountryCode"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "CitizenCountryCodeType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** + * Gets the SP country. + * + * @return the sP country + */ + String getCitizenCountryCode(); + + + /** + * Sets the citizen country code. + * + * @param citizenCountryCode the new citizen country code + */ + void setCitizenCountryCode(String citizenCountryCode); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java new file mode 100644 index 000000000..c892eae78 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossBorderShare.java @@ -0,0 +1,58 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossBorderShare. + * @author fjquevedo + */ +public interface EIDCrossBorderShare extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "eIDCrossBorderShare"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "eIDCrossBorderShareType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + + /** + * Gets the eID cross border share. + * + * @return the eID cross border share + */ + String getEIDCrossBorderShare(); + + + /** + * Sets the eID cross border share. + * + * @param eIDCrossBorderShare the new eID cross border share + */ + void setEIDCrossBorderShare(String eIDCrossBorderShare); + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java new file mode 100644 index 000000000..f879914f9 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDCrossSectorShare.java @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossSectorShare. + * @author fjquevedo + */ +public interface EIDCrossSectorShare extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String ELEM_LOCAL_NAME = "eIDCrossSectorShare"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), ELEM_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "eIDCrossSectorShareType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** + * Gets the eID cross sector share. + * + * @return the eID cross sector share + */ + String getEIDCrossSectorShare(); + + /** + * Sets the eID cross sector share. + * + * @param eIDCrossSectorShare the new eID cross sector share + */ + void setEIDCrossSectorShare(String eIDCrossSectorShare); + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java new file mode 100644 index 000000000..dc88f3318 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/EIDSectorShare.java @@ -0,0 +1,57 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDSectorShare. + * @author fjquevedo + */ +public interface EIDSectorShare extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "eIDSectorShare"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "eIDSectorShare"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + + /** + * Gets the eID sector share. + * + * @return the eID sector share + */ + String getEIDSectorShare(); + + /** + * Sets the eID sector share. + * + * @param eIDSectorShare the new eID sector share + */ + void setEIDSectorShare(String eIDSectorShare); + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java new file mode 100644 index 000000000..2c09cf85b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/QAAAttribute.java @@ -0,0 +1,63 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * STORK Quality Authentication Assurance Level Attribute Interface. + * + * @author fjquevedo + */ +public interface QAAAttribute extends SAMLObject { + + /** Element local name. */ + String DEF_LOCAL_NAME = "QualityAuthenticationAssuranceLevel"; + + /** Default element name. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** Local name of the XSI type. */ + String TYPE_LOCAL_NAME = "QualityAuthenticationAssuranceLevelAbstractType"; + + /** QName of the XSI type. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** The minimum value allowed. */ + int MIN_VALUE = 1; + + /** The Max value allowed. */ + int MAX_VALUE = 4; + + /** + * Gets the qAA level. + * + * @return the qAA level + */ + String getQaaLevel(); + + /** + * Sets the qAA level. + * + * @param qaaLevel the new qAA level + * + */ + void setQaaLevel(String qaaLevel); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java new file mode 100644 index 000000000..02be9e104 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttribute.java @@ -0,0 +1,140 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import java.util.List; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; +import org.opensaml.xml.AttributeExtensibleXMLObject; +import org.opensaml.xml.schema.XSBooleanValue; +import org.opensaml.xml.XMLObject; + +/** + * The Interface RequestedAttribute. + * + * @author fjquevedo + */ +public interface RequestedAttribute extends SAMLObject, + AttributeExtensibleXMLObject { + + /** Element local name. */ + String DEF_LOCAL_NAME = "RequestedAttribute"; + + /** Default element name. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** Local name of the XSI type. */ + String TYPE_LOCAL_NAME = "RequestedAttributeAbstractType"; + + /** QName of the XSI type. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** NAME_ATTRIB_NAME attribute name. */ + String NAME_ATTRIB_NAME = "Name"; + + /** NAME_FORMAT_ATTRIB_NAME attribute name. */ + String NAME_FORMAT_ATTR = "NameFormat"; + + /** IS_REQUIRED_ATTRIB_NAME attribute name. */ + String IS_REQUIRED_ATTR = "isRequired"; + + /** FRIENDLY_NAME_ATTRIB_NAME attribute name. */ + String FRIENDLY_NAME_ATT = "FriendlyName"; + + /** Unspecified attribute format ID. */ + String UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"; + + /** URI reference attribute format ID. */ + String URI_REFERENCE = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"; + + /** Basic attribute format ID. */ + String BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic"; + + /** + * Gets the name. + * + * @return the name + */ + String getName(); + + /** + * Sets the name. + * + * @param name the new name + */ + void setName(String name); + + /** + * Gets the name format. + * + * @return the name format + */ + String getNameFormat(); + + /** + * Sets the name format. + * + * @param nameFormat the new name format + */ + void setNameFormat(String nameFormat); + + /** + * Gets the friendly name. + * + * @return the friendly name + */ + String getFriendlyName(); + + /** + * Sets the friendly name. + * + * @param friendlyName the new friendly name + */ + void setFriendlyName(String friendlyName); + + /** + * Gets the checks if is required. + * + * @return the checks if is required + */ + String isRequired(); + + /** + * Gets the checks if is required xs boolean. + * + * @return the checks if is required xs boolean + */ + String getIsRequiredXSBoolean(); + + /** + * Sets the checks if is required. + * + * @param newIsRequired the new checks if is required + */ + void setIsRequired(String newIsRequired); + + /** + * Gets the attribute values. + * + * @return the attribute values + */ + List getAttributeValues(); + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java new file mode 100644 index 000000000..9004b10f4 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/RequestedAttributes.java @@ -0,0 +1,51 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import java.util.List; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface RequestedAttributes. + * + * @author fjquevedo + */ +public interface RequestedAttributes extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "RequestedAttributes"; + + /** Default element name. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** Local name of the XSI type. */ + String TYPE_LOCAL_NAME = "RequestedAttributesType"; + + /** QName of the XSI type. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** + * Gets the attributes. + * + * @return the attributes + */ + List getAttributes(); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java new file mode 100644 index 000000000..e511bbaeb --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLCore.java @@ -0,0 +1,98 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +/** + * The Enumeration SAMLCore. + * + * @author fjquevedo + */ + +public enum SAMLCore { + + /** The consent authentication request. */ + CONSENT_AUTHN_REQ("consentAuthnRequest"), + + /** The consent authentication response. */ + CONSENT_AUTHN_RES("consentAuthnResponse"), + + /** The FORC e_ auth n_ tag. */ + FORCE_AUTHN_TAG("forceAuthN"), + + /** The I s_ passiv e_ tag. */ + IS_PASSIVE_TAG("isPassive"), + + /** The FORMA t_ entity. */ + FORMAT_ENTITY("formatEntity"), + + /** The FRIENDLY name. */ + FRIENDLY_NAME("friendlyName"), + + /** The IS_REQUIRED AN ATTRIBUTE */ + IS_REQUIRED("isRequired"), + + /** The PRO t_ bindin g_ tag. */ + PROT_BINDING_TAG("protocolBinding"), + + /** The ASSER t_ con s_ tag. */ + ASSERT_CONS_TAG("assertionConsumerServiceURL"), + + /** The REQUESTE r_ tag. */ + REQUESTER_TAG("requester"), + + /** The RESPONDE r_ tag. */ + RESPONDER_TAG("responder"), + + /** The STOR k10_ ns. */ + STORK10_NS("urn:eu:stork:names:tc:STORK:1.0:assertion"), + + /** The STOR k10 p_ ns. */ + STORK10P_NS("urn:eu:stork:names:tc:STORK:1.0:protocol"), + + /** The STOR k10_ prefix. */ + STORK10_PREFIX("stork"), + + /** The STOR k10 p_ prefix. */ + STORK10P_PREFIX("storkp"), + + /** The STOR k10_ bas e_ uri. */ + STORK10_BASE_URI("http://www.stork.gov.eu/1.0/"), + + /** The ON e_ tim e_ use. */ + ONE_TIME_USE("oneTimeUse"); + + /** The value. */ + private String value; + + /** + * Instantiates a new sAML core. + * + * @param fullName the full name + */ + private SAMLCore(final String fullName) { + this.value = fullName; + } + + /** + * Gets the value. + * + * @return the value + */ + public String getValue() { + return value; + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java new file mode 100644 index 000000000..b382646be --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SAMLEngineSignI.java @@ -0,0 +1,88 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import java.security.KeyStore; +import java.security.cert.X509Certificate; + +import org.opensaml.common.SAMLObject; +import org.opensaml.common.SignableSAMLObject; + +import eu.stork.peps.exceptions.SAMLEngineException; + +/** + * The Interface SAMLEngineSignI. + * + * @author fjquevedo + */ +public interface SAMLEngineSignI { + + /** + * Sign. + * + * @param tokenSaml the token SAML + * + * @return the sAML object + * + * @throws SAMLEngineException the SAML engine exception + */ + SAMLObject sign(SignableSAMLObject tokenSaml) throws SAMLEngineException; + + /** + * Gets the certificate. + * + * @return the certificate + */ + X509Certificate getCertificate(); + + /** + * Gets the trustStore used when validating SAMLTokens + * + * @return the trustStore + * + */ + KeyStore getTrustStore(); + + /** + * Validate signature. + * + * @param tokenSaml the token SAML + * + * @return the sAML object + * + * @throws SAMLEngineException the SAML engine exception + */ + SAMLObject validateSignature(SignableSAMLObject tokenSaml) + throws SAMLEngineException; + + /** + * Initialize the signature module. + * + * @param fileConf the configuration file. + * + * @throws SAMLEngineException the STORKSAML engine runtime + * exception + */ + void init(String fileConf) throws SAMLEngineException; + + /** + * Load cryptographic service provider. + * + * @throws SAMLEngineException the SAML engine exception + */ + void loadCryptServiceProvider() throws SAMLEngineException; + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java new file mode 100644 index 000000000..9ace6d37c --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPApplication.java @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface SPApplication. + * + * @author fjquevedo + */ +public interface SPApplication extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "spApplication"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "spApplicationType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** + * Gets the service provider application. + * + * @return the service provider application + */ + String getSPApplication(); + + /** + * Sets the service provider application. + * + * @param spApplication the new service provider application + */ + void setSPApplication(String spApplication); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java new file mode 100644 index 000000000..569ea48c2 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPCountry.java @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface SPCountry. + * + * @author fjquevedo + */ +public interface SPCountry extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "spCountry"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "spCountryType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** + * Gets the service provider country. + * + * @return the service provider country + */ + String getSPCountry(); + + /** + * Sets the service provider country. + * + * @param spCountry the new service provider country + */ + void setSPCountry(String spCountry); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java new file mode 100644 index 000000000..c0cf02ad0 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPID.java @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossBorderShare. + * @author iinigo + */ +public interface SPID extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "SPID"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "SPIDType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** + * Gets the SP ID. + * + * @return the SP ID + */ + String getSPID(); + + + /** + * Sets the SP ID. + * + * @param SPID the new SP ID + */ + void setSPID(String newSPID); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java new file mode 100644 index 000000000..34ba9c9c5 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInformation.java @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossBorderShare. + * @author iinigo + */ +public interface SPInformation extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "SPInformation"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "SPInformationType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** + * Gets the SP Id. + * + * @return the SP Id + */ + SPID getSPID(); + + + /** + * Sets the SP Id. + * + * @param newSPId the new SP Id + */ + void setSPID(SPID newSPID); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java new file mode 100644 index 000000000..33dad474b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPInstitution.java @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface EIDCrossBorderShare. + * + * @author fjquevedo + */ +public interface SPInstitution extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "spInstitution"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "spInstitutionType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** + * Gets the service provider institution. + * + * @return the service provider institution + */ + String getSPInstitution(); + + /** + * Sets the service provider institution. + * + * @param spInstitution the new service provider institution + */ + void setSPInstitution(String spInstitution); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java new file mode 100644 index 000000000..1f49a4015 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/SPSector.java @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface SPSector. + * + * @author fjquevedo + */ +public interface SPSector extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "spSector"; + + /** The Constant DEFAULT_ELEMENT_NAME. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** The Constant TYPE_LOCAL_NAME. */ + String TYPE_LOCAL_NAME = "spSectorType"; + + /** The Constant TYPE_NAME. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10_PREFIX.getValue()); + + /** + * Gets the service provider sector. + * + * @return the service provider sector + */ + String getSPSector(); + + /** + * Sets the service provider sector. + * + * @param spSector the new service provider sector + */ + void setSPSector(String spSector); +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java new file mode 100644 index 000000000..19c71dd74 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/STORKSAMLCore.java @@ -0,0 +1,508 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import java.util.Properties; + +import org.apache.commons.lang.StringUtils; +import org.opensaml.common.xml.SAMLConstants; +import org.opensaml.saml2.core.NameIDType; +import org.opensaml.saml2.core.RequestAbstractType; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.exceptions.SAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * The Class SAMLCore. + * + * @author fjquevedo + */ +public final class STORKSAMLCore { + + /** The Constant LOGGER. */ + private static final Logger LOGGER = LoggerFactory + .getLogger(STORKSAMLCore.class.getName()); + + /** The consent authentication request. */ + private String consentAuthnReq = null; + + /** The consent authentication response. */ + private String consentAuthnResp = null; + + /** The id cross border share. */ + private String eIDCrossBordShare = null; + + /** The e id cross sect share. */ + private String eIDCrossSectShare = null; + + /** The e id sector share. */ + private String eIDSectorShare = null; + + /** The format entity. */ + private String formatEntity = null; + + /** The friendly name. */ + private boolean friendlyName = false; + + /** The IP validation. */ + private boolean ipValidation = false; + + /** The one time use. */ + private boolean oneTimeUse = true; + + /** The protocol binding. */ + private String protocolBinding = null; + + /** The requester. */ + private String requester = null; + + + /** The responder. */ + private String responder = null; + + /** The SAML core properties. */ + private Properties samlCoreProp = null; + + /** The time not on or after. */ + private Integer timeNotOnOrAfter = null; + + /** The is required parameter. */ + private boolean isRequired = true; + + private static final String SAML_ENGINE_LITERAL = "SamlEngine.xml: "; + + /** + * Gets the isRequired. + * + * @return the isRequired + */ + public boolean isRequired() { + return isRequired; + } + + /** + * Sets the isRequired. + * + * @param isRequired the required. + */ + public void setRequired(boolean isRequired) { + this.isRequired = isRequired; + } + + /** + * Instantiates a new sAML core. + * + * @param instance the instance + */ + public STORKSAMLCore(final Properties instance) { + loadConfiguration(instance); + } + + /** + * Gets the consent. + * + * @return the consent + */ + public String getConsentAuthnRequest() { + return consentAuthnReq; + } + + /** + * Gets the consent authentication response. + * + * @return the consent authentication response. + */ + public String getConsentAuthnResp() { + return consentAuthnResp; + } + + /** + * Gets the consent authentication response. + * + * @return the consent authentication response + */ + public String getConsentAuthnResponse() { + return consentAuthnResp; + } + + /** + * Gets the format entity. + * + * @return the format entity + */ + public String getFormatEntity() { + return formatEntity; + } + + /** + * Gets the property. + * + * @param key the key + * + * @return the property + */ + public String getProperty(final String key) { + return samlCoreProp.getProperty(key); + } + + /** + * Gets the protocol binding. + * + * @return the protocol binding + */ + public String getProtocolBinding() { + return protocolBinding; + } + + /** + * Gets the requester. + * + * @return the requester + */ + public String getRequester() { + return requester; + } + + /** + * Gets the responder. + * + * @return the responder + */ + public String getResponder() { + return responder; + } + + /** + * Gets the time not on or after. + * + * @return the time not on or after + */ + public Integer getTimeNotOnOrAfter() { + return timeNotOnOrAfter; + } + + /** + * Checks if is e id cross border share. + * + * @return true, if is e id cross border share + */ + public String iseIDCrossBorderShare() { + return eIDCrossBordShare; + } + + /** + * Checks if is e id cross border share. + * + * @return true, if is e id cross border share + */ + public String iseIDCrossBordShare() { + return eIDCrossBordShare; + } + + /** + * Checks if is e id cross sector share. + * + * @return true, if is e id cross sector share + */ + public String iseIDCrossSectorShare() { + return eIDCrossSectShare; + } + + /** + * Checks if is e id cross sect share. + * + * @return true, if is e id cross sect share + */ + public String iseIDCrossSectShare() { + return eIDCrossSectShare; + } + + /** + * Checks if is e id sector share. + * + * @return true, if is e id sector share + */ + public String iseIDSectorShare() { + return eIDSectorShare; + } + + /** + * Checks if is friendly name. + * + * @return true, if checks if is friendly name + */ + public boolean isFriendlyName() { + return friendlyName; + } + + /** + * Checks if is IP validation. + * + * @return true, if is IP validation + */ + public boolean isIpValidation() { + return ipValidation; + } + + /** + * Checks if is one time use. + * + * @return true, if is one time use + */ + public boolean isOneTimeUse() { + return oneTimeUse; + } + + /** + * Method that loads the configuration file for the SAML Engine. + * + * @param instance the instance of the Engine properties. + */ + private void loadConfiguration(final Properties instance) { + + try { + LOGGER.info("SAMLCore: Loading SAMLEngine properties."); + + samlCoreProp = instance; + + final String parameter = samlCoreProp + .getProperty(SAMLCore.FORMAT_ENTITY.getValue()); + + if ("entity".equalsIgnoreCase(parameter)) { + formatEntity = NameIDType.ENTITY; + } + + friendlyName = Boolean.valueOf(samlCoreProp + .getProperty(SAMLCore.FRIENDLY_NAME.getValue())); + + String isRequiredValue = samlCoreProp. + getProperty(SAMLCore.IS_REQUIRED.getValue()); + if (isRequiredValue != null) { + isRequired = Boolean.valueOf(isRequiredValue); + } + + eIDSectorShare = samlCoreProp + .getProperty("eIDSectorShare"); + eIDCrossSectShare = samlCoreProp + .getProperty("eIDCrossSectorShare"); + eIDCrossBordShare = samlCoreProp + .getProperty("eIDCrossBorderShare"); + + ipValidation = Boolean.valueOf(samlCoreProp + .getProperty("ipAddrValidation")); + + final String oneTimeUseProp = samlCoreProp + .getProperty(SAMLCore.ONE_TIME_USE.getValue()); + + if (StringUtils.isNotBlank(oneTimeUseProp)) { + oneTimeUse = Boolean.valueOf(oneTimeUseProp); + } + + // Protocol Binding + loadProtocolBiding(); + + // Consent Authentication Request + consentAuthnReq = samlCoreProp + .getProperty(SAMLCore.CONSENT_AUTHN_REQ.getValue()); + + if ("unspecified".equalsIgnoreCase(consentAuthnReq)) { + consentAuthnReq = RequestAbstractType.UNSPECIFIED_CONSENT; + } + + loadConsentAuthResp(); + + timeNotOnOrAfter = Integer.valueOf(samlCoreProp + .getProperty("timeNotOnOrAfter")); + + if (timeNotOnOrAfter.intValue() < 0) { + LOGGER.error(SAML_ENGINE_LITERAL + "timeNotOnOrAfter" + + " is negative number."); + + throw new SAMLEngineException(SAML_ENGINE_LITERAL + + "timeNotOnOrAfter" + " is negative number."); + } + + requester = samlCoreProp.getProperty(SAMLCore.REQUESTER_TAG.getValue()); + responder = samlCoreProp.getProperty(SAMLCore.RESPONDER_TAG.getValue()); + + } catch (SAMLEngineException e) { + LOGGER.error("SAMLCore: error loadConfiguration. ", e); + throw new STORKSAMLEngineRuntimeException(e); + } catch (RuntimeException e) { + LOGGER.error("SAMLCore: error loadConfiguration. ", e); + throw new STORKSAMLEngineRuntimeException(e); + } + } + + /** + * Load consent authentication response. + */ + private void loadConsentAuthResp() { + // Consent Authentication Response + consentAuthnResp = samlCoreProp + .getProperty(SAMLCore.CONSENT_AUTHN_RES.getValue()); + + if ("obtained".equalsIgnoreCase(consentAuthnResp)) { + consentAuthnResp = RequestAbstractType.OBTAINED_CONSENT; + } else if ("prior".equalsIgnoreCase(consentAuthnResp)) { + consentAuthnResp = RequestAbstractType.PRIOR_CONSENT; + } else if ("curent-implicit".equalsIgnoreCase(consentAuthnResp)) { + consentAuthnResp = + "urn:oasis:names:tc:SAML:2.0:consent:current-implicit"; + } else if ("curent-explicit".equalsIgnoreCase(consentAuthnResp)) { + consentAuthnResp = + "urn:oasis:names:tc:SAML:2.0:consent:current-explicit"; + } else if ("unspecified".equalsIgnoreCase(consentAuthnResp)) { + consentAuthnResp = RequestAbstractType.UNSPECIFIED_CONSENT; + } + } + + /** + * Load protocol biding. + * + * @throws SAMLEngineException the SAML engine exception + */ + private void loadProtocolBiding() throws SAMLEngineException { + // Protocol Binding + protocolBinding = samlCoreProp.getProperty(SAMLCore.PROT_BINDING_TAG.getValue()); + + if (StringUtils.isBlank(protocolBinding)) { + LOGGER.error(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG + + " it's mandatory."); + throw new SAMLEngineException(SAML_ENGINE_LITERAL + + SAMLCore.PROT_BINDING_TAG + " it's mandatory."); + } else if (protocolBinding.equalsIgnoreCase("HTTP-POST")) { + protocolBinding = SAMLConstants.SAML2_POST_BINDING_URI; + } else { + LOGGER.error(SAML_ENGINE_LITERAL + SAMLCore.PROT_BINDING_TAG + + " it's not supporting."); + + throw new SAMLEngineException(SAML_ENGINE_LITERAL + + SAMLCore.PROT_BINDING_TAG + " it's not supporting."); + } + } + + /** + * Sets the consent authentication response. + * + * @param newConsAuthnResp the new consent authentication response + */ + public void setConsentAuthnResp(final String newConsAuthnResp) { + this.consentAuthnResp = newConsAuthnResp; + } + + /** + * Sets an eID that can be shared outside of the Service Provider’s member state. + * + * @param newEIDCrossBord the new eid cross border share + */ + public void setEIDCrossBordShare(final String newEIDCrossBord) { + this.eIDCrossBordShare = newEIDCrossBord; + } + + /** + * Sets an eID that can be shared outside of the Service Provider’s sector. + * + * @param newEIDCrossSect the new eid cross sect share + */ + public void setEIDCrossSectShare(final String newEIDCrossSect) { + this.eIDCrossSectShare = newEIDCrossSect; + } + + /** + * Sets an eID that can be shared within the Service Provider’s sector. + * + * @param newEIDSectorShare the new eid sector share + */ + public void seteIDSectorShare(final String newEIDSectorShare) { + this.eIDSectorShare = newEIDSectorShare; + } + + /** + * Sets the format entity. + * + * @param newFormatEntity the new format entity + */ + public void setFormatEntity(final String newFormatEntity) { + this.formatEntity = newFormatEntity; + } + + /** + * Sets the friendly name. + * + * @param newFriendlyName the new friendly name + */ + public void setFriendlyName(final boolean newFriendlyName) { + this.friendlyName = newFriendlyName; + } + + /** + * Sets the IP validation. + * + * @param newIpValidation the new IP validation + */ + public void setIpValidation(final boolean newIpValidation) { + this.ipValidation = newIpValidation; + } + + /** + * Sets the one time use. + * + * @param newOneTimeUse the new one time use + */ + public void setOneTimeUse(final boolean newOneTimeUse) { + this.oneTimeUse = newOneTimeUse; + } + + /** + * Sets the protocol binding. + * + * @param newProtBinding the new protocol binding + */ + public void setProtocolBinding(final String newProtBinding) { + this.protocolBinding = newProtBinding; + } + + /** + * Sets the requester. + * + * @param newRequester the new requester + */ + public void setRequester(final String newRequester) { + this.requester = newRequester; + } + + /** + * Sets the responder. + * + * @param newResponder the new responder + */ + public void setResponder(final String newResponder) { + this.responder = newResponder; + } + + /** + * Sets the time not on or after. + * + * @param newTimeNotOnOrAft the new time not on or after + */ + public void setTimeNotOnOrAfter(final Integer newTimeNotOnOrAft) { + this.timeNotOnOrAfter = newTimeNotOnOrAft; + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java new file mode 100644 index 000000000..3f812393e --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/VIDPAuthenticationAttributes.java @@ -0,0 +1,72 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core; + +import javax.xml.namespace.QName; + +import org.opensaml.common.SAMLObject; + +/** + * The Interface VIDPAuthenticationAttributes. + * + * @author fjquevedo + */ +public interface VIDPAuthenticationAttributes extends SAMLObject { + + /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */ + String DEF_LOCAL_NAME = "VIDPAuthenticationAttributes"; + + /** Default element name. */ + QName DEF_ELEMENT_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), DEF_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + /** Local name of the XSI type. */ + String TYPE_LOCAL_NAME = "VIDPAuthenticationAttributesType"; + + /** QName of the XSI type. */ + QName TYPE_NAME = new QName(SAMLCore.STORK10P_NS.getValue(), TYPE_LOCAL_NAME, + SAMLCore.STORK10P_PREFIX.getValue()); + + + /** + * Gets the citizen country code. + * + * @return the citizen country code + */ + CitizenCountryCode getCitizenCountryCode(); + + /** + * Sets the citizen country code. + * + * @param newCitizenCountryCode the new citizen country code + */ + void setCitizenCountryCode(CitizenCountryCode newCitizenCountryCode); + + /** + * Gets the SP information + * + * @return the SP information + */ + SPInformation getSPInformation(); + + /** + * Sets the SP information + * + * @param newSPInformation the new SPInformation + */ + void setSPInformation(SPInformation newSPInformation); + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/all-wcprops new file mode 100644 index 000000000..7eb0de6e7 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/all-wcprops @@ -0,0 +1,395 @@ +K 25 +svn:wc:ra_dav:version-url +V 97 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl +END +RequestedAttributeImpl.java +K 25 +svn:wc:ra_dav:version-url +V 125 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java +END +EIDCrossBorderShareMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 132 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java +END +SPIDMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 117 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java +END +SPInformationImpl.java +K 25 +svn:wc:ra_dav:version-url +V 120 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java +END +SPInstitutionUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 128 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java +END +EIDSectorShareBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 124 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java +END +SPCountryBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 119 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java +END +EIDCrossBorderShareImpl.java +K 25 +svn:wc:ra_dav:version-url +V 126 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java +END +EIDSectorShareUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 129 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java +END +RequestedAttributesMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 132 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java +END +RequestedAttributesImpl.java +K 25 +svn:wc:ra_dav:version-url +V 126 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java +END +SignHW.java +K 25 +svn:wc:ra_dav:version-url +V 109 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java +END +QAAAttributeUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 127 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java +END +SPInstitutionMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 126 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java +END +SPIDUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 119 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java +END +SPInstitutionImpl.java +K 25 +svn:wc:ra_dav:version-url +V 120 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java +END +EIDSectorShareMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 127 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java +END +SPSectorUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 123 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java +END +VIDPAuthenticationAttributesBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 138 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 115 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java +END +VIDPAuthenticationAttributesMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 141 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java +END +SPApplicationUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 128 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java +END +EIDSectorShareImpl.java +K 25 +svn:wc:ra_dav:version-url +V 121 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java +END +CitizenCountryCodeBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 128 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java +END +EIDCrossSectorShareUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 134 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java +END +RequestedAttributeBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 128 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java +END +SignModuleFactory.java +K 25 +svn:wc:ra_dav:version-url +V 120 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java +END +RequestedAttributeMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 131 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java +END +QAAAttributeMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 125 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java +END +CitizenCountryCodeUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 133 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java +END +AuthenticationAttributesUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 139 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java +END +SPIDBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 114 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java +END +QAAAttributeImpl.java +K 25 +svn:wc:ra_dav:version-url +V 119 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java +END +SPSectorMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 121 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java +END +SPApplicationMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 126 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java +END +SPIDImpl.java +K 25 +svn:wc:ra_dav:version-url +V 111 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java +END +SPCountryUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 124 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java +END +SPSectorImpl.java +K 25 +svn:wc:ra_dav:version-url +V 115 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java +END +VIDPAuthenticationAttributesUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 143 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java +END +SPApplicationImpl.java +K 25 +svn:wc:ra_dav:version-url +V 120 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java +END +EIDCrossSectorShareMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 132 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java +END +QAAAttributeBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 122 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java +END +CitizenCountryCodeMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 131 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java +END +SPInformationBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 123 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java +END +EIDCrossSectorShareImpl.java +K 25 +svn:wc:ra_dav:version-url +V 126 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java +END +AuthenticationAttributesMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 137 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java +END +EIDCrossBorderShareBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 129 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java +END +RequestedAttributeUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 133 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java +END +SPInformationUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 128 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java +END +CitizenCountryCodeImpl.java +K 25 +svn:wc:ra_dav:version-url +V 125 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java +END +AuthenticationAttributesImpl.java +K 25 +svn:wc:ra_dav:version-url +V 131 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java +END +SPSectorBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 118 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java +END +EIDCrossBorderShareUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 134 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java +END +SignSW.java +K 25 +svn:wc:ra_dav:version-url +V 109 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java +END +SPApplicationBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 123 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java +END +RequestedAttributesBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 129 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java +END +SPCountryMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 122 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java +END +SignP12.java +K 25 +svn:wc:ra_dav:version-url +V 110 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java +END +EIDCrossSectorShareBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 129 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java +END +RequestedAttributesUnmarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 134 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java +END +SPCountryImpl.java +K 25 +svn:wc:ra_dav:version-url +V 116 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java +END +VIDPAuthenticationAttributesImpl.java +K 25 +svn:wc:ra_dav:version-url +V 135 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java +END +AuthenticationAttributesBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 134 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java +END +SPInformationMarshaller.java +K 25 +svn:wc:ra_dav:version-url +V 126 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java +END +SPInstitutionBuilder.java +K 25 +svn:wc:ra_dav:version-url +V 123 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java +END diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/entries b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/entries new file mode 100644 index 000000000..1c6a5c2a8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/entries @@ -0,0 +1,2238 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/impl +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +VIDPAuthenticationAttributesUnmarshaller.java +file + + + + +2013-12-20T12:27:57.414475Z +379336b4e33025428a27f1cec8b44056 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2104 + +RequestedAttributesImpl.java +file + + + + +2013-12-20T12:27:57.414475Z +27cbdb6010cc87d0da987d980e933181 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2964 + +CitizenCountryCodeMarshaller.java +file + + + + +2013-12-20T12:27:57.418475Z +d5237a27554ddbe26fd86e0b10800274 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1655 + +SPInformationBuilder.java +file + + + + +2013-12-20T12:27:57.414475Z +225f5a1c91da42fbcd3a0cb68318b32c +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1477 + +AuthenticationAttributesMarshaller.java +file + + + + +2013-12-20T12:27:57.418475Z +7c4410da9e4b223a39e8cfe7fe8baca8 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +986 + +EIDCrossBorderShareBuilder.java +file + + + + +2013-12-20T12:27:57.418475Z +87ddac844ca24e090fd90e8cd258c462 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1682 + +RequestedAttributeUnmarshaller.java +file + + + + +2013-12-20T12:27:57.418475Z +757de668eb8faac10e3d467a6fb75d8b +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +3435 + +CitizenCountryCodeImpl.java +file + + + + +2013-12-20T12:27:57.418475Z +e823785bbced34f6d08bea9998975575 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2642 + +SPInstitutionMarshaller.java +file + + + + +2013-12-20T12:27:57.418475Z +cc15a0beeb86be9ca8ee405fb46e2bdb +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1627 + +AuthenticationAttributesImpl.java +file + + + + +2013-12-20T12:27:57.422475Z +fa84458a078738803e160f1fd3ff6210 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +3348 + +SignSW.java +file + + + + +2013-12-20T12:27:57.422475Z +1f905fe296e2dfb66e02ea925d3a7761 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +14730 + +SPApplicationBuilder.java +file + + + + +2013-12-20T12:27:57.422475Z +03f6145382be5dc9dbf50a09172d40ba +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1638 + +SPInstitutionImpl.java +file + + + + +2013-12-20T12:27:57.422475Z +debba0c2baa76483e40e62a5de0e1123 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2618 + +RequestedAttributesBuilder.java +file + + + + +2013-12-20T12:27:57.422475Z +8516fe8723cb2405475a0fca0909e338 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1729 + +VIDPAuthenticationAttributesBuilder.java +file + + + + +2013-12-20T12:27:57.422475Z +60bafffa1fb9223231f49a0c12109ccd +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1607 + +SPApplicationUnmarshaller.java +file + + + + +2013-12-20T12:27:57.422475Z +143466710186caf840584c038fc365d4 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1408 + +EIDCrossSectorShareBuilder.java +file + + + + +2013-12-20T12:27:57.422475Z +95a940a01539d754a0f2d5fbc58dced2 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1746 + +VIDPAuthenticationAttributesImpl.java +file + + + + +2013-12-20T12:27:57.422475Z +71986c6390a88c027fb622f342dda7dd +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +3928 + +CitizenCountryCodeBuilder.java +file + + + + +2013-12-20T12:27:57.422475Z +d6adb4dcf3f02a2115e03e197f71e7d0 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1661 + +EIDCrossSectorShareUnmarshaller.java +file + + + + +2013-12-20T12:27:57.422475Z +8b7d6524324bf334695470c97a5ae8e9 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +1636 + +RequestedAttributeBuilder.java +file + + + + +2013-12-20T12:27:57.422475Z +8e01d40d3d5d57e76e68335c4dfa33fd +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1719 + +SignModuleFactory.java +file + + + + +2013-12-20T12:27:57.422475Z +ca27edd3b64fe3994d694668441242c0 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1904 + +SPInstitutionBuilder.java +file + + + + +2013-12-20T12:27:57.422475Z +c154c661d7cf09d5deeb12ddf66b69a1 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1652 + +SPIDBuilder.java +file + + + + +2013-12-20T12:27:57.422475Z +081af3337ceb54c3a8e8c3fdbdd07757 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1531 + +RequestedAttributeImpl.java +file + + + + +2013-12-20T12:27:57.422475Z +2b0a40b8c2b3640929adb2c1500ecfa8 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +5576 + +SPIDMarshaller.java +file + + + + +2013-12-20T12:27:57.422475Z +1f25673e4ed1a76ed9763d06e73942bf +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +1549 + +SPCountryBuilder.java +file + + + + +2013-12-20T12:27:57.422475Z +a6e6d09f79e112c96d03f1dff4506843 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1627 + +SPApplicationMarshaller.java +file + + + + +2013-12-20T12:27:57.422475Z +d3053090b75974af918b25e32b3c16cb +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1627 + +EIDSectorShareUnmarshaller.java +file + + + + +2013-12-20T12:27:57.422475Z +e003885ad4f424b731178f3de53a9934 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +1596 + +SPCountryUnmarshaller.java +file + + + + +2013-12-20T12:27:57.422475Z +e01b8f80dbcec3c100d563b8da6c206d +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1376 + +SPApplicationImpl.java +file + + + + +2013-12-20T12:27:57.422475Z +0df0bd3dc6acdf706be767ba9e5ca6fc +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2617 + +EIDCrossSectorShareMarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +e80eee7bbdb571f5a481ea66fc6b047d +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1687 + +QAAAttributeBuilder.java +file + + + + +2013-12-20T12:27:57.426475Z +965b74882dfafe06f391804601049c48 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1653 + +SignHW.java +file + + + + +2013-12-20T12:27:57.426475Z +7896afe7f189a7db5835e120aa6b6037 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +13749 + +EIDCrossSectorShareImpl.java +file + + + + +2013-12-20T12:27:57.426475Z +08ad1682d1f146a114625a1dc1626f6c +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2703 + +QAAAttributeUnmarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +b5eede63027f8b9638f905d3e905046f +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1387 + +SPInformationUnmarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +b504aef9588b7817e1e1d37fd157076e +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +1775 + +SPSectorBuilder.java +file + + + + +2013-12-20T12:27:57.426475Z +4725ddc6ef146afbe0a3cca1a97a0102 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1606 + +EIDCrossBorderShareUnmarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +c7cd8600b386369e011a2a7f4c5f0d9c +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1472 + +SPIDUnmarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +7090a9ec17d610025260f1af3495044d +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +1332 + +EIDSectorShareMarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +ded11a8620d93cbb7fe703385583827a +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1712 + +SPSectorUnmarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +16ec587f7357a4896411cc80a10f6523 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1372 + +SPCountryMarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +f03343df1d204b3f461c7a54a1e6ed35 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1592 + +SignP12.java +file + + + + +2013-12-20T12:27:57.426475Z +2d6ec5552f62f50e8eb579e11def48f7 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +15576 + +package-info.java +file + + + + +2013-12-20T12:27:57.426475Z +76a0f72a61ed971b95da33c1c8b8aa69 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +817 + +VIDPAuthenticationAttributesMarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +c099f28cf58fbc0f1db727b22f3a0d5a +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1120 + +RequestedAttributesUnmarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +d18788d30b80c2a020dded672c9d937d +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1844 + +EIDSectorShareImpl.java +file + + + + +2013-12-20T12:27:57.426475Z +eb771b1a638ae3751a0f90b187748495 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2622 + +SPCountryImpl.java +file + + + + +2013-12-20T12:27:57.426475Z +a2ddffd67762f74d21509471a2e1663c +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2528 + +AuthenticationAttributesBuilder.java +file + + + + +2013-12-20T12:27:57.426475Z +99840afca17ae5400257a49dd15c3d4f +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1792 + +RequestedAttributeMarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +f4b4ab1af9ecd9aaf7230786ab73f6d7 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2969 + +QAAAttributeMarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +9a0f0dd3957d29547adf15ae519b1ad4 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1612 + +CitizenCountryCodeUnmarshaller.java +file + + + + +2013-12-20T12:27:57.426475Z +ff6f71c1e4e7a3d58f8696ae9080588e +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1447 + +SPInformationMarshaller.java +file + + + + +2013-12-20T12:27:57.430475Z +126729a7293d478709678748ec47277f +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1055 + +AuthenticationAttributesUnmarshaller.java +file + + + + +2013-12-20T12:27:57.430475Z +4f9cbca52f62feb055986ed1d6cc45ed +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1929 + +EIDCrossBorderShareMarshaller.java +file + + + + +2013-12-20T12:27:57.410475Z +0334c19bff0e6bfd196de52e7f1d1547 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1689 + +QAAAttributeImpl.java +file + + + + +2013-12-20T12:27:57.410475Z +bee5948d710cfab6256be7f47bb70096 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2647 + +SPInformationImpl.java +file + + + + +2013-12-20T12:27:57.414475Z +93e4dc0e3432b0a6f355b70230f59edd +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2979 + +SPInstitutionUnmarshaller.java +file + + + + +2013-12-20T12:27:57.410475Z +11e598b7cc89fdea183e3f4f7c2019b3 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1407 + +EIDSectorShareBuilder.java +file + + + + +2013-12-20T12:27:57.414475Z +eef58e0f54cd2c89b3ccb73dbbaf4b24 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1672 + +SPSectorMarshaller.java +file + + + + +2013-12-20T12:27:57.414475Z +1d5f1bf8fa1b6170804abc1a64ad52c4 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1584 + +EIDCrossBorderShareImpl.java +file + + + + +2013-12-20T12:27:57.414475Z +9514676b0d03b2288c82db3d46ef150a +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2722 + +SPIDImpl.java +file + + + + +2013-12-20T12:27:57.414475Z +17b9d0d330854aa4aaa855345c09e9c0 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2381 + +RequestedAttributesMarshaller.java +file + + + + +2013-12-20T12:27:57.414475Z +84d34f73f399fdecde91f58068f2fcd0 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1116 + +SPSectorImpl.java +file + + + + +2013-12-20T12:27:57.414475Z +1751902990706e32763e3e931b70622e +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2411 + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesBuilder.java.svn-base new file mode 100644 index 000000000..74840e135 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesBuilder.java.svn-base @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.AuthenticationAttributes; + +/** + * The Class AuthenticationAttributesBuilder. + * + * @author fjquevedo + */ +public class AuthenticationAttributesBuilder extends + AbstractSAMLObjectBuilder { + + + + /** + * Builds the object. + * + * @return the authentication attributes + */ + public final AuthenticationAttributes buildObject() { + return buildObject(AuthenticationAttributes.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace URI + * @param localName the local name + * @param namespacePrefix the namespace prefix + * + * @return the authentication attributes + */ + public final AuthenticationAttributes buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new AuthenticationAttributesImpl(namespaceURI, localName, + namespacePrefix); + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesImpl.java.svn-base new file mode 100644 index 000000000..1e43e7ec3 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesImpl.java.svn-base @@ -0,0 +1,109 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.opensaml.common.impl.AbstractSignableSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.AuthenticationAttributes; +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class AuthenticationAttributesImpl. + * + * @author fjquevedo + */ +public final class AuthenticationAttributesImpl extends AbstractSignableSAMLObject implements +AuthenticationAttributes { + + private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticationAttributesImpl.class.getName()); + + /** The indexed children. */ + private VIDPAuthenticationAttributes vIDPAuthenAttr; + + /** + * Instantiates a new authentication attributes implementation. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected AuthenticationAttributesImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + * + */ + public List getOrderedChildren() { + final ArrayList children = new ArrayList(); + + children.add(vIDPAuthenAttr); + + if (getSignature() != null) { + children.add(getSignature()); + } + + return Collections.unmodifiableList(children); + } + + /** + * Gets the signature reference id. + * + * @return the signature reference id + * + */ + public String getSignatureReferenceID() { + return null; + } + + /** + * Gets the vidp authentication attributes. + * + * @return the VIDP authentication attributes + * + */ + public VIDPAuthenticationAttributes getVIDPAuthenticationAttributes() { + return vIDPAuthenAttr; + } + + /** + * Sets the vidp authentication attributes. + * + * @param newVIDPAuthenAttr the new vidp authen attr + * + */ + public void setVIDPAuthenticationAttributes( + final VIDPAuthenticationAttributes newVIDPAuthenAttr) { + vIDPAuthenAttr = prepareForAssignment(this.vIDPAuthenAttr, newVIDPAuthenAttr); + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesMarshaller.java.svn-base new file mode 100644 index 000000000..698bf56b9 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesMarshaller.java.svn-base @@ -0,0 +1,30 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; + +/** + * The Class AuthenticationAttributesMarshaller. + * + * @author fjquevedo + */ +public class AuthenticationAttributesMarshaller extends AbstractSAMLObjectMarshaller { + + + + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesUnmarshaller.java.svn-base new file mode 100644 index 000000000..af3e5c234 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/AuthenticationAttributesUnmarshaller.java.svn-base @@ -0,0 +1,54 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.UnmarshallingException; + +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; + +import eu.stork.peps.auth.engine.core.AuthenticationAttributes; + +/** + * The Class AuthenticationAttributesUnmarshaller. + * + * @author fjquevedo + */ +public class AuthenticationAttributesUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process child element. + * + * @param parentObject the parent object + * @param childObject the child object + * + * @throws UnmarshallingException the unmarshalling exception + * + */ + protected final void processChildElement(final XMLObject parentObject, + final XMLObject childObject) throws UnmarshallingException { + final AuthenticationAttributes attrStatement = (AuthenticationAttributes) parentObject; + + if (childObject instanceof VIDPAuthenticationAttributes) { + attrStatement.setVIDPAuthenticationAttributes((VIDPAuthenticationAttributes) childObject); + } else { + super.processChildElement(parentObject, childObject); + } + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeBuilder.java.svn-base new file mode 100644 index 000000000..64651691f --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeBuilder.java.svn-base @@ -0,0 +1,50 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; + +/** + * The Class CitizenCountryCodeBuilder. + * + * @author fjquevedo + */ +public class CitizenCountryCodeBuilder extends AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the citizen country code + */ + public final CitizenCountryCode buildObject() { + return buildObject(CitizenCountryCode.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the citizen country code + */ + public final CitizenCountryCode buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new CitizenCountryCodeImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeImpl.java.svn-base new file mode 100644 index 000000000..4df8084a9 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeImpl.java.svn-base @@ -0,0 +1,82 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class CitizenCountryCodeImpl. + * + * @author fjquevedo + */ +public class CitizenCountryCodeImpl extends AbstractSAMLObject implements CitizenCountryCode { + + private static final Logger LOGGER = LoggerFactory.getLogger(CitizenCountryCodeImpl.class.getName()); + /** The citizen country code. */ + private String citizenCountryCode; + + /** + * Instantiates a new sP country impl. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected CitizenCountryCodeImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the citizen country code. + * + * @return the citizen country code + */ + public final String getCitizenCountryCode() { + return citizenCountryCode; + } + + /** + * Sets the citizen country code. + * + * @param newCitizenCountryCode the new citizen country code + */ + public final void setCitizenCountryCode(final String newCitizenCountryCode) { + this.citizenCountryCode = prepareForAssignment(this.citizenCountryCode, newCitizenCountryCode); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeMarshaller.java.svn-base new file mode 100644 index 000000000..decae04c5 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeMarshaller.java.svn-base @@ -0,0 +1,45 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; + +/** + * The Class SPCountryMarshaller. + * + * @author fjquevedo + */ +public class CitizenCountryCodeMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final CitizenCountryCode citizenCountryCode = (CitizenCountryCode) samlObject; + XMLHelper.appendTextContent(domElement, citizenCountryCode.getCitizenCountryCode()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeUnmarshaller.java.svn-base new file mode 100644 index 000000000..93132b508 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/CitizenCountryCodeUnmarshaller.java.svn-base @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; + +/** + * The Class CitizenCountryCodeUnmarshaller. + * + * @author fjquevedo + */ +public class CitizenCountryCodeUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final CitizenCountryCode citizenCountryCode = (CitizenCountryCode) samlObject; + citizenCountryCode.setCitizenCountryCode(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareBuilder.java.svn-base new file mode 100644 index 000000000..b939da776 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareBuilder.java.svn-base @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; + +/** + * The Class EIDCrossBorderShareBuilder. + * + * @author fjquevedo + */ +public class EIDCrossBorderShareBuilder extends AbstractSAMLObjectBuilder { + + + /** + * Builds the object. + * + * @return the identifier cross border share + */ + public final EIDCrossBorderShare buildObject() { + return buildObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); + } + + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the eID cross border share + */ + public final EIDCrossBorderShare buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new EIDCrossBorderShareImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareImpl.java.svn-base new file mode 100644 index 000000000..50a997031 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareImpl.java.svn-base @@ -0,0 +1,87 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class EIDCrossBorderShareImpl. + * + * @author fjquevedo + */ +public class EIDCrossBorderShareImpl extends AbstractSAMLObject implements + EIDCrossBorderShare { + + private static final Logger LOGGER = LoggerFactory.getLogger(EIDCrossBorderShareImpl.class.getName()); + /** The citizen country code. */ + private String eIDCrossBorderShare; + + /** + * Instantiates a new eID cross border share implementation. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected EIDCrossBorderShareImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + + /** + * Gets the eID cross border share. + * + * @return the eID cross border share + */ + public final String getEIDCrossBorderShare() { + return eIDCrossBorderShare; + } + + + /** + * Sets the eID cross border share. + * + * @param newEIDCrossBorderShare the new eID cross border share + */ + public final void setEIDCrossBorderShare(String newEIDCrossBorderShare) { + this.eIDCrossBorderShare = prepareForAssignment(this.eIDCrossBorderShare, newEIDCrossBorderShare); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + * {@inheritDoc} + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareMarshaller.java.svn-base new file mode 100644 index 000000000..58fa8af65 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareMarshaller.java.svn-base @@ -0,0 +1,47 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; + + +/** + * The Class EIDCrossBorderShareMarshaller. + * + * @author fjquevedo + */ +public class EIDCrossBorderShareMarshaller extends AbstractSAMLObjectMarshaller { + + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) samlObject; + XMLHelper.appendTextContent(domElement, crossBorderShare.getEIDCrossBorderShare()); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareUnmarshaller.java.svn-base new file mode 100644 index 000000000..457e70c23 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossBorderShareUnmarshaller.java.svn-base @@ -0,0 +1,43 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; + +/** + * The Class EIDCrossBorderShareUnmarshaller. + * + * @author fjquevedo + */ +public class EIDCrossBorderShareUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) samlObject; + crossBorderShare.setEIDCrossBorderShare(elementContent); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareBuilder.java.svn-base new file mode 100644 index 000000000..9683d2ad8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareBuilder.java.svn-base @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; + +/** + * The Class EIDCrossSectorShareBuilder. + * + * @author fjquevedo + */ +public class EIDCrossSectorShareBuilder extends + AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the eID cross sector share + */ + public final EIDCrossSectorShare buildObject() { + return buildObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the eID cross sector share implementation + */ + public final EIDCrossSectorShareImpl buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new EIDCrossSectorShareImpl(namespaceURI, localName, + namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareImpl.java.svn-base new file mode 100644 index 000000000..30502f429 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareImpl.java.svn-base @@ -0,0 +1,89 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; + +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + +/** + * The Class EIDCrossSectorShareImpl. + * + * @author fjquevedo + */ +public class EIDCrossSectorShareImpl extends AbstractSAMLObject implements + EIDCrossSectorShare { + + private static final Logger LOGGER = LoggerFactory.getLogger(EIDCrossSectorShareImpl.class.getName()); + /** The citizen country code. */ + private String eIDCrossSectorShare; + + + /** + * Instantiates a new eID cross sector share implementation. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected EIDCrossSectorShareImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + + /** + * Gets the eID cross sector share. + * + * @return the eID cross sector share + */ + public final String getEIDCrossSectorShare() { + return eIDCrossSectorShare; + } + + + /** + * Sets the eID cross sector share. + * + * @param newEIDCrossSectorShare the new eID cross sector share + */ + public final void setEIDCrossSectorShare(String newEIDCrossSectorShare) { + this.eIDCrossSectorShare = prepareForAssignment(this.eIDCrossSectorShare, newEIDCrossSectorShare); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareMarshaller.java.svn-base new file mode 100644 index 000000000..dfd2b81dc --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareMarshaller.java.svn-base @@ -0,0 +1,46 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; + + +/** + * The Class EIDCrossSectorShareMarshaller. + * + * @author fjquevedo + */ +public class EIDCrossSectorShareMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) samlObject; + XMLHelper.appendTextContent(domElement, crossSectorShare.getEIDCrossSectorShare()); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareUnmarshaller.java.svn-base new file mode 100644 index 000000000..6a9711ca2 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDCrossSectorShareUnmarshaller.java.svn-base @@ -0,0 +1,47 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; + +/** + * The Class EIDCrossSectorShareUnmarshaller. + * + * @author fjquevedo + */ +public class EIDCrossSectorShareUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void processElementContent(final XMLObject samlObject, + final String domElement) { + + final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) samlObject; + crossSectorShare.setEIDCrossSectorShare(domElement); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareBuilder.java.svn-base new file mode 100644 index 000000000..75062dc69 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareBuilder.java.svn-base @@ -0,0 +1,51 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.EIDSectorShare; + +/** + * The Class EIDSectorShareBuilder. + * + * @author fjquevedo + */ +public class EIDSectorShareBuilder extends + AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the eID sector share + */ + public final EIDSectorShare buildObject() { + return buildObject(EIDSectorShare.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the eID sector share + */ + public final EIDSectorShare buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new EIDSectorShareImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareImpl.java.svn-base new file mode 100644 index 000000000..c548841f7 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareImpl.java.svn-base @@ -0,0 +1,85 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.EIDSectorShare; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +// TODO: Auto-generated Javadoc +/** + * The Class EIDSectorShareImpl. + * + * @author fjquevedo + */ +public class EIDSectorShareImpl extends AbstractSAMLObject implements + EIDSectorShare { + + private static final Logger LOGGER = LoggerFactory.getLogger(EIDSectorShareImpl.class.getName()); + + /** The e id sector share. */ + private String eIDSectorShare; + /** + * Instantiates a new eID sector share implementation. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected EIDSectorShareImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + /** + * Gets the eID sector share. + * + * @return the eID sector share + */ + public final String getEIDSectorShare() { + return eIDSectorShare; + } + + /** + * Sets the eID sector share. + * + * @param newEIDSectorShare the new eID sector share + */ + public final void setEIDSectorShare(String newEIDSectorShare) { + this.eIDSectorShare = prepareForAssignment(this.eIDSectorShare, newEIDSectorShare); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareMarshaller.java.svn-base new file mode 100644 index 000000000..87ab23660 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareMarshaller.java.svn-base @@ -0,0 +1,46 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.saml2.core.impl.AbstractNameIDTypeMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.EIDSectorShare; + +/** + * The Class EIDSectorShareMarshaller. + * + * @author fjquevedo + */ +public class EIDSectorShareMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final EIDSectorShare sectorShare = (EIDSectorShare) samlObject; + XMLHelper.appendTextContent(domElement, sectorShare.getEIDSectorShare()); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareUnmarshaller.java.svn-base new file mode 100644 index 000000000..9c661813f --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/EIDSectorShareUnmarshaller.java.svn-base @@ -0,0 +1,47 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.EIDSectorShare; + + +/** + * The Class EIDSectorShareUnmarshaller. + * + * @author fjquevedo + */ +public class EIDSectorShareUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void processElementContent(final XMLObject samlObject, + final String domElement) { + final EIDSectorShare sectorShare = (EIDSectorShare) samlObject; + sectorShare.setEIDSectorShare(domElement); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeBuilder.java.svn-base new file mode 100644 index 000000000..41676931b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeBuilder.java.svn-base @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.QAAAttribute; + +/** + * The Class QAAAttributeBuilder. + * + * @author fjquevedo + */ +public class QAAAttributeBuilder extends + AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the quality authentication assurance object + */ + public final QAAAttribute buildObject() { + return buildObject(QAAAttribute.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the quality authentication assurance object + + */ + public final QAAAttribute buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new QAAAttributeImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeImpl.java.svn-base new file mode 100644 index 000000000..c08986026 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeImpl.java.svn-base @@ -0,0 +1,84 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.QAAAttribute; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class QAAAttributeImpl. + * + * @author fjquevedo + */ +public class QAAAttributeImpl extends AbstractSAMLObject implements + QAAAttribute { + + private static final Logger LOGGER = LoggerFactory.getLogger(QAAAttributeImpl.class.getName()); + /** The quality authentication assurance level. */ + private String qaaLevel; + + /** + * Constructor. + * + * @param namespaceURI the namespace the element is in + * @param elementLocalName the local name of the XML element this Object + * represents + * @param namespacePrefix the prefix for the given namespace + */ + protected QAAAttributeImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the quality authentication assurance level. + * + * @return the quality authentication assurance level + */ + public final String getQaaLevel() { + return qaaLevel; + } + + /** + * Sets the quality authentication assurance level. + * + * @param newQaaLevel the new quality authentication assurance level + */ + public final void setQaaLevel(final String newQaaLevel) { + this.qaaLevel = prepareForAssignment(this.qaaLevel, newQaaLevel); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeMarshaller.java.svn-base new file mode 100644 index 000000000..000879368 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeMarshaller.java.svn-base @@ -0,0 +1,45 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.QAAAttribute; + +/** + * The Class QAAAttributeMarshaller. + * + * @author fjquevedo + */ +public class QAAAttributeMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final QAAAttribute qaaAttribute = (QAAAttribute) samlObject; + XMLHelper.appendTextContent(domElement, qaaAttribute.getQaaLevel()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeUnmarshaller.java.svn-base new file mode 100644 index 000000000..8445e4eeb --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/QAAAttributeUnmarshaller.java.svn-base @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.QAAAttribute; + +/** + * The Class QAAAttributeUnmarshaller. + * + * @author fjquevedo + */ +public class QAAAttributeUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final QAAAttribute qaaLevel = (QAAAttribute) samlObject; + qaaLevel.setQaaLevel(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeBuilder.java.svn-base new file mode 100644 index 000000000..70bd6ac1f --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeBuilder.java.svn-base @@ -0,0 +1,54 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; + +/** + * The Class RequestedAttributeBuilder. + * + * @author fjquevedo + */ +public class RequestedAttributeBuilder extends + AbstractSAMLObjectBuilder { + + + /** + * Builds the object. + * + * @return the requested attribute + */ + public final RequestedAttribute buildObject() { + return buildObject(RequestedAttribute.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the requested attribute + */ + public final RequestedAttribute buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new RequestedAttributeImpl(namespaceURI, localName, + namespacePrefix); + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeImpl.java.svn-base new file mode 100644 index 000000000..ad759230a --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeImpl.java.svn-base @@ -0,0 +1,220 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.schema.XSBooleanValue; +import org.opensaml.xml.util.AttributeMap; +import org.opensaml.xml.util.XMLObjectChildrenList; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +// TODO: Auto-generated Javadoc +/** + * The Class RequestedAttributeImpl. + * + * @author fjquevedo + */ +public class RequestedAttributeImpl extends AbstractSAMLObject implements + RequestedAttribute { + + private static final Logger LOGGER = LoggerFactory.getLogger(RequestedAttributeImpl.class.getName()); + /** + * The attribute values. + */ + private final XMLObjectChildrenList attributeValues; + + /** + * The friendly name. + * + */ + private String friendlyName; + + /** + * The is required. + */ + private String isRequired; + + /** + * The name. + * + */ + private String name; + + /** + * The name format. + * + */ + private String nameFormat; + + /** + * The unknown attributes. + * + */ + private AttributeMap unknownAttributes; + + /** + * Instantiates a new requested attribute impl. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected RequestedAttributeImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + unknownAttributes = new AttributeMap(this); + attributeValues = new XMLObjectChildrenList(this); + } + + + /** + * Gets the attribute values. + * + * @return the attribute values + */ + public final List getAttributeValues() { + return attributeValues; + } + + /** + * Gets the friendly name. + * + * @return the friendly name. + */ + public final String getFriendlyName() { + return friendlyName; + } + + + /** + * Gets the checks if is required. + * + * @return the boolean if it's required. + */ + public final String isRequired() { + return isRequired; + } + + + /** + * Gets the is required xs boolean. + * + * @return the XSBoolean if it's required. + */ + public final String getIsRequiredXSBoolean() { + return isRequired; + } + + + /** + * Gets the name. + * + * @return the name + */ + public final String getName() { + return name; + } + + + /** + * Gets the name format. + * + * @return the name format. + */ + public final String getNameFormat() { + return nameFormat; + } + + /** + * Gets the ordered children. + * + * @return the list of XMLObject. + */ + public final List getOrderedChildren() { + final ArrayList children = new ArrayList(); + children.addAll(attributeValues); + return Collections.unmodifiableList(children); + } + + /** + * Gets the unknown attributes. + * + * @return the attribute map + */ + public final AttributeMap getUnknownAttributes() { + return unknownAttributes; + } + + /** + * Sets the friendly name. + * + * @param newFriendlyName the new friendly name format + */ + public final void setFriendlyName(final String newFriendlyName) { + this.friendlyName = prepareForAssignment(this.friendlyName, + newFriendlyName); + } + + /** + * Set new boolean value isRequired. + * @param newIsRequired then new value + */ + public final void setIsRequired(final String newIsRequired) { + isRequired = prepareForAssignment(this.isRequired, newIsRequired); + + } + + /** + * Sets the name. + * + * @param newName the new name + */ + public final void setName(final String newName) { + this.name = prepareForAssignment(this.name, newName); + } + + /** + * Sets the name format. + * + * @param newNameFormat the new name format + */ + public final void setNameFormat(final String newNameFormat) { + this.nameFormat = prepareForAssignment(this.nameFormat, newNameFormat); + } + + /** + * Sets the unknown attributes. + * + * @param newUnknownAttr the new unknown attributes + */ + public final void setUnknownAttributes(final AttributeMap newUnknownAttr) { + this.unknownAttributes = newUnknownAttr; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeMarshaller.java.svn-base new file mode 100644 index 000000000..6d0669241 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeMarshaller.java.svn-base @@ -0,0 +1,89 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.Map.Entry; + +import javax.xml.namespace.QName; + +import org.opensaml.Configuration; +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Attr; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; + +/** + * The Class RequestedAttributeMarshaller. + * + * @author fjquevedo + */ +public class RequestedAttributeMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall attributes. + * + * @param samlElement the SAML element + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallAttributes(final XMLObject samlElement, + final Element domElement) throws MarshallingException { + final RequestedAttribute requestedAttr = (RequestedAttribute) samlElement; + + if (requestedAttr.getName() != null) { + domElement.setAttributeNS(null, + RequestedAttribute.NAME_ATTRIB_NAME, requestedAttr + .getName()); + } + + if (requestedAttr.getNameFormat() != null) { + domElement.setAttributeNS(null, + RequestedAttribute.NAME_FORMAT_ATTR, requestedAttr + .getNameFormat()); + } + + if (requestedAttr.getFriendlyName() != null) { + domElement.setAttributeNS(null, + RequestedAttribute.FRIENDLY_NAME_ATT, requestedAttr + .getFriendlyName()); + } + + if (requestedAttr.getIsRequiredXSBoolean() != null) { + domElement.setAttributeNS(null, + RequestedAttribute.IS_REQUIRED_ATTR, requestedAttr + .getIsRequiredXSBoolean().toString()); + } + + Attr attr; + for (Entry entry : requestedAttr.getUnknownAttributes() + .entrySet()) { + attr = XMLHelper.constructAttribute(domElement.getOwnerDocument(), + entry.getKey()); + attr.setValue(entry.getValue()); + domElement.setAttributeNodeNS(attr); + if (Configuration.isIDAttribute(entry.getKey()) + || requestedAttr.getUnknownAttributes().isIDAttribute( + entry.getKey())) { + attr.getOwnerElement().setIdAttributeNode(attr, true); + } + } + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeUnmarshaller.java.svn-base new file mode 100644 index 000000000..551f4239d --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributeUnmarshaller.java.svn-base @@ -0,0 +1,96 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import javax.xml.namespace.QName; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; + +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.UnmarshallingException; +import org.opensaml.xml.schema.XSBooleanValue; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Attr; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import eu.stork.peps.auth.engine.core.SAMLCore; + +/** + * The Class RequestedAttributeUnmarshaller. + * + * @author fjquevedo + */ +public class RequestedAttributeUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process child element. + * + * @param parentSAMLObject parent SAMLObject + * @param childSAMLObject child SAMLObject + * + * @throws UnmarshallingException error at unmarshall XML object + */ + protected final void processChildElement(final XMLObject parentSAMLObject, + final XMLObject childSAMLObject) throws UnmarshallingException { + + final RequestedAttribute requestedAttr = (RequestedAttribute) parentSAMLObject; + + final QName childQName = childSAMLObject.getElementQName(); + if (childQName.getLocalPart().equals("AttributeValue") + && childQName.getNamespaceURI().equals(SAMLCore.STORK10_NS.getValue())) { + requestedAttr.getAttributeValues().add(childSAMLObject); + } else { + super.processChildElement(parentSAMLObject, childSAMLObject); + } + } + + /** + * Process attribute. + * + * @param samlObject the SAML object + * @param attribute the attribute + * @throws UnmarshallingException the unmarshalling exception + */ + protected final void processAttribute(final XMLObject samlObject, + final Attr attribute) throws UnmarshallingException { + + final RequestedAttribute requestedAttr = (RequestedAttribute) samlObject; + + if (attribute.getLocalName() + .equals(RequestedAttribute.NAME_ATTRIB_NAME)) { + requestedAttr.setName(attribute.getValue()); + } else if (attribute.getLocalName().equals( + RequestedAttribute.NAME_FORMAT_ATTR)) { + requestedAttr.setNameFormat(attribute.getValue()); + } else if (attribute.getLocalName().equals( + RequestedAttribute.FRIENDLY_NAME_ATT)) { + requestedAttr.setFriendlyName(attribute.getValue()); + } else if (attribute.getLocalName().equals( + RequestedAttribute.IS_REQUIRED_ATTR)) { + requestedAttr.setIsRequired(attribute + .getValue()); + + } else { + final QName attribQName = XMLHelper.getNodeQName(attribute); + if (attribute.isId()) { + requestedAttr.getUnknownAttributes().registerID(attribQName); + } + requestedAttr.getUnknownAttributes().put(attribQName, + attribute.getValue()); + } + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesBuilder.java.svn-base new file mode 100644 index 000000000..138177995 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesBuilder.java.svn-base @@ -0,0 +1,54 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.RequestedAttributes; + +/** + * The Class RequestedAttributesBuilder. + * + * @author fjquevedo + */ +public class RequestedAttributesBuilder extends + AbstractSAMLObjectBuilder { + + + /** + * Builds the object. + * + * @return the requested attributes + */ + public final RequestedAttributes buildObject() { + return buildObject(RequestedAttributes.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the requested attributes + */ + public final RequestedAttributes buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new RequestedAttributesImpl(namespaceURI, localName, + namespacePrefix); + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesImpl.java.svn-base new file mode 100644 index 000000000..a58a08a05 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesImpl.java.svn-base @@ -0,0 +1,95 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.util.IndexedXMLObjectChildrenList; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import eu.stork.peps.auth.engine.core.RequestedAttributes; + +/** + * The Class RequestedAttributesImpl. + * + * @author fjquevedo + */ +public class RequestedAttributesImpl extends AbstractSAMLObject implements + RequestedAttributes { + + /** + * Instantiates a new requested attributes implement. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected RequestedAttributesImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + indexedChildren = new IndexedXMLObjectChildrenList(this); + } + + /** The indexed children. */ + private final IndexedXMLObjectChildrenList indexedChildren; + + /** + * Gets the indexed children. + * + * @return the indexed children + */ + public final IndexedXMLObjectChildrenList getIndexedChildren() { + return indexedChildren; + } + + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + + final ArrayList children = new ArrayList(); + + children.addAll(indexedChildren); + + return Collections.unmodifiableList(children); + + } + + /** + * Gets the attributes. + * + * @return the attributes + * + * @see eu.stork.peps.auth.engine.core.RequestedAttributes#getAttributes() + */ + @SuppressWarnings("unchecked") + public final List getAttributes() { + return (List) indexedChildren + .subList(RequestedAttribute.DEF_ELEMENT_NAME); + } + + @Override + public int hashCode() { + throw new UnsupportedOperationException("hashCode method not implemented"); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesMarshaller.java.svn-base new file mode 100644 index 000000000..955fe0318 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesMarshaller.java.svn-base @@ -0,0 +1,33 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; + +/** + * The Class RequestedAttributesMarshaller. + * + * @author fjquevedo + */ +public class RequestedAttributesMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Instantiates a new requested attributes marshaller. + */ + public RequestedAttributesMarshaller() { + super(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesUnmarshaller.java.svn-base new file mode 100644 index 000000000..132d6cc59 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/RequestedAttributesUnmarshaller.java.svn-base @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.UnmarshallingException; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import eu.stork.peps.auth.engine.core.RequestedAttributes; + +/** + * The Class RequestedAttributesUnmarshaller. + * + * @author fjquevedo + */ +public class RequestedAttributesUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process child element. + * + * @param parentObject the parent object + * @param childObject the child object + * + * @throws UnmarshallingException error in unmarshall + */ + protected final void processChildElement(final XMLObject parentObject, + final XMLObject childObject) throws UnmarshallingException { + final RequestedAttributes attrStatement = (RequestedAttributes) parentObject; + + if (childObject instanceof RequestedAttribute) { + attrStatement.getAttributes().add((RequestedAttribute) childObject); + } else { + super.processChildElement(parentObject, childObject); + } + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationBuilder.java.svn-base new file mode 100644 index 000000000..a35c77936 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationBuilder.java.svn-base @@ -0,0 +1,51 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SPApplication; + +/** + * The Class SPApplicationBuilder. + * + * @author fjquevedo + */ +public class SPApplicationBuilder extends + AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the service provider application + */ + public final SPApplication buildObject() { + return buildObject(SPApplication.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the service provider application + */ + public final SPApplication buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new SPApplicationImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationImpl.java.svn-base new file mode 100644 index 000000000..6bb631a74 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationImpl.java.svn-base @@ -0,0 +1,84 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPApplication; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class SPApplicationImpl. + * + * @author fjquevedo + */ +public class SPApplicationImpl extends AbstractSAMLObject implements + SPApplication { + + private static final Logger LOGGER = LoggerFactory.getLogger(SPApplicationImpl.class.getName()); + /** The service provider application. */ + private String spApplication; + + /** + * Instantiates a new service provider application. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPApplicationImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the service provider application. + * + * @return the service provider application + */ + public final String getSPApplication() { + return spApplication; + } + + /** + * Sets the service provider application. + * + * @param newSpApplication the new service provider application + */ + public final void setSPApplication(final String newSpApplication) { + this.spApplication = prepareForAssignment(this.spApplication, + newSpApplication); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationMarshaller.java.svn-base new file mode 100644 index 000000000..4866c3535 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationMarshaller.java.svn-base @@ -0,0 +1,46 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SPApplication; + +/** + * The Class SPApplicationMarshaller. + * + * @author fjquevedo + */ +public class SPApplicationMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final SPApplication spApplication = (SPApplication) samlObject; + XMLHelper.appendTextContent(domElement, spApplication + .getSPApplication()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationUnmarshaller.java.svn-base new file mode 100644 index 000000000..a28432a13 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPApplicationUnmarshaller.java.svn-base @@ -0,0 +1,42 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPApplication; + + +/** + * The Class SPApplicationUnmarshaller. + * + * @author fjquevedo + */ +public class SPApplicationUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final SPApplication spApplication = (SPApplication) samlObject; + spApplication.setSPApplication(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryBuilder.java.svn-base new file mode 100644 index 000000000..48ec92f49 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryBuilder.java.svn-base @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SPCountry; + +/** + * The Class SPCountryBuilder. + * + * @author fjquevedo + */ +public class SPCountryBuilder extends AbstractSAMLObjectBuilder { + + + /** + * Builds the object SPCountry. + * + * @return the service provider country + */ + public final SPCountry buildObject() { + return buildObject(SPCountry.DEF_ELEMENT_NAME); + } + + + /** + * Builds the object SPCountry. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the service provider country + */ + public final SPCountry buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new SPCountryImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryImpl.java.svn-base new file mode 100644 index 000000000..db58fb8be --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryImpl.java.svn-base @@ -0,0 +1,82 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPCountry; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class SPCountryImpl. + * + * @author fjquevedo + */ +public class SPCountryImpl extends AbstractSAMLObject implements SPCountry { + + private static final Logger LOGGER = LoggerFactory.getLogger(SPCountryImpl.class.getName()); + /** The service provider country. */ + private String spCountry; + + /** + * Instantiates a new service provider country. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPCountryImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the service provider country. + * + * @return the service provider country + */ + public final String getSPCountry() { + return spCountry; + } + + /** + * Sets the service provider country. + * + * @param newSpCountry the new service provider country + */ + public final void setSPCountry(final String newSpCountry) { + this.spCountry = prepareForAssignment(this.spCountry, newSpCountry); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryMarshaller.java.svn-base new file mode 100644 index 000000000..e82634749 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryMarshaller.java.svn-base @@ -0,0 +1,45 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SPCountry; + +/** + * The Class SPCountryMarshaller. + * + * @author fjquevedo + */ +public class SPCountryMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final SPCountry spCountry = (SPCountry) samlObject; + XMLHelper.appendTextContent(domElement, spCountry.getSPCountry()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryUnmarshaller.java.svn-base new file mode 100644 index 000000000..deb695ac6 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPCountryUnmarshaller.java.svn-base @@ -0,0 +1,42 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPCountry; + + +/** + * The Class SPCountryUnmarshaller. + * + * @author fjquevedo + */ +public class SPCountryUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final SPCountry spCountry = (SPCountry) samlObject; + spCountry.setSPCountry(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDBuilder.java.svn-base new file mode 100644 index 000000000..b3640947b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDBuilder.java.svn-base @@ -0,0 +1,50 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SPID; + +/** + * The Class SPIDBuilder. + * + * @author iinigo + */ +public class SPIDBuilder extends AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the SP ID + */ + public final SPID buildObject() { + return buildObject(SPID.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the citizen country code + */ + public final SPID buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new SPIDImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDImpl.java.svn-base new file mode 100644 index 000000000..0c7127273 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDImpl.java.svn-base @@ -0,0 +1,82 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPID; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class SPIDImpl. + * + * @author iinigo + */ +public class SPIDImpl extends AbstractSAMLObject implements SPID { + + private static final Logger LOGGER = LoggerFactory.getLogger(SPIDImpl.class.getName()); + /** The citizen country code. */ + private String spId; + + /** + * Instantiates a new sP country impl. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPIDImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the SP ID. + * + * @return the SP ID + */ + public final String getSPID() { + return spId; + } + + /** + * Sets the SP ID. + * + * @param newSPID the new SP ID + */ + public final void setSPID(final String newSPID) { + this.spId = prepareForAssignment(this.spId, newSPID); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDMarshaller.java.svn-base new file mode 100644 index 000000000..24389522e --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDMarshaller.java.svn-base @@ -0,0 +1,45 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SPID; + +/** + * The Class SPIDMarshaller. + * + * @author iinigo + */ +public class SPIDMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final SPID spid = (SPID) samlObject; + XMLHelper.appendTextContent(domElement, spid.getSPID()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDUnmarshaller.java.svn-base new file mode 100644 index 000000000..e4d230b94 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPIDUnmarshaller.java.svn-base @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPID; + +/** + * The Class SPIDUnmarshaller. + * + * @author iinigo + */ +public class SPIDUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final SPID spid = (SPID) samlObject; + spid.setSPID(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationBuilder.java.svn-base new file mode 100644 index 000000000..a6e1fe686 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationBuilder.java.svn-base @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SAMLCore; +import eu.stork.peps.auth.engine.core.SPInformation; + +/** + * The Class SPInformation. + * + * @author iinigo + */ +public final class SPInformationBuilder extends AbstractSAMLObjectBuilder { + + + /** {@inheritDoc} */ + public SPInformation buildObject() { + return buildObject(SAMLCore.STORK10P_NS.getValue(), SPInformation.DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); + } + + /** {@inheritDoc} */ + public SPInformation buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { + return new SPInformationImpl(namespaceURI, localName, namespacePrefix); + } + +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationImpl.java.svn-base new file mode 100644 index 000000000..b5609600d --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationImpl.java.svn-base @@ -0,0 +1,110 @@ +/* + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.opensaml.common.impl.AbstractSignableSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPID; +import eu.stork.peps.auth.engine.core.SPInformation; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + +/** + * The Class SPInformationImpl. + * + * @author iinigo + */ +public final class SPInformationImpl extends AbstractSignableSAMLObject implements +SPInformation { + + private static final Logger LOGGER = LoggerFactory.getLogger(SPInformationImpl.class.getName()); + /** The citizen country code. */ + private SPID spId; + + + /** + * Instantiates a new requested attributes implement. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPInformationImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + /** + * getSPId. + * + * @return the SP ID + */ + public SPID getSPID() { + return spId; + } + + /** + * Gets the ordered children. + * + * @return the ordered children + * + */ + public List getOrderedChildren() { + final ArrayList children = new ArrayList(); + + children.add(spId); + + if (getSignature() != null) { + children.add(getSignature()); + } + + return Collections.unmodifiableList(children); + + } + + /** + * Gets the signature reference id. + * + * @return the signature reference id + * + */ + public String getSignatureReferenceID() { + return null; + } + + /** + * Sets the SP Id. + * + * @param newSPId the new SP Id + * + */ + public void setSPID(SPID newSPId) { + this.spId = prepareForAssignment(this.spId, newSPId); + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationMarshaller.java.svn-base new file mode 100644 index 000000000..44845948c --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationMarshaller.java.svn-base @@ -0,0 +1,33 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; + +/** + * The Class SPInformationMarshaller. + * + * @author iinigo + */ +public class SPInformationMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Instantiates a new SP Information marshaller. + */ + public SPInformationMarshaller() { + super(); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationUnmarshaller.java.svn-base new file mode 100644 index 000000000..79b0b0f35 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInformationUnmarshaller.java.svn-base @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.UnmarshallingException; + +import eu.stork.peps.auth.engine.core.SPID; +import eu.stork.peps.auth.engine.core.SPInformation; + +/** + * The Class SPInformationUnmarshaller. + * + * @author iinigo + */ +public class SPInformationUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process child element. + * + * @param parentObject the parent object + * @param childObject the child object + * + * @throws UnmarshallingException the unmarshalling exception + * + */ + protected final void processChildElement(final XMLObject parentObject, + final XMLObject childObject) throws UnmarshallingException { + final SPInformation spInformation = (SPInformation) parentObject; + + if (childObject instanceof SPID) { + spInformation.setSPID((SPID) childObject); + } else { + super.processChildElement(parentObject, childObject); + } + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionBuilder.java.svn-base new file mode 100644 index 000000000..fe47cf99c --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionBuilder.java.svn-base @@ -0,0 +1,51 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SPInstitution; + +/** + * The Class SPInstitutionBuilder. + * + * @author fjquevedo + */ +public class SPInstitutionBuilder extends + AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the service provider institution + */ + public final SPInstitution buildObject() { + return buildObject(SPInstitution.DEF_ELEMENT_NAME); + } + + /** + * Builds the object SPInstitution. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the service provider institution + */ + public final SPInstitution buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new SPInstitutionImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionImpl.java.svn-base new file mode 100644 index 000000000..cf1760446 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionImpl.java.svn-base @@ -0,0 +1,84 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPInstitution; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class SPInstitutionImpl. + * + * @author fjquevedo + */ +public class SPInstitutionImpl extends AbstractSAMLObject implements + SPInstitution { + + private static final Logger LOGGER = LoggerFactory.getLogger(SPInstitutionImpl.class.getName()); + /** The service provider institution. */ + private String spInstitution; + + /** + * Instantiates a new service provider institution. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPInstitutionImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the service provider institution. + * + * @return the service provider institution + */ + public final String getSPInstitution() { + return spInstitution; + } + + /** + * Sets the service provider institution. + * + * @param newSpInstitution the new service provider institution + */ + public final void setSPInstitution(final String newSpInstitution) { + this.spInstitution = prepareForAssignment(this.spInstitution, + newSpInstitution); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } + } diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionMarshaller.java.svn-base new file mode 100644 index 000000000..504a1f035 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionMarshaller.java.svn-base @@ -0,0 +1,46 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SPInstitution; + +/** + * The Class SPInstitutionMarshaller. + * + * @author fjquevedo + */ +public class SPInstitutionMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final SPInstitution spInstitution = (SPInstitution) samlObject; + XMLHelper.appendTextContent(domElement, spInstitution + .getSPInstitution()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionUnmarshaller.java.svn-base new file mode 100644 index 000000000..103d5f2b2 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPInstitutionUnmarshaller.java.svn-base @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPInstitution; + +/** + * The Class SPInstitutionUnmarshaller. + * + * @author fjquevedo + */ +public class SPInstitutionUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final SPInstitution spInstitution = (SPInstitution) samlObject; + spInstitution.setSPInstitution(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorBuilder.java.svn-base new file mode 100644 index 000000000..a691b9008 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorBuilder.java.svn-base @@ -0,0 +1,50 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SPSector; + +/** + * The Class SPSectorBuilder. + * + * @author fjquevedo + */ +public class SPSectorBuilder extends AbstractSAMLObjectBuilder { + + /** + * Builds the object SPSector. + * + * @return the service provider sector. + */ + public final SPSector buildObject() { + return buildObject(SPSector.DEF_ELEMENT_NAME); + } + + /** + * Builds the object SPSector. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the service provider sector + */ + public final SPSector buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new SPSectorImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorImpl.java.svn-base new file mode 100644 index 000000000..a29810dd4 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorImpl.java.svn-base @@ -0,0 +1,84 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPSector; + + +/** + * The Class SPSectorImpl. + * + * @author fjquevedo + */ +public class SPSectorImpl extends AbstractSAMLObject implements SPSector { + + /** The service provider sector. */ + private String spSector; + + /** + * Instantiates a new Service provider sector implementation. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPSectorImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + /** + * Gets the service provider sector. + * + * @return the SP sector + * + * @see eu.stork.peps.auth.engine.core.SPSector#getSPSector() + */ + public final String getSPSector() { + return spSector; + } + + + /** + * Sets the service provider sector. + * + * @param newSpSector the new service provider sector + */ + public final void setSPSector(final String newSpSector) { + this.spSector = prepareForAssignment(this.spSector, newSpSector); + } + + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + throw new UnsupportedOperationException("hashCode method not implemented"); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorMarshaller.java.svn-base new file mode 100644 index 000000000..c5331e8f4 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorMarshaller.java.svn-base @@ -0,0 +1,45 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SPSector; + +/** + * The Class SPSectorMarshaller. + * + * @author fjquevedo + */ +public class SPSectorMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final SPSector spSector = (SPSector) samlObject; + XMLHelper.appendTextContent(domElement, spSector.getSPSector()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorUnmarshaller.java.svn-base new file mode 100644 index 000000000..cbb05c6e5 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SPSectorUnmarshaller.java.svn-base @@ -0,0 +1,42 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPSector; + +/** + * The Class SPSectorUnmarshaller. + * + * @author fjquevedo + */ +public class SPSectorUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final SPSector spSector = (SPSector) samlObject; + spSector.setSPSector(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignHW.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignHW.java.svn-base new file mode 100644 index 000000000..2db14f543 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignHW.java.svn-base @@ -0,0 +1,399 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.io.IOException; +import java.io.InputStream; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.Provider; +import java.security.Security; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.InvalidPropertiesFormatException; +import java.util.List; +import java.util.Properties; + +import eu.stork.peps.auth.engine.X509PrincipalUtil; +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.NotImplementedException; +import org.bouncycastle.jce.X509Principal; +import org.opensaml.common.SAMLObject; +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.security.SAMLSignatureProfileValidator; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.security.SecurityConfiguration; +import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; +import org.opensaml.xml.security.keyinfo.KeyInfoHelper; +import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; +import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; +import org.opensaml.xml.security.x509.BasicX509Credential; +import org.opensaml.xml.signature.KeyInfo; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureConstants; +import org.opensaml.xml.signature.SignatureException; +import org.opensaml.xml.signature.SignatureValidator; +import org.opensaml.xml.signature.Signer; +import org.opensaml.xml.validation.ValidationException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + + +import eu.stork.peps.auth.engine.core.SAMLEngineSignI; +import eu.stork.peps.exceptions.SAMLEngineException; + +/** + * The Class HWSign. Module of sign. + * + * @author fjquevedo + */ +public final class SignHW implements SAMLEngineSignI { + + /** The Constant CONFIGURATION_FILE. */ + private static final String CONF_FILE = "configurationFile"; + + /** The Constant KEYSTORE_TYPE. + private static final String KEYSTORE_TYPE = "keystoreType" */ + + /** The logger. */ + private static final Logger LOG = LoggerFactory.getLogger(SignHW.class + .getName()); + + /** The stork own key store. */ + private KeyStore storkOwnKeyStore = null; + + /** + * Gets the stork own key store. + * + * @return the stork own key store + */ + public KeyStore getStorkOwnKeyStore() { + return storkOwnKeyStore; + } + + /** + * Gets the stork trustStore. + * + * @return the stork own key store + */ + public KeyStore getTrustStore() { + return storkOwnKeyStore; + } + + /** + * Sets the stork own key store. + * + * @param newkOwnKeyStore the new stork own key store + */ + public void setStorkOwnKeyStore(final KeyStore newkOwnKeyStore) { + this.storkOwnKeyStore = newkOwnKeyStore; + } + + /** + * Gets the properties. + * + * @return the properties + */ + public Properties getProperties() { + return properties; + } + + /** + * Sets the properties. + * + * @param newProperties the new properties + */ + public void setProperties(final Properties newProperties) { + this.properties = newProperties; + } + + /** The HW sign prop. */ + private Properties properties = null; + + /** + * @see + * eu.stork.peps.auth.engine.core.SAMLEngineSignI#init(java.lang.String) + * @param fileConf file of configuration + * @throws SAMLEngineException error in read file + */ + public void init(final String fileConf) + throws SAMLEngineException { + InputStream inputStr = null; + try { + inputStr = SignHW.class.getResourceAsStream("/" + + fileConf); + properties = new Properties(); + + properties.loadFromXML(inputStr); + } catch (final InvalidPropertiesFormatException e) { + LOG.info("Exception: invalid properties format."); + throw new SAMLEngineException(e); + } catch (IOException e) { + LOG.info("Exception: invalid file: " + fileConf); + throw new SAMLEngineException(e); + } finally { + IOUtils.closeQuietly(inputStr); + } + } + + + /** + * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#getCertificate() + * @return the X509Certificate. + */ + public X509Certificate getCertificate() { + throw new NotImplementedException(); + } + + /** + * @see + * eu.stork.peps.auth.engine.core.SAMLEngineSignI#sign(SignableSAMLObject tokenSaml) + * @param tokenSaml signable SAML Object + * @return the SAMLObject signed. + * @throws SAMLEngineException error in sign token saml + */ + public SAMLObject sign(final SignableSAMLObject tokenSaml) throws SAMLEngineException { + + try { + LOG.info("Star procces of sign"); + final char[] pin = properties.getProperty("keyPassword") + .toCharArray(); + + storkOwnKeyStore.load(null, pin); + + final String serialNumber = properties.getProperty("serialNumber"); + final String issuer = properties.getProperty("issuer"); + + String alias = null; + String aliasCert; + X509Certificate certificate; + + boolean find = false; + for (final Enumeration e = storkOwnKeyStore.aliases(); e + .hasMoreElements() && !find;) { + aliasCert = e.nextElement(); + certificate = (X509Certificate) storkOwnKeyStore + .getCertificate(aliasCert); + // Verified serial number, issuer + + final String serialNum = certificate.getSerialNumber() + .toString(16); + X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); + X509Principal issuerDNConf = new X509Principal(issuer); + + if(serialNum.equalsIgnoreCase(serialNumber) + && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){ + alias = aliasCert; + find = true; + } + + } + + if (!find) { + throw new SAMLEngineException("Certificate cannot be found in keystore "); + } + certificate = (X509Certificate) storkOwnKeyStore.getCertificate(alias); + final PrivateKey privateKey = (PrivateKey) storkOwnKeyStore.getKey( + alias, pin); + + LOG.info("Recover BasicX509Credential."); + final BasicX509Credential credential = new BasicX509Credential(); + + LOG.debug("Load certificate"); + credential.setEntityCertificate(certificate); + + LOG.debug("Load privateKey"); + credential.setPrivateKey(privateKey); + + LOG.info("Star procces of sign"); + final Signature signature = (Signature) org.opensaml.xml.Configuration + .getBuilderFactory().getBuilder( + Signature.DEFAULT_ELEMENT_NAME).buildObject( + Signature.DEFAULT_ELEMENT_NAME); + + LOG.debug("Begin signature with openSaml"); + signature.setSigningCredential(credential); + + signature.setSignatureAlgorithm( + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); + + + + final SecurityConfiguration securityConf = + org.opensaml.xml.Configuration.getGlobalSecurityConfiguration(); + final NamedKeyInfoGeneratorManager keyInfoManager = securityConf + .getKeyInfoGeneratorManager(); + final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager + .getDefaultManager(); + final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager + .getFactory(credential); + final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac + .newInstance(); + + final KeyInfo keyInfo = keyInfoGenerator.generate(credential); + + signature.setKeyInfo(keyInfo); + + LOG.debug("Set Canonicalization Algorithm"); + signature.setCanonicalizationAlgorithm( + SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + + tokenSaml.setSignature(signature); + + LOG.debug("Marshall samlToken."); + org.opensaml.xml.Configuration.getMarshallerFactory() + .getMarshaller(tokenSaml).marshall(tokenSaml); + + LOG.info("Sign samlToken."); + Signer.signObject(signature); + + } catch (final MarshallingException e) { + LOG.error("MarshallingException"); + throw new SAMLEngineException(e); + } catch (final NoSuchAlgorithmException e) { + LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); + throw new SAMLEngineException(e); + } catch (final KeyStoreException e) { + LOG.error("Generic KeyStore exception."); + throw new SAMLEngineException(e); + } catch (final SignatureException e) { + LOG.error("Signature exception."); + throw new SAMLEngineException(e); + } catch (final SecurityException e) { + LOG.error("Security exception."); + throw new SAMLEngineException(e); + } catch (final CertificateException e) { + LOG.error("Certificate exception."); + throw new SAMLEngineException(e); + } catch (final IOException e) { + LOG.error("IO exception."); + throw new SAMLEngineException(e); + } catch (final UnrecoverableKeyException e) { + LOG.error("UnrecoverableKeyException exception."); + throw new SAMLEngineException(e); + } + + return tokenSaml; + } + + /** + * @see + * eu.stork.peps.auth.engine.core.SAMLEngineSignI#validateSignature(SignableSAMLObject) + * @param tokenSaml the token saml + * @return the SAMLObject validated. + * @throws SAMLEngineException exception in validate signature + */ + public SAMLObject validateSignature(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.info("Start signature validation."); + try { + + // Validate structure signature + final SAMLSignatureProfileValidator signProfValidator = + new SAMLSignatureProfileValidator(); + + // Indicates signature id conform to SAML Signature profile + signProfValidator.validate(tokenSaml.getSignature()); + + String aliasCert; + X509Certificate certificate; + + final List trustedCred = new ArrayList(); + + for (final Enumeration e = storkOwnKeyStore.aliases(); e + .hasMoreElements();) { + aliasCert = e.nextElement(); + final BasicX509Credential credential = new BasicX509Credential(); + certificate = (X509Certificate) storkOwnKeyStore + .getCertificate(aliasCert); + credential.setEntityCertificate(certificate); + trustedCred.add(credential); + } + + final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); + final List listCertificates = KeyInfoHelper + .getCertificates(keyInfo); + + if (listCertificates.size() != 1) { + throw new SAMLEngineException("Only must be one certificate"); + } + + // Exist only one certificate + final BasicX509Credential entityX509Cred = new BasicX509Credential(); + entityX509Cred.setEntityCertificate(listCertificates.get(0)); + + final ExplicitKeyTrustEvaluator keyTrustEvaluator = + new ExplicitKeyTrustEvaluator(); + if (!keyTrustEvaluator.validate(entityX509Cred, trustedCred)) { + throw new SAMLEngineException("Certificate it is not trusted."); + } + + final SignatureValidator sigValidator = new SignatureValidator( + entityX509Cred); + + sigValidator.validate(tokenSaml.getSignature()); + + } catch (final ValidationException e) { + LOG.error("ValidationException.", e); + throw new SAMLEngineException(e); + } catch (final KeyStoreException e) { + LOG.error("ValidationException.", e); + throw new SAMLEngineException(e); + } catch (final CertificateException e) { + LOG.error("CertificateException.", e); + throw new SAMLEngineException(e); + } + return tokenSaml; + } + + /** + * load cryptographic service provider. + * + * @throws SAMLEngineException the SAML engine exception + * Note this class was using pkcs11Provider + * final Provider pkcs11Provider = new sun.security.pkcs11.SunPKCS11(inputStream) + * if (Security.getProperty(pkcs11Provider.getName()) == null) { + * Security.insertProviderAt(pkcs11Provider, Security .getProviders().length) + * } + * storkOwnKeyStore = KeyStore.getInstance(properties.getProperty(KEYSTORE_TYPE)) + */ + public void loadCryptServiceProvider() throws SAMLEngineException { + LOG.info("Load Cryptographic Service Provider"); + InputStream inputStream = null; + + try { + inputStream = SignHW.class.getResourceAsStream("/" + + properties.getProperty(CONF_FILE)); + + } catch (final Exception e) { + throw new SAMLEngineException( + "Error loading CryptographicServiceProvider", e); + } finally { + IOUtils.closeQuietly(inputStream); + } + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignModuleFactory.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignModuleFactory.java.svn-base new file mode 100644 index 000000000..2adefddbd --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignModuleFactory.java.svn-base @@ -0,0 +1,64 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.engine.core.SAMLEngineSignI; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * The Class ModuleSignFactory. + * + * @author fjquevedo + * + */ + +public final class SignModuleFactory { + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(SignModuleFactory.class.getName()); + + /** + * Instantiates a new module sign factory. + */ + private SignModuleFactory() { + + } + + /** + * Gets the single instance of SignModuleFactory. + * + * @param className the class name + * + * @return single instance of SignModuleFactory + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static SAMLEngineSignI getInstance(final String className) + throws STORKSAMLEngineException { + LOG.info("[START]SignModuleFactory static"); + try { + final Class cls = Class.forName(className); + return (SAMLEngineSignI) cls.newInstance(); + } catch (Exception e) { + throw new STORKSAMLEngineException(e); + } + + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignP12.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignP12.java.svn-base new file mode 100644 index 000000000..33ed05515 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignP12.java.svn-base @@ -0,0 +1,468 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.io.ByteArrayInputStream; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.Provider; +import java.security.Security; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.InvalidPropertiesFormatException; +import java.util.List; +import java.util.Properties; + +import eu.stork.peps.auth.engine.X509PrincipalUtil; +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.NotImplementedException; +import org.bouncycastle.jce.X509Principal; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.opensaml.Configuration; +import org.opensaml.common.SAMLObject; +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.security.SAMLSignatureProfileValidator; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.security.SecurityConfiguration; +import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; +import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; +import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; +import org.opensaml.xml.security.x509.BasicX509Credential; +import org.opensaml.xml.signature.KeyInfo; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureConstants; +import org.opensaml.xml.signature.SignatureException; +import org.opensaml.xml.signature.SignatureValidator; +import org.opensaml.xml.signature.Signer; +import org.opensaml.xml.util.Base64; +import org.opensaml.xml.validation.ValidationException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.engine.core.SAMLEngineSignI; +import eu.stork.peps.exceptions.SAMLEngineException; + +/** + * The Class SWSign. Class responsible for signing and validating of messages + * SAML with a certificate store software. + * + * @author fjquevedo + */ +public final class SignP12 implements SAMLEngineSignI { + + /** The logger. */ + private static final Logger LOG = LoggerFactory.getLogger(SignP12.class + .getName()); + + + /** The p12 store. */ + private KeyStore p12Store = null; + + + /** The trust store. */ + private KeyStore trustStore = null; + + + /** + * Gets the trust store. + * + * @return the trust store + */ + public KeyStore getTrustStore() { + return trustStore; + } + + /** + * Sets the trust store. + * + * @param newTrustStore the new trust store + */ + public void setTrustStore(final KeyStore newTrustStore) { + this.trustStore = newTrustStore; + } + + /** + * The instance. + * + * @return the properties + */ + + public Properties getProperties() { + return properties; + } + + + + /** + * Gets the p12 store. + * + * @return the p12 store + */ + public KeyStore getP12Store() { + return p12Store; + } + + + + /** + * Sets the p12 store. + * + * @param newP12Store the new p12 store + */ + public void setP12Store(final KeyStore newP12Store) { + this.p12Store = newP12Store; + } + + + + /** + * Sets the properties. + * + * @param newProperties the new properties + */ + public void setProperties(final Properties newProperties) { + this.properties = newProperties; + } + + /** The SW sign prop. */ + private Properties properties = null; + + + /** + * Initialize the file configuration. + * + * @param fileConf name of the file configuration + * + * @throws SAMLEngineException error at the load from file configuration + */ + public void init(final String fileConf) throws SAMLEngineException { + InputStream fileProperties = null; + properties = new Properties(); + try { + try { + LOG.debug("Fichero a cargar " + fileConf); + fileProperties = new FileInputStream(fileConf); + properties.loadFromXML(fileProperties); + } catch (Exception e) { + LOG.error("Fallo al cargar el recurso externo. Se reintenta como fichero interno."); + fileProperties = SignP12.class.getResourceAsStream("/" + fileConf); + if (fileProperties == null) { + fileProperties = Thread.currentThread().getContextClassLoader().getResourceAsStream(fileConf); + if (fileProperties == null) { + Enumeration files = ClassLoader.getSystemClassLoader().getResources(fileConf); + if (files != null && files.hasMoreElements()) { + LOG.info("Se han encontrado recurso/s. Se toma el primero."); + fileProperties = ClassLoader.getSystemClassLoader().getResourceAsStream(files.nextElement().getFile()); + } else { + throw new IOException("No se pudo recuperar el fichero: " + fileConf, e); + } + } + } + LOG.debug("Recuperados " + fileProperties.available() + " bytes"); + properties.loadFromXML(fileProperties); + } + } catch (InvalidPropertiesFormatException e) { + LOG.info("Exception: invalid properties format."); + throw new SAMLEngineException(e); + } catch (IOException e) { + LOG.info("Exception: invalid file: " + fileConf); + throw new SAMLEngineException(e); + } finally { + IOUtils.closeQuietly(fileProperties); + } + } + + /** + * Gets the certificate. + * + * @return the X509Certificate + * + */ + public X509Certificate getCertificate() { + throw new NotImplementedException(); + } + + /** + * Sign the token SAML. + * + * @param tokenSaml token SAML + * + * @return the X509Certificate signed. + * + * @throws SAMLEngineException error at sign SAML token + * + */ + public SAMLObject sign(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.info("Start Sign process"); + try { + + final String serialNumber = properties.getProperty("serialNumber"); + final String issuer = properties.getProperty("issuer"); + + String alias = null; + String aliasCert; + X509Certificate certificate; + + boolean find = false; + for (final Enumeration e = p12Store.aliases(); e + .hasMoreElements() && !find;) { + aliasCert = e.nextElement(); + certificate = (X509Certificate) p12Store + .getCertificate(aliasCert); + + final String serialNum = certificate.getSerialNumber() + .toString(16); + + X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); + X509Principal issuerDNConf = new X509Principal(issuer); + + if(serialNum.equalsIgnoreCase(serialNumber) + && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){ + alias = aliasCert; + find = true; + } + + } + + certificate = (X509Certificate) p12Store + .getCertificate(alias); + final PrivateKey privateKey = (PrivateKey) p12Store.getKey( + alias, properties.getProperty("keyPassword").toCharArray()); + + LOG.info("Recover BasicX509Credential."); + final BasicX509Credential credential = new BasicX509Credential(); + + LOG.debug("Load certificate"); + credential.setEntityCertificate(certificate); + + LOG.debug("Load privateKey"); + credential.setPrivateKey(privateKey); + + LOG.debug("Begin signature with openSaml"); + final Signature signature = (Signature) Configuration + .getBuilderFactory().getBuilder( + Signature.DEFAULT_ELEMENT_NAME).buildObject( + Signature.DEFAULT_ELEMENT_NAME); + + signature.setSigningCredential(credential); + + signature.setSignatureAlgorithm( + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); + + final SecurityConfiguration secConfiguration = Configuration + .getGlobalSecurityConfiguration(); + final NamedKeyInfoGeneratorManager keyInfoManager = secConfiguration + .getKeyInfoGeneratorManager(); + final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager + .getDefaultManager(); + final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager + .getFactory(credential); + final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac + .newInstance(); + + final KeyInfo keyInfo = keyInfoGenerator.generate(credential); + + signature.setKeyInfo(keyInfo); + signature.setCanonicalizationAlgorithm( + SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + + tokenSaml.setSignature(signature); + + LOG.info("Marshall samlToken."); + Configuration.getMarshallerFactory().getMarshaller(tokenSaml) + .marshall(tokenSaml); + + LOG.info("Sign samlToken."); + Signer.signObject(signature); + + } catch (MarshallingException e) { + LOG.error("MarshallingException"); + throw new SAMLEngineException(e); + } catch (NoSuchAlgorithmException e) { + LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); + throw new SAMLEngineException(e); + } catch (KeyStoreException e) { + LOG.error("Generic KeyStore exception."); + throw new SAMLEngineException(e); + } catch (SignatureException e) { + LOG.error("Signature exception."); + throw new SAMLEngineException(e); + } catch (SecurityException e) { + LOG.error("Security exception."); + throw new SAMLEngineException(e); + } catch (UnrecoverableKeyException e) { + LOG.error("UnrecoverableKey exception."); + throw new SAMLEngineException(e); + } + + return tokenSaml; + } + + /** + * Validate signature. + * + * @param tokenSaml token SAML + * + * @return the SAMLObject validated. + * + * @throws SAMLEngineException error validate signature + * + */ + public SAMLObject validateSignature(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.info("Start signature validation."); + try { + + // Validate structure signature + final SAMLSignatureProfileValidator sigProfValidator = + new SAMLSignatureProfileValidator(); + try { + // Indicates signature id conform to SAML Signature profile + sigProfValidator.validate(tokenSaml.getSignature()); + } catch (ValidationException e) { + LOG.error("ValidationException: signature isn't conform to SAML Signature profile."); + throw new SAMLEngineException(e); + } + + String aliasCert = null; + X509Certificate certificate; + + final List trustCred = new ArrayList(); + + for (final Enumeration e = trustStore.aliases(); e + .hasMoreElements();) { + aliasCert = e.nextElement(); + final BasicX509Credential credential = new BasicX509Credential(); + certificate = (X509Certificate) trustStore + .getCertificate(aliasCert); + credential.setEntityCertificate(certificate); + trustCred.add(credential); + } + + final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); + + final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo + .getX509Datas().get(0).getX509Certificates().get(0); + + final CertificateFactory certFact = CertificateFactory + .getInstance("X.509"); + final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 + .decode(xmlCert.getValue())); + final X509Certificate cert = (X509Certificate) certFact + .generateCertificate(bis); + + // Exist only one certificate + final BasicX509Credential entityX509Cred = new BasicX509Credential(); + entityX509Cred.setEntityCertificate(cert); + + // Validate trust certificates + final ExplicitKeyTrustEvaluator keyTrustEvaluator = + new ExplicitKeyTrustEvaluator(); + if (!keyTrustEvaluator.validate(entityX509Cred, trustCred)) { + throw new SAMLEngineException("Certificate it is not trusted."); + } + + // Validate signature + final SignatureValidator sigValidator = new SignatureValidator( + entityX509Cred); + sigValidator.validate(tokenSaml.getSignature()); + + } catch (ValidationException e) { + LOG.error("ValidationException."); + throw new SAMLEngineException(e); + } catch (KeyStoreException e) { + LOG.error("KeyStoreException.", e); + throw new SAMLEngineException(e); + } catch (GeneralSecurityException e) { + LOG.error("GeneralSecurityException.", e); + throw new SAMLEngineException(e); + } + return tokenSaml; + } + + + /** + * Load cryptographic service provider. + * + * @throws SAMLEngineException the SAML engine exception + */ + public void loadCryptServiceProvider() throws SAMLEngineException { + LOG.info("Load Cryptographic Service Provider"); + + FileInputStream fis = null; + FileInputStream fisTrustStore = null; + + try { + // Dynamically register Bouncy Castle provider. + boolean found = false; + // Check if BouncyCastle is already registered as a provider + final Provider[] providers = Security.getProviders(); + for (int i = 0; i < providers.length; i++) { + if (providers[i].getName().equals( + BouncyCastleProvider.PROVIDER_NAME)) { + found = true; + } + } + + // Register only if the provider has not been previously registered + if (!found) { + LOG.debug("SAMLCore: Register Bouncy Castle provider."); + Security.insertProviderAt(new BouncyCastleProvider(), Security + .getProviders().length); + } + + p12Store = KeyStore.getInstance(properties + .getProperty("keystoreType")); + + fis = new FileInputStream(properties + .getProperty("keystorePath")); + + p12Store.load(fis, properties.getProperty( + "keyStorePassword").toCharArray()); + + + trustStore = KeyStore.getInstance(properties + .getProperty("trustStoreType")); + + fisTrustStore = new FileInputStream(properties + .getProperty("trustStorePath")); + trustStore.load(fisTrustStore, properties.getProperty( + "trustStorePassword").toCharArray()); + + } catch (Exception e) { + throw new SAMLEngineException( + "Error loading CryptographicServiceProvider", e); + } finally { + IOUtils.closeQuietly(fis); + IOUtils.closeQuietly(fisTrustStore); + } + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignSW.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignSW.java.svn-base new file mode 100644 index 000000000..4c7bb18a3 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/SignSW.java.svn-base @@ -0,0 +1,423 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.io.ByteArrayInputStream; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.Provider; +import java.security.Security; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.InvalidPropertiesFormatException; +import java.util.List; +import java.util.Properties; + +import eu.stork.peps.auth.engine.X509PrincipalUtil; +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.NotImplementedException; +import org.bouncycastle.jce.X509Principal; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.opensaml.Configuration; +import org.opensaml.common.SAMLObject; +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.security.SAMLSignatureProfileValidator; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.security.SecurityConfiguration; +import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; +import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; +import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; +import org.opensaml.xml.security.x509.BasicX509Credential; +import org.opensaml.xml.signature.KeyInfo; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureConstants; +import org.opensaml.xml.signature.SignatureException; +import org.opensaml.xml.signature.SignatureValidator; +import org.opensaml.xml.signature.Signer; +import org.opensaml.xml.util.Base64; +import org.opensaml.xml.validation.ValidationException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.engine.core.SAMLEngineSignI; +import eu.stork.peps.exceptions.SAMLEngineException; + + +/** + * The Class SWSign. Class responsible for signing and validating of messages + * SAML with a certificate store software. + * + * @author fjquevedo + */ +public class SignSW implements SAMLEngineSignI { + + /** The Constant KEYSTORE_TYPE. */ + private static final String KEYSTORE_TYPE = "keystoreType"; + + /** The Constant KEY_STORE_PASSWORD. */ + private static final String KEY_STORE_PASS = "keyStorePassword"; + + /** The logger. */ + private static final Logger LOG = LoggerFactory.getLogger(SignSW.class + .getName()); + + /** The stork own key store. */ + private KeyStore storkOwnKeyStore = null; + + /** + * The instance. + * + * @return the properties + */ + + public final Properties getProperties() { + return properties; + } + + /** + * Gets the stork own key store. + * + * @return the stork own key store + */ + public final KeyStore getStorkOwnKeyStore() { + return storkOwnKeyStore; + } + + /** + * Gets the stork trustStore. + * + * @return the stork own key store + */ + public KeyStore getTrustStore() { + return storkOwnKeyStore; + } + + /** + * Sets the stork own key store. + * + * @param newkOwnKeyStore the new stork own key store + */ + public final void setStorkOwnKeyStore(final KeyStore newkOwnKeyStore) { + this.storkOwnKeyStore = newkOwnKeyStore; + } + + /** + * Sets the properties. + * + * @param newProperties the new properties + */ + public final void setProperties(final Properties newProperties) { + this.properties = newProperties; + } + + /** The SW sign prop. */ + private Properties properties = null; + + + /** + * Inits the file configuration. + * + * @param fileConf name of the file configuration + * + * @throws SAMLEngineException error at the load from file configuration + */ + public final void init(final String fileConf) + throws SAMLEngineException { + InputStream fileProperties = null; + try { + fileProperties = SignSW.class.getResourceAsStream("/" + + fileConf); + properties = new Properties(); + + properties.loadFromXML(fileProperties); + fileProperties.close(); + } catch (InvalidPropertiesFormatException e) { + LOG.info("Exception: invalid properties format."); + throw new SAMLEngineException(e); + } catch (IOException e) { + LOG.info("Exception: invalid file: " + fileConf); + throw new SAMLEngineException(e); + } finally { + IOUtils.closeQuietly(fileProperties); + } + } + + /** + * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#getCertificate() + * @return the X509Certificate + */ + public final X509Certificate getCertificate() { + throw new NotImplementedException(); + } + + + /** + * Sign the token SAML. + * + * @param tokenSaml the token SAML. + * + * @return the SAML object + * + * @throws SAMLEngineException the SAML engine exception + * + */ + public final SAMLObject sign(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.info("Start Sign process."); + try { + final String serialNumber = properties.getProperty("serialNumber"); + final String issuer = properties.getProperty("issuer"); + + String alias = null; + String aliasCert; + X509Certificate certificate; + boolean find = false; + + for (final Enumeration e = storkOwnKeyStore.aliases(); e + .hasMoreElements() && !find; ) { + aliasCert = e.nextElement(); + certificate = (X509Certificate) storkOwnKeyStore + .getCertificate(aliasCert); + + final String serialNum = certificate.getSerialNumber() + .toString(16); + + X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); + X509Principal issuerDNConf = new X509Principal(issuer); + + if(serialNum.equalsIgnoreCase(serialNumber) + && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){ + alias = aliasCert; + find = true; + } + } + if (!find) { + throw new SAMLEngineException("Certificate cannot be found in keystore "); + } + certificate = (X509Certificate) storkOwnKeyStore.getCertificate(alias); + final PrivateKey privateKey = (PrivateKey) storkOwnKeyStore.getKey( + alias, properties.getProperty("keyPassword").toCharArray()); + + LOG.info("Recover BasicX509Credential."); + final BasicX509Credential credential = new BasicX509Credential(); + + LOG.debug("Load certificate"); + credential.setEntityCertificate(certificate); + + LOG.debug("Load privateKey"); + credential.setPrivateKey(privateKey); + + LOG.debug("Begin signature with openSaml"); + final Signature signature = (Signature) Configuration + .getBuilderFactory().getBuilder( + Signature.DEFAULT_ELEMENT_NAME).buildObject( + Signature.DEFAULT_ELEMENT_NAME); + + signature.setSigningCredential(credential); + + signature.setSignatureAlgorithm( + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); + + + final SecurityConfiguration secConfiguration = Configuration + .getGlobalSecurityConfiguration(); + final NamedKeyInfoGeneratorManager keyInfoManager = secConfiguration + .getKeyInfoGeneratorManager(); + final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager + .getDefaultManager(); + final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager + .getFactory(credential); + final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac + .newInstance(); + + KeyInfo keyInfo = keyInfoGenerator.generate(credential); + + signature.setKeyInfo(keyInfo); + signature.setCanonicalizationAlgorithm( + SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + + tokenSaml.setSignature(signature); + + LOG.info("Marshall samlToken."); + Configuration.getMarshallerFactory().getMarshaller(tokenSaml) + .marshall(tokenSaml); + + LOG.info("Sign samlToken."); + Signer.signObject(signature); + + } catch (MarshallingException e) { + LOG.error("MarshallingException"); + throw new SAMLEngineException(e); + } catch (NoSuchAlgorithmException e) { + LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); + throw new SAMLEngineException(e); + } catch (KeyStoreException e) { + LOG.error("Generic KeyStore exception."); + throw new SAMLEngineException(e); + } catch (SignatureException e) { + LOG.error("Signature exception."); + throw new SAMLEngineException(e); + } catch (SecurityException e) { + LOG.error("Security exception."); + throw new SAMLEngineException(e); + } catch (UnrecoverableKeyException e) { + LOG.error("UnrecoverableKey exception."); + throw new SAMLEngineException(e); + } + + return tokenSaml; + } + + /** + * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#validateSignature(org.opensaml.common.SignableSAMLObject) + * @param tokenSaml token SAML + * @return the SAMLObject validated. + * @throws SAMLEngineException error validate signature + */ + public final SAMLObject validateSignature(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.info("Start signature validation."); + try { + + // Validate structure signature + final SAMLSignatureProfileValidator sigProfValidator = + new SAMLSignatureProfileValidator(); + try { + // Indicates signature id conform to SAML Signature profile + sigProfValidator.validate(tokenSaml.getSignature()); + } catch (ValidationException e) { + LOG.error("ValidationException: signature isn't conform to SAML Signature profile."); + throw new SAMLEngineException(e); + } + + String aliasCert = null; + X509Certificate certificate; + + final List trustCred = new ArrayList(); + + for (final Enumeration e = storkOwnKeyStore.aliases(); e + .hasMoreElements();) { + aliasCert = e.nextElement(); + final BasicX509Credential credential = new BasicX509Credential(); + certificate = (X509Certificate) storkOwnKeyStore + .getCertificate(aliasCert); + credential.setEntityCertificate(certificate); + trustCred.add(credential); + } + + final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); + + final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo + .getX509Datas().get(0).getX509Certificates().get(0); + + final CertificateFactory certFact = CertificateFactory + .getInstance("X.509"); + final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 + .decode(xmlCert.getValue())); + final X509Certificate cert = (X509Certificate) certFact + .generateCertificate(bis); + + // Exist only one certificate + final BasicX509Credential entityX509Cred = new BasicX509Credential(); + entityX509Cred.setEntityCertificate(cert); + + // Validate trust certificates + final ExplicitKeyTrustEvaluator keyTrustEvaluator = + new ExplicitKeyTrustEvaluator(); + if (!keyTrustEvaluator.validate(entityX509Cred, trustCred)) { + throw new SAMLEngineException("Certificate is not trusted."); + } + + // Validate signature + final SignatureValidator sigValidator = new SignatureValidator( + entityX509Cred); + sigValidator.validate(tokenSaml.getSignature()); + + } catch (ValidationException e) { + LOG.error("ValidationException."); + throw new SAMLEngineException(e); + } catch (KeyStoreException e) { + LOG.error("KeyStoreException.", e); + throw new SAMLEngineException(e); + } catch (GeneralSecurityException e) { + LOG.error("GeneralSecurityException.", e); + throw new SAMLEngineException(e); + } + LOG.info(tokenSaml.getSignatureReferenceID()); + LOG.info("Start signature validation - END." ); + return tokenSaml; + } + + + /** + * Load cryptographic service provider. + * + * @throws SAMLEngineException the SAML engine exception + */ + public final void loadCryptServiceProvider() throws SAMLEngineException { + LOG.info("Load Cryptographic Service Provider"); + FileInputStream fis = null; + try { + // Dynamically register Bouncy Castle provider. + boolean found = false; + // Check if BouncyCastle is already registered as a provider + final Provider[] providers = Security.getProviders(); + for (int i = 0; i < providers.length; i++) { + if (providers[i].getName().equals( + BouncyCastleProvider.PROVIDER_NAME)) { + found = true; + } + } + + // Register only if the provider has not been previously registered + if (!found) { + LOG.info("SAMLCore: Register Bouncy Castle provider."); + Security.insertProviderAt(new BouncyCastleProvider(), Security + .getProviders().length); + } + + storkOwnKeyStore = KeyStore.getInstance(properties + .getProperty(KEYSTORE_TYPE)); + + LOG.info("Loading KeyInfo from keystore file " + properties.getProperty("keystorePath")); + fis = new FileInputStream(properties + .getProperty("keystorePath")); + + storkOwnKeyStore.load(fis, properties.getProperty( + KEY_STORE_PASS).toCharArray()); + + } catch (Exception e) { + LOG.error("Error loading CryptographicServiceProvider", e); + throw new SAMLEngineException( + "Error loading CryptographicServiceProvider", e); + } finally { + IOUtils.closeQuietly(fis); + } + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesBuilder.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesBuilder.java.svn-base new file mode 100644 index 000000000..a60515593 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesBuilder.java.svn-base @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SAMLCore; +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; + +/** + * The Class VIDPAuthenticationAttributesBuilder. + * + * @author fjquevedo + */ +public final class VIDPAuthenticationAttributesBuilder extends AbstractSAMLObjectBuilder { + + + /** {@inheritDoc} */ + public VIDPAuthenticationAttributes buildObject() { + return buildObject(SAMLCore.STORK10P_NS.getValue(), VIDPAuthenticationAttributes.DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); + } + + /** {@inheritDoc} */ + public VIDPAuthenticationAttributes buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { + return new VIDPAuthenticationAttributesImpl(namespaceURI, localName, namespacePrefix); + } + +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesImpl.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesImpl.java.svn-base new file mode 100644 index 000000000..a6e7e7f60 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesImpl.java.svn-base @@ -0,0 +1,132 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.opensaml.common.impl.AbstractSignableSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; +import eu.stork.peps.auth.engine.core.SPInformation; +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class VIDPAuthenticationAttributesImpl. + * + * @author fjquevedo + */ +public final class VIDPAuthenticationAttributesImpl extends AbstractSignableSAMLObject implements +VIDPAuthenticationAttributes { + + private static final Logger LOGGER = LoggerFactory.getLogger(VIDPAuthenticationAttributesImpl.class.getName()); + /** The citizen country code. */ + private CitizenCountryCode citizenCountryCode; + + /** The SP information. */ + private SPInformation spInformation; + + /** + * Instantiates a new requested attributes implement. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected VIDPAuthenticationAttributesImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + /** + * getCitizenCountryCode. + * + * @return the citizen country code + */ + public CitizenCountryCode getCitizenCountryCode() { + return citizenCountryCode; + } + + /** + * getSPInformation + * + * @return the SP information + */ + public SPInformation getSPInformation() { + return spInformation; + } + + /** + * Gets the ordered children. + * + * @return the ordered children + * + */ + public List getOrderedChildren() { + final ArrayList children = new ArrayList(); + + children.add(citizenCountryCode); + children.add(spInformation); + + if (getSignature() != null) { + children.add(getSignature()); + } + + return Collections.unmodifiableList(children); + + } + + /** + * Gets the signature reference id. + * + * @return the signature reference id + * + */ + public String getSignatureReferenceID() { + return null; + } + + /** + * Sets the citizen country code. + * + * @param newCitizenCountryCode the new citizen country code + * + */ + public void setCitizenCountryCode(CitizenCountryCode newCitizenCountryCode) { + this.citizenCountryCode = prepareForAssignment(this.citizenCountryCode, newCitizenCountryCode); + } + + /** + * Sets the SP information. + * + * @param newSPInformation the new SP information + * + */ + public void setSPInformation(SPInformation newSPInformation) { + this.spInformation = prepareForAssignment(this.spInformation, newSPInformation); + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesMarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesMarshaller.java.svn-base new file mode 100644 index 000000000..5635ddd6b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesMarshaller.java.svn-base @@ -0,0 +1,33 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; + +/** + * The Class VIDPAuthenticationAttributesMarshaller. + * + * @author fjquevedo + */ +public class VIDPAuthenticationAttributesMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Instantiates a new vIDP authentication attributes marshaller. + */ + public VIDPAuthenticationAttributesMarshaller() { + super(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesUnmarshaller.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesUnmarshaller.java.svn-base new file mode 100644 index 000000000..1de300c03 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/VIDPAuthenticationAttributesUnmarshaller.java.svn-base @@ -0,0 +1,55 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.UnmarshallingException; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; +import eu.stork.peps.auth.engine.core.SPInformation; +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; + +/** + * The Class VIDPAuthenticationAttributesUnmarshaller. + * + * @author fjquevedo + */ +public class VIDPAuthenticationAttributesUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process child element. + * + * @param parentObject the parent object + * @param childObject the child object + * + * @throws UnmarshallingException the unmarshalling exception + * + */ + protected final void processChildElement(final XMLObject parentObject, + final XMLObject childObject) throws UnmarshallingException { + final VIDPAuthenticationAttributes vIDPAuthenticationAttr = (VIDPAuthenticationAttributes) parentObject; + + if (childObject instanceof CitizenCountryCode) { + vIDPAuthenticationAttr.setCitizenCountryCode((CitizenCountryCode) childObject); + } else if (childObject instanceof SPInformation) { + vIDPAuthenticationAttr.setSPInformation((SPInformation) childObject); + } else { + super.processChildElement(parentObject, childObject); + } + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/package-info.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..e26da6d04 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Implementations of STORK 1.0 core specification types and elements. + */ +package eu.stork.peps.auth.engine.core.impl; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java new file mode 100644 index 000000000..74840e135 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesBuilder.java @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.AuthenticationAttributes; + +/** + * The Class AuthenticationAttributesBuilder. + * + * @author fjquevedo + */ +public class AuthenticationAttributesBuilder extends + AbstractSAMLObjectBuilder { + + + + /** + * Builds the object. + * + * @return the authentication attributes + */ + public final AuthenticationAttributes buildObject() { + return buildObject(AuthenticationAttributes.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace URI + * @param localName the local name + * @param namespacePrefix the namespace prefix + * + * @return the authentication attributes + */ + public final AuthenticationAttributes buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new AuthenticationAttributesImpl(namespaceURI, localName, + namespacePrefix); + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java new file mode 100644 index 000000000..1e43e7ec3 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesImpl.java @@ -0,0 +1,109 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.opensaml.common.impl.AbstractSignableSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.AuthenticationAttributes; +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class AuthenticationAttributesImpl. + * + * @author fjquevedo + */ +public final class AuthenticationAttributesImpl extends AbstractSignableSAMLObject implements +AuthenticationAttributes { + + private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticationAttributesImpl.class.getName()); + + /** The indexed children. */ + private VIDPAuthenticationAttributes vIDPAuthenAttr; + + /** + * Instantiates a new authentication attributes implementation. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected AuthenticationAttributesImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + * + */ + public List getOrderedChildren() { + final ArrayList children = new ArrayList(); + + children.add(vIDPAuthenAttr); + + if (getSignature() != null) { + children.add(getSignature()); + } + + return Collections.unmodifiableList(children); + } + + /** + * Gets the signature reference id. + * + * @return the signature reference id + * + */ + public String getSignatureReferenceID() { + return null; + } + + /** + * Gets the vidp authentication attributes. + * + * @return the VIDP authentication attributes + * + */ + public VIDPAuthenticationAttributes getVIDPAuthenticationAttributes() { + return vIDPAuthenAttr; + } + + /** + * Sets the vidp authentication attributes. + * + * @param newVIDPAuthenAttr the new vidp authen attr + * + */ + public void setVIDPAuthenticationAttributes( + final VIDPAuthenticationAttributes newVIDPAuthenAttr) { + vIDPAuthenAttr = prepareForAssignment(this.vIDPAuthenAttr, newVIDPAuthenAttr); + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java new file mode 100644 index 000000000..698bf56b9 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesMarshaller.java @@ -0,0 +1,30 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; + +/** + * The Class AuthenticationAttributesMarshaller. + * + * @author fjquevedo + */ +public class AuthenticationAttributesMarshaller extends AbstractSAMLObjectMarshaller { + + + + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java new file mode 100644 index 000000000..af3e5c234 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/AuthenticationAttributesUnmarshaller.java @@ -0,0 +1,54 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.UnmarshallingException; + +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; + +import eu.stork.peps.auth.engine.core.AuthenticationAttributes; + +/** + * The Class AuthenticationAttributesUnmarshaller. + * + * @author fjquevedo + */ +public class AuthenticationAttributesUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process child element. + * + * @param parentObject the parent object + * @param childObject the child object + * + * @throws UnmarshallingException the unmarshalling exception + * + */ + protected final void processChildElement(final XMLObject parentObject, + final XMLObject childObject) throws UnmarshallingException { + final AuthenticationAttributes attrStatement = (AuthenticationAttributes) parentObject; + + if (childObject instanceof VIDPAuthenticationAttributes) { + attrStatement.setVIDPAuthenticationAttributes((VIDPAuthenticationAttributes) childObject); + } else { + super.processChildElement(parentObject, childObject); + } + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java new file mode 100644 index 000000000..64651691f --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeBuilder.java @@ -0,0 +1,50 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; + +/** + * The Class CitizenCountryCodeBuilder. + * + * @author fjquevedo + */ +public class CitizenCountryCodeBuilder extends AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the citizen country code + */ + public final CitizenCountryCode buildObject() { + return buildObject(CitizenCountryCode.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the citizen country code + */ + public final CitizenCountryCode buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new CitizenCountryCodeImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java new file mode 100644 index 000000000..4df8084a9 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeImpl.java @@ -0,0 +1,82 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class CitizenCountryCodeImpl. + * + * @author fjquevedo + */ +public class CitizenCountryCodeImpl extends AbstractSAMLObject implements CitizenCountryCode { + + private static final Logger LOGGER = LoggerFactory.getLogger(CitizenCountryCodeImpl.class.getName()); + /** The citizen country code. */ + private String citizenCountryCode; + + /** + * Instantiates a new sP country impl. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected CitizenCountryCodeImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the citizen country code. + * + * @return the citizen country code + */ + public final String getCitizenCountryCode() { + return citizenCountryCode; + } + + /** + * Sets the citizen country code. + * + * @param newCitizenCountryCode the new citizen country code + */ + public final void setCitizenCountryCode(final String newCitizenCountryCode) { + this.citizenCountryCode = prepareForAssignment(this.citizenCountryCode, newCitizenCountryCode); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java new file mode 100644 index 000000000..decae04c5 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeMarshaller.java @@ -0,0 +1,45 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; + +/** + * The Class SPCountryMarshaller. + * + * @author fjquevedo + */ +public class CitizenCountryCodeMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final CitizenCountryCode citizenCountryCode = (CitizenCountryCode) samlObject; + XMLHelper.appendTextContent(domElement, citizenCountryCode.getCitizenCountryCode()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java new file mode 100644 index 000000000..93132b508 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/CitizenCountryCodeUnmarshaller.java @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; + +/** + * The Class CitizenCountryCodeUnmarshaller. + * + * @author fjquevedo + */ +public class CitizenCountryCodeUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final CitizenCountryCode citizenCountryCode = (CitizenCountryCode) samlObject; + citizenCountryCode.setCitizenCountryCode(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java new file mode 100644 index 000000000..b939da776 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareBuilder.java @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; + +/** + * The Class EIDCrossBorderShareBuilder. + * + * @author fjquevedo + */ +public class EIDCrossBorderShareBuilder extends AbstractSAMLObjectBuilder { + + + /** + * Builds the object. + * + * @return the identifier cross border share + */ + public final EIDCrossBorderShare buildObject() { + return buildObject(EIDCrossBorderShare.DEF_ELEMENT_NAME); + } + + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the eID cross border share + */ + public final EIDCrossBorderShare buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new EIDCrossBorderShareImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java new file mode 100644 index 000000000..50a997031 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareImpl.java @@ -0,0 +1,87 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class EIDCrossBorderShareImpl. + * + * @author fjquevedo + */ +public class EIDCrossBorderShareImpl extends AbstractSAMLObject implements + EIDCrossBorderShare { + + private static final Logger LOGGER = LoggerFactory.getLogger(EIDCrossBorderShareImpl.class.getName()); + /** The citizen country code. */ + private String eIDCrossBorderShare; + + /** + * Instantiates a new eID cross border share implementation. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected EIDCrossBorderShareImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + + /** + * Gets the eID cross border share. + * + * @return the eID cross border share + */ + public final String getEIDCrossBorderShare() { + return eIDCrossBorderShare; + } + + + /** + * Sets the eID cross border share. + * + * @param newEIDCrossBorderShare the new eID cross border share + */ + public final void setEIDCrossBorderShare(String newEIDCrossBorderShare) { + this.eIDCrossBorderShare = prepareForAssignment(this.eIDCrossBorderShare, newEIDCrossBorderShare); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + * {@inheritDoc} + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java new file mode 100644 index 000000000..58fa8af65 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareMarshaller.java @@ -0,0 +1,47 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; + + +/** + * The Class EIDCrossBorderShareMarshaller. + * + * @author fjquevedo + */ +public class EIDCrossBorderShareMarshaller extends AbstractSAMLObjectMarshaller { + + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) samlObject; + XMLHelper.appendTextContent(domElement, crossBorderShare.getEIDCrossBorderShare()); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java new file mode 100644 index 000000000..457e70c23 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossBorderShareUnmarshaller.java @@ -0,0 +1,43 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.EIDCrossBorderShare; + +/** + * The Class EIDCrossBorderShareUnmarshaller. + * + * @author fjquevedo + */ +public class EIDCrossBorderShareUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final EIDCrossBorderShare crossBorderShare = (EIDCrossBorderShare) samlObject; + crossBorderShare.setEIDCrossBorderShare(elementContent); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java new file mode 100644 index 000000000..9683d2ad8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareBuilder.java @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; + +/** + * The Class EIDCrossSectorShareBuilder. + * + * @author fjquevedo + */ +public class EIDCrossSectorShareBuilder extends + AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the eID cross sector share + */ + public final EIDCrossSectorShare buildObject() { + return buildObject(EIDCrossSectorShare.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the eID cross sector share implementation + */ + public final EIDCrossSectorShareImpl buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new EIDCrossSectorShareImpl(namespaceURI, localName, + namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java new file mode 100644 index 000000000..30502f429 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareImpl.java @@ -0,0 +1,89 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; + +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + +/** + * The Class EIDCrossSectorShareImpl. + * + * @author fjquevedo + */ +public class EIDCrossSectorShareImpl extends AbstractSAMLObject implements + EIDCrossSectorShare { + + private static final Logger LOGGER = LoggerFactory.getLogger(EIDCrossSectorShareImpl.class.getName()); + /** The citizen country code. */ + private String eIDCrossSectorShare; + + + /** + * Instantiates a new eID cross sector share implementation. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected EIDCrossSectorShareImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + + /** + * Gets the eID cross sector share. + * + * @return the eID cross sector share + */ + public final String getEIDCrossSectorShare() { + return eIDCrossSectorShare; + } + + + /** + * Sets the eID cross sector share. + * + * @param newEIDCrossSectorShare the new eID cross sector share + */ + public final void setEIDCrossSectorShare(String newEIDCrossSectorShare) { + this.eIDCrossSectorShare = prepareForAssignment(this.eIDCrossSectorShare, newEIDCrossSectorShare); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java new file mode 100644 index 000000000..dfd2b81dc --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareMarshaller.java @@ -0,0 +1,46 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; + + +/** + * The Class EIDCrossSectorShareMarshaller. + * + * @author fjquevedo + */ +public class EIDCrossSectorShareMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) samlObject; + XMLHelper.appendTextContent(domElement, crossSectorShare.getEIDCrossSectorShare()); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java new file mode 100644 index 000000000..6a9711ca2 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDCrossSectorShareUnmarshaller.java @@ -0,0 +1,47 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.EIDCrossSectorShare; + +/** + * The Class EIDCrossSectorShareUnmarshaller. + * + * @author fjquevedo + */ +public class EIDCrossSectorShareUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void processElementContent(final XMLObject samlObject, + final String domElement) { + + final EIDCrossSectorShare crossSectorShare = (EIDCrossSectorShare) samlObject; + crossSectorShare.setEIDCrossSectorShare(domElement); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java new file mode 100644 index 000000000..75062dc69 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareBuilder.java @@ -0,0 +1,51 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.EIDSectorShare; + +/** + * The Class EIDSectorShareBuilder. + * + * @author fjquevedo + */ +public class EIDSectorShareBuilder extends + AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the eID sector share + */ + public final EIDSectorShare buildObject() { + return buildObject(EIDSectorShare.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the eID sector share + */ + public final EIDSectorShare buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new EIDSectorShareImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java new file mode 100644 index 000000000..c548841f7 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareImpl.java @@ -0,0 +1,85 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.EIDSectorShare; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +// TODO: Auto-generated Javadoc +/** + * The Class EIDSectorShareImpl. + * + * @author fjquevedo + */ +public class EIDSectorShareImpl extends AbstractSAMLObject implements + EIDSectorShare { + + private static final Logger LOGGER = LoggerFactory.getLogger(EIDSectorShareImpl.class.getName()); + + /** The e id sector share. */ + private String eIDSectorShare; + /** + * Instantiates a new eID sector share implementation. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected EIDSectorShareImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + /** + * Gets the eID sector share. + * + * @return the eID sector share + */ + public final String getEIDSectorShare() { + return eIDSectorShare; + } + + /** + * Sets the eID sector share. + * + * @param newEIDSectorShare the new eID sector share + */ + public final void setEIDSectorShare(String newEIDSectorShare) { + this.eIDSectorShare = prepareForAssignment(this.eIDSectorShare, newEIDSectorShare); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java new file mode 100644 index 000000000..87ab23660 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareMarshaller.java @@ -0,0 +1,46 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.saml2.core.impl.AbstractNameIDTypeMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.EIDSectorShare; + +/** + * The Class EIDSectorShareMarshaller. + * + * @author fjquevedo + */ +public class EIDSectorShareMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final EIDSectorShare sectorShare = (EIDSectorShare) samlObject; + XMLHelper.appendTextContent(domElement, sectorShare.getEIDSectorShare()); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java new file mode 100644 index 000000000..9c661813f --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/EIDSectorShareUnmarshaller.java @@ -0,0 +1,47 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.EIDSectorShare; + + +/** + * The Class EIDSectorShareUnmarshaller. + * + * @author fjquevedo + */ +public class EIDSectorShareUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void processElementContent(final XMLObject samlObject, + final String domElement) { + final EIDSectorShare sectorShare = (EIDSectorShare) samlObject; + sectorShare.setEIDSectorShare(domElement); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java new file mode 100644 index 000000000..41676931b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeBuilder.java @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.QAAAttribute; + +/** + * The Class QAAAttributeBuilder. + * + * @author fjquevedo + */ +public class QAAAttributeBuilder extends + AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the quality authentication assurance object + */ + public final QAAAttribute buildObject() { + return buildObject(QAAAttribute.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the quality authentication assurance object + + */ + public final QAAAttribute buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new QAAAttributeImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java new file mode 100644 index 000000000..c08986026 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeImpl.java @@ -0,0 +1,84 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.QAAAttribute; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class QAAAttributeImpl. + * + * @author fjquevedo + */ +public class QAAAttributeImpl extends AbstractSAMLObject implements + QAAAttribute { + + private static final Logger LOGGER = LoggerFactory.getLogger(QAAAttributeImpl.class.getName()); + /** The quality authentication assurance level. */ + private String qaaLevel; + + /** + * Constructor. + * + * @param namespaceURI the namespace the element is in + * @param elementLocalName the local name of the XML element this Object + * represents + * @param namespacePrefix the prefix for the given namespace + */ + protected QAAAttributeImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the quality authentication assurance level. + * + * @return the quality authentication assurance level + */ + public final String getQaaLevel() { + return qaaLevel; + } + + /** + * Sets the quality authentication assurance level. + * + * @param newQaaLevel the new quality authentication assurance level + */ + public final void setQaaLevel(final String newQaaLevel) { + this.qaaLevel = prepareForAssignment(this.qaaLevel, newQaaLevel); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java new file mode 100644 index 000000000..000879368 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeMarshaller.java @@ -0,0 +1,45 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.QAAAttribute; + +/** + * The Class QAAAttributeMarshaller. + * + * @author fjquevedo + */ +public class QAAAttributeMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final QAAAttribute qaaAttribute = (QAAAttribute) samlObject; + XMLHelper.appendTextContent(domElement, qaaAttribute.getQaaLevel()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java new file mode 100644 index 000000000..8445e4eeb --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/QAAAttributeUnmarshaller.java @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.QAAAttribute; + +/** + * The Class QAAAttributeUnmarshaller. + * + * @author fjquevedo + */ +public class QAAAttributeUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final QAAAttribute qaaLevel = (QAAAttribute) samlObject; + qaaLevel.setQaaLevel(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java new file mode 100644 index 000000000..70bd6ac1f --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeBuilder.java @@ -0,0 +1,54 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; + +/** + * The Class RequestedAttributeBuilder. + * + * @author fjquevedo + */ +public class RequestedAttributeBuilder extends + AbstractSAMLObjectBuilder { + + + /** + * Builds the object. + * + * @return the requested attribute + */ + public final RequestedAttribute buildObject() { + return buildObject(RequestedAttribute.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the requested attribute + */ + public final RequestedAttribute buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new RequestedAttributeImpl(namespaceURI, localName, + namespacePrefix); + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java new file mode 100644 index 000000000..ad759230a --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeImpl.java @@ -0,0 +1,220 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.schema.XSBooleanValue; +import org.opensaml.xml.util.AttributeMap; +import org.opensaml.xml.util.XMLObjectChildrenList; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +// TODO: Auto-generated Javadoc +/** + * The Class RequestedAttributeImpl. + * + * @author fjquevedo + */ +public class RequestedAttributeImpl extends AbstractSAMLObject implements + RequestedAttribute { + + private static final Logger LOGGER = LoggerFactory.getLogger(RequestedAttributeImpl.class.getName()); + /** + * The attribute values. + */ + private final XMLObjectChildrenList attributeValues; + + /** + * The friendly name. + * + */ + private String friendlyName; + + /** + * The is required. + */ + private String isRequired; + + /** + * The name. + * + */ + private String name; + + /** + * The name format. + * + */ + private String nameFormat; + + /** + * The unknown attributes. + * + */ + private AttributeMap unknownAttributes; + + /** + * Instantiates a new requested attribute impl. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected RequestedAttributeImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + unknownAttributes = new AttributeMap(this); + attributeValues = new XMLObjectChildrenList(this); + } + + + /** + * Gets the attribute values. + * + * @return the attribute values + */ + public final List getAttributeValues() { + return attributeValues; + } + + /** + * Gets the friendly name. + * + * @return the friendly name. + */ + public final String getFriendlyName() { + return friendlyName; + } + + + /** + * Gets the checks if is required. + * + * @return the boolean if it's required. + */ + public final String isRequired() { + return isRequired; + } + + + /** + * Gets the is required xs boolean. + * + * @return the XSBoolean if it's required. + */ + public final String getIsRequiredXSBoolean() { + return isRequired; + } + + + /** + * Gets the name. + * + * @return the name + */ + public final String getName() { + return name; + } + + + /** + * Gets the name format. + * + * @return the name format. + */ + public final String getNameFormat() { + return nameFormat; + } + + /** + * Gets the ordered children. + * + * @return the list of XMLObject. + */ + public final List getOrderedChildren() { + final ArrayList children = new ArrayList(); + children.addAll(attributeValues); + return Collections.unmodifiableList(children); + } + + /** + * Gets the unknown attributes. + * + * @return the attribute map + */ + public final AttributeMap getUnknownAttributes() { + return unknownAttributes; + } + + /** + * Sets the friendly name. + * + * @param newFriendlyName the new friendly name format + */ + public final void setFriendlyName(final String newFriendlyName) { + this.friendlyName = prepareForAssignment(this.friendlyName, + newFriendlyName); + } + + /** + * Set new boolean value isRequired. + * @param newIsRequired then new value + */ + public final void setIsRequired(final String newIsRequired) { + isRequired = prepareForAssignment(this.isRequired, newIsRequired); + + } + + /** + * Sets the name. + * + * @param newName the new name + */ + public final void setName(final String newName) { + this.name = prepareForAssignment(this.name, newName); + } + + /** + * Sets the name format. + * + * @param newNameFormat the new name format + */ + public final void setNameFormat(final String newNameFormat) { + this.nameFormat = prepareForAssignment(this.nameFormat, newNameFormat); + } + + /** + * Sets the unknown attributes. + * + * @param newUnknownAttr the new unknown attributes + */ + public final void setUnknownAttributes(final AttributeMap newUnknownAttr) { + this.unknownAttributes = newUnknownAttr; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java new file mode 100644 index 000000000..6d0669241 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeMarshaller.java @@ -0,0 +1,89 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.Map.Entry; + +import javax.xml.namespace.QName; + +import org.opensaml.Configuration; +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Attr; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; + +/** + * The Class RequestedAttributeMarshaller. + * + * @author fjquevedo + */ +public class RequestedAttributeMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall attributes. + * + * @param samlElement the SAML element + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallAttributes(final XMLObject samlElement, + final Element domElement) throws MarshallingException { + final RequestedAttribute requestedAttr = (RequestedAttribute) samlElement; + + if (requestedAttr.getName() != null) { + domElement.setAttributeNS(null, + RequestedAttribute.NAME_ATTRIB_NAME, requestedAttr + .getName()); + } + + if (requestedAttr.getNameFormat() != null) { + domElement.setAttributeNS(null, + RequestedAttribute.NAME_FORMAT_ATTR, requestedAttr + .getNameFormat()); + } + + if (requestedAttr.getFriendlyName() != null) { + domElement.setAttributeNS(null, + RequestedAttribute.FRIENDLY_NAME_ATT, requestedAttr + .getFriendlyName()); + } + + if (requestedAttr.getIsRequiredXSBoolean() != null) { + domElement.setAttributeNS(null, + RequestedAttribute.IS_REQUIRED_ATTR, requestedAttr + .getIsRequiredXSBoolean().toString()); + } + + Attr attr; + for (Entry entry : requestedAttr.getUnknownAttributes() + .entrySet()) { + attr = XMLHelper.constructAttribute(domElement.getOwnerDocument(), + entry.getKey()); + attr.setValue(entry.getValue()); + domElement.setAttributeNodeNS(attr); + if (Configuration.isIDAttribute(entry.getKey()) + || requestedAttr.getUnknownAttributes().isIDAttribute( + entry.getKey())) { + attr.getOwnerElement().setIdAttributeNode(attr, true); + } + } + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java new file mode 100644 index 000000000..551f4239d --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributeUnmarshaller.java @@ -0,0 +1,96 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import javax.xml.namespace.QName; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; + +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.UnmarshallingException; +import org.opensaml.xml.schema.XSBooleanValue; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Attr; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import eu.stork.peps.auth.engine.core.SAMLCore; + +/** + * The Class RequestedAttributeUnmarshaller. + * + * @author fjquevedo + */ +public class RequestedAttributeUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process child element. + * + * @param parentSAMLObject parent SAMLObject + * @param childSAMLObject child SAMLObject + * + * @throws UnmarshallingException error at unmarshall XML object + */ + protected final void processChildElement(final XMLObject parentSAMLObject, + final XMLObject childSAMLObject) throws UnmarshallingException { + + final RequestedAttribute requestedAttr = (RequestedAttribute) parentSAMLObject; + + final QName childQName = childSAMLObject.getElementQName(); + if (childQName.getLocalPart().equals("AttributeValue") + && childQName.getNamespaceURI().equals(SAMLCore.STORK10_NS.getValue())) { + requestedAttr.getAttributeValues().add(childSAMLObject); + } else { + super.processChildElement(parentSAMLObject, childSAMLObject); + } + } + + /** + * Process attribute. + * + * @param samlObject the SAML object + * @param attribute the attribute + * @throws UnmarshallingException the unmarshalling exception + */ + protected final void processAttribute(final XMLObject samlObject, + final Attr attribute) throws UnmarshallingException { + + final RequestedAttribute requestedAttr = (RequestedAttribute) samlObject; + + if (attribute.getLocalName() + .equals(RequestedAttribute.NAME_ATTRIB_NAME)) { + requestedAttr.setName(attribute.getValue()); + } else if (attribute.getLocalName().equals( + RequestedAttribute.NAME_FORMAT_ATTR)) { + requestedAttr.setNameFormat(attribute.getValue()); + } else if (attribute.getLocalName().equals( + RequestedAttribute.FRIENDLY_NAME_ATT)) { + requestedAttr.setFriendlyName(attribute.getValue()); + } else if (attribute.getLocalName().equals( + RequestedAttribute.IS_REQUIRED_ATTR)) { + requestedAttr.setIsRequired(attribute + .getValue()); + + } else { + final QName attribQName = XMLHelper.getNodeQName(attribute); + if (attribute.isId()) { + requestedAttr.getUnknownAttributes().registerID(attribQName); + } + requestedAttr.getUnknownAttributes().put(attribQName, + attribute.getValue()); + } + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java new file mode 100644 index 000000000..138177995 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesBuilder.java @@ -0,0 +1,54 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.RequestedAttributes; + +/** + * The Class RequestedAttributesBuilder. + * + * @author fjquevedo + */ +public class RequestedAttributesBuilder extends + AbstractSAMLObjectBuilder { + + + /** + * Builds the object. + * + * @return the requested attributes + */ + public final RequestedAttributes buildObject() { + return buildObject(RequestedAttributes.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the requested attributes + */ + public final RequestedAttributes buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new RequestedAttributesImpl(namespaceURI, localName, + namespacePrefix); + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java new file mode 100644 index 000000000..a58a08a05 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesImpl.java @@ -0,0 +1,95 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.util.IndexedXMLObjectChildrenList; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import eu.stork.peps.auth.engine.core.RequestedAttributes; + +/** + * The Class RequestedAttributesImpl. + * + * @author fjquevedo + */ +public class RequestedAttributesImpl extends AbstractSAMLObject implements + RequestedAttributes { + + /** + * Instantiates a new requested attributes implement. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected RequestedAttributesImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + indexedChildren = new IndexedXMLObjectChildrenList(this); + } + + /** The indexed children. */ + private final IndexedXMLObjectChildrenList indexedChildren; + + /** + * Gets the indexed children. + * + * @return the indexed children + */ + public final IndexedXMLObjectChildrenList getIndexedChildren() { + return indexedChildren; + } + + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + + final ArrayList children = new ArrayList(); + + children.addAll(indexedChildren); + + return Collections.unmodifiableList(children); + + } + + /** + * Gets the attributes. + * + * @return the attributes + * + * @see eu.stork.peps.auth.engine.core.RequestedAttributes#getAttributes() + */ + @SuppressWarnings("unchecked") + public final List getAttributes() { + return (List) indexedChildren + .subList(RequestedAttribute.DEF_ELEMENT_NAME); + } + + @Override + public int hashCode() { + throw new UnsupportedOperationException("hashCode method not implemented"); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java new file mode 100644 index 000000000..955fe0318 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesMarshaller.java @@ -0,0 +1,33 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; + +/** + * The Class RequestedAttributesMarshaller. + * + * @author fjquevedo + */ +public class RequestedAttributesMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Instantiates a new requested attributes marshaller. + */ + public RequestedAttributesMarshaller() { + super(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java new file mode 100644 index 000000000..132d6cc59 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/RequestedAttributesUnmarshaller.java @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.UnmarshallingException; + +import eu.stork.peps.auth.engine.core.RequestedAttribute; +import eu.stork.peps.auth.engine.core.RequestedAttributes; + +/** + * The Class RequestedAttributesUnmarshaller. + * + * @author fjquevedo + */ +public class RequestedAttributesUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process child element. + * + * @param parentObject the parent object + * @param childObject the child object + * + * @throws UnmarshallingException error in unmarshall + */ + protected final void processChildElement(final XMLObject parentObject, + final XMLObject childObject) throws UnmarshallingException { + final RequestedAttributes attrStatement = (RequestedAttributes) parentObject; + + if (childObject instanceof RequestedAttribute) { + attrStatement.getAttributes().add((RequestedAttribute) childObject); + } else { + super.processChildElement(parentObject, childObject); + } + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java new file mode 100644 index 000000000..a35c77936 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationBuilder.java @@ -0,0 +1,51 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SPApplication; + +/** + * The Class SPApplicationBuilder. + * + * @author fjquevedo + */ +public class SPApplicationBuilder extends + AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the service provider application + */ + public final SPApplication buildObject() { + return buildObject(SPApplication.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the service provider application + */ + public final SPApplication buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new SPApplicationImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java new file mode 100644 index 000000000..6bb631a74 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationImpl.java @@ -0,0 +1,84 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPApplication; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class SPApplicationImpl. + * + * @author fjquevedo + */ +public class SPApplicationImpl extends AbstractSAMLObject implements + SPApplication { + + private static final Logger LOGGER = LoggerFactory.getLogger(SPApplicationImpl.class.getName()); + /** The service provider application. */ + private String spApplication; + + /** + * Instantiates a new service provider application. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPApplicationImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the service provider application. + * + * @return the service provider application + */ + public final String getSPApplication() { + return spApplication; + } + + /** + * Sets the service provider application. + * + * @param newSpApplication the new service provider application + */ + public final void setSPApplication(final String newSpApplication) { + this.spApplication = prepareForAssignment(this.spApplication, + newSpApplication); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java new file mode 100644 index 000000000..4866c3535 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationMarshaller.java @@ -0,0 +1,46 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SPApplication; + +/** + * The Class SPApplicationMarshaller. + * + * @author fjquevedo + */ +public class SPApplicationMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final SPApplication spApplication = (SPApplication) samlObject; + XMLHelper.appendTextContent(domElement, spApplication + .getSPApplication()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java new file mode 100644 index 000000000..a28432a13 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPApplicationUnmarshaller.java @@ -0,0 +1,42 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPApplication; + + +/** + * The Class SPApplicationUnmarshaller. + * + * @author fjquevedo + */ +public class SPApplicationUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final SPApplication spApplication = (SPApplication) samlObject; + spApplication.setSPApplication(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java new file mode 100644 index 000000000..48ec92f49 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryBuilder.java @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SPCountry; + +/** + * The Class SPCountryBuilder. + * + * @author fjquevedo + */ +public class SPCountryBuilder extends AbstractSAMLObjectBuilder { + + + /** + * Builds the object SPCountry. + * + * @return the service provider country + */ + public final SPCountry buildObject() { + return buildObject(SPCountry.DEF_ELEMENT_NAME); + } + + + /** + * Builds the object SPCountry. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the service provider country + */ + public final SPCountry buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new SPCountryImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java new file mode 100644 index 000000000..db58fb8be --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryImpl.java @@ -0,0 +1,82 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPCountry; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class SPCountryImpl. + * + * @author fjquevedo + */ +public class SPCountryImpl extends AbstractSAMLObject implements SPCountry { + + private static final Logger LOGGER = LoggerFactory.getLogger(SPCountryImpl.class.getName()); + /** The service provider country. */ + private String spCountry; + + /** + * Instantiates a new service provider country. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPCountryImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the service provider country. + * + * @return the service provider country + */ + public final String getSPCountry() { + return spCountry; + } + + /** + * Sets the service provider country. + * + * @param newSpCountry the new service provider country + */ + public final void setSPCountry(final String newSpCountry) { + this.spCountry = prepareForAssignment(this.spCountry, newSpCountry); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java new file mode 100644 index 000000000..e82634749 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryMarshaller.java @@ -0,0 +1,45 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SPCountry; + +/** + * The Class SPCountryMarshaller. + * + * @author fjquevedo + */ +public class SPCountryMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final SPCountry spCountry = (SPCountry) samlObject; + XMLHelper.appendTextContent(domElement, spCountry.getSPCountry()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java new file mode 100644 index 000000000..deb695ac6 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPCountryUnmarshaller.java @@ -0,0 +1,42 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPCountry; + + +/** + * The Class SPCountryUnmarshaller. + * + * @author fjquevedo + */ +public class SPCountryUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final SPCountry spCountry = (SPCountry) samlObject; + spCountry.setSPCountry(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java new file mode 100644 index 000000000..b3640947b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDBuilder.java @@ -0,0 +1,50 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SPID; + +/** + * The Class SPIDBuilder. + * + * @author iinigo + */ +public class SPIDBuilder extends AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the SP ID + */ + public final SPID buildObject() { + return buildObject(SPID.DEF_ELEMENT_NAME); + } + + /** + * Builds the object. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the citizen country code + */ + public final SPID buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new SPIDImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java new file mode 100644 index 000000000..0c7127273 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDImpl.java @@ -0,0 +1,82 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPID; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class SPIDImpl. + * + * @author iinigo + */ +public class SPIDImpl extends AbstractSAMLObject implements SPID { + + private static final Logger LOGGER = LoggerFactory.getLogger(SPIDImpl.class.getName()); + /** The citizen country code. */ + private String spId; + + /** + * Instantiates a new sP country impl. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPIDImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the SP ID. + * + * @return the SP ID + */ + public final String getSPID() { + return spId; + } + + /** + * Sets the SP ID. + * + * @param newSPID the new SP ID + */ + public final void setSPID(final String newSPID) { + this.spId = prepareForAssignment(this.spId, newSPID); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java new file mode 100644 index 000000000..24389522e --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDMarshaller.java @@ -0,0 +1,45 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SPID; + +/** + * The Class SPIDMarshaller. + * + * @author iinigo + */ +public class SPIDMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final SPID spid = (SPID) samlObject; + XMLHelper.appendTextContent(domElement, spid.getSPID()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java new file mode 100644 index 000000000..e4d230b94 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPIDUnmarshaller.java @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPID; + +/** + * The Class SPIDUnmarshaller. + * + * @author iinigo + */ +public class SPIDUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final SPID spid = (SPID) samlObject; + spid.setSPID(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java new file mode 100644 index 000000000..a6e1fe686 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationBuilder.java @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SAMLCore; +import eu.stork.peps.auth.engine.core.SPInformation; + +/** + * The Class SPInformation. + * + * @author iinigo + */ +public final class SPInformationBuilder extends AbstractSAMLObjectBuilder { + + + /** {@inheritDoc} */ + public SPInformation buildObject() { + return buildObject(SAMLCore.STORK10P_NS.getValue(), SPInformation.DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); + } + + /** {@inheritDoc} */ + public SPInformation buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { + return new SPInformationImpl(namespaceURI, localName, namespacePrefix); + } + +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java new file mode 100644 index 000000000..b5609600d --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationImpl.java @@ -0,0 +1,110 @@ +/* + * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.opensaml.common.impl.AbstractSignableSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPID; +import eu.stork.peps.auth.engine.core.SPInformation; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + +/** + * The Class SPInformationImpl. + * + * @author iinigo + */ +public final class SPInformationImpl extends AbstractSignableSAMLObject implements +SPInformation { + + private static final Logger LOGGER = LoggerFactory.getLogger(SPInformationImpl.class.getName()); + /** The citizen country code. */ + private SPID spId; + + + /** + * Instantiates a new requested attributes implement. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPInformationImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + /** + * getSPId. + * + * @return the SP ID + */ + public SPID getSPID() { + return spId; + } + + /** + * Gets the ordered children. + * + * @return the ordered children + * + */ + public List getOrderedChildren() { + final ArrayList children = new ArrayList(); + + children.add(spId); + + if (getSignature() != null) { + children.add(getSignature()); + } + + return Collections.unmodifiableList(children); + + } + + /** + * Gets the signature reference id. + * + * @return the signature reference id + * + */ + public String getSignatureReferenceID() { + return null; + } + + /** + * Sets the SP Id. + * + * @param newSPId the new SP Id + * + */ + public void setSPID(SPID newSPId) { + this.spId = prepareForAssignment(this.spId, newSPId); + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java new file mode 100644 index 000000000..44845948c --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationMarshaller.java @@ -0,0 +1,33 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; + +/** + * The Class SPInformationMarshaller. + * + * @author iinigo + */ +public class SPInformationMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Instantiates a new SP Information marshaller. + */ + public SPInformationMarshaller() { + super(); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java new file mode 100644 index 000000000..79b0b0f35 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInformationUnmarshaller.java @@ -0,0 +1,52 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.UnmarshallingException; + +import eu.stork.peps.auth.engine.core.SPID; +import eu.stork.peps.auth.engine.core.SPInformation; + +/** + * The Class SPInformationUnmarshaller. + * + * @author iinigo + */ +public class SPInformationUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process child element. + * + * @param parentObject the parent object + * @param childObject the child object + * + * @throws UnmarshallingException the unmarshalling exception + * + */ + protected final void processChildElement(final XMLObject parentObject, + final XMLObject childObject) throws UnmarshallingException { + final SPInformation spInformation = (SPInformation) parentObject; + + if (childObject instanceof SPID) { + spInformation.setSPID((SPID) childObject); + } else { + super.processChildElement(parentObject, childObject); + } + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java new file mode 100644 index 000000000..fe47cf99c --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionBuilder.java @@ -0,0 +1,51 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SPInstitution; + +/** + * The Class SPInstitutionBuilder. + * + * @author fjquevedo + */ +public class SPInstitutionBuilder extends + AbstractSAMLObjectBuilder { + + /** + * Builds the object. + * + * @return the service provider institution + */ + public final SPInstitution buildObject() { + return buildObject(SPInstitution.DEF_ELEMENT_NAME); + } + + /** + * Builds the object SPInstitution. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the service provider institution + */ + public final SPInstitution buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new SPInstitutionImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java new file mode 100644 index 000000000..cf1760446 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionImpl.java @@ -0,0 +1,84 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPInstitution; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class SPInstitutionImpl. + * + * @author fjquevedo + */ +public class SPInstitutionImpl extends AbstractSAMLObject implements + SPInstitution { + + private static final Logger LOGGER = LoggerFactory.getLogger(SPInstitutionImpl.class.getName()); + /** The service provider institution. */ + private String spInstitution; + + /** + * Instantiates a new service provider institution. + * + * @param namespaceURI the namespace uri + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPInstitutionImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + /** + * Gets the service provider institution. + * + * @return the service provider institution + */ + public final String getSPInstitution() { + return spInstitution; + } + + /** + * Sets the service provider institution. + * + * @param newSpInstitution the new service provider institution + */ + public final void setSPInstitution(final String newSpInstitution) { + this.spInstitution = prepareForAssignment(this.spInstitution, + newSpInstitution); + } + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } + } diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java new file mode 100644 index 000000000..504a1f035 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionMarshaller.java @@ -0,0 +1,46 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SPInstitution; + +/** + * The Class SPInstitutionMarshaller. + * + * @author fjquevedo + */ +public class SPInstitutionMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final SPInstitution spInstitution = (SPInstitution) samlObject; + XMLHelper.appendTextContent(domElement, spInstitution + .getSPInstitution()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java new file mode 100644 index 000000000..103d5f2b2 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPInstitutionUnmarshaller.java @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPInstitution; + +/** + * The Class SPInstitutionUnmarshaller. + * + * @author fjquevedo + */ +public class SPInstitutionUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final SPInstitution spInstitution = (SPInstitution) samlObject; + spInstitution.setSPInstitution(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java new file mode 100644 index 000000000..a691b9008 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorBuilder.java @@ -0,0 +1,50 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SPSector; + +/** + * The Class SPSectorBuilder. + * + * @author fjquevedo + */ +public class SPSectorBuilder extends AbstractSAMLObjectBuilder { + + /** + * Builds the object SPSector. + * + * @return the service provider sector. + */ + public final SPSector buildObject() { + return buildObject(SPSector.DEF_ELEMENT_NAME); + } + + /** + * Builds the object SPSector. + * + * @param namespaceURI the namespace uri + * @param localName the local name + * @param namespacePrefix the namespace prefix + * @return the service provider sector + */ + public final SPSector buildObject(final String namespaceURI, + final String localName, final String namespacePrefix) { + return new SPSectorImpl(namespaceURI, localName, namespacePrefix); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java new file mode 100644 index 000000000..a29810dd4 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorImpl.java @@ -0,0 +1,84 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.List; + +import org.opensaml.common.impl.AbstractSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPSector; + + +/** + * The Class SPSectorImpl. + * + * @author fjquevedo + */ +public class SPSectorImpl extends AbstractSAMLObject implements SPSector { + + /** The service provider sector. */ + private String spSector; + + /** + * Instantiates a new Service provider sector implementation. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected SPSectorImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + /** + * Gets the service provider sector. + * + * @return the SP sector + * + * @see eu.stork.peps.auth.engine.core.SPSector#getSPSector() + */ + public final String getSPSector() { + return spSector; + } + + + /** + * Sets the service provider sector. + * + * @param newSpSector the new service provider sector + */ + public final void setSPSector(final String newSpSector) { + this.spSector = prepareForAssignment(this.spSector, newSpSector); + } + + + /** + * Gets the ordered children. + * + * @return the ordered children + */ + public final List getOrderedChildren() { + return null; + } + + @Override + public int hashCode() { + throw new UnsupportedOperationException("hashCode method not implemented"); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java new file mode 100644 index 000000000..c5331e8f4 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorMarshaller.java @@ -0,0 +1,45 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.Element; + +import eu.stork.peps.auth.engine.core.SPSector; + +/** + * The Class SPSectorMarshaller. + * + * @author fjquevedo + */ +public class SPSectorMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Marshall element content. + * + * @param samlObject the SAML object + * @param domElement the DOM element + * @throws MarshallingException the marshalling exception + */ + protected final void marshallElementContent(final XMLObject samlObject, + final Element domElement) throws MarshallingException { + final SPSector spSector = (SPSector) samlObject; + XMLHelper.appendTextContent(domElement, spSector.getSPSector()); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java new file mode 100644 index 000000000..cbb05c6e5 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SPSectorUnmarshaller.java @@ -0,0 +1,42 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.SPSector; + +/** + * The Class SPSectorUnmarshaller. + * + * @author fjquevedo + */ +public class SPSectorUnmarshaller extends AbstractSAMLObjectUnmarshaller { + + + /** + * Process element content. + * + * @param samlObject the SAML object + * @param elementContent the element content + */ + protected final void processElementContent(final XMLObject samlObject, + final String elementContent) { + final SPSector spSector = (SPSector) samlObject; + spSector.setSPSector(elementContent); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java new file mode 100644 index 000000000..2db14f543 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignHW.java @@ -0,0 +1,399 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.io.IOException; +import java.io.InputStream; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.Provider; +import java.security.Security; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.InvalidPropertiesFormatException; +import java.util.List; +import java.util.Properties; + +import eu.stork.peps.auth.engine.X509PrincipalUtil; +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.NotImplementedException; +import org.bouncycastle.jce.X509Principal; +import org.opensaml.common.SAMLObject; +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.security.SAMLSignatureProfileValidator; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.security.SecurityConfiguration; +import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; +import org.opensaml.xml.security.keyinfo.KeyInfoHelper; +import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; +import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; +import org.opensaml.xml.security.x509.BasicX509Credential; +import org.opensaml.xml.signature.KeyInfo; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureConstants; +import org.opensaml.xml.signature.SignatureException; +import org.opensaml.xml.signature.SignatureValidator; +import org.opensaml.xml.signature.Signer; +import org.opensaml.xml.validation.ValidationException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + + +import eu.stork.peps.auth.engine.core.SAMLEngineSignI; +import eu.stork.peps.exceptions.SAMLEngineException; + +/** + * The Class HWSign. Module of sign. + * + * @author fjquevedo + */ +public final class SignHW implements SAMLEngineSignI { + + /** The Constant CONFIGURATION_FILE. */ + private static final String CONF_FILE = "configurationFile"; + + /** The Constant KEYSTORE_TYPE. + private static final String KEYSTORE_TYPE = "keystoreType" */ + + /** The logger. */ + private static final Logger LOG = LoggerFactory.getLogger(SignHW.class + .getName()); + + /** The stork own key store. */ + private KeyStore storkOwnKeyStore = null; + + /** + * Gets the stork own key store. + * + * @return the stork own key store + */ + public KeyStore getStorkOwnKeyStore() { + return storkOwnKeyStore; + } + + /** + * Gets the stork trustStore. + * + * @return the stork own key store + */ + public KeyStore getTrustStore() { + return storkOwnKeyStore; + } + + /** + * Sets the stork own key store. + * + * @param newkOwnKeyStore the new stork own key store + */ + public void setStorkOwnKeyStore(final KeyStore newkOwnKeyStore) { + this.storkOwnKeyStore = newkOwnKeyStore; + } + + /** + * Gets the properties. + * + * @return the properties + */ + public Properties getProperties() { + return properties; + } + + /** + * Sets the properties. + * + * @param newProperties the new properties + */ + public void setProperties(final Properties newProperties) { + this.properties = newProperties; + } + + /** The HW sign prop. */ + private Properties properties = null; + + /** + * @see + * eu.stork.peps.auth.engine.core.SAMLEngineSignI#init(java.lang.String) + * @param fileConf file of configuration + * @throws SAMLEngineException error in read file + */ + public void init(final String fileConf) + throws SAMLEngineException { + InputStream inputStr = null; + try { + inputStr = SignHW.class.getResourceAsStream("/" + + fileConf); + properties = new Properties(); + + properties.loadFromXML(inputStr); + } catch (final InvalidPropertiesFormatException e) { + LOG.info("Exception: invalid properties format."); + throw new SAMLEngineException(e); + } catch (IOException e) { + LOG.info("Exception: invalid file: " + fileConf); + throw new SAMLEngineException(e); + } finally { + IOUtils.closeQuietly(inputStr); + } + } + + + /** + * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#getCertificate() + * @return the X509Certificate. + */ + public X509Certificate getCertificate() { + throw new NotImplementedException(); + } + + /** + * @see + * eu.stork.peps.auth.engine.core.SAMLEngineSignI#sign(SignableSAMLObject tokenSaml) + * @param tokenSaml signable SAML Object + * @return the SAMLObject signed. + * @throws SAMLEngineException error in sign token saml + */ + public SAMLObject sign(final SignableSAMLObject tokenSaml) throws SAMLEngineException { + + try { + LOG.info("Star procces of sign"); + final char[] pin = properties.getProperty("keyPassword") + .toCharArray(); + + storkOwnKeyStore.load(null, pin); + + final String serialNumber = properties.getProperty("serialNumber"); + final String issuer = properties.getProperty("issuer"); + + String alias = null; + String aliasCert; + X509Certificate certificate; + + boolean find = false; + for (final Enumeration e = storkOwnKeyStore.aliases(); e + .hasMoreElements() && !find;) { + aliasCert = e.nextElement(); + certificate = (X509Certificate) storkOwnKeyStore + .getCertificate(aliasCert); + // Verified serial number, issuer + + final String serialNum = certificate.getSerialNumber() + .toString(16); + X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); + X509Principal issuerDNConf = new X509Principal(issuer); + + if(serialNum.equalsIgnoreCase(serialNumber) + && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){ + alias = aliasCert; + find = true; + } + + } + + if (!find) { + throw new SAMLEngineException("Certificate cannot be found in keystore "); + } + certificate = (X509Certificate) storkOwnKeyStore.getCertificate(alias); + final PrivateKey privateKey = (PrivateKey) storkOwnKeyStore.getKey( + alias, pin); + + LOG.info("Recover BasicX509Credential."); + final BasicX509Credential credential = new BasicX509Credential(); + + LOG.debug("Load certificate"); + credential.setEntityCertificate(certificate); + + LOG.debug("Load privateKey"); + credential.setPrivateKey(privateKey); + + LOG.info("Star procces of sign"); + final Signature signature = (Signature) org.opensaml.xml.Configuration + .getBuilderFactory().getBuilder( + Signature.DEFAULT_ELEMENT_NAME).buildObject( + Signature.DEFAULT_ELEMENT_NAME); + + LOG.debug("Begin signature with openSaml"); + signature.setSigningCredential(credential); + + signature.setSignatureAlgorithm( + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); + + + + final SecurityConfiguration securityConf = + org.opensaml.xml.Configuration.getGlobalSecurityConfiguration(); + final NamedKeyInfoGeneratorManager keyInfoManager = securityConf + .getKeyInfoGeneratorManager(); + final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager + .getDefaultManager(); + final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager + .getFactory(credential); + final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac + .newInstance(); + + final KeyInfo keyInfo = keyInfoGenerator.generate(credential); + + signature.setKeyInfo(keyInfo); + + LOG.debug("Set Canonicalization Algorithm"); + signature.setCanonicalizationAlgorithm( + SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + + tokenSaml.setSignature(signature); + + LOG.debug("Marshall samlToken."); + org.opensaml.xml.Configuration.getMarshallerFactory() + .getMarshaller(tokenSaml).marshall(tokenSaml); + + LOG.info("Sign samlToken."); + Signer.signObject(signature); + + } catch (final MarshallingException e) { + LOG.error("MarshallingException"); + throw new SAMLEngineException(e); + } catch (final NoSuchAlgorithmException e) { + LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); + throw new SAMLEngineException(e); + } catch (final KeyStoreException e) { + LOG.error("Generic KeyStore exception."); + throw new SAMLEngineException(e); + } catch (final SignatureException e) { + LOG.error("Signature exception."); + throw new SAMLEngineException(e); + } catch (final SecurityException e) { + LOG.error("Security exception."); + throw new SAMLEngineException(e); + } catch (final CertificateException e) { + LOG.error("Certificate exception."); + throw new SAMLEngineException(e); + } catch (final IOException e) { + LOG.error("IO exception."); + throw new SAMLEngineException(e); + } catch (final UnrecoverableKeyException e) { + LOG.error("UnrecoverableKeyException exception."); + throw new SAMLEngineException(e); + } + + return tokenSaml; + } + + /** + * @see + * eu.stork.peps.auth.engine.core.SAMLEngineSignI#validateSignature(SignableSAMLObject) + * @param tokenSaml the token saml + * @return the SAMLObject validated. + * @throws SAMLEngineException exception in validate signature + */ + public SAMLObject validateSignature(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.info("Start signature validation."); + try { + + // Validate structure signature + final SAMLSignatureProfileValidator signProfValidator = + new SAMLSignatureProfileValidator(); + + // Indicates signature id conform to SAML Signature profile + signProfValidator.validate(tokenSaml.getSignature()); + + String aliasCert; + X509Certificate certificate; + + final List trustedCred = new ArrayList(); + + for (final Enumeration e = storkOwnKeyStore.aliases(); e + .hasMoreElements();) { + aliasCert = e.nextElement(); + final BasicX509Credential credential = new BasicX509Credential(); + certificate = (X509Certificate) storkOwnKeyStore + .getCertificate(aliasCert); + credential.setEntityCertificate(certificate); + trustedCred.add(credential); + } + + final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); + final List listCertificates = KeyInfoHelper + .getCertificates(keyInfo); + + if (listCertificates.size() != 1) { + throw new SAMLEngineException("Only must be one certificate"); + } + + // Exist only one certificate + final BasicX509Credential entityX509Cred = new BasicX509Credential(); + entityX509Cred.setEntityCertificate(listCertificates.get(0)); + + final ExplicitKeyTrustEvaluator keyTrustEvaluator = + new ExplicitKeyTrustEvaluator(); + if (!keyTrustEvaluator.validate(entityX509Cred, trustedCred)) { + throw new SAMLEngineException("Certificate it is not trusted."); + } + + final SignatureValidator sigValidator = new SignatureValidator( + entityX509Cred); + + sigValidator.validate(tokenSaml.getSignature()); + + } catch (final ValidationException e) { + LOG.error("ValidationException.", e); + throw new SAMLEngineException(e); + } catch (final KeyStoreException e) { + LOG.error("ValidationException.", e); + throw new SAMLEngineException(e); + } catch (final CertificateException e) { + LOG.error("CertificateException.", e); + throw new SAMLEngineException(e); + } + return tokenSaml; + } + + /** + * load cryptographic service provider. + * + * @throws SAMLEngineException the SAML engine exception + * Note this class was using pkcs11Provider + * final Provider pkcs11Provider = new sun.security.pkcs11.SunPKCS11(inputStream) + * if (Security.getProperty(pkcs11Provider.getName()) == null) { + * Security.insertProviderAt(pkcs11Provider, Security .getProviders().length) + * } + * storkOwnKeyStore = KeyStore.getInstance(properties.getProperty(KEYSTORE_TYPE)) + */ + public void loadCryptServiceProvider() throws SAMLEngineException { + LOG.info("Load Cryptographic Service Provider"); + InputStream inputStream = null; + + try { + inputStream = SignHW.class.getResourceAsStream("/" + + properties.getProperty(CONF_FILE)); + + } catch (final Exception e) { + throw new SAMLEngineException( + "Error loading CryptographicServiceProvider", e); + } finally { + IOUtils.closeQuietly(inputStream); + } + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java new file mode 100644 index 000000000..2adefddbd --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignModuleFactory.java @@ -0,0 +1,64 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.engine.core.SAMLEngineSignI; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * The Class ModuleSignFactory. + * + * @author fjquevedo + * + */ + +public final class SignModuleFactory { + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(SignModuleFactory.class.getName()); + + /** + * Instantiates a new module sign factory. + */ + private SignModuleFactory() { + + } + + /** + * Gets the single instance of SignModuleFactory. + * + * @param className the class name + * + * @return single instance of SignModuleFactory + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static SAMLEngineSignI getInstance(final String className) + throws STORKSAMLEngineException { + LOG.info("[START]SignModuleFactory static"); + try { + final Class cls = Class.forName(className); + return (SAMLEngineSignI) cls.newInstance(); + } catch (Exception e) { + throw new STORKSAMLEngineException(e); + } + + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java new file mode 100644 index 000000000..33ed05515 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignP12.java @@ -0,0 +1,468 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.io.ByteArrayInputStream; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.Provider; +import java.security.Security; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.InvalidPropertiesFormatException; +import java.util.List; +import java.util.Properties; + +import eu.stork.peps.auth.engine.X509PrincipalUtil; +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.NotImplementedException; +import org.bouncycastle.jce.X509Principal; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.opensaml.Configuration; +import org.opensaml.common.SAMLObject; +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.security.SAMLSignatureProfileValidator; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.security.SecurityConfiguration; +import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; +import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; +import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; +import org.opensaml.xml.security.x509.BasicX509Credential; +import org.opensaml.xml.signature.KeyInfo; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureConstants; +import org.opensaml.xml.signature.SignatureException; +import org.opensaml.xml.signature.SignatureValidator; +import org.opensaml.xml.signature.Signer; +import org.opensaml.xml.util.Base64; +import org.opensaml.xml.validation.ValidationException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.engine.core.SAMLEngineSignI; +import eu.stork.peps.exceptions.SAMLEngineException; + +/** + * The Class SWSign. Class responsible for signing and validating of messages + * SAML with a certificate store software. + * + * @author fjquevedo + */ +public final class SignP12 implements SAMLEngineSignI { + + /** The logger. */ + private static final Logger LOG = LoggerFactory.getLogger(SignP12.class + .getName()); + + + /** The p12 store. */ + private KeyStore p12Store = null; + + + /** The trust store. */ + private KeyStore trustStore = null; + + + /** + * Gets the trust store. + * + * @return the trust store + */ + public KeyStore getTrustStore() { + return trustStore; + } + + /** + * Sets the trust store. + * + * @param newTrustStore the new trust store + */ + public void setTrustStore(final KeyStore newTrustStore) { + this.trustStore = newTrustStore; + } + + /** + * The instance. + * + * @return the properties + */ + + public Properties getProperties() { + return properties; + } + + + + /** + * Gets the p12 store. + * + * @return the p12 store + */ + public KeyStore getP12Store() { + return p12Store; + } + + + + /** + * Sets the p12 store. + * + * @param newP12Store the new p12 store + */ + public void setP12Store(final KeyStore newP12Store) { + this.p12Store = newP12Store; + } + + + + /** + * Sets the properties. + * + * @param newProperties the new properties + */ + public void setProperties(final Properties newProperties) { + this.properties = newProperties; + } + + /** The SW sign prop. */ + private Properties properties = null; + + + /** + * Initialize the file configuration. + * + * @param fileConf name of the file configuration + * + * @throws SAMLEngineException error at the load from file configuration + */ + public void init(final String fileConf) throws SAMLEngineException { + InputStream fileProperties = null; + properties = new Properties(); + try { + try { + LOG.debug("Fichero a cargar " + fileConf); + fileProperties = new FileInputStream(fileConf); + properties.loadFromXML(fileProperties); + } catch (Exception e) { + LOG.error("Fallo al cargar el recurso externo. Se reintenta como fichero interno."); + fileProperties = SignP12.class.getResourceAsStream("/" + fileConf); + if (fileProperties == null) { + fileProperties = Thread.currentThread().getContextClassLoader().getResourceAsStream(fileConf); + if (fileProperties == null) { + Enumeration files = ClassLoader.getSystemClassLoader().getResources(fileConf); + if (files != null && files.hasMoreElements()) { + LOG.info("Se han encontrado recurso/s. Se toma el primero."); + fileProperties = ClassLoader.getSystemClassLoader().getResourceAsStream(files.nextElement().getFile()); + } else { + throw new IOException("No se pudo recuperar el fichero: " + fileConf, e); + } + } + } + LOG.debug("Recuperados " + fileProperties.available() + " bytes"); + properties.loadFromXML(fileProperties); + } + } catch (InvalidPropertiesFormatException e) { + LOG.info("Exception: invalid properties format."); + throw new SAMLEngineException(e); + } catch (IOException e) { + LOG.info("Exception: invalid file: " + fileConf); + throw new SAMLEngineException(e); + } finally { + IOUtils.closeQuietly(fileProperties); + } + } + + /** + * Gets the certificate. + * + * @return the X509Certificate + * + */ + public X509Certificate getCertificate() { + throw new NotImplementedException(); + } + + /** + * Sign the token SAML. + * + * @param tokenSaml token SAML + * + * @return the X509Certificate signed. + * + * @throws SAMLEngineException error at sign SAML token + * + */ + public SAMLObject sign(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.info("Start Sign process"); + try { + + final String serialNumber = properties.getProperty("serialNumber"); + final String issuer = properties.getProperty("issuer"); + + String alias = null; + String aliasCert; + X509Certificate certificate; + + boolean find = false; + for (final Enumeration e = p12Store.aliases(); e + .hasMoreElements() && !find;) { + aliasCert = e.nextElement(); + certificate = (X509Certificate) p12Store + .getCertificate(aliasCert); + + final String serialNum = certificate.getSerialNumber() + .toString(16); + + X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); + X509Principal issuerDNConf = new X509Principal(issuer); + + if(serialNum.equalsIgnoreCase(serialNumber) + && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){ + alias = aliasCert; + find = true; + } + + } + + certificate = (X509Certificate) p12Store + .getCertificate(alias); + final PrivateKey privateKey = (PrivateKey) p12Store.getKey( + alias, properties.getProperty("keyPassword").toCharArray()); + + LOG.info("Recover BasicX509Credential."); + final BasicX509Credential credential = new BasicX509Credential(); + + LOG.debug("Load certificate"); + credential.setEntityCertificate(certificate); + + LOG.debug("Load privateKey"); + credential.setPrivateKey(privateKey); + + LOG.debug("Begin signature with openSaml"); + final Signature signature = (Signature) Configuration + .getBuilderFactory().getBuilder( + Signature.DEFAULT_ELEMENT_NAME).buildObject( + Signature.DEFAULT_ELEMENT_NAME); + + signature.setSigningCredential(credential); + + signature.setSignatureAlgorithm( + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); + + final SecurityConfiguration secConfiguration = Configuration + .getGlobalSecurityConfiguration(); + final NamedKeyInfoGeneratorManager keyInfoManager = secConfiguration + .getKeyInfoGeneratorManager(); + final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager + .getDefaultManager(); + final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager + .getFactory(credential); + final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac + .newInstance(); + + final KeyInfo keyInfo = keyInfoGenerator.generate(credential); + + signature.setKeyInfo(keyInfo); + signature.setCanonicalizationAlgorithm( + SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + + tokenSaml.setSignature(signature); + + LOG.info("Marshall samlToken."); + Configuration.getMarshallerFactory().getMarshaller(tokenSaml) + .marshall(tokenSaml); + + LOG.info("Sign samlToken."); + Signer.signObject(signature); + + } catch (MarshallingException e) { + LOG.error("MarshallingException"); + throw new SAMLEngineException(e); + } catch (NoSuchAlgorithmException e) { + LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); + throw new SAMLEngineException(e); + } catch (KeyStoreException e) { + LOG.error("Generic KeyStore exception."); + throw new SAMLEngineException(e); + } catch (SignatureException e) { + LOG.error("Signature exception."); + throw new SAMLEngineException(e); + } catch (SecurityException e) { + LOG.error("Security exception."); + throw new SAMLEngineException(e); + } catch (UnrecoverableKeyException e) { + LOG.error("UnrecoverableKey exception."); + throw new SAMLEngineException(e); + } + + return tokenSaml; + } + + /** + * Validate signature. + * + * @param tokenSaml token SAML + * + * @return the SAMLObject validated. + * + * @throws SAMLEngineException error validate signature + * + */ + public SAMLObject validateSignature(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.info("Start signature validation."); + try { + + // Validate structure signature + final SAMLSignatureProfileValidator sigProfValidator = + new SAMLSignatureProfileValidator(); + try { + // Indicates signature id conform to SAML Signature profile + sigProfValidator.validate(tokenSaml.getSignature()); + } catch (ValidationException e) { + LOG.error("ValidationException: signature isn't conform to SAML Signature profile."); + throw new SAMLEngineException(e); + } + + String aliasCert = null; + X509Certificate certificate; + + final List trustCred = new ArrayList(); + + for (final Enumeration e = trustStore.aliases(); e + .hasMoreElements();) { + aliasCert = e.nextElement(); + final BasicX509Credential credential = new BasicX509Credential(); + certificate = (X509Certificate) trustStore + .getCertificate(aliasCert); + credential.setEntityCertificate(certificate); + trustCred.add(credential); + } + + final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); + + final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo + .getX509Datas().get(0).getX509Certificates().get(0); + + final CertificateFactory certFact = CertificateFactory + .getInstance("X.509"); + final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 + .decode(xmlCert.getValue())); + final X509Certificate cert = (X509Certificate) certFact + .generateCertificate(bis); + + // Exist only one certificate + final BasicX509Credential entityX509Cred = new BasicX509Credential(); + entityX509Cred.setEntityCertificate(cert); + + // Validate trust certificates + final ExplicitKeyTrustEvaluator keyTrustEvaluator = + new ExplicitKeyTrustEvaluator(); + if (!keyTrustEvaluator.validate(entityX509Cred, trustCred)) { + throw new SAMLEngineException("Certificate it is not trusted."); + } + + // Validate signature + final SignatureValidator sigValidator = new SignatureValidator( + entityX509Cred); + sigValidator.validate(tokenSaml.getSignature()); + + } catch (ValidationException e) { + LOG.error("ValidationException."); + throw new SAMLEngineException(e); + } catch (KeyStoreException e) { + LOG.error("KeyStoreException.", e); + throw new SAMLEngineException(e); + } catch (GeneralSecurityException e) { + LOG.error("GeneralSecurityException.", e); + throw new SAMLEngineException(e); + } + return tokenSaml; + } + + + /** + * Load cryptographic service provider. + * + * @throws SAMLEngineException the SAML engine exception + */ + public void loadCryptServiceProvider() throws SAMLEngineException { + LOG.info("Load Cryptographic Service Provider"); + + FileInputStream fis = null; + FileInputStream fisTrustStore = null; + + try { + // Dynamically register Bouncy Castle provider. + boolean found = false; + // Check if BouncyCastle is already registered as a provider + final Provider[] providers = Security.getProviders(); + for (int i = 0; i < providers.length; i++) { + if (providers[i].getName().equals( + BouncyCastleProvider.PROVIDER_NAME)) { + found = true; + } + } + + // Register only if the provider has not been previously registered + if (!found) { + LOG.debug("SAMLCore: Register Bouncy Castle provider."); + Security.insertProviderAt(new BouncyCastleProvider(), Security + .getProviders().length); + } + + p12Store = KeyStore.getInstance(properties + .getProperty("keystoreType")); + + fis = new FileInputStream(properties + .getProperty("keystorePath")); + + p12Store.load(fis, properties.getProperty( + "keyStorePassword").toCharArray()); + + + trustStore = KeyStore.getInstance(properties + .getProperty("trustStoreType")); + + fisTrustStore = new FileInputStream(properties + .getProperty("trustStorePath")); + trustStore.load(fisTrustStore, properties.getProperty( + "trustStorePassword").toCharArray()); + + } catch (Exception e) { + throw new SAMLEngineException( + "Error loading CryptographicServiceProvider", e); + } finally { + IOUtils.closeQuietly(fis); + IOUtils.closeQuietly(fisTrustStore); + } + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java new file mode 100644 index 000000000..4c7bb18a3 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/SignSW.java @@ -0,0 +1,423 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.io.ByteArrayInputStream; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.Provider; +import java.security.Security; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.InvalidPropertiesFormatException; +import java.util.List; +import java.util.Properties; + +import eu.stork.peps.auth.engine.X509PrincipalUtil; +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.NotImplementedException; +import org.bouncycastle.jce.X509Principal; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.opensaml.Configuration; +import org.opensaml.common.SAMLObject; +import org.opensaml.common.SignableSAMLObject; +import org.opensaml.security.SAMLSignatureProfileValidator; +import org.opensaml.xml.io.MarshallingException; +import org.opensaml.xml.security.SecurityConfiguration; +import org.opensaml.xml.security.SecurityException; +import org.opensaml.xml.security.credential.Credential; +import org.opensaml.xml.security.keyinfo.KeyInfoGenerator; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorFactory; +import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager; +import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager; +import org.opensaml.xml.security.trust.ExplicitKeyTrustEvaluator; +import org.opensaml.xml.security.x509.BasicX509Credential; +import org.opensaml.xml.signature.KeyInfo; +import org.opensaml.xml.signature.Signature; +import org.opensaml.xml.signature.SignatureConstants; +import org.opensaml.xml.signature.SignatureException; +import org.opensaml.xml.signature.SignatureValidator; +import org.opensaml.xml.signature.Signer; +import org.opensaml.xml.util.Base64; +import org.opensaml.xml.validation.ValidationException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.engine.core.SAMLEngineSignI; +import eu.stork.peps.exceptions.SAMLEngineException; + + +/** + * The Class SWSign. Class responsible for signing and validating of messages + * SAML with a certificate store software. + * + * @author fjquevedo + */ +public class SignSW implements SAMLEngineSignI { + + /** The Constant KEYSTORE_TYPE. */ + private static final String KEYSTORE_TYPE = "keystoreType"; + + /** The Constant KEY_STORE_PASSWORD. */ + private static final String KEY_STORE_PASS = "keyStorePassword"; + + /** The logger. */ + private static final Logger LOG = LoggerFactory.getLogger(SignSW.class + .getName()); + + /** The stork own key store. */ + private KeyStore storkOwnKeyStore = null; + + /** + * The instance. + * + * @return the properties + */ + + public final Properties getProperties() { + return properties; + } + + /** + * Gets the stork own key store. + * + * @return the stork own key store + */ + public final KeyStore getStorkOwnKeyStore() { + return storkOwnKeyStore; + } + + /** + * Gets the stork trustStore. + * + * @return the stork own key store + */ + public KeyStore getTrustStore() { + return storkOwnKeyStore; + } + + /** + * Sets the stork own key store. + * + * @param newkOwnKeyStore the new stork own key store + */ + public final void setStorkOwnKeyStore(final KeyStore newkOwnKeyStore) { + this.storkOwnKeyStore = newkOwnKeyStore; + } + + /** + * Sets the properties. + * + * @param newProperties the new properties + */ + public final void setProperties(final Properties newProperties) { + this.properties = newProperties; + } + + /** The SW sign prop. */ + private Properties properties = null; + + + /** + * Inits the file configuration. + * + * @param fileConf name of the file configuration + * + * @throws SAMLEngineException error at the load from file configuration + */ + public final void init(final String fileConf) + throws SAMLEngineException { + InputStream fileProperties = null; + try { + fileProperties = SignSW.class.getResourceAsStream("/" + + fileConf); + properties = new Properties(); + + properties.loadFromXML(fileProperties); + fileProperties.close(); + } catch (InvalidPropertiesFormatException e) { + LOG.info("Exception: invalid properties format."); + throw new SAMLEngineException(e); + } catch (IOException e) { + LOG.info("Exception: invalid file: " + fileConf); + throw new SAMLEngineException(e); + } finally { + IOUtils.closeQuietly(fileProperties); + } + } + + /** + * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#getCertificate() + * @return the X509Certificate + */ + public final X509Certificate getCertificate() { + throw new NotImplementedException(); + } + + + /** + * Sign the token SAML. + * + * @param tokenSaml the token SAML. + * + * @return the SAML object + * + * @throws SAMLEngineException the SAML engine exception + * + */ + public final SAMLObject sign(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.info("Start Sign process."); + try { + final String serialNumber = properties.getProperty("serialNumber"); + final String issuer = properties.getProperty("issuer"); + + String alias = null; + String aliasCert; + X509Certificate certificate; + boolean find = false; + + for (final Enumeration e = storkOwnKeyStore.aliases(); e + .hasMoreElements() && !find; ) { + aliasCert = e.nextElement(); + certificate = (X509Certificate) storkOwnKeyStore + .getCertificate(aliasCert); + + final String serialNum = certificate.getSerialNumber() + .toString(16); + + X509Principal issuerDN = new X509Principal(certificate.getIssuerDN().getName()); + X509Principal issuerDNConf = new X509Principal(issuer); + + if(serialNum.equalsIgnoreCase(serialNumber) + && X509PrincipalUtil.equals(issuerDN, issuerDNConf)){ + alias = aliasCert; + find = true; + } + } + if (!find) { + throw new SAMLEngineException("Certificate cannot be found in keystore "); + } + certificate = (X509Certificate) storkOwnKeyStore.getCertificate(alias); + final PrivateKey privateKey = (PrivateKey) storkOwnKeyStore.getKey( + alias, properties.getProperty("keyPassword").toCharArray()); + + LOG.info("Recover BasicX509Credential."); + final BasicX509Credential credential = new BasicX509Credential(); + + LOG.debug("Load certificate"); + credential.setEntityCertificate(certificate); + + LOG.debug("Load privateKey"); + credential.setPrivateKey(privateKey); + + LOG.debug("Begin signature with openSaml"); + final Signature signature = (Signature) Configuration + .getBuilderFactory().getBuilder( + Signature.DEFAULT_ELEMENT_NAME).buildObject( + Signature.DEFAULT_ELEMENT_NAME); + + signature.setSigningCredential(credential); + + signature.setSignatureAlgorithm( + SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1); + + + final SecurityConfiguration secConfiguration = Configuration + .getGlobalSecurityConfiguration(); + final NamedKeyInfoGeneratorManager keyInfoManager = secConfiguration + .getKeyInfoGeneratorManager(); + final KeyInfoGeneratorManager keyInfoGenManager = keyInfoManager + .getDefaultManager(); + final KeyInfoGeneratorFactory keyInfoGenFac = keyInfoGenManager + .getFactory(credential); + final KeyInfoGenerator keyInfoGenerator = keyInfoGenFac + .newInstance(); + + KeyInfo keyInfo = keyInfoGenerator.generate(credential); + + signature.setKeyInfo(keyInfo); + signature.setCanonicalizationAlgorithm( + SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS); + + tokenSaml.setSignature(signature); + + LOG.info("Marshall samlToken."); + Configuration.getMarshallerFactory().getMarshaller(tokenSaml) + .marshall(tokenSaml); + + LOG.info("Sign samlToken."); + Signer.signObject(signature); + + } catch (MarshallingException e) { + LOG.error("MarshallingException"); + throw new SAMLEngineException(e); + } catch (NoSuchAlgorithmException e) { + LOG.error("A 'xmldsig#rsa-sha1' cryptographic algorithm is requested but is not available in the environment."); + throw new SAMLEngineException(e); + } catch (KeyStoreException e) { + LOG.error("Generic KeyStore exception."); + throw new SAMLEngineException(e); + } catch (SignatureException e) { + LOG.error("Signature exception."); + throw new SAMLEngineException(e); + } catch (SecurityException e) { + LOG.error("Security exception."); + throw new SAMLEngineException(e); + } catch (UnrecoverableKeyException e) { + LOG.error("UnrecoverableKey exception."); + throw new SAMLEngineException(e); + } + + return tokenSaml; + } + + /** + * @see eu.stork.peps.auth.engine.core.SAMLEngineSignI#validateSignature(org.opensaml.common.SignableSAMLObject) + * @param tokenSaml token SAML + * @return the SAMLObject validated. + * @throws SAMLEngineException error validate signature + */ + public final SAMLObject validateSignature(final SignableSAMLObject tokenSaml) + throws SAMLEngineException { + LOG.info("Start signature validation."); + try { + + // Validate structure signature + final SAMLSignatureProfileValidator sigProfValidator = + new SAMLSignatureProfileValidator(); + try { + // Indicates signature id conform to SAML Signature profile + sigProfValidator.validate(tokenSaml.getSignature()); + } catch (ValidationException e) { + LOG.error("ValidationException: signature isn't conform to SAML Signature profile."); + throw new SAMLEngineException(e); + } + + String aliasCert = null; + X509Certificate certificate; + + final List trustCred = new ArrayList(); + + for (final Enumeration e = storkOwnKeyStore.aliases(); e + .hasMoreElements();) { + aliasCert = e.nextElement(); + final BasicX509Credential credential = new BasicX509Credential(); + certificate = (X509Certificate) storkOwnKeyStore + .getCertificate(aliasCert); + credential.setEntityCertificate(certificate); + trustCred.add(credential); + } + + final KeyInfo keyInfo = tokenSaml.getSignature().getKeyInfo(); + + final org.opensaml.xml.signature.X509Certificate xmlCert = keyInfo + .getX509Datas().get(0).getX509Certificates().get(0); + + final CertificateFactory certFact = CertificateFactory + .getInstance("X.509"); + final ByteArrayInputStream bis = new ByteArrayInputStream(Base64 + .decode(xmlCert.getValue())); + final X509Certificate cert = (X509Certificate) certFact + .generateCertificate(bis); + + // Exist only one certificate + final BasicX509Credential entityX509Cred = new BasicX509Credential(); + entityX509Cred.setEntityCertificate(cert); + + // Validate trust certificates + final ExplicitKeyTrustEvaluator keyTrustEvaluator = + new ExplicitKeyTrustEvaluator(); + if (!keyTrustEvaluator.validate(entityX509Cred, trustCred)) { + throw new SAMLEngineException("Certificate is not trusted."); + } + + // Validate signature + final SignatureValidator sigValidator = new SignatureValidator( + entityX509Cred); + sigValidator.validate(tokenSaml.getSignature()); + + } catch (ValidationException e) { + LOG.error("ValidationException."); + throw new SAMLEngineException(e); + } catch (KeyStoreException e) { + LOG.error("KeyStoreException.", e); + throw new SAMLEngineException(e); + } catch (GeneralSecurityException e) { + LOG.error("GeneralSecurityException.", e); + throw new SAMLEngineException(e); + } + LOG.info(tokenSaml.getSignatureReferenceID()); + LOG.info("Start signature validation - END." ); + return tokenSaml; + } + + + /** + * Load cryptographic service provider. + * + * @throws SAMLEngineException the SAML engine exception + */ + public final void loadCryptServiceProvider() throws SAMLEngineException { + LOG.info("Load Cryptographic Service Provider"); + FileInputStream fis = null; + try { + // Dynamically register Bouncy Castle provider. + boolean found = false; + // Check if BouncyCastle is already registered as a provider + final Provider[] providers = Security.getProviders(); + for (int i = 0; i < providers.length; i++) { + if (providers[i].getName().equals( + BouncyCastleProvider.PROVIDER_NAME)) { + found = true; + } + } + + // Register only if the provider has not been previously registered + if (!found) { + LOG.info("SAMLCore: Register Bouncy Castle provider."); + Security.insertProviderAt(new BouncyCastleProvider(), Security + .getProviders().length); + } + + storkOwnKeyStore = KeyStore.getInstance(properties + .getProperty(KEYSTORE_TYPE)); + + LOG.info("Loading KeyInfo from keystore file " + properties.getProperty("keystorePath")); + fis = new FileInputStream(properties + .getProperty("keystorePath")); + + storkOwnKeyStore.load(fis, properties.getProperty( + KEY_STORE_PASS).toCharArray()); + + } catch (Exception e) { + LOG.error("Error loading CryptographicServiceProvider", e); + throw new SAMLEngineException( + "Error loading CryptographicServiceProvider", e); + } finally { + IOUtils.closeQuietly(fis); + } + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java new file mode 100644 index 000000000..a60515593 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesBuilder.java @@ -0,0 +1,41 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectBuilder; + +import eu.stork.peps.auth.engine.core.SAMLCore; +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; + +/** + * The Class VIDPAuthenticationAttributesBuilder. + * + * @author fjquevedo + */ +public final class VIDPAuthenticationAttributesBuilder extends AbstractSAMLObjectBuilder { + + + /** {@inheritDoc} */ + public VIDPAuthenticationAttributes buildObject() { + return buildObject(SAMLCore.STORK10P_NS.getValue(), VIDPAuthenticationAttributes.DEF_LOCAL_NAME, SAMLCore.STORK10P_PREFIX.getValue()); + } + + /** {@inheritDoc} */ + public VIDPAuthenticationAttributes buildObject(final String namespaceURI, final String localName, final String namespacePrefix) { + return new VIDPAuthenticationAttributesImpl(namespaceURI, localName, namespacePrefix); + } + +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java new file mode 100644 index 000000000..a6e7e7f60 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesImpl.java @@ -0,0 +1,132 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.opensaml.common.impl.AbstractSignableSAMLObject; +import org.opensaml.xml.XMLObject; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; +import eu.stork.peps.auth.engine.core.SPInformation; +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class VIDPAuthenticationAttributesImpl. + * + * @author fjquevedo + */ +public final class VIDPAuthenticationAttributesImpl extends AbstractSignableSAMLObject implements +VIDPAuthenticationAttributes { + + private static final Logger LOGGER = LoggerFactory.getLogger(VIDPAuthenticationAttributesImpl.class.getName()); + /** The citizen country code. */ + private CitizenCountryCode citizenCountryCode; + + /** The SP information. */ + private SPInformation spInformation; + + /** + * Instantiates a new requested attributes implement. + * + * @param namespaceURI the namespace URI + * @param elementLocalName the element local name + * @param namespacePrefix the namespace prefix + */ + protected VIDPAuthenticationAttributesImpl(final String namespaceURI, + final String elementLocalName, final String namespacePrefix) { + super(namespaceURI, elementLocalName, namespacePrefix); + } + + + /** + * getCitizenCountryCode. + * + * @return the citizen country code + */ + public CitizenCountryCode getCitizenCountryCode() { + return citizenCountryCode; + } + + /** + * getSPInformation + * + * @return the SP information + */ + public SPInformation getSPInformation() { + return spInformation; + } + + /** + * Gets the ordered children. + * + * @return the ordered children + * + */ + public List getOrderedChildren() { + final ArrayList children = new ArrayList(); + + children.add(citizenCountryCode); + children.add(spInformation); + + if (getSignature() != null) { + children.add(getSignature()); + } + + return Collections.unmodifiableList(children); + + } + + /** + * Gets the signature reference id. + * + * @return the signature reference id + * + */ + public String getSignatureReferenceID() { + return null; + } + + /** + * Sets the citizen country code. + * + * @param newCitizenCountryCode the new citizen country code + * + */ + public void setCitizenCountryCode(CitizenCountryCode newCitizenCountryCode) { + this.citizenCountryCode = prepareForAssignment(this.citizenCountryCode, newCitizenCountryCode); + } + + /** + * Sets the SP information. + * + * @param newSPInformation the new SP information + * + */ + public void setSPInformation(SPInformation newSPInformation) { + this.spInformation = prepareForAssignment(this.spInformation, newSPInformation); + } + + @Override + public int hashCode() { + LOGGER.warn("Hashcode has been called, passed to super. Nothing foreseen here"); + return super.hashCode(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java new file mode 100644 index 000000000..5635ddd6b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesMarshaller.java @@ -0,0 +1,33 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectMarshaller; + +/** + * The Class VIDPAuthenticationAttributesMarshaller. + * + * @author fjquevedo + */ +public class VIDPAuthenticationAttributesMarshaller extends AbstractSAMLObjectMarshaller { + + /** + * Instantiates a new vIDP authentication attributes marshaller. + */ + public VIDPAuthenticationAttributesMarshaller() { + super(); + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java new file mode 100644 index 000000000..1de300c03 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/VIDPAuthenticationAttributesUnmarshaller.java @@ -0,0 +1,55 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.impl; + +import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.UnmarshallingException; + +import eu.stork.peps.auth.engine.core.CitizenCountryCode; +import eu.stork.peps.auth.engine.core.SPInformation; +import eu.stork.peps.auth.engine.core.VIDPAuthenticationAttributes; + +/** + * The Class VIDPAuthenticationAttributesUnmarshaller. + * + * @author fjquevedo + */ +public class VIDPAuthenticationAttributesUnmarshaller extends + AbstractSAMLObjectUnmarshaller { + + /** + * Process child element. + * + * @param parentObject the parent object + * @param childObject the child object + * + * @throws UnmarshallingException the unmarshalling exception + * + */ + protected final void processChildElement(final XMLObject parentObject, + final XMLObject childObject) throws UnmarshallingException { + final VIDPAuthenticationAttributes vIDPAuthenticationAttr = (VIDPAuthenticationAttributes) parentObject; + + if (childObject instanceof CitizenCountryCode) { + vIDPAuthenticationAttr.setCitizenCountryCode((CitizenCountryCode) childObject); + } else if (childObject instanceof SPInformation) { + vIDPAuthenticationAttr.setSPInformation((SPInformation) childObject); + } else { + super.processChildElement(parentObject, childObject); + } + } +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java new file mode 100644 index 000000000..e26da6d04 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/impl/package-info.java @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Implementations of STORK 1.0 core specification types and elements. + */ +package eu.stork.peps.auth.engine.core.impl; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java new file mode 100644 index 000000000..3393dcf78 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/package-info.java @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Interfaces for STORK 1.0 core specification types and elements. + */ +package eu.stork.peps.auth.engine.core; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/all-wcprops new file mode 100644 index 000000000..d5bd68d13 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/all-wcprops @@ -0,0 +1,23 @@ +K 25 +svn:wc:ra_dav:version-url +V 102 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/validator +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 120 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java +END +ExtensionsSchemaValidator.java +K 25 +svn:wc:ra_dav:version-url +V 133 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java +END +QAAAttributeSchemaValidator.java +K 25 +svn:wc:ra_dav:version-url +V 135 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java +END diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/entries b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/entries new file mode 100644 index 000000000..abba3b480 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/entries @@ -0,0 +1,130 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/eu/stork/peps/auth/engine/core/validator +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +package-info.java +file + + + + +2013-12-20T12:27:57.310475Z +cf18b043ca5fc2869360c23c2f78c37c +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +810 + +ExtensionsSchemaValidator.java +file + + + + +2013-12-20T12:27:57.310475Z +88793567b50e1817e8b534b99b7fd40e +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2003 + +QAAAttributeSchemaValidator.java +file + + + + +2013-12-20T12:27:57.310475Z +126bf77d5e22d5609d042e0445160382 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2061 + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/ExtensionsSchemaValidator.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/ExtensionsSchemaValidator.java.svn-base new file mode 100644 index 000000000..760d9c188 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/ExtensionsSchemaValidator.java.svn-base @@ -0,0 +1,61 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.validator; + +import java.util.List; + +import org.opensaml.saml2.common.Extensions; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.validation.ValidationException; +import org.opensaml.xml.validation.Validator; + +import eu.stork.peps.auth.engine.core.QAAAttribute; + +/** + * The Class ExtensionsSchemaValidator. + * + * @author fjquevedo + */ +public class ExtensionsSchemaValidator implements Validator { + + + /** + * validate the extensions. + * + * @param extensions the extensions + * + * @throws ValidationException the validation exception + */ + public final void validate(final Extensions extensions) + throws ValidationException { + if (extensions.getUnknownXMLObjects() == null + || extensions.getUnknownXMLObjects().size() <= 0) { + throw new ValidationException("Extension element is empty or not exist."); + } + + List qaa = extensions.getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME); + + if (qaa.size() == 1) { + final Validator validatorQaa = new QAAAttributeSchemaValidator(); + validatorQaa.validate((QAAAttribute) qaa.get(0)); + } else { + throw new ValidationException( + "Extensions must contain only one element QAALevel."); + } + + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/QAAAttributeSchemaValidator.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/QAAAttributeSchemaValidator.java.svn-base new file mode 100644 index 000000000..be5dc8c34 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/QAAAttributeSchemaValidator.java.svn-base @@ -0,0 +1,65 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.validator; + +import org.opensaml.xml.util.DatatypeHelper; +import org.opensaml.xml.validation.ValidationException; +import org.opensaml.xml.validation.Validator; + +import eu.stork.peps.auth.engine.core.QAAAttribute; + +/** + * The Class QAAAttributeSchemaValidator. + * + * @author fjquevedo + */ +public class QAAAttributeSchemaValidator implements Validator { + + + /** + * Validate action. + * + * @param qaa the quality authentication assurance level attribute + * + * @throws ValidationException the validation exception + */ + public final void validate(final QAAAttribute qaa) throws ValidationException { + validateAction(qaa); + } + + + /** + * Validate action. + * + * @param qaaAttribute the quality authentication assurance level attribute. + * + * @throws ValidationException the validation exception + */ + protected final void validateAction(final QAAAttribute qaaAttribute) + throws ValidationException { + if (DatatypeHelper.isEmpty(qaaAttribute.getQaaLevel())) { + throw new ValidationException("QAALevel label must be specified."); + } + + final int qaa = Integer.valueOf(qaaAttribute.getQaaLevel()); + + if (qaa < QAAAttribute.MIN_VALUE || qaa > QAAAttribute.MAX_VALUE) { + throw new ValidationException( + "QAALevel label must be greater than 0."); + } + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/package-info.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..b98cf7157 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Validation rules for STORK 1.0 core types and elements. + */ +package eu.stork.peps.auth.engine.core.validator; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java new file mode 100644 index 000000000..760d9c188 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/ExtensionsSchemaValidator.java @@ -0,0 +1,61 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.validator; + +import java.util.List; + +import org.opensaml.saml2.common.Extensions; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.validation.ValidationException; +import org.opensaml.xml.validation.Validator; + +import eu.stork.peps.auth.engine.core.QAAAttribute; + +/** + * The Class ExtensionsSchemaValidator. + * + * @author fjquevedo + */ +public class ExtensionsSchemaValidator implements Validator { + + + /** + * validate the extensions. + * + * @param extensions the extensions + * + * @throws ValidationException the validation exception + */ + public final void validate(final Extensions extensions) + throws ValidationException { + if (extensions.getUnknownXMLObjects() == null + || extensions.getUnknownXMLObjects().size() <= 0) { + throw new ValidationException("Extension element is empty or not exist."); + } + + List qaa = extensions.getUnknownXMLObjects(QAAAttribute.DEF_ELEMENT_NAME); + + if (qaa.size() == 1) { + final Validator validatorQaa = new QAAAttributeSchemaValidator(); + validatorQaa.validate((QAAAttribute) qaa.get(0)); + } else { + throw new ValidationException( + "Extensions must contain only one element QAALevel."); + } + + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java new file mode 100644 index 000000000..be5dc8c34 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/QAAAttributeSchemaValidator.java @@ -0,0 +1,65 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.auth.engine.core.validator; + +import org.opensaml.xml.util.DatatypeHelper; +import org.opensaml.xml.validation.ValidationException; +import org.opensaml.xml.validation.Validator; + +import eu.stork.peps.auth.engine.core.QAAAttribute; + +/** + * The Class QAAAttributeSchemaValidator. + * + * @author fjquevedo + */ +public class QAAAttributeSchemaValidator implements Validator { + + + /** + * Validate action. + * + * @param qaa the quality authentication assurance level attribute + * + * @throws ValidationException the validation exception + */ + public final void validate(final QAAAttribute qaa) throws ValidationException { + validateAction(qaa); + } + + + /** + * Validate action. + * + * @param qaaAttribute the quality authentication assurance level attribute. + * + * @throws ValidationException the validation exception + */ + protected final void validateAction(final QAAAttribute qaaAttribute) + throws ValidationException { + if (DatatypeHelper.isEmpty(qaaAttribute.getQaaLevel())) { + throw new ValidationException("QAALevel label must be specified."); + } + + final int qaa = Integer.valueOf(qaaAttribute.getQaaLevel()); + + if (qaa < QAAAttribute.MIN_VALUE || qaa > QAAAttribute.MAX_VALUE) { + throw new ValidationException( + "QAALevel label must be greater than 0."); + } + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java new file mode 100644 index 000000000..b98cf7157 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/package-info.java @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Validation rules for STORK 1.0 core types and elements. + */ +package eu.stork.peps.auth.engine.core.validator; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java new file mode 100644 index 000000000..d3e353e51 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/package-info.java @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Provides the classes necessary to create a SAML message. + */ +package eu.stork.peps.auth.engine; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/all-wcprops new file mode 100644 index 000000000..96b3f2328 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/all-wcprops @@ -0,0 +1,41 @@ +K 25 +svn:wc:ra_dav:version-url +V 89 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/configuration +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 107 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/configuration/package-info.java +END +ConfigurationCreator.java +K 25 +svn:wc:ra_dav:version-url +V 115 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java +END +ConfigurationReader.java +K 25 +svn:wc:ra_dav:version-url +V 114 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java +END +ConfigurationSingleton.java +K 25 +svn:wc:ra_dav:version-url +V 117 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java +END +InstanceEngine.java +K 25 +svn:wc:ra_dav:version-url +V 109 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java +END +ConfigurationEngine.java +K 25 +svn:wc:ra_dav:version-url +V 114 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java +END diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/entries b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/entries new file mode 100644 index 000000000..b811dc64b --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/entries @@ -0,0 +1,232 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/eu/stork/peps/configuration +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +ConfigurationReader.java +file + + + + +2013-12-20T12:27:57.462475Z +31bb8b4c7e74e039c561bf974dea7c33 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +6979 + +ConfigurationSingleton.java +file + + + + +2013-12-20T12:27:57.466475Z +4350e34e9ec48ce7ad03db6a130559f2 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2367 + +InstanceEngine.java +file + + + + +2013-12-20T12:27:57.466475Z +36fb20db43ded05922bf0bbf785e5d48 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1820 + +ConfigurationEngine.java +file + + + + +2013-12-20T12:27:57.466475Z +99eae7ae70fa5bf4667edfb7912696c2 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1726 + +package-info.java +file + + + + +2013-12-20T12:27:57.462475Z +36f3c0e11d20c8f980d3115b21a23df0 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +806 + +ConfigurationCreator.java +file + + + + +2013-12-20T12:27:57.462475Z +4c130e8c9749dd63e58d57d4d699b7ee +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +4114 + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationCreator.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationCreator.java.svn-base new file mode 100644 index 000000000..2fabff7d6 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationCreator.java.svn-base @@ -0,0 +1,127 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.configuration; + +import java.io.IOException; +import java.io.InputStream; +import java.util.HashMap; +import java.util.InvalidPropertiesFormatException; +import java.util.Map; +import java.util.Properties; + +import org.apache.commons.io.IOUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * The Class InstanceCreator. + * + * @author fjquevedo + */ +public final class ConfigurationCreator { + + /** The Constant LOGGER. */ + private static final Logger LOGGER = LoggerFactory + .getLogger(ConfigurationCreator.class.getName()); + + /** + * Creates the configuration. + * + * @param instanceConfs the instance configuration + * + * @return the map< string, map< string, object>> + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static Map> createConfiguration( + final Map instanceConfs) throws STORKSAMLEngineException { + + final HashMap> instances = + new HashMap>(); + + LOGGER.info("Create configuration."); + try { + // Only create instances for SAMLEngine configuration. + // INSTANCE + for (Map.Entry entry : instanceConfs + .entrySet()) { + final InstanceEngine iEngine = entry.getValue(); + + final Map intance = new HashMap(); + + // CONFIGURATION + for (ConfigurationEngine configuration : iEngine + .getConfiguration()) { + // Properties only for configuration SamlEngine. + if (configuration.getName().equalsIgnoreCase( + "SamlEngineConf")) { + intance.put(configuration.getName(), + getNewInstance(configuration.getParameters() + .get("fileConfiguration"))); + } else { + intance.put(configuration.getName(), configuration + .getParameters()); + } + } + instances.put(entry.getKey(), intance); + } + } catch (STORKSAMLEngineException ex) { + LOGGER.error("Can not create instance from file configuration."); + throw new STORKSAMLEngineException(ex); + } + return instances; + } + + + /** + * Gets the new instance. + * + * @param fileName the file name + * + * @return the properties from the new instance + * + * @throws STORKSAMLEngineException the STORKSAML engine + * runtime exception + */ + private static Properties getNewInstance(final String fileName) + throws STORKSAMLEngineException { + LOGGER.info("Create file configuration properties to Stork Saml Engine."); + InputStream fileEngineProp = null; + try { + fileEngineProp = ConfigurationCreator.class + .getResourceAsStream("/" + fileName); + final Properties configuration = new Properties(); + configuration.loadFromXML(fileEngineProp); + return configuration; + } catch (InvalidPropertiesFormatException e) { + LOGGER.error("Invalid properties format."); + throw new STORKSAMLEngineException(e); + } catch (IOException e) { + LOGGER.error("Error read file: " + fileName); + throw new STORKSAMLEngineException(e); + } finally { + IOUtils.closeQuietly(fileEngineProp); + } + } + + /** + * Instantiates a new instance creator. + */ + private ConfigurationCreator() { + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationEngine.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationEngine.java.svn-base new file mode 100644 index 000000000..910f4398e --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationEngine.java.svn-base @@ -0,0 +1,69 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.configuration; + +import java.util.Map; + +/** + * The Class ConfigurationEngine. + * + * @author fjquevedo + */ +public class ConfigurationEngine { + + /** The name of the configuration file. */ + private String name; + + /** The parameters. */ + private Map parameters; + + /** + * Gets the name. + * + * @return the name + */ + public final String getName() { + return name; + } + + /** + * Gets the parameters. + * + * @return the parameters + */ + public final Map getParameters() { + return parameters; + } + + /** + * Sets the name. + * + * @param newName the new name + */ + public final void setName(final String newName) { + this.name = newName; + } + + /** + * Sets the parameters. + * + * @param newParameters the parameters + */ + public final void setParameters(final Map newParameters) { + this.parameters = newParameters; + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationReader.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationReader.java.svn-base new file mode 100644 index 000000000..374cf3fc3 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationReader.java.svn-base @@ -0,0 +1,224 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.configuration; + +import java.io.IOException; +import java.io.InputStream; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.XMLConstants; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; + +import eu.stork.peps.exceptions.SAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * The Class ConfigurationReader. + * + * @author fjquevedo + */ +public final class ConfigurationReader { + + /** The Constant SAML_ENGINE_CONFIGURATION_FILE. */ + private static final String ENGINE_CONF_FILE = "SamlEngine.xml"; + + /** The Constant LOGGER. */ + private static final Logger LOGGER = LoggerFactory + .getLogger(ConfigurationReader.class.getName()); + + /** The Constant NODE_CONFIGURATION. */ + private static final String NODE_CONF = "configuration"; + + /** The Constant NODE_CONFIGURATION_NAME. */ + private static final String NODE_CONF_NAME = "name"; + + /** The Constant NODE_INSTANCE_NAME. */ + private static final String NODE_INST_NAME = "name"; + + /** The Constant NODE_INSTANCE. */ + private static final String NODE_INSTANCE = "instance"; + + /** The Constant NODE_CONFIGURATION_NAME. */ + private static final String NODE_PARAM_NAME = "name"; + + /** The Constant NODE_CONFIGURATION_NAME. */ + private static final String NODE_PARAM_VALUE = "value"; + + /** The Constant NODE_CONFIGURATION_NAME. */ + private static final String NODE_PARAMETER = "parameter"; + + /** + * Generate parameters. + * + * @param configurationNode the configuration node + * + * @return the map< string, string> + */ + private static Map generateParam( + final Element configurationNode) { + + final HashMap parameters = new HashMap(); + + final NodeList parameterNodes = configurationNode + .getElementsByTagName(NODE_PARAMETER); + + String parameterName; + String parameterValue; + + for (int k = 0; k < parameterNodes.getLength(); ++k) { + // for every parameter find, process. + final Element parameterNode = (Element) parameterNodes.item(k); + parameterName = parameterNode.getAttribute(NODE_PARAM_NAME); + parameterValue = parameterNode.getAttribute(NODE_PARAM_VALUE); + + // verified the content. + if (StringUtils.isBlank(parameterName) + || StringUtils.isBlank(parameterValue)) { + throw new STORKSAMLEngineRuntimeException( + "Error reader parameters (name - value)."); + } else { + parameters.put(parameterName.trim(), parameterValue.trim()); + } + } + return parameters; + } + + /** + * Read configuration. + * + * @return the map< string, instance engine> + * + * @throws SAMLEngineException the STORKSAML engine runtime + * exception + */ + public static Map readConfiguration() + throws SAMLEngineException { + + LOGGER.info("Init reader: " + ENGINE_CONF_FILE); + final Map instanceConfs = + new HashMap(); + + Document document = null; + // Load configuration file + final DocumentBuilderFactory factory = DocumentBuilderFactory + .newInstance(); + DocumentBuilder builder; + + InputStream engineConf = null; + try { + + factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + + builder = factory.newDocumentBuilder(); + + engineConf = ConfigurationReader.class + .getResourceAsStream("/" + ENGINE_CONF_FILE); + + document = builder.parse(engineConf); + + // Read instance + final NodeList list = document.getElementsByTagName(NODE_INSTANCE); + + for (int indexElem = 0; indexElem < list.getLength(); ++indexElem) { + final Element element = (Element) list.item(indexElem); + + final InstanceEngine instanceConf = new InstanceEngine(); + + // read every configuration. + final String instanceName = element + .getAttribute(NODE_INST_NAME); + + if (StringUtils.isBlank(instanceName)) { + throw new STORKSAMLEngineRuntimeException( + "Error reader instance name."); + } + instanceConf.setName(instanceName.trim()); + + final NodeList confNodes = element + .getElementsByTagName(NODE_CONF); + + for (int indexNode = 0; indexNode < confNodes.getLength(); ++indexNode) { + + final Element configurationNode = (Element) confNodes + .item(indexNode); + + final String configurationName = configurationNode + .getAttribute(NODE_CONF_NAME); + + if (StringUtils.isBlank(configurationName)) { + throw new STORKSAMLEngineRuntimeException( + "Error reader configuration name."); + } + + final ConfigurationEngine confSamlEngine = + new ConfigurationEngine(); + + // Set configuration name. + confSamlEngine.setName(configurationName.trim()); + + // Read every parameter for this configuration. + final Map parameters = + generateParam(configurationNode); + + // Set parameters + confSamlEngine.setParameters(parameters); + + // Add parameters to the configuration. + instanceConf.getConfiguration().add(confSamlEngine); + } + + // Add to the list of configurations. + instanceConfs.put(element.getAttribute(NODE_INST_NAME), + instanceConf); + } + + } catch (SAXException e) { + LOGGER.error("Error: init library parser."); + throw new SAMLEngineException(e); + } catch (ParserConfigurationException e) { + LOGGER.error("Error: parser configuration file xml."); + throw new SAMLEngineException(e); + } catch (IOException e) { + LOGGER.error("Error: read configuration file."); + throw new SAMLEngineException(e); + } finally { + IOUtils.closeQuietly(engineConf); + } + + return instanceConfs; + } + + /** + * Instantiates a new configuration reader. + */ + private ConfigurationReader() { + + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationSingleton.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationSingleton.java.svn-base new file mode 100644 index 000000000..53cea621d --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/ConfigurationSingleton.java.svn-base @@ -0,0 +1,74 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.configuration; + +import java.util.Map; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.exceptions.SAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * The Class InstanceCreator. + * + * @author fjquevedo + */ +public final class ConfigurationSingleton { + + /** The instance of every engine SAML. */ + private static Map instanceConfigs; + + /** The instances of SAML engine. */ + private static Map> instances; + + /** The Constant LOGGER. */ + private static final Logger LOGGER = LoggerFactory + .getLogger(ConfigurationSingleton.class.getName()); + + static { + LOGGER.debug("Read all file configurations. (instances of SAMLEngine)"); + try { + instanceConfigs = ConfigurationReader.readConfiguration(); + } catch (SAMLEngineException e) { + LOGGER.error("Error read configuration file."); + throw new STORKSAMLEngineRuntimeException(e); + } + } + + /** + * Gets the new instance. + * + * @param fileName the file name + * + * @return the properties from the new instance + * + * @throws STORKSAMLEngineException the STORKSAML engine runtime exception + */ + private static Map> getInstance( + final String fileName) throws STORKSAMLEngineException { + return ConfigurationCreator.createConfiguration(instanceConfigs); + } + + /** + * Instantiates a new instance creator. + */ + private ConfigurationSingleton() { + } + +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/InstanceEngine.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/InstanceEngine.java.svn-base new file mode 100644 index 000000000..e0e2d1965 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/InstanceEngine.java.svn-base @@ -0,0 +1,70 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.configuration; + +import java.util.ArrayList; +import java.util.List; + +/** + * The Class InstanceConfiguration. + * + * @author fjquevedo + */ +public class InstanceEngine { + + /** The configuration. */ + private List configuration = new ArrayList(); + + /** The name. */ + private String name; + + /** + * Gets the parameters. + * + * @return the parameters + */ + public final List getConfiguration() { + return this.configuration; + } + + /** + * Gets the name. + * + * @return the name + */ + public final String getName() { + return name; + } + + /** + * Sets the parameters. + * + * @param newConfiguration the new parameters + */ + public final void setConfiguration(final List newConfiguration) { + this.configuration = newConfiguration; + } + + /** + * Sets the name. + * + * @param newName the new name + */ + public final void setName(final String newName) { + this.name = newName; + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/package-info.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..6d0b54297 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Provides the classes necessary to create a SAML message instance. + */ +package eu.stork.peps.configuration; diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java new file mode 100644 index 000000000..2fabff7d6 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationCreator.java @@ -0,0 +1,127 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.configuration; + +import java.io.IOException; +import java.io.InputStream; +import java.util.HashMap; +import java.util.InvalidPropertiesFormatException; +import java.util.Map; +import java.util.Properties; + +import org.apache.commons.io.IOUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * The Class InstanceCreator. + * + * @author fjquevedo + */ +public final class ConfigurationCreator { + + /** The Constant LOGGER. */ + private static final Logger LOGGER = LoggerFactory + .getLogger(ConfigurationCreator.class.getName()); + + /** + * Creates the configuration. + * + * @param instanceConfs the instance configuration + * + * @return the map< string, map< string, object>> + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public static Map> createConfiguration( + final Map instanceConfs) throws STORKSAMLEngineException { + + final HashMap> instances = + new HashMap>(); + + LOGGER.info("Create configuration."); + try { + // Only create instances for SAMLEngine configuration. + // INSTANCE + for (Map.Entry entry : instanceConfs + .entrySet()) { + final InstanceEngine iEngine = entry.getValue(); + + final Map intance = new HashMap(); + + // CONFIGURATION + for (ConfigurationEngine configuration : iEngine + .getConfiguration()) { + // Properties only for configuration SamlEngine. + if (configuration.getName().equalsIgnoreCase( + "SamlEngineConf")) { + intance.put(configuration.getName(), + getNewInstance(configuration.getParameters() + .get("fileConfiguration"))); + } else { + intance.put(configuration.getName(), configuration + .getParameters()); + } + } + instances.put(entry.getKey(), intance); + } + } catch (STORKSAMLEngineException ex) { + LOGGER.error("Can not create instance from file configuration."); + throw new STORKSAMLEngineException(ex); + } + return instances; + } + + + /** + * Gets the new instance. + * + * @param fileName the file name + * + * @return the properties from the new instance + * + * @throws STORKSAMLEngineException the STORKSAML engine + * runtime exception + */ + private static Properties getNewInstance(final String fileName) + throws STORKSAMLEngineException { + LOGGER.info("Create file configuration properties to Stork Saml Engine."); + InputStream fileEngineProp = null; + try { + fileEngineProp = ConfigurationCreator.class + .getResourceAsStream("/" + fileName); + final Properties configuration = new Properties(); + configuration.loadFromXML(fileEngineProp); + return configuration; + } catch (InvalidPropertiesFormatException e) { + LOGGER.error("Invalid properties format."); + throw new STORKSAMLEngineException(e); + } catch (IOException e) { + LOGGER.error("Error read file: " + fileName); + throw new STORKSAMLEngineException(e); + } finally { + IOUtils.closeQuietly(fileEngineProp); + } + } + + /** + * Instantiates a new instance creator. + */ + private ConfigurationCreator() { + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java new file mode 100644 index 000000000..910f4398e --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationEngine.java @@ -0,0 +1,69 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.configuration; + +import java.util.Map; + +/** + * The Class ConfigurationEngine. + * + * @author fjquevedo + */ +public class ConfigurationEngine { + + /** The name of the configuration file. */ + private String name; + + /** The parameters. */ + private Map parameters; + + /** + * Gets the name. + * + * @return the name + */ + public final String getName() { + return name; + } + + /** + * Gets the parameters. + * + * @return the parameters + */ + public final Map getParameters() { + return parameters; + } + + /** + * Sets the name. + * + * @param newName the new name + */ + public final void setName(final String newName) { + this.name = newName; + } + + /** + * Sets the parameters. + * + * @param newParameters the parameters + */ + public final void setParameters(final Map newParameters) { + this.parameters = newParameters; + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java new file mode 100644 index 000000000..9ae8bb669 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationReader.java @@ -0,0 +1,225 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.configuration; + +import java.io.IOException; +import java.io.InputStream; +import java.util.HashMap; +import java.util.Map; + +import javax.xml.XMLConstants; +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; + +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.StringUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; + +import eu.stork.peps.exceptions.SAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * The Class ConfigurationReader. + * + * @author fjquevedo + */ +public final class ConfigurationReader { + + /** The Constant SAML_ENGINE_CONFIGURATION_FILE. */ + private static final String ENGINE_CONF_FILE = "SamlEngine.xml"; + + /** The Constant LOGGER. */ + private static final Logger LOGGER = LoggerFactory + .getLogger(ConfigurationReader.class.getName()); + + /** The Constant NODE_CONFIGURATION. */ + private static final String NODE_CONF = "configuration"; + + /** The Constant NODE_CONFIGURATION_NAME. */ + private static final String NODE_CONF_NAME = "name"; + + /** The Constant NODE_INSTANCE_NAME. */ + private static final String NODE_INST_NAME = "name"; + + /** The Constant NODE_INSTANCE. */ + private static final String NODE_INSTANCE = "instance"; + + /** The Constant NODE_CONFIGURATION_NAME. */ + private static final String NODE_PARAM_NAME = "name"; + + /** The Constant NODE_CONFIGURATION_NAME. */ + private static final String NODE_PARAM_VALUE = "value"; + + /** The Constant NODE_CONFIGURATION_NAME. */ + private static final String NODE_PARAMETER = "parameter"; + + /** + * Generate parameters. + * + * @param configurationNode the configuration node + * + * @return the map< string, string> + */ + private static Map generateParam( + final Element configurationNode) { + + final HashMap parameters = new HashMap(); + + final NodeList parameterNodes = configurationNode + .getElementsByTagName(NODE_PARAMETER); + + String parameterName; + String parameterValue; + + for (int k = 0; k < parameterNodes.getLength(); ++k) { + // for every parameter find, process. + final Element parameterNode = (Element) parameterNodes.item(k); + parameterName = parameterNode.getAttribute(NODE_PARAM_NAME); + parameterValue = parameterNode.getAttribute(NODE_PARAM_VALUE); + + // verified the content. + if (StringUtils.isBlank(parameterName) + || StringUtils.isBlank(parameterValue)) { + throw new STORKSAMLEngineRuntimeException( + "Error reader parameters (name - value)."); + } else { + parameters.put(parameterName.trim(), parameterValue.trim()); + } + } + return parameters; + } + + /** + * Read configuration. + * + * @return the map< string, instance engine> + * + * @throws SAMLEngineException the STORKSAML engine runtime + * exception + */ + public static Map readConfiguration() + throws SAMLEngineException { + + LOGGER.info("Init reader: " + ENGINE_CONF_FILE); + final Map instanceConfs = + new HashMap(); + + Document document = null; + // Load configuration file + final DocumentBuilderFactory factory = DocumentBuilderFactory + .newInstance(); + DocumentBuilder builder; + + InputStream engineConf = null; + try { + + factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + + builder = factory.newDocumentBuilder(); + + engineConf = ConfigurationReader.class + .getResourceAsStream("/" + ENGINE_CONF_FILE); + + + document = builder.parse(engineConf); + + // Read instance + final NodeList list = document.getElementsByTagName(NODE_INSTANCE); + + for (int indexElem = 0; indexElem < list.getLength(); ++indexElem) { + final Element element = (Element) list.item(indexElem); + + final InstanceEngine instanceConf = new InstanceEngine(); + + // read every configuration. + final String instanceName = element + .getAttribute(NODE_INST_NAME); + + if (StringUtils.isBlank(instanceName)) { + throw new STORKSAMLEngineRuntimeException( + "Error reader instance name."); + } + instanceConf.setName(instanceName.trim()); + + final NodeList confNodes = element + .getElementsByTagName(NODE_CONF); + + for (int indexNode = 0; indexNode < confNodes.getLength(); ++indexNode) { + + final Element configurationNode = (Element) confNodes + .item(indexNode); + + final String configurationName = configurationNode + .getAttribute(NODE_CONF_NAME); + + if (StringUtils.isBlank(configurationName)) { + throw new STORKSAMLEngineRuntimeException( + "Error reader configuration name."); + } + + final ConfigurationEngine confSamlEngine = + new ConfigurationEngine(); + + // Set configuration name. + confSamlEngine.setName(configurationName.trim()); + + // Read every parameter for this configuration. + final Map parameters = + generateParam(configurationNode); + + // Set parameters + confSamlEngine.setParameters(parameters); + + // Add parameters to the configuration. + instanceConf.getConfiguration().add(confSamlEngine); + } + + // Add to the list of configurations. + instanceConfs.put(element.getAttribute(NODE_INST_NAME), + instanceConf); + } + + } catch (SAXException e) { + LOGGER.error("Error: init library parser."); + throw new SAMLEngineException(e); + } catch (ParserConfigurationException e) { + LOGGER.error("Error: parser configuration file xml."); + throw new SAMLEngineException(e); + } catch (IOException e) { + LOGGER.error("Error: read configuration file."); + throw new SAMLEngineException(e); + } finally { + IOUtils.closeQuietly(engineConf); + } + + return instanceConfs; + } + + /** + * Instantiates a new configuration reader. + */ + private ConfigurationReader() { + + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java new file mode 100644 index 000000000..53cea621d --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/ConfigurationSingleton.java @@ -0,0 +1,74 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.configuration; + +import java.util.Map; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.exceptions.SAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import eu.stork.peps.exceptions.STORKSAMLEngineRuntimeException; + +/** + * The Class InstanceCreator. + * + * @author fjquevedo + */ +public final class ConfigurationSingleton { + + /** The instance of every engine SAML. */ + private static Map instanceConfigs; + + /** The instances of SAML engine. */ + private static Map> instances; + + /** The Constant LOGGER. */ + private static final Logger LOGGER = LoggerFactory + .getLogger(ConfigurationSingleton.class.getName()); + + static { + LOGGER.debug("Read all file configurations. (instances of SAMLEngine)"); + try { + instanceConfigs = ConfigurationReader.readConfiguration(); + } catch (SAMLEngineException e) { + LOGGER.error("Error read configuration file."); + throw new STORKSAMLEngineRuntimeException(e); + } + } + + /** + * Gets the new instance. + * + * @param fileName the file name + * + * @return the properties from the new instance + * + * @throws STORKSAMLEngineException the STORKSAML engine runtime exception + */ + private static Map> getInstance( + final String fileName) throws STORKSAMLEngineException { + return ConfigurationCreator.createConfiguration(instanceConfigs); + } + + /** + * Instantiates a new instance creator. + */ + private ConfigurationSingleton() { + } + +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java new file mode 100644 index 000000000..e0e2d1965 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/InstanceEngine.java @@ -0,0 +1,70 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.configuration; + +import java.util.ArrayList; +import java.util.List; + +/** + * The Class InstanceConfiguration. + * + * @author fjquevedo + */ +public class InstanceEngine { + + /** The configuration. */ + private List configuration = new ArrayList(); + + /** The name. */ + private String name; + + /** + * Gets the parameters. + * + * @return the parameters + */ + public final List getConfiguration() { + return this.configuration; + } + + /** + * Gets the name. + * + * @return the name + */ + public final String getName() { + return name; + } + + /** + * Sets the parameters. + * + * @param newConfiguration the new parameters + */ + public final void setConfiguration(final List newConfiguration) { + this.configuration = newConfiguration; + } + + /** + * Sets the name. + * + * @param newName the new name + */ + public final void setName(final String newName) { + this.name = newName; + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java new file mode 100644 index 000000000..6d0b54297 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/configuration/package-info.java @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Provides the classes necessary to create a SAML message instance. + */ +package eu.stork.peps.configuration; diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/all-wcprops b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/all-wcprops new file mode 100644 index 000000000..d4b9b9008 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/all-wcprops @@ -0,0 +1,29 @@ +K 25 +svn:wc:ra_dav:version-url +V 86 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/exceptions +END +SAMLEngineException.java +K 25 +svn:wc:ra_dav:version-url +V 111 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java +END +STORKSAMLEngineException.java +K 25 +svn:wc:ra_dav:version-url +V 116 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 104 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/exceptions/package-info.java +END +STORKSAMLEngineRuntimeException.java +K 25 +svn:wc:ra_dav:version-url +V 123 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java +END diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/entries b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/entries new file mode 100644 index 000000000..6493ed6e8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/entries @@ -0,0 +1,164 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/main/java/eu/stork/peps/exceptions +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +STORKSAMLEngineRuntimeException.java +file + + + + +2013-12-20T12:27:57.454475Z +aebe4e4afb2f11cf42448486970a5d85 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1812 + +SAMLEngineException.java +file + + + + +2013-12-20T12:27:57.454475Z +38d2d1ec4d590abab4bb36d845d9f86b +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1710 + +STORKSAMLEngineException.java +file + + + + +2013-12-20T12:27:57.454475Z +622c95d2e770b38dafe815bcfaae8994 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +3460 + +package-info.java +file + + + + +2013-12-20T12:27:57.454475Z +56145f85c2084454a3c223dd9e103846 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +792 + diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/SAMLEngineException.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/SAMLEngineException.java.svn-base new file mode 100644 index 000000000..366379ad0 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/SAMLEngineException.java.svn-base @@ -0,0 +1,57 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.exceptions; + +/** + * The Class SAMLEngineException. + * + * @author fjquevedo + */ +public class SAMLEngineException extends Exception { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 2611361164977849837L; + + /** + * Instantiates a new SAMLEngine exception. + * + * @param wrappedException the wrapped exception + */ + public SAMLEngineException(final Exception wrappedException) { + super(wrappedException); + } + + /** + * Instantiates a new SAMLEngine exception. + * + * @param message the message + */ + public SAMLEngineException(final String message) { + super(message); + } + + /** + * Instantiates a new SAMLEngine exception. + * + * @param message the message + * @param wrappedException the wrapped exception + */ + public SAMLEngineException(final String message, + final Exception wrappedException) { + super(message, wrappedException); + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/STORKSAMLEngineException.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/STORKSAMLEngineException.java.svn-base new file mode 100644 index 000000000..bddcbd1b3 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/STORKSAMLEngineException.java.svn-base @@ -0,0 +1,135 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.exceptions; + +/** + * The Class STORKSAMLEngineException. + * + * @author fjquevedo + */ +public class STORKSAMLEngineException extends Exception { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = -8319723167019122930L; + + /** The error code. */ + private String errorCode; + + /** The error detail. */ + private String errorDetail; + + /** + * Instantiates a new sTORKSAML engine exception. + * + * @param wrappedException the wrapped exception + */ + public STORKSAMLEngineException(final Exception wrappedException) { + super(wrappedException); + } + + /** + * Instantiates a new sTORKSAML engine exception. + * + * @param errorMessage the error message + */ + public STORKSAMLEngineException(final String errorMessage) { + super(errorMessage); + } + + /** + * Instantiates a new sTORKSAML engine exception. + * + * @param message the message + * @param wrappedException the wrapped exception + */ + public STORKSAMLEngineException(final String message, + final Exception wrappedException) { + super(message, wrappedException); + } + + /** + * Instantiates a new sTORKSAML engine exception. + * + * @param newErrorCode the error code + * @param errorMessage the error message + * @param newErrorDetail the error detail + */ + public STORKSAMLEngineException(final String newErrorCode, + final String errorMessage, final String newErrorDetail) { + super(errorMessage); + this.errorCode = newErrorCode; + this.errorDetail = newErrorDetail; + } + + /** + * Gets the error code. + * + * @return the error code + */ + public final String getErrorCode() { + return this.errorCode; + } + + /** + * Gets the error detail. + * + * @return the error detail + */ + public final String getErrorDetail() { + return errorDetail; + } + + /** + * Gets the error message. + * + * @return the error message + */ + public final String getErrorMessage() { + return super.getMessage(); + } + + + /** + * Gets the message. + * + * @return the message of the exception. + * + * @see java.lang.Throwable#getMessage() + */ + public final String getMessage() { + return "Error (no. " + errorCode + ") processing request : " + + super.getMessage(); + } + + /** + * Sets the error code. + * + * @param newErrorCode the new error code + */ + public final void setErrorCode(final String newErrorCode) { + this.errorCode = newErrorCode; + } + + /** + * Sets the error detail. + * + * @param newErrorDetail the new error detail + */ + public final void setErrorDetail(final String newErrorDetail) { + this.errorDetail = newErrorDetail; + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/STORKSAMLEngineRuntimeException.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/STORKSAMLEngineRuntimeException.java.svn-base new file mode 100644 index 000000000..30b9b49b4 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/STORKSAMLEngineRuntimeException.java.svn-base @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.exceptions; + +/** + * The Class STORKSAMLEngineRuntimeException. + * + * @author fjquevedo + */ +public class STORKSAMLEngineRuntimeException extends RuntimeException { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 5829810358581493517L; + + /** + * Instantiates a new sTORKSAML engine runtime exception. + * + * @param wrappedException the wrapped exception + */ + public STORKSAMLEngineRuntimeException(final Exception wrappedException) { + super(wrappedException); + } + + /** + * Creates a new instance of application exception. + * + * @param cause the exception cause. + */ + public STORKSAMLEngineRuntimeException(final String cause) { + super(cause); + } + + /** + * Instantiates a new sTORKSAML engine runtime exception. + * + * @param message the message + * @param wrappedException the wrapped exception + */ + public STORKSAMLEngineRuntimeException(final String message, + final Exception wrappedException) { + super(message, wrappedException); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/package-info.java.svn-base b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..0c34528fc --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Provides the classes for STORK exceptions management. + */ +package eu.stork.peps.exceptions; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java new file mode 100644 index 000000000..366379ad0 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/SAMLEngineException.java @@ -0,0 +1,57 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.exceptions; + +/** + * The Class SAMLEngineException. + * + * @author fjquevedo + */ +public class SAMLEngineException extends Exception { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 2611361164977849837L; + + /** + * Instantiates a new SAMLEngine exception. + * + * @param wrappedException the wrapped exception + */ + public SAMLEngineException(final Exception wrappedException) { + super(wrappedException); + } + + /** + * Instantiates a new SAMLEngine exception. + * + * @param message the message + */ + public SAMLEngineException(final String message) { + super(message); + } + + /** + * Instantiates a new SAMLEngine exception. + * + * @param message the message + * @param wrappedException the wrapped exception + */ + public SAMLEngineException(final String message, + final Exception wrappedException) { + super(message, wrappedException); + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java new file mode 100644 index 000000000..bddcbd1b3 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineException.java @@ -0,0 +1,135 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.exceptions; + +/** + * The Class STORKSAMLEngineException. + * + * @author fjquevedo + */ +public class STORKSAMLEngineException extends Exception { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = -8319723167019122930L; + + /** The error code. */ + private String errorCode; + + /** The error detail. */ + private String errorDetail; + + /** + * Instantiates a new sTORKSAML engine exception. + * + * @param wrappedException the wrapped exception + */ + public STORKSAMLEngineException(final Exception wrappedException) { + super(wrappedException); + } + + /** + * Instantiates a new sTORKSAML engine exception. + * + * @param errorMessage the error message + */ + public STORKSAMLEngineException(final String errorMessage) { + super(errorMessage); + } + + /** + * Instantiates a new sTORKSAML engine exception. + * + * @param message the message + * @param wrappedException the wrapped exception + */ + public STORKSAMLEngineException(final String message, + final Exception wrappedException) { + super(message, wrappedException); + } + + /** + * Instantiates a new sTORKSAML engine exception. + * + * @param newErrorCode the error code + * @param errorMessage the error message + * @param newErrorDetail the error detail + */ + public STORKSAMLEngineException(final String newErrorCode, + final String errorMessage, final String newErrorDetail) { + super(errorMessage); + this.errorCode = newErrorCode; + this.errorDetail = newErrorDetail; + } + + /** + * Gets the error code. + * + * @return the error code + */ + public final String getErrorCode() { + return this.errorCode; + } + + /** + * Gets the error detail. + * + * @return the error detail + */ + public final String getErrorDetail() { + return errorDetail; + } + + /** + * Gets the error message. + * + * @return the error message + */ + public final String getErrorMessage() { + return super.getMessage(); + } + + + /** + * Gets the message. + * + * @return the message of the exception. + * + * @see java.lang.Throwable#getMessage() + */ + public final String getMessage() { + return "Error (no. " + errorCode + ") processing request : " + + super.getMessage(); + } + + /** + * Sets the error code. + * + * @param newErrorCode the new error code + */ + public final void setErrorCode(final String newErrorCode) { + this.errorCode = newErrorCode; + } + + /** + * Sets the error detail. + * + * @param newErrorDetail the new error detail + */ + public final void setErrorDetail(final String newErrorDetail) { + this.errorDetail = newErrorDetail; + } + +} diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java new file mode 100644 index 000000000..30b9b49b4 --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/STORKSAMLEngineRuntimeException.java @@ -0,0 +1,56 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.exceptions; + +/** + * The Class STORKSAMLEngineRuntimeException. + * + * @author fjquevedo + */ +public class STORKSAMLEngineRuntimeException extends RuntimeException { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 5829810358581493517L; + + /** + * Instantiates a new sTORKSAML engine runtime exception. + * + * @param wrappedException the wrapped exception + */ + public STORKSAMLEngineRuntimeException(final Exception wrappedException) { + super(wrappedException); + } + + /** + * Creates a new instance of application exception. + * + * @param cause the exception cause. + */ + public STORKSAMLEngineRuntimeException(final String cause) { + super(cause); + } + + /** + * Instantiates a new sTORKSAML engine runtime exception. + * + * @param message the message + * @param wrappedException the wrapped exception + */ + public STORKSAMLEngineRuntimeException(final String message, + final Exception wrappedException) { + super(message, wrappedException); + } +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java new file mode 100644 index 000000000..0c34528fc --- /dev/null +++ b/id/server/stork2-saml-engine/src/main/java/eu/stork/peps/exceptions/package-info.java @@ -0,0 +1,19 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Provides the classes for STORK exceptions management. + */ +package eu.stork.peps.exceptions; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/.svn/all-wcprops new file mode 100644 index 000000000..ead80d4e8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 57 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test +END diff --git a/id/server/stork2-saml-engine/src/test/.svn/entries b/id/server/stork2-saml-engine/src/test/.svn/entries new file mode 100644 index 000000000..1b6d0b3e1 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/.svn/entries @@ -0,0 +1,34 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +resources +dir + +java +dir + diff --git a/id/server/stork2-saml-engine/src/test/java/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/java/.svn/all-wcprops new file mode 100644 index 000000000..56c8ee113 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 62 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/java +END diff --git a/id/server/stork2-saml-engine/src/test/java/.svn/entries b/id/server/stork2-saml-engine/src/test/java/.svn/entries new file mode 100644 index 000000000..ca124ed28 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/java +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +eu +dir + diff --git a/id/server/stork2-saml-engine/src/test/java/META-INF/MANIFEST.MF b/id/server/stork2-saml-engine/src/test/java/META-INF/MANIFEST.MF new file mode 100644 index 000000000..5e9495128 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/META-INF/MANIFEST.MF @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Class-Path: + diff --git a/id/server/stork2-saml-engine/src/test/java/eu/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/java/eu/.svn/all-wcprops new file mode 100644 index 000000000..e00b13d5a --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 65 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/java/eu +END diff --git a/id/server/stork2-saml-engine/src/test/java/eu/.svn/entries b/id/server/stork2-saml-engine/src/test/java/eu/.svn/entries new file mode 100644 index 000000000..cc3e19816 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/java/eu +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +stork +dir + diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/java/eu/stork/.svn/all-wcprops new file mode 100644 index 000000000..ac0852630 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 71 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/java/eu/stork +END diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/.svn/entries b/id/server/stork2-saml-engine/src/test/java/eu/stork/.svn/entries new file mode 100644 index 000000000..66d2ea82a --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/java/eu/stork +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +peps +dir + diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/.svn/all-wcprops new file mode 100644 index 000000000..5555d11e2 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 76 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/java/eu/stork/peps +END diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/.svn/entries b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/.svn/entries new file mode 100644 index 000000000..e20bc1c1d --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/java/eu/stork/peps +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +test +dir + diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/.svn/all-wcprops new file mode 100644 index 000000000..ee98ec5bd --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 81 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/java/eu/stork/peps/test +END diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/.svn/entries b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/.svn/entries new file mode 100644 index 000000000..a7074362f --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/java/eu/stork/peps/test +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +simple +dir + diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/all-wcprops new file mode 100644 index 000000000..063e2de18 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/all-wcprops @@ -0,0 +1,47 @@ +K 25 +svn:wc:ra_dav:version-url +V 88 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/java/eu/stork/peps/test/simple +END +StorkResponseTest.java +K 25 +svn:wc:ra_dav:version-url +V 111 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java +END +StorkAttrQueryResponseTest.java +K 25 +svn:wc:ra_dav:version-url +V 119 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java +END +SimpleBaseTest.java +K 25 +svn:wc:ra_dav:version-url +V 107 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 105 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/test/java/eu/stork/peps/test/simple/package-info.java +END +SSETestUtils.java +K 25 +svn:wc:ra_dav:version-url +V 105 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java +END +StorkAttrQueryRequestTest.java +K 25 +svn:wc:ra_dav:version-url +V 119 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java +END +StorkAuthRequestTest.java +K 25 +svn:wc:ra_dav:version-url +V 114 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java +END diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/entries b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/entries new file mode 100644 index 000000000..0fbc1b254 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/entries @@ -0,0 +1,266 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/java/eu/stork/peps/test/simple +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +SSETestUtils.java +file + + + + +2013-12-20T12:27:57.274475Z +f9c51e04914afb9a99d52e642c8a6a42 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +5521 + +StorkAttrQueryRequestTest.java +file + + + + +2013-12-20T12:27:57.274475Z +66e336a173f22c2ba55b933157c703c8 +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +25393 + +StorkAuthRequestTest.java +file + + + + +2013-12-20T12:27:57.274475Z +c1e89785bc4af791adb9760fd42b7d56 +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +31301 + +StorkResponseTest.java +file + + + + +2013-12-20T12:27:57.274475Z +016c270fa1231e25cc1ccf67d0ebf6cf +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +39179 + +StorkAttrQueryResponseTest.java +file + + + + +2013-12-20T12:27:57.274475Z +44021c766949a57b10b61cd466a57b55 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +39559 + +SimpleBaseTest.java +file + + + + +2013-12-20T12:27:57.274475Z +6effea1d03de1bd17fd8d07d3778df58 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1871 + +package-info.java +file + + + + +2013-12-20T12:27:57.274475Z +3cd87d2f80f4a5a4f42ab5bc844dd2f3 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +811 + diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/SSETestUtils.java.svn-base b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/SSETestUtils.java.svn-base new file mode 100644 index 000000000..b1443bb0e --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/SSETestUtils.java.svn-base @@ -0,0 +1,173 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import java.io.IOException; +import java.io.InputStream; +import java.io.StringWriter; + +import javax.xml.XMLConstants; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.io.IOUtils; +import org.bouncycastle.util.encoders.Base64; +import org.opensaml.Configuration; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.Marshaller; +import org.opensaml.xml.io.MarshallerFactory; +import org.opensaml.xml.io.MarshallingException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +/** + * The Class SSETestUtils. + */ +public final class SSETestUtils { + + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(SSETestUtils.class.getName()); + + /** + * Instantiates a new sSE test utils. + */ + private SSETestUtils() { + } + + /** + * Prints the tree DOM. + * + * @param samlToken the SAML token + * @param isIndent the is indent + * + * @return the string + * @throws TransformerException the exception + */ + public static String printTreeDOM(final Element samlToken, final boolean isIndent) throws TransformerException { + // set up a transformer + final TransformerFactory transfac = TransformerFactory.newInstance(); + final Transformer trans = transfac.newTransformer(); + trans.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + trans.setOutputProperty(OutputKeys.INDENT, String.valueOf(isIndent)); + + // create string from XML tree + final StringWriter stringWriter = new StringWriter(); + final StreamResult result = new StreamResult(stringWriter); + final DOMSource source = new DOMSource(samlToken); + trans.transform(source, result); + final String xmlString = stringWriter.toString(); + + return xmlString; + } + + /** + * Marshall. + * + * @param samlToken the SAML token + * + * @return the byte[] + * + * @throws MarshallingException the marshalling exception + * @throws ParserConfigurationException the parser configuration exception + * @throws TransformerException the transformer exception + */ + public static byte[] marshall(final XMLObject samlToken) + throws MarshallingException, ParserConfigurationException, + TransformerException { + + final javax.xml.parsers.DocumentBuilderFactory dbf = javax.xml.parsers.DocumentBuilderFactory + .newInstance(); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + dbf.setNamespaceAware(true); + dbf.setIgnoringComments(true); + final javax.xml.parsers.DocumentBuilder docBuild = dbf + .newDocumentBuilder(); + + // Get the marshaller factory + final MarshallerFactory marshallerFactory = Configuration + .getMarshallerFactory(); + + // Get the Subject marshaller + final Marshaller marshaller = marshallerFactory + .getMarshaller(samlToken); + + final Document doc = docBuild.newDocument(); + + // Marshall the SAML token + marshaller.marshall(samlToken, doc); + + // Obtain a byte array representation of the marshalled SAML object + final DOMSource domSource = new DOMSource(doc); + final StringWriter writer = new StringWriter(); + final StreamResult result = new StreamResult(writer); + final TransformerFactory transFact = TransformerFactory.newInstance(); + final Transformer transformer = transFact.newTransformer(); + transformer.transform(domSource, result); + + return writer.toString().getBytes(); + } + + /** + * Encode SAML token. + * + * @param samlToken the SAML token + * + * @return the string + */ + public static String encodeSAMLToken(final byte[] samlToken) { + return new String(Base64.encode(samlToken)); + } + + /** + * Read stork SAML from file. + * + * @param resource the resource + * + * @return the byte[] + * @throws IOException the exception + * + */ + public static byte[] readStorkSamlFromFile(final String resource) + throws IOException { + InputStream inputStream = null; + byte[] bytes; + + try { + inputStream = StorkAuthRequestTest.class + .getResourceAsStream(resource); + + // Create the byte array to hold the data + bytes = new byte[(int) inputStream.available()]; + inputStream.read(bytes); + } catch (IOException e) { + LOG.error("Error read from file: " + resource); + throw e; + } finally { + IOUtils.closeQuietly(inputStream); + } + return bytes; + + } +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/SimpleBaseTest.java.svn-base b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/SimpleBaseTest.java.svn-base new file mode 100644 index 000000000..97fa4b7cc --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/SimpleBaseTest.java.svn-base @@ -0,0 +1,62 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import org.junit.Test; + +import junit.framework.Assert; +import junit.framework.TestCase; +import eu.stork.peps.auth.engine.STORKSAMLEngine; + +/** + * The Class SimpleBaseTest. Defines a set of test the initialization of the + * SAML engine. + */ +public class SimpleBaseTest extends TestCase { + + /** + * Test SAML engine correct configuration name. + */ + @Test + public final void testSamlEngineCorrectInit() { + Assert.assertNotNull(STORKSAMLEngine.getInstance("CONF1")); + } + + /** + * Test SAML engine error configuration name. + */ + @Test + public final void testSamlEngineErrorNameConf() { + Assert.assertNull(STORKSAMLEngine.getInstance("CONF_ERROR")); + } + + /** + * Test SAML engine error name null. + */ + @Test + public final void testSamlEngineErrorNameNull() { + Assert.assertNull(STORKSAMLEngine.getInstance(null)); + } + + /** + * Test SAML engine correct name configuration with spaces. + */ + @Test + public final void testSamlEngineErrorNameSpaces() { + Assert.assertNotNull(STORKSAMLEngine.getInstance(" CONF1 ")); + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAttrQueryRequestTest.java.svn-base b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAttrQueryRequestTest.java.svn-base new file mode 100644 index 000000000..7fa305d3b --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAttrQueryRequestTest.java.svn-base @@ -0,0 +1,790 @@ +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.io.File; +import java.io.FileOutputStream; +import java.util.ArrayList; +import java.util.Arrays; + +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +public class StorkAttrQueryRequestTest { + + /** The engines. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0"); + private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); + private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); + + + /** + * Instantiates a new stork authentication request test. + */ + public StorkAttrQueryRequestTest() { + pal = new PersonalAttributeList(); + + final PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + final ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + final PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + final PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + eIDNumber.setValue(Arrays.asList("ES/IS/1234567890")); + pal.add(eIDNumber); + + final PersonalAttribute givenName = new PersonalAttribute(); + givenName.setName("givenName"); + givenName.setIsRequired(true); + givenName.setValue(Arrays.asList("Sveinbjorn")); + pal.add(givenName); + + destination = "http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest"; + //assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + + } + + /** The destination. */ + private String destination; + + /** The service provider sector. */ + private String spSector; + + /** The service provider institution. */ + private String spInstitution; + + /** The service provider application. */ + private String spApplication; + + /** The service provider country. */ + private String spCountry; + + /** The service provider id. */ + private String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The List of Personal Attributes. */ + private IPersonalAttributeList pal; + + /** The attribute query request. */ + private static byte[] attrRequest; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkAttrQueryRequestTest.class.getName()); + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + } + + /** + * Test generate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryRequest() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // new parameters + request.setEIDSectorShare(false); + request.setEIDCrossSectorShare(false); + request.setEIDCrossBorderShare(false); + + STORKAttrQueryRequest req1 = engine0.generateSTORKAttrQueryRequest(request); + byte[] reqByte = req1.getTokenSaml(); + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml")); + output.write(reqByte); + } catch (Exception e) { + e.printStackTrace(); + throw new STORKSAMLEngineException(e); + } finally { + try { output.close(); } catch (Exception e) { throw new STORKSAMLEngineException(e); } + } + + + + + LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); + + request.setCitizenCountryCode("IS"); + LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); + } + + /** + * Test generate authentication request error personal attribute name error. + */ + @Test + public final void testGenerateAttrQueryRequestPALsErr1() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("attrNotValid"); + worngAttr.setIsRequired(true); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + + // news parameters + request.setEIDSectorShare(false); + request.setEIDCrossSectorShare(false); + request.setEIDCrossBorderShare(false); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + /** + * Test generate authentication request error personal attribute value error. + */ + @Test + public final void testGenerateAttrQueryRequestPALsErr2() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute attrNotValid = new PersonalAttribute(); + attrNotValid.setName("attrNotValid"); + attrNotValid.setIsRequired(true); + palWrong.add(attrNotValid); + + + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request authentication assurance level + * negative value. + */ + @Test + public final void testGenerateAttrQueryRequestQaalErr1() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(-1); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request service provider sector null. + */ + @Test + public final void testGenerateAttrQueryRequestSectorErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + + } + } + + /** + * Test generate authentication request service provider institution null. + */ + @Test + public final void testGenerateAttrQueryRequestInstitutionrErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(null); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAttrQueryRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAttrQueryRequestApplicationErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(null); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider country null. + */ + @Test + public final void testGenerateAttrQueryRequestCountryErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(null); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request error with quality authentication + * assurance level wrong. + */ + @Test + public final void testGenerateAttrQueryRequestQaalErr2() { + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(0); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request personal attribute list null value. + */ + @Test + public final void testGenerateAttrQueryRequestPALErr1() { + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(null); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request null parameter. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestNullParam() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAttrQueryRequest(null); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request error bytes encode. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestErrorEncode() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAttrQueryRequest("messageError".getBytes()); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequest() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + attrRequest = engine.generateSTORKAttrQueryRequest(request).getTokenSaml(); + + final STORKAttrQueryRequest validatedRequest = engine.validateSTORKAttrQueryRequest(attrRequest); + + assertEquals("CrossBorderShare incorrect: ", validatedRequest.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", validatedRequest.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", validatedRequest.isEIDSectorShare(), false); + + } + + /** + * Test validate data authenticate request. Verified parameters after + * validation. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateDataAttrQueryRequest() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = engine.validateSTORKAttrQueryRequest(attrRequest); + + assertEquals("Sestination incorrect: ", request.getDestination(), destination); + + assertEquals("CrossBorderShare incorrect: ", request.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", request.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", request.isEIDSectorShare(), false); + + assertEquals("QAAL incorrect: ", request.getQaa(), QAAL); + assertEquals("SPSector incorrect: ", request.getSpSector(), spSector); + assertEquals("SPInstitution incorrect: ", request.getSpInstitution(), null); + assertEquals("SPApplication incorrect: ", request.getSpApplication(), spApplication); + assertEquals("CitizenCountryCode incorrect: ", request.getCitizenCountryCode(), null); + + } + + /** + * Test validate file attribute query request. Validate from XML file. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAttrQueryRequest() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml"); + + try { + engine.validateSTORKAttrQueryRequest(bytes); + fail("testValidateFileAttrQueryRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + } + } + + /** + * Test validate file authentication request tag delete. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAttrRequestTagDelete() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml"); + + try { + engine.validateSTORKAttrQueryRequest(bytes); + fail("validateSTORKAttrQueryRequest(...) should have thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + + } + } + + /** + * Test validate authentication request not trusted token. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestNotTrustedErr1() + throws STORKSAMLEngineException { + + try { + final STORKSAMLEngine engineNotTrusted = STORKSAMLEngine + .getInstance("CONF2"); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineNotTrusted + .generateSTORKAttrQueryRequest(request).getTokenSaml(); + + engine.validateSTORKAttrQueryRequest(authReqNotTrust); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("validateSTORKAttrQueryRequestNotTrusted(...) should not have thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test validate authentication request trusted. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestTrusted() + throws STORKSAMLEngineException { + + final STORKSAMLEngine engineTrusted = STORKSAMLEngine + .getInstance("CONF3"); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineTrusted.generateSTORKAttrQueryRequest( + request).getTokenSaml(); + + // engine ("CONF1") no have trust certificate from "CONF2" + engine.validateSTORKAttrQueryRequest(authReqNotTrust); + + } + + + + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAttrQueryRequestNADA() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(null); + request.setSpApplication(null); + request.setSpCountry(null); + + try { + + engine.validateSTORKAttrQueryRequest(attrRequest); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test validate authentication request with unknown elements. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestWithUnknownElements() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute unknown = new PersonalAttribute(); + unknown.setName("unknown"); + unknown.setIsRequired(true); + pAttList.add(unknown); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + STORKAttrQueryRequest req = new STORKAttrQueryRequest(); + + req = engine3.generateSTORKAttrQueryRequest(request); + + req = engine.validateSTORKAttrQueryRequest(req.getTokenSaml()); + + assertNull("The value shouldn't exist", req.getPersonalAttributeList().get("unknown")); + assertNotNull("The value should exist", req.getPersonalAttributeList().get("eIdentifier")); + + } + + /** + * Test generate Request with required elements by default + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryRequestWithIsRequiredElementsByDefault() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + STORKAttrQueryRequest req = new STORKAttrQueryRequest(); + STORKAttrQueryRequest reqTrue = new STORKAttrQueryRequest(); + STORKAttrQueryRequest reqFalse = new STORKAttrQueryRequest(); + + reqTrue = engine.generateSTORKAttrQueryRequest(request); + reqFalse = engine2.generateSTORKAttrQueryRequest(request); + req = engine3.generateSTORKAttrQueryRequest(request); + + + String token = new String(req.getTokenSaml()); + String reqTrueToken = new String(reqTrue.getTokenSaml()); + String reqFalseToken = new String(reqFalse.getTokenSaml()); + + assertTrue("The token must contain the chain 'isRequired'", token.contains("isRequired")); + assertTrue("The token must contain the chain 'isRequired'", reqTrueToken.contains("isRequired")); + assertFalse("The token must contain the chain 'isRequired'", reqFalseToken.contains("isRequired")); + + } + + /** + * Test validating attribute query and getting alias used to save + * the saml trusted certificate into trustore + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAtrrQueryRequestGettingItsAlias() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + STORKAttrQueryRequest req = new STORKAttrQueryRequest(); + + req = engine3.generateSTORKAttrQueryRequest(request); + req = engine.validateSTORKAttrQueryRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo")); + + req = engine2.generateSTORKAttrQueryRequest(request); + req = engine2.validateSTORKAttrQueryRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo")); + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAttrQueryResponseTest.java.svn-base b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAttrQueryResponseTest.java.svn-base new file mode 100644 index 000000000..27c6cfe39 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAttrQueryResponseTest.java.svn-base @@ -0,0 +1,920 @@ +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; + +import org.junit.Ignore; +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.commons.STORKStatusCode; +import eu.stork.peps.auth.commons.STORKSubStatusCode; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +public class StorkAttrQueryResponseTest { + + /** The engine. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + + /** + * Gets the engine. + * + * @return the engine + */ + public static STORKSAMLEngine getEngine() { + return engine; + } + + /** + * Sets the engine. + * + * @param newEngine the new engine + */ + public static void setEngine(final STORKSAMLEngine newEngine) { + StorkAttrQueryResponseTest.engine = newEngine; + } + + /** The destination. */ + private static String destination; + + /** The service provider sector. */ + private static String spSector; + + /** The service provider institution. */ + private static String spInstitution; + + /** The service provider application. */ + private static String spApplication; + + /** The service provider country. */ + private static String spCountry; + + /** The service provider id. */ + private static String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The state. */ + private static String state = "IS"; + + /** The town. */ + private static String town = "Reykjavik"; + + /** The postal code. */ + private static String postalCode = "105"; + + /** The street name. */ + private static String streetName = "Gudrunartun"; + + /** The street number. */ + private static String streetNumber = "10"; + + /** The List of Personal Attributes. */ + private static IPersonalAttributeList pal; + + /** The assertion consumer URL. */ + private static String assertConsumerUrl; + + /** The attribute query request. */ + private static byte[] attrQueryRequest; + + /** The attribute query response. */ + private static byte[] attrQueryResponse; + + /** The attribute query request. */ + private static STORKAttrQueryRequest attrQueryenRequest; + + /** The attribute query response. */ + private static STORKAttrQueryResponse attrQeuryenResponse; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkAttrQueryResponseTest.class.getName()); + + /** + * Instantiates a new stork response test. + */ + public StorkAttrQueryResponseTest() { + super(); + } + + /** The IP address. */ + private static String ipAddress; + + /** The destination URL. */ + private static String destinationUrl; + + /** The is hashing. */ + private final boolean isHashing = Boolean.TRUE; + + /** The is not hashing. */ + private final boolean isNotHashing = Boolean.FALSE; + + /** The ERROR text. */ + private static final String ERROR_TXT = "generateAttrQueryResponse(...) should've thrown an STORKSAMLEngineException!"; + + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + + pal = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + pal.add(eIDNumber); + + final PersonalAttribute givenName = new PersonalAttribute(); + givenName.setName("givenName"); + givenName.setIsRequired(true); + pal.add(givenName); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + pal.add(canRessAddress); + + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + pal.add(newAttribute); + + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "EN"; + + spId = "EDU001-APP001-APP001"; + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + request.setDestination(destination); + //request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + //request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + attrQueryRequest = getEngine().generateSTORKAttrQueryRequest(request) + .getTokenSaml(); + + attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest); + + } catch (STORKSAMLEngineException e) { + fail("Error create STORKAuthnRequest"); + } + + ipAddress = "111.222.333.444"; + + destinationUrl = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + + pal = new PersonalAttributeList(); + + isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ages = new ArrayList(); + + ages.add("16"); + ages.add("18"); + + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(isAgeOver); + + dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList date = new ArrayList(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(dateOfBirth); + + eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + final ArrayList idNumber = new ArrayList(); + idNumber.add("123456789IS"); + eIDNumber.setValue(idNumber); + eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(eIDNumber); + + canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap address = new HashMap(); + + address.put("state", state); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + + canRessAddress.setComplexValue(address); + pal.add(canRessAddress); + + newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap values = new HashMap(); + + values.put("value1", "value1"); + values.put("value2", "value2"); + values.put("value3", "value3"); + values.put("value4", "value4"); + + newAttribute.setComplexValue(values); + pal.add(newAttribute); + + } + + /** + * Test generate attribute query request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryResponse() throws STORKSAMLEngineException { + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + final STORKAttrQueryResponse storkResponse = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, + destinationUrl, isNotHashing); + + attrQueryResponse = storkResponse.getTokenSaml(); + + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml")); + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(attrQueryResponse); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(attrQueryResponse)); + + + } + + /** + * Test validation id parameter mandatory. + */ + @Test + public final void testResponseMandatoryId() { + final String identifier = attrQueryenRequest.getSamlId(); + attrQueryenRequest.setSamlId(null); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, destinationUrl, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setSamlId(identifier); + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response in response to err1. + */ + @Test + public final void testResponseMandatoryIssuer() { + + final String issuer = attrQueryenRequest.getIssuer(); + attrQueryenRequest.setIssuer(null); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, destinationUrl, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setIssuer(issuer); + LOG.error("Error"); + } + } + + + /** + * Test generate attribute query response assertion consumer null. + */ + /*@Test + public final void testResponseMandatoryAssertionConsumerServiceURL() { + final String asserConsumerUrl = attrQueryenRequest + .getAssertionConsumerServiceURL(); + attrQueryenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setAssertionConsumerServiceURL(asserConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response IP address null. + */ + @Test + public final void testResponseValidationIP() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, null, + destinationUrl, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response with personal attribute list null. + */ + @Test + public final void testResponseMandatoryPersonalAttributeList() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(null); + + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, destinationUrl, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate attribute query response token null. + */ + @Test + public final void testResponseInvalidParametersToken() { + try { + getEngine().validateSTORKAttrQueryResponse(null, ipAddress); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate attribute query response IP null. + */ + @Test + public final void STORKAttrQueryResponse() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response parameter name wrong. + */ + @Test + public final void testResponseInvalidParametersAttr() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("AttrWrong"); + wrongList.add(worngAttr); + + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrSimpleValue() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoValue() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoName() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null complex value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrComplexValue() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setComplexValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test validate attribute query response IP distinct and disabled validation + * IP. + */ + @Test + public final void testResponseInvalidParametersIPDistinct() { + try { + // ipAddress origin "111.222.333.444" + // ipAddrValidation = false + // Subject Confirmation Bearer. + + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, "127.0.0.1"); + } catch (STORKSAMLEngineException e) { + fail("validateAttributeQueryResponse(...) should've thrown an STORKSAMLEngineException!"); + LOG.error("Error"); + } + } + + /** + * Test response invalid parameters invalid token. + */ + @Test + public final void testResponseInvalidParametersTokenMsg() { + try { + // ipAddress origin "111.222.333.444" + // Subject Confirmation Bearer. + getEngine().validateSTORKAttrQueryResponse("errorMessage".getBytes(), + ipAddress); + fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate attribute query response is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + /*@Test + public final void testValidateAuthenticationResponseIsFail() + throws STORKSAMLEngineException { + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertFalse("Generate incorrect response: ", attrQeuryenResponse.isFail()); + } + + /** + * Test validate attribute query response destination. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseDestination() + throws STORKSAMLEngineException { + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertEquals("Destination incorrect: ", + attrQeuryenResponse.getInResponseTo(), attrQueryenRequest.getSamlId()); + } + + /** + * Test validate attribute query response values. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseValuesComplex() + throws STORKSAMLEngineException { + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertEquals("Country incorrect:", attrQeuryenResponse.getCountry(), "ES"); + + final Iterator iterator = attrQeuryenResponse + .getPersonalAttributeList().iterator(); + + while (iterator.hasNext()) { + final PersonalAttribute attribute = iterator.next(); + if (attribute.getName().equalsIgnoreCase( + "canonicalResidenceAddress")) { + assertEquals("State incorrect: ", state, attribute + .getComplexValue().get("state")); + assertEquals("Town incorrect: ", town, attribute + .getComplexValue().get("town")); + assertEquals("Postal code incorrect: ", postalCode, attribute + .getComplexValue().get("postalCode")); + assertEquals("Street name incorrect: ", streetName, attribute + .getComplexValue().get("streetName")); + assertEquals("Street number incorrect: ", streetNumber, + attribute.getComplexValue().get("streetNumber")); + } + } + } + + /** + * Test generate attribute query response fail in response to it's null. + * @throws STORKSAMLEngineException + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test //( expected=STORKSAMLEngineException.class) + public final void testGenerateAttrQueryResponseFailInResponseToNull() throws STORKSAMLEngineException { + final String identifier = attrQueryenRequest.getSamlId(); + attrQueryenRequest.setSamlId(null); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setSamlId(identifier); + LOG.error("Error"); + //throw new STORKSAMLEngineException(e); + } + } + + /** + * Test generate attribute query response fail assertion consumer URL err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + /*@Test + public final void testGenerateAuthnResponseFailAssertionConsumerUrlNull() + throws STORKSAMLEngineException { + + final String assertConsumerUrl = attrQueryenRequest + .getAssertionConsumerServiceURL(); + attrQueryenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + attrQueryResponse = getEngine().generateSTORKAuthnResponseFail(attrQueryenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setAssertionConsumerServiceURL(assertConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response fail code error err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryResponseFailCodeErrorNull() + throws STORKSAMLEngineException { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setStatusCode(null); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + fail("generateAttrQueryResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test generate attribute query request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryResponse() throws STORKSAMLEngineException { + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList date = new ArrayList(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(dateOfBirth); + + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + + final ArrayList idNumber = new ArrayList(); + idNumber.add("123456789PÑ"); + + final HashMap complex = new HashMap(); + complex.put("one", "two"); + + //eIDNumber.setValue(null); + //eIDNumber.setValue(idNumber); + //eIDNumber.setComplexValue(complex); + + eIDNumber.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.toString()); + palist.add(eIDNumber); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap address = new HashMap(); + + address.put("state", state); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + + canRessAddress.setComplexValue(address); + palist.add(canRessAddress); + + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAttrQueryResponse storkResponse = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, + destinationUrl, isNotHashing); + + attrQueryResponse = storkResponse.getTokenSaml(); + LOG.info("Request id: " + attrQueryenRequest.getSamlId()); + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(attrQueryResponse)); + + + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + LOG.info("RESPONSE ID: " + attrQeuryenResponse.getSamlId()); + LOG.info("RESPONSE IN_RESPONSE_TO: " + attrQeuryenResponse.getInResponseTo()); + LOG.info("RESPONSE COUNTRY: " + attrQeuryenResponse.getCountry()); + + } + + + + + + /** + * Test validate attribute query response fail is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryResponseFailIsFail() + throws STORKSAMLEngineException { + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage("message"); + + attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + + LOG.error("ERROR_FAIL: " + PEPSUtil.encodeSAMLToken(attrQueryResponse)); + + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + LOG.info("COUNTRY: " + attrQeuryenResponse.getCountry()); + assertTrue("Generate incorrect response: ", attrQeuryenResponse.isFail()); + } + + /** + * Test generate/validate response with signedDoc + * + * @throws STORKSAMLEngineException + * the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryResponseWithSignedDoc() + throws STORKSAMLEngineException { + + String signedDocResponse = " urn:oasis:names:tc:dss:1.0:resultmajor:Success PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBJZD0iUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI09iamVjdCIgVVJJPSIjT2JqZWN0LTk4NzMzY2RlLThiY2MtNDhhMC05Yjc3LTBlOTk5N2JkZDA1OCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNiYXNlNjQiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkNrMVZxTmQ0NVFJdnEzQVpkOFhZUUx2RWh0QT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjxkczpSZWZlcmVuY2UgVHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5BNVk5MW40cXBMZ3l0VFc3ZnhqWENVZVJ2NTQ9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48ZHM6UmVmZXJlbmNlIFVSST0iI1NpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItS2V5SW5mbyI+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPlZQWDRuS0Z5UzZyRitGNmNSUjBQck5aZHc2Zz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWUgSWQ9IlNpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItU2lnbmF0dXJlVmFsdWUiPkxiS04vL0M3WGt5eFR0WVRpQ1VScjhuWnp4QW1zdGNNZDBDZ0VBQ3JLMWR5Z1JIcUdjSzR4dHMrV0NVOFB5RXFXclJJVFl6SXV3LzcNClY0Wno5VFQ2MHA0S1RNZXd1UUw2NHNrRVN4MllnMkVkaWtTTyt0S3hXa2hyYVVzbVZiR2JQbW1jbUR2OTd0SER3ODg3NDdlRnE1RjUNCnYrYVZTeUF6MDNpVUttdVNlSDg9PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbyBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1LZXlJbmZvIj48ZHM6S2V5VmFsdWU+PGRzOlJTQUtleVZhbHVlPjxkczpNb2R1bHVzPnd1Y21qOXRJV3J2d2JTVFVEZndLbCtKdERNTUVSMGNMZDZEa0JTcjc5MHQrckdOakVTcVlqUndFSWVCbktvUUhQeDVIb1JlRjg4L3QNCnFZOStDaEVYcExITHM5cDVhWDdTREp1YnBRTWZwMXRERlgzNHl3Z3hTUXZjZWVKUVdCWGppZXVJbWZDMjFzNGJPY2dKYlYxaGJpZ1MNCnpPS1RRS3IxVHpkR1IrdVJ5MDA9PC9kczpNb2R1bHVzPjxkczpFeHBvbmVudD5BUUFCPC9kczpFeHBvbmVudD48L2RzOlJTQUtleVZhbHVlPjwvZHM6S2V5VmFsdWU+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJSW1UQ0NCNEdnQXdJQkFnSURBWFVVTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUlCT3pFTE1Ba0dBMVVFQmhNQ1JWTXhPekE1QmdOVg0KQkFvVE1rRm5aVzVqYVdFZ1EyRjBZV3hoYm1FZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUNoT1NVWWdVUzB3T0RBeE1UYzJMVWtwTVRRdw0KTWdZRFZRUUhFeXRRWVhOellYUm5aU0JrWlNCc1lTQkRiMjVqWlhCamFXOGdNVEVnTURnd01EZ2dRbUZ5WTJWc2IyNWhNUzR3TEFZRA0KVlFRTEV5VlRaWEoyWldseklGQjFZbXhwWTNNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVWRFZpMHlNVFV3TXdZRFZRUUxFeXhXWldkbA0KZFNCb2RIUndjem92TDNkM2R5NWpZWFJqWlhKMExtNWxkQzkyWlhKRFNVTXRNaUFvWXlrd016RTFNRE1HQTFVRUN4TXNSVzUwYVhSaA0KZENCd2RXSnNhV05oSUdSbElHTmxjblJwWm1sallXTnBieUJrWlNCamFYVjBZV1JoYm5NeEd6QVpCZ05WQkFNVEVsQlNSVkJTVDBSVg0KUTBOSlR5QkpSRU5oZERBZUZ3MHhNREF5TVRFeE9ESXlNRFJhRncweE5EQXlNVEF4T0RJeU1EUmFNSUd3TVFzd0NRWURWUVFHRXdKRg0KVXpFMU1ETUdBMVVFQ3hNc1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5U1VSRFlYUWdLR01wTURNeA0KRmpBVUJnTlZCQVFURFVKRlVreEJUa2RCSUZOUFZFOHhGekFWQmdOVkJDb1REazFCVWtsQklFVk9SMUpCUTBsQk1SSXdFQVlEVlFRRg0KRXdreE1EQXdNRGswTkZNeEpUQWpCZ05WQkFNVEhFMUJVa2xCSUVWT1IxSkJRMGxCSUVKRlVreEJUa2RCSUZOUFZFOHdnWjh3RFFZSg0KS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNTG5Kby9iU0ZxNzhHMGsxQTM4Q3BmaWJRekRCRWRIQzNlZzVBVXErL2RMZnF4ag0KWXhFcW1JMGNCQ0hnWnlxRUJ6OGVSNkVYaGZQUDdhbVBmZ29SRjZTeHk3UGFlV2wrMGd5Ym02VURINmRiUXhWOStNc0lNVWtMM0huaQ0KVUZnVjQ0bnJpSm53dHRiT0d6bklDVzFkWVc0b0VzemlrMENxOVU4M1JrZnJrY3ROQWdNQkFBR2pnZ1N3TUlJRXJEQU1CZ05WSFJNQg0KQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQ0J6QVlEVlIwUkJJSEVNSUhCZ1E5aWMyOTBiMEJuYldGcGJDNWpiMjJrZ1lVdw0KZ1lJeEN6QUpCZ05WQkFZVEFrVlRNU3N3S1FZRFZRUUtGQ0pCWjhPb2JtTnBZU0JEWVhSaGJHRnVZU0JrWlNCRFpYSjBhV1pwWTJGag0KYWNPek1RNHdEQVlEVlFRTEV3VkpSRU5CVkRFUE1BMEdBMVVFQlJNR01ERTNOVEUwTVNVd0l3WURWUVFERXh4TlFWSkpRU0JGVGtkUw0KUVVOSlFTQkNSVkpNUVU1SFFTQlRUMVJQb0JBR0Npc0dBUVFCOVhnQkFRR2dBZ3dBb0JRR0RsWUVBQUVEQmdFRUFmVjRBUUVDb0FJTQ0KQURBZkJnTlZIUklFR0RBV2dSUmxZMTlwWkdOaGRFQmpZWFJqWlhKMExtNWxkREFkQmdOVkhRNEVGZ1FVQUZYanVOc2tCMk1seXZVQg0KaDdwOFRKMHVKMHd3Z2dGSUJnTlZIU01FZ2dFL01JSUJPNEFVUkt2Y2tVaE4xNGg0Q24vZ2RPRG42NzIzS1Z5aGdnRVBwSUlCQ3pDQw0KQVFjeEN6QUpCZ05WQkFZVEFrVlRNVHN3T1FZRFZRUUtFekpCWjJWdVkybGhJRU5oZEdGc1lXNWhJR1JsSUVObGNuUnBabWxqWVdOcA0KYnlBb1RrbEdJRkV0TURnd01URTNOaTFKS1RFb01DWUdBMVVFQ3hNZlUyVnlkbVZwY3lCUWRXSnNhV056SUdSbElFTmxjblJwWm1sag0KWVdOcGJ6RThNRG9HQTFVRUN4TXpWbVZuWlhVZ2FIUjBjSE02THk5M2QzY3VZMkYwWTJWeWRDNXVaWFF2ZG1WeWNISmxjSEp2WkhWag0KWTJsdklDaGpLVEF6TVRVd013WURWUVFMRXl4S1pYSmhjbkYxYVdFZ1JXNTBhWFJoZEhNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVOaA0KZEdGc1lXNWxjekVjTUJvR0ExVUVBeE1UVUZKRlVGSlBSRlZEUTBsUElFVkRMVUZEUTRJUWR3S1R0TTFFRVU5RkVQWFVZSGdnaERBZA0KQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRd0VRWUpZSVpJQVliNFFnRUJCQVFEQWdXZ01EUUdDQ3NHQVFVRg0KQndFQkJDZ3dKakFrQmdnckJnRUZCUWN3QVlZWWFIUjBjSE02THk5dlkzTndMbU5oZEdObGNuUXVibVYwTUJnR0NDc0dBUVVGQndFRA0KQkF3d0NqQUlCZ1lFQUk1R0FRRXdnWVlHQTFVZEh3Ui9NSDB3UEtBNm9EaUdObWgwZEhBNkx5OWxjSE5qWkM1allYUmpaWEowTG01bA0KZEM5amNtd3ZjSEpsY0hKdlpIVmpZMmx2WDJWakxXbGtZMkYwTG1OeWJEQTlvRHVnT1lZM2FIUjBjRG92TDJWd2MyTmtNaTVqWVhSag0KWlhKMExtNWxkQzlqY213dmNISmxjSEp2WkhWalkybHZYMlZqTFdsa1kyRjBMbU55YkRDQjlnWURWUjBnQklIdU1JSHJNSUhvQmd3cg0KQmdFRUFmVjRBUU1CVmdFd2dkY3dMQVlJS3dZQkJRVUhBZ0VXSUdoMGRIQnpPaTh2ZDNkM0xtTmhkR05sY25RdWJtVjBMM1psY2tsRQ0KUTJGME1JR21CZ2dyQmdFRkJRY0NBakNCbVJxQmxrRnhkV1Z6ZENEdnY3MXpJSFZ1SUdObGNuUnBabWxqWVhRZ2NHVnljMjl1WVd3Zw0KU1VSRFFWUXNJSEpsWTI5dVpXZDFkQ0JrSjJsa1pXNTBhV1pwWTJGajc3KzlMQ0J6YVdkdVlYUjFjbUVnYVNCNGFXWnlZWFFnWkdVZw0KWTJ4aGMzTmxJRElnYVc1a2FYWnBaSFZoYkM0Z1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5UkVOaA0KZERBdEJnTlZIUWtFSmpBa01CQUdDQ3NHQVFVRkJ3a0VNUVFUQWtWVE1CQUdDQ3NHQVFVRkJ3a0ZNUVFUQWtWVE1BMEdDU3FHU0liMw0KRFFFQkJRVUFBNElCQVFDcTc3ODBSR1FNTEIxZ2tkTk1mTFhuZ3FNb1JIR0taYnZ6a3JxSUFtVDhXQWQxRThyQXBoUjkveExKVXRwNQ0KbGJnMmZScjVibDJqOE9WREJLMlltRzQxaDhBRG40U1RJL0FwZU5JTlNmalpzNk5Sc25XekZ5ZlhYbVBDSFlGQi9YV3p5aW1DRXhndg0KdnR1SCszUUF3Y3dobjUwUExFdWh3NUM1dmxYN0x5NUs2ckxMTUZOVVVNYldWeTFoWmVsSy9DQlRjQWpJTzM4TlkrdllSQU1LU2Y0TQ0KL2daUXo0cUJlRlZKYTUyUjdOY0FxQ2ZyZkxmYVhwYkRTZzk4eG9CZU5zMmluR3p4OFVTZ0VyTFpqS0pzZG4vS2pURDlnUy9zVGRRNg0KUTdpZHFsZDJMRlZsTzIvYjk0Wk5aQmNTLzc4RU9EWGdkV2ZreVBDN1J3OHJlOW5JMy9qVDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjxkczpPYmplY3QgRW5jb2Rpbmc9ImJhc2U2NCIgSWQ9Ik9iamVjdC05ODczM2NkZS04YmNjLTQ4YTAtOWI3Ny0wZTk5OTdiZGQwNTgiIE1pbWVUeXBlPSJhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0iPlNHVnNiRzhnVjI5eWJHUT08L2RzOk9iamVjdD48ZHM6T2JqZWN0Pjx4YWRlczpRdWFsaWZ5aW5nUHJvcGVydGllcyB4bWxuczp4YWRlcz0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMy92MS4zLjIjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1RdWFsaWZ5aW5nUHJvcGVydGllcyIgVGFyZ2V0PSIjU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjx4YWRlczpTaWduZWRQcm9wZXJ0aWVzIElkPSJTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjx4YWRlczpTaWduZWRTaWduYXR1cmVQcm9wZXJ0aWVzPjx4YWRlczpTaWduaW5nVGltZT4yMDExLTAzLTIxVDExOjQ0OjQyKzAxOjAwPC94YWRlczpTaWduaW5nVGltZT48eGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjx4YWRlczpDZXJ0Pjx4YWRlczpDZXJ0RGlnZXN0PjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT4zbTZ3OTlUb3lTZDlKcEJsMWdCazhEei9iYlU9PC9kczpEaWdlc3RWYWx1ZT48L3hhZGVzOkNlcnREaWdlc3Q+PHhhZGVzOklzc3VlclNlcmlhbD48ZHM6WDUwOUlzc3Vlck5hbWU+Q049UFJFUFJPRFVDQ0lPIElEQ2F0LCBPVT1FbnRpdGF0IHB1YmxpY2EgZGUgY2VydGlmaWNhY2lvIGRlIGNpdXRhZGFucywgT1U9VmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTIgKGMpMDMsIE9VPVNlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8gRUNWLTIsIEw9UGFzc2F0Z2UgZGUgbGEgQ29uY2VwY2lvIDExIDA4MDA4IEJhcmNlbG9uYSwgTz1BZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNpbyAoTklGIFEtMDgwMTE3Ni1JKSwgQz1FUzwvZHM6WDUwOUlzc3Vlck5hbWU+PGRzOlg1MDlTZXJpYWxOdW1iZXI+OTU1MDg8L2RzOlg1MDlTZXJpYWxOdW1iZXI+PC94YWRlczpJc3N1ZXJTZXJpYWw+PC94YWRlczpDZXJ0PjwveGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjwveGFkZXM6U2lnbmVkU2lnbmF0dXJlUHJvcGVydGllcz48eGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PHhhZGVzOkRhdGFPYmplY3RGb3JtYXQgT2JqZWN0UmVmZXJlbmNlPSIjUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyI+PHhhZGVzOk1pbWVUeXBlPmFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbTwveGFkZXM6TWltZVR5cGU+PHhhZGVzOkVuY29kaW5nPmJhc2U2NDwveGFkZXM6RW5jb2Rpbmc+PC94YWRlczpEYXRhT2JqZWN0Rm9ybWF0PjwveGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PC94YWRlczpTaWduZWRQcm9wZXJ0aWVzPjwveGFkZXM6UXVhbGlmeWluZ1Byb3BlcnRpZXM+PC9kczpPYmplY3Q+PC9kczpTaWduYXR1cmU+ "; + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute signedDoc = new PersonalAttribute(); + signedDoc.setName("signedDoc"); + signedDoc.setIsRequired(false); + ArrayList signed = new ArrayList(); + signed.add(signedDocResponse); + signedDoc.setValue(signed); + palist.add(signedDoc); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + palist.add(isAgeOver); + + attrQueryenRequest.setPersonalAttributeList(palist); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAttrQueryResponse storkResponse = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, + destinationUrl, isNotHashing); + + attrQueryResponse = storkResponse.getTokenSaml(); + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertTrue("SignedDoc response should be the same: ", attrQeuryenResponse + .getPersonalAttributeList().get("signedDoc").getValue().get(0) + .equals(signedDocResponse)); + + } +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAuthRequestTest.java.svn-base b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAuthRequestTest.java.svn-base new file mode 100644 index 000000000..7223ab483 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkAuthRequestTest.java.svn-base @@ -0,0 +1,966 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.util.ArrayList; + +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * The Class StorkAuthRequestTest defines a class to . + */ +public class StorkAuthRequestTest { + + /** The engines. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); + private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); + + + /** + * Instantiates a new stork authentication request test. + */ + public StorkAuthRequestTest() { + pal = new PersonalAttributeList(); + + final PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + final ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + final PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + final PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + pal.add(eIDNumber); + + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + + spName = "University of Oxford"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "EN"; + + spId = "EDU001-OXF001-APP001"; + + } + + /** The destination. */ + private String destination; + + /** The service provider name. */ + private String spName; + + /** The service provider sector. */ + private String spSector; + + /** The service provider institution. */ + private String spInstitution; + + /** The service provider application. */ + private String spApplication; + + /** The service provider country. */ + private String spCountry; + + /** The service provider id. */ + private String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The List of Personal Attributes. */ + private IPersonalAttributeList pal; + + /** The assertion consumer URL. */ + private String assertConsumerUrl; + + /** The authentication request. */ + private static byte[] authRequest; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkAuthRequestTest.class.getName()); + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + } + + /** + * Test generate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnRequest() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + //engine.generateSTORKAuthnRequest(request); + + LOG.info("STORKAuthnRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAuthnRequest(request).getTokenSaml())); + request.setCitizenCountryCode("ES"); + LOG.info("STORKAuthnRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAuthnRequest(request).getTokenSaml())); + } + + + /** + * Test generate authentication request error personal attribute name error. + */ + @Test + public final void testGenerateAuthnRequestPALsErr1() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("attrNotValid"); + worngAttr.setIsRequired(true); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + /** + * Test generate authentication request error personal attribute value error. + */ + @Test + public final void testGenerateAuthnRequestPALsErr2() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute attrNotValid = new PersonalAttribute(); + attrNotValid.setName("attrNotValid"); + attrNotValid.setIsRequired(true); + palWrong.add(attrNotValid); + + + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request error provider name null. + */ + @Test + public final void testGenerateAuthnRequestSPNAmeErr1() { + + + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(null); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try + { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + catch (STORKSAMLEngineException e) + { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request authentication assurance level + * negative value. + */ + @Test + public final void testGenerateAuthnRequestQaalErr1() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(-1); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request service provider sector null. + */ + @Test + public final void testGenerateAuthnRequestSectorErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + + } + } + + /** + * Test generate authentication request service provider institution null. + */ + @Test + public final void testGenerateAuthnRequestInstitutionrErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(null); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAuthnRequestApplicationErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(null); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider country null. + */ + @Test + public final void testGenerateAuthnRequestCountryErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(null); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request error with quality authentication + * assurance level wrong. + */ + @Test + public final void testGenerateAuthnRequestQaalErr2() { + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(0); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request personal attribute list null value. + */ + @Test + public final void testGenerateAuthnRequestPALErr1() { + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(null); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request error with assertion consumer URL + * null. + */ + @Test + public final void testGenerateAuthnRequestAssertionConsumerErr1() { + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(null); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request null parameter. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestNullParam() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAuthnRequest(null); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request error bytes encode. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestErrorEncode() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAuthnRequest("messageError".getBytes()); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequest() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + authRequest = engine.generateSTORKAuthnRequest(request).getTokenSaml(); + + final STORKAuthnRequest validatedRequest = engine.validateSTORKAuthnRequest(authRequest); + + assertEquals("CrossBorderShare incorrect: ", validatedRequest.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", validatedRequest.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", validatedRequest.isEIDSectorShare(), false); + + } + + /** + * Test validate data authenticate request. Verified parameters after + * validation. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateDataAuthnRequest() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = engine.validateSTORKAuthnRequest(authRequest); + + assertEquals("Sestination incorrect: ", request.getDestination(), destination); + + assertEquals("CrossBorderShare incorrect: ", request.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", request.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", request.isEIDSectorShare(), false); + + assertEquals("Service provider incorrect: ", request.getProviderName(), spName); + assertEquals("QAAL incorrect: ", request.getQaa(), QAAL); + assertEquals("SPSector incorrect: ", request.getSpSector(), spSector); + assertEquals("SPInstitution incorrect: ", request.getSpInstitution(), null); + assertEquals("SPApplication incorrect: ", request.getSpApplication(), spApplication); + assertEquals("Asserition consumer URL incorrect: ", request.getAssertionConsumerServiceURL(), assertConsumerUrl); + + assertEquals("SP Country incorrect: ", request.getSpCountry(), spCountry); + assertEquals("SP Id incorrect: ", request.getSPID(), spId); + assertEquals("CitizenCountryCode incorrect: ", request.getCitizenCountryCode(), "ES"); + + } + + /** + * Test validate file authentication request. Validate from XML file. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAuthnRequest() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml"); + + try { + engine.validateSTORKAuthnRequest(bytes); + fail("testValidateFileAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + } + } + + /** + * Test validate file authentication request tag delete. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAuthnRequestTagDelete() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml"); + + try { + engine.validateSTORKAuthnRequest(bytes); + fail("validateSTORKAuthnRequest(...) should have thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + + } + } + + /** + * Test validate authentication request not trusted token. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestNotTrustedErr1() + throws STORKSAMLEngineException { + + try { + final STORKSAMLEngine engineNotTrusted = STORKSAMLEngine + .getInstance("CONF2"); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineNotTrusted + .generateSTORKAuthnRequest(request).getTokenSaml(); + + engine.validateSTORKAuthnRequest(authReqNotTrust); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("validateSTORKAuthnRequestNotTrusted(...) should not have thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test validate authentication request trusted. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestTrusted() + throws STORKSAMLEngineException { + + final STORKSAMLEngine engineTrusted = STORKSAMLEngine + .getInstance("CONF3"); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineTrusted.generateSTORKAuthnRequest( + request).getTokenSaml(); + + // engine ("CONF1") no have trust certificate from "CONF2" + engine.validateSTORKAuthnRequest(authReqNotTrust); + + } + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAuthnRequestNADA() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(null); + request.setSpApplication(null); + request.setSpCountry(null); + + try { + engine.validateSTORKAuthnRequest(authRequest); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error: " + e.getMessage()); + } + } + + /** + * Test validate authentication request with unknown elements. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestWithUnknownElements() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute unknown = new PersonalAttribute(); + unknown.setName("unknown"); + unknown.setIsRequired(true); + pAttList.add(unknown); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + + req = engine3.generateSTORKAuthnRequest(request); + + req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); + + assertNull("The value shouldn't exist", req.getPersonalAttributeList().get("unknown")); + assertNotNull("The value should exist", req.getPersonalAttributeList().get("eIdentifier")); + + } + + /** + * Test generate Request with required elements by default + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnRequestWithIsRequiredElementsByDefault() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + STORKAuthnRequest reqTrue = new STORKAuthnRequest(); + STORKAuthnRequest reqFalse = new STORKAuthnRequest(); + + reqTrue = engine.generateSTORKAuthnRequest(request); + reqFalse = engine2.generateSTORKAuthnRequest(request); + req = engine3.generateSTORKAuthnRequest(request); + + + String token = new String(req.getTokenSaml()); + String reqTrueToken = new String(reqTrue.getTokenSaml()); + String reqFalseToken = new String(reqFalse.getTokenSaml()); + + assertTrue("The token must contain the chain 'isRequired'", token.contains("isRequired")); + assertTrue("The token must contain the chain 'isRequired'", reqTrueToken.contains("isRequired")); + assertFalse("The token must contain the chain 'isRequired'", reqFalseToken.contains("isRequired")); + + } + + /** + * Test validating request and getting alias used to save + * the saml trusted certificate into trustore + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestGettingItsAlias() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + + req = engine3.generateSTORKAuthnRequest(request); + req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo")); + + req = engine2.generateSTORKAuthnRequest(request); + req = engine2.validateSTORKAuthnRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo")); + + + + } + + /** + * Test generating/validating request with signedDoc + * + * @throws STORKSAMLEngineException + * the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnRequestWithSignedDoc() + throws STORKSAMLEngineException { + + String signedDocRequest = "VGVzdCB0ZXh0"; + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + PersonalAttributeList paler = new PersonalAttributeList(); + + final PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + paler.add(eIDNumber); + + final PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + final ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + paler.add(isAgeOver); + + final PersonalAttribute signedDoc = new PersonalAttribute(); + signedDoc.setName("signedDoc"); + final ArrayList signedDocs = new ArrayList(); + signedDocs.add(signedDocRequest); + signedDoc.setValue(signedDocs); + signedDoc.setIsRequired(false); + paler.add(signedDoc); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(paler); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + + req = engine.generateSTORKAuthnRequest(request); + req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); + + assertTrue("SignedDoc request should be the same: ", req + .getPersonalAttributeList().get("signedDoc").getValue().get(0) + .equals(signedDocRequest)); + + + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkResponseTest.java.svn-base b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkResponseTest.java.svn-base new file mode 100644 index 000000000..481cbc28c --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/StorkResponseTest.java.svn-base @@ -0,0 +1,931 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; + +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.commons.STORKStatusCode; +import eu.stork.peps.auth.commons.STORKSubStatusCode; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * The Class AuthRequestTest. + */ +public class StorkResponseTest { + + /** The engine. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + + /** + * Gets the engine. + * + * @return the engine + */ + public static STORKSAMLEngine getEngine() { + return engine; + } + + /** + * Sets the engine. + * + * @param newEngine the new engine + */ + public static void setEngine(final STORKSAMLEngine newEngine) { + StorkResponseTest.engine = newEngine; + } + + /** The destination. */ + private static String destination; + + /** The service provider name. */ + private static String spName; + + /** The service provider sector. */ + private static String spSector; + + /** The service provider institution. */ + private static String spInstitution; + + /** The service provider application. */ + private static String spApplication; + + /** The service provider country. */ + private static String spCountry; + + /** The service provider id. */ + private static String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The state. */ + private static String state = "ES"; + + /** The town. */ + private static String town = "Madrid"; + + /** The municipality code. */ + private static String municipalityCode = "MA001"; + + /** The postal code. */ + private static String postalCode = "28038"; + + /** The street name. */ + private static String streetName = "Marchamalo"; + + /** The street number. */ + private static String streetNumber = "3"; + + /** The apartament number. */ + private static String apartamentNumber = "5º E"; + + /** The List of Personal Attributes. */ + private static IPersonalAttributeList pal; + + /** The assertion consumer URL. */ + private static String assertConsumerUrl; + + /** The authentication request. */ + private static byte[] authRequest; + + /** The authentication response. */ + private static byte[] authResponse; + + /** The authentication request. */ + private static STORKAuthnRequest authenRequest; + + /** The authentication response. */ + private static STORKAuthnResponse authnResponse; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkResponseTest.class.getName()); + + /** + * Instantiates a new stork response test. + */ + public StorkResponseTest() { + super(); + } + + /** The IP address. */ + private static String ipAddress; + + /** The is hashing. */ + private final boolean isHashing = Boolean.TRUE; + + /** The is not hashing. */ + private final boolean isNotHashing = Boolean.FALSE; + + /** The ERROR text. */ + private static final String ERROR_TXT = "generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"; + + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + + pal = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + pal.add(eIDNumber); + + final PersonalAttribute givenName = new PersonalAttribute(); + givenName.setName("givenName"); + givenName.setIsRequired(true); + pal.add(givenName); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + pal.add(canRessAddress); + + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + pal.add(newAttribute); + + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + spName = "University Oxford"; + + spName = "University of Oxford"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "EN"; + + spId = "EDU001-APP001-APP001"; + + final STORKAuthnRequest request = new STORKAuthnRequest(); + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + authRequest = getEngine().generateSTORKAuthnRequest(request) + .getTokenSaml(); + + authenRequest = getEngine().validateSTORKAuthnRequest(authRequest); + + } catch (STORKSAMLEngineException e) { + fail("Error create STORKAuthnRequest"); + } + + ipAddress = "111.222.333.444"; + + pal = new PersonalAttributeList(); + + isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ages = new ArrayList(); + + ages.add("16"); + ages.add("18"); + + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(isAgeOver); + + dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList date = new ArrayList(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(dateOfBirth); + + eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + final ArrayList idNumber = new ArrayList(); + idNumber.add("123456789PÑ"); + eIDNumber.setValue(idNumber); + eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(eIDNumber); + + canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap address = new HashMap(); + + address.put("state", state); + address.put("municipalityCode", municipalityCode); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + address.put("apartamentNumber", apartamentNumber); + + canRessAddress.setComplexValue(address); + pal.add(canRessAddress); + + newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap values = new HashMap(); + + values.put("value1", "value1"); + values.put("value2", "value2"); + values.put("value3", "value3"); + values.put("value4", "value4"); + + newAttribute.setComplexValue(values); + pal.add(newAttribute); + + } + + /** + * Test generate authentication request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponse() throws STORKSAMLEngineException { + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponse(authenRequest, response, ipAddress, + isNotHashing); + + authResponse = storkResponse.getTokenSaml(); + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(authResponse)); + } + + /** + * Test validation id parameter mandatory. + */ + @Test + public final void testResponseMandatoryId() { + final String identifier = authenRequest.getSamlId(); + authenRequest.setSamlId(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + authenRequest.setSamlId(identifier); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response in response to err1. + */ + @Test + public final void testResponseMandatoryIssuer() { + + final String issuer = authenRequest.getIssuer(); + authenRequest.setIssuer(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + authenRequest.setIssuer(issuer); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response assertion consumer null. + */ + @Test + public final void testResponseMandatoryAssertionConsumerServiceURL() { + final String asserConsumerUrl = authenRequest + .getAssertionConsumerServiceURL(); + authenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + authenRequest.setAssertionConsumerServiceURL(asserConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response IP address null. + */ + @Test + public final void testResponseValidationIP() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, null, + isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication response with personal attribute list null. + */ + @Test + public final void testResponseMandatoryPersonalAttributeList() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(null); + + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication response token null. + */ + @Test + public final void testResponseInvalidParametersToken() { + try { + getEngine().validateSTORKAuthnResponse(null, ipAddress); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication response IP null. + */ + @Test + public final void testResponseInvalidParametersIP() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response parameter name wrong. + */ + @Test + public final void testResponseInvalidParametersAttr() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("AttrWrong"); + wrongList.add(worngAttr); + + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrSimpleValue() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoValue() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoName() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null complex value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrComplexValue() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setComplexValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test validate authentication response IP distinct and disabled validation + * IP. + */ + @Test + public final void testResponseInvalidParametersIPDistinct() { + try { + // ipAddress origin "111.222.333.444" + // ipAddrValidation = false + // Subject Confirmation Bearer. + + getEngine().validateSTORKAuthnResponse(authResponse, "127.0.0.1"); + fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test response invalid parameters invalid token. + */ + @Test + public final void testResponseInvalidParametersTokenMsg() { + try { + // ipAddress origin "111.222.333.444" + // Subject Confirmation Bearer. + getEngine().validateSTORKAuthnResponse("errorMessage".getBytes(), + ipAddress); + fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication response is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseIsFail() + throws STORKSAMLEngineException { + try { + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + fail("Generate incorrect response"); + } catch (Exception e) { + LOG.error("ERROR: " + e.getMessage()); + } + } + + /** + * Test validate authentication response destination. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseDestination() + throws STORKSAMLEngineException { + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + assertEquals("Destination incorrect: ", + authnResponse.getInResponseTo(), authenRequest.getSamlId()); + } + + /** + * Test validate authentication response values. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public final void testValidateAuthenticationResponseValuesComplex() + throws STORKSAMLEngineException { + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + assertEquals("Country incorrect:", authnResponse.getCountry(), "EN"); + + final Iterator iterator = authnResponse + .getPersonalAttributeList().iterator(); + + while (iterator.hasNext()) { + final PersonalAttribute attribute = iterator.next(); + if (attribute.getName().equalsIgnoreCase( + "canonicalResidenceAddress")) { + assertEquals("State incorrect: ", state, attribute + .getComplexValue().get("state")); + assertEquals("Municipality Code incorrect: ", municipalityCode, + attribute.getComplexValue().get("municipalityCode")); + assertEquals("Town incorrect: ", town, attribute + .getComplexValue().get("town")); + assertEquals("Postal code incorrect: ", postalCode, attribute + .getComplexValue().get("postalCode")); + assertEquals("Street name incorrect: ", streetName, attribute + .getComplexValue().get("streetName")); + assertEquals("Street number incorrect: ", streetNumber, + attribute.getComplexValue().get("streetNumber")); + assertEquals("Apartament number incorrect: ", apartamentNumber, + attribute.getComplexValue().get("apartamentNumber")); + } + } + } + + /** + * Test generate authenticate response fail in response to it's null. + * @throws STORKSAMLEngineException + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test //( expected=STORKSAMLEngineException.class) + public final void testGenerateAuthnResponseFailInResponseToNull() throws STORKSAMLEngineException { + final String identifier = authenRequest.getSamlId(); + authenRequest.setSamlId(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + authenRequest.setSamlId(identifier); + LOG.error("Error"); + //throw new STORKSAMLEngineException(e); + } + } + + /** + * Test generate authenticate response fail assertion consumer URL err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponseFailAssertionConsumerUrlNull() + throws STORKSAMLEngineException { + + final String assertConsumerUrl = authenRequest + .getAssertionConsumerServiceURL(); + authenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + authenRequest.setAssertionConsumerServiceURL(assertConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response fail code error err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponseFailCodeErrorNull() + throws STORKSAMLEngineException { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(null); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test generate authentication request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnResponse() throws STORKSAMLEngineException { + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList date = new ArrayList(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(dateOfBirth); + + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + + final ArrayList idNumber = new ArrayList(); + idNumber.add("123456789PÑ"); + + final HashMap complex = new HashMap(); + complex.put("one", "two"); + + //eIDNumber.setValue(null); + //eIDNumber.setValue(idNumber); + //eIDNumber.setComplexValue(complex); + + eIDNumber.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.toString()); + palist.add(eIDNumber); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap address = new HashMap(); + + address.put("state", state); + address.put("municipalityCode", municipalityCode); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + address.put("apartamentNumber", apartamentNumber); + + canRessAddress.setComplexValue(address); + palist.add(canRessAddress); + + + final STORKAuthnResponse response = new STORKAuthnResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponse(authenRequest, response, ipAddress, + isNotHashing); + + authResponse = storkResponse.getTokenSaml(); + LOG.info("Request id: " + authenRequest.getSamlId()); + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(authResponse)); + + + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + LOG.info("RESPONSE ID: " + authnResponse.getSamlId()); + LOG.info("RESPONSE IN_RESPONSE_TO: " + authnResponse.getInResponseTo()); + LOG.info("RESPONSE COUNTRY: " + authnResponse.getCountry()); + + } + + + + + + /** + * Test validate authentication response fail is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseFailIsFail() + throws STORKSAMLEngineException { + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage("message"); + + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + + LOG.error("ERROR_FAIL: " + PEPSUtil.encodeSAMLToken(authResponse)); + + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + LOG.info("COUNTRY: " + authnResponse.getCountry()); + assertTrue("Generate incorrect response: ", authnResponse.isFail()); + } + + /** + * Test generate/validate response with signedDoc + * + * @throws STORKSAMLEngineException + * the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthenResponseWithSignedDoc() + throws STORKSAMLEngineException { + + String signedDocResponse = " urn:oasis:names:tc:dss:1.0:resultmajor:Success PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBJZD0iUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI09iamVjdCIgVVJJPSIjT2JqZWN0LTk4NzMzY2RlLThiY2MtNDhhMC05Yjc3LTBlOTk5N2JkZDA1OCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNiYXNlNjQiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkNrMVZxTmQ0NVFJdnEzQVpkOFhZUUx2RWh0QT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjxkczpSZWZlcmVuY2UgVHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5BNVk5MW40cXBMZ3l0VFc3ZnhqWENVZVJ2NTQ9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48ZHM6UmVmZXJlbmNlIFVSST0iI1NpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItS2V5SW5mbyI+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPlZQWDRuS0Z5UzZyRitGNmNSUjBQck5aZHc2Zz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWUgSWQ9IlNpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItU2lnbmF0dXJlVmFsdWUiPkxiS04vL0M3WGt5eFR0WVRpQ1VScjhuWnp4QW1zdGNNZDBDZ0VBQ3JLMWR5Z1JIcUdjSzR4dHMrV0NVOFB5RXFXclJJVFl6SXV3LzcNClY0Wno5VFQ2MHA0S1RNZXd1UUw2NHNrRVN4MllnMkVkaWtTTyt0S3hXa2hyYVVzbVZiR2JQbW1jbUR2OTd0SER3ODg3NDdlRnE1RjUNCnYrYVZTeUF6MDNpVUttdVNlSDg9PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbyBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1LZXlJbmZvIj48ZHM6S2V5VmFsdWU+PGRzOlJTQUtleVZhbHVlPjxkczpNb2R1bHVzPnd1Y21qOXRJV3J2d2JTVFVEZndLbCtKdERNTUVSMGNMZDZEa0JTcjc5MHQrckdOakVTcVlqUndFSWVCbktvUUhQeDVIb1JlRjg4L3QNCnFZOStDaEVYcExITHM5cDVhWDdTREp1YnBRTWZwMXRERlgzNHl3Z3hTUXZjZWVKUVdCWGppZXVJbWZDMjFzNGJPY2dKYlYxaGJpZ1MNCnpPS1RRS3IxVHpkR1IrdVJ5MDA9PC9kczpNb2R1bHVzPjxkczpFeHBvbmVudD5BUUFCPC9kczpFeHBvbmVudD48L2RzOlJTQUtleVZhbHVlPjwvZHM6S2V5VmFsdWU+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJSW1UQ0NCNEdnQXdJQkFnSURBWFVVTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUlCT3pFTE1Ba0dBMVVFQmhNQ1JWTXhPekE1QmdOVg0KQkFvVE1rRm5aVzVqYVdFZ1EyRjBZV3hoYm1FZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUNoT1NVWWdVUzB3T0RBeE1UYzJMVWtwTVRRdw0KTWdZRFZRUUhFeXRRWVhOellYUm5aU0JrWlNCc1lTQkRiMjVqWlhCamFXOGdNVEVnTURnd01EZ2dRbUZ5WTJWc2IyNWhNUzR3TEFZRA0KVlFRTEV5VlRaWEoyWldseklGQjFZbXhwWTNNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVWRFZpMHlNVFV3TXdZRFZRUUxFeXhXWldkbA0KZFNCb2RIUndjem92TDNkM2R5NWpZWFJqWlhKMExtNWxkQzkyWlhKRFNVTXRNaUFvWXlrd016RTFNRE1HQTFVRUN4TXNSVzUwYVhSaA0KZENCd2RXSnNhV05oSUdSbElHTmxjblJwWm1sallXTnBieUJrWlNCamFYVjBZV1JoYm5NeEd6QVpCZ05WQkFNVEVsQlNSVkJTVDBSVg0KUTBOSlR5QkpSRU5oZERBZUZ3MHhNREF5TVRFeE9ESXlNRFJhRncweE5EQXlNVEF4T0RJeU1EUmFNSUd3TVFzd0NRWURWUVFHRXdKRg0KVXpFMU1ETUdBMVVFQ3hNc1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5U1VSRFlYUWdLR01wTURNeA0KRmpBVUJnTlZCQVFURFVKRlVreEJUa2RCSUZOUFZFOHhGekFWQmdOVkJDb1REazFCVWtsQklFVk9SMUpCUTBsQk1SSXdFQVlEVlFRRg0KRXdreE1EQXdNRGswTkZNeEpUQWpCZ05WQkFNVEhFMUJVa2xCSUVWT1IxSkJRMGxCSUVKRlVreEJUa2RCSUZOUFZFOHdnWjh3RFFZSg0KS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNTG5Kby9iU0ZxNzhHMGsxQTM4Q3BmaWJRekRCRWRIQzNlZzVBVXErL2RMZnF4ag0KWXhFcW1JMGNCQ0hnWnlxRUJ6OGVSNkVYaGZQUDdhbVBmZ29SRjZTeHk3UGFlV2wrMGd5Ym02VURINmRiUXhWOStNc0lNVWtMM0huaQ0KVUZnVjQ0bnJpSm53dHRiT0d6bklDVzFkWVc0b0VzemlrMENxOVU4M1JrZnJrY3ROQWdNQkFBR2pnZ1N3TUlJRXJEQU1CZ05WSFJNQg0KQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQ0J6QVlEVlIwUkJJSEVNSUhCZ1E5aWMyOTBiMEJuYldGcGJDNWpiMjJrZ1lVdw0KZ1lJeEN6QUpCZ05WQkFZVEFrVlRNU3N3S1FZRFZRUUtGQ0pCWjhPb2JtTnBZU0JEWVhSaGJHRnVZU0JrWlNCRFpYSjBhV1pwWTJGag0KYWNPek1RNHdEQVlEVlFRTEV3VkpSRU5CVkRFUE1BMEdBMVVFQlJNR01ERTNOVEUwTVNVd0l3WURWUVFERXh4TlFWSkpRU0JGVGtkUw0KUVVOSlFTQkNSVkpNUVU1SFFTQlRUMVJQb0JBR0Npc0dBUVFCOVhnQkFRR2dBZ3dBb0JRR0RsWUVBQUVEQmdFRUFmVjRBUUVDb0FJTQ0KQURBZkJnTlZIUklFR0RBV2dSUmxZMTlwWkdOaGRFQmpZWFJqWlhKMExtNWxkREFkQmdOVkhRNEVGZ1FVQUZYanVOc2tCMk1seXZVQg0KaDdwOFRKMHVKMHd3Z2dGSUJnTlZIU01FZ2dFL01JSUJPNEFVUkt2Y2tVaE4xNGg0Q24vZ2RPRG42NzIzS1Z5aGdnRVBwSUlCQ3pDQw0KQVFjeEN6QUpCZ05WQkFZVEFrVlRNVHN3T1FZRFZRUUtFekpCWjJWdVkybGhJRU5oZEdGc1lXNWhJR1JsSUVObGNuUnBabWxqWVdOcA0KYnlBb1RrbEdJRkV0TURnd01URTNOaTFKS1RFb01DWUdBMVVFQ3hNZlUyVnlkbVZwY3lCUWRXSnNhV056SUdSbElFTmxjblJwWm1sag0KWVdOcGJ6RThNRG9HQTFVRUN4TXpWbVZuWlhVZ2FIUjBjSE02THk5M2QzY3VZMkYwWTJWeWRDNXVaWFF2ZG1WeWNISmxjSEp2WkhWag0KWTJsdklDaGpLVEF6TVRVd013WURWUVFMRXl4S1pYSmhjbkYxYVdFZ1JXNTBhWFJoZEhNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVOaA0KZEdGc1lXNWxjekVjTUJvR0ExVUVBeE1UVUZKRlVGSlBSRlZEUTBsUElFVkRMVUZEUTRJUWR3S1R0TTFFRVU5RkVQWFVZSGdnaERBZA0KQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRd0VRWUpZSVpJQVliNFFnRUJCQVFEQWdXZ01EUUdDQ3NHQVFVRg0KQndFQkJDZ3dKakFrQmdnckJnRUZCUWN3QVlZWWFIUjBjSE02THk5dlkzTndMbU5oZEdObGNuUXVibVYwTUJnR0NDc0dBUVVGQndFRA0KQkF3d0NqQUlCZ1lFQUk1R0FRRXdnWVlHQTFVZEh3Ui9NSDB3UEtBNm9EaUdObWgwZEhBNkx5OWxjSE5qWkM1allYUmpaWEowTG01bA0KZEM5amNtd3ZjSEpsY0hKdlpIVmpZMmx2WDJWakxXbGtZMkYwTG1OeWJEQTlvRHVnT1lZM2FIUjBjRG92TDJWd2MyTmtNaTVqWVhSag0KWlhKMExtNWxkQzlqY213dmNISmxjSEp2WkhWalkybHZYMlZqTFdsa1kyRjBMbU55YkRDQjlnWURWUjBnQklIdU1JSHJNSUhvQmd3cg0KQmdFRUFmVjRBUU1CVmdFd2dkY3dMQVlJS3dZQkJRVUhBZ0VXSUdoMGRIQnpPaTh2ZDNkM0xtTmhkR05sY25RdWJtVjBMM1psY2tsRQ0KUTJGME1JR21CZ2dyQmdFRkJRY0NBakNCbVJxQmxrRnhkV1Z6ZENEdnY3MXpJSFZ1SUdObGNuUnBabWxqWVhRZ2NHVnljMjl1WVd3Zw0KU1VSRFFWUXNJSEpsWTI5dVpXZDFkQ0JrSjJsa1pXNTBhV1pwWTJGajc3KzlMQ0J6YVdkdVlYUjFjbUVnYVNCNGFXWnlZWFFnWkdVZw0KWTJ4aGMzTmxJRElnYVc1a2FYWnBaSFZoYkM0Z1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5UkVOaA0KZERBdEJnTlZIUWtFSmpBa01CQUdDQ3NHQVFVRkJ3a0VNUVFUQWtWVE1CQUdDQ3NHQVFVRkJ3a0ZNUVFUQWtWVE1BMEdDU3FHU0liMw0KRFFFQkJRVUFBNElCQVFDcTc3ODBSR1FNTEIxZ2tkTk1mTFhuZ3FNb1JIR0taYnZ6a3JxSUFtVDhXQWQxRThyQXBoUjkveExKVXRwNQ0KbGJnMmZScjVibDJqOE9WREJLMlltRzQxaDhBRG40U1RJL0FwZU5JTlNmalpzNk5Sc25XekZ5ZlhYbVBDSFlGQi9YV3p5aW1DRXhndg0KdnR1SCszUUF3Y3dobjUwUExFdWh3NUM1dmxYN0x5NUs2ckxMTUZOVVVNYldWeTFoWmVsSy9DQlRjQWpJTzM4TlkrdllSQU1LU2Y0TQ0KL2daUXo0cUJlRlZKYTUyUjdOY0FxQ2ZyZkxmYVhwYkRTZzk4eG9CZU5zMmluR3p4OFVTZ0VyTFpqS0pzZG4vS2pURDlnUy9zVGRRNg0KUTdpZHFsZDJMRlZsTzIvYjk0Wk5aQmNTLzc4RU9EWGdkV2ZreVBDN1J3OHJlOW5JMy9qVDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjxkczpPYmplY3QgRW5jb2Rpbmc9ImJhc2U2NCIgSWQ9Ik9iamVjdC05ODczM2NkZS04YmNjLTQ4YTAtOWI3Ny0wZTk5OTdiZGQwNTgiIE1pbWVUeXBlPSJhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0iPlNHVnNiRzhnVjI5eWJHUT08L2RzOk9iamVjdD48ZHM6T2JqZWN0Pjx4YWRlczpRdWFsaWZ5aW5nUHJvcGVydGllcyB4bWxuczp4YWRlcz0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMy92MS4zLjIjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1RdWFsaWZ5aW5nUHJvcGVydGllcyIgVGFyZ2V0PSIjU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjx4YWRlczpTaWduZWRQcm9wZXJ0aWVzIElkPSJTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjx4YWRlczpTaWduZWRTaWduYXR1cmVQcm9wZXJ0aWVzPjx4YWRlczpTaWduaW5nVGltZT4yMDExLTAzLTIxVDExOjQ0OjQyKzAxOjAwPC94YWRlczpTaWduaW5nVGltZT48eGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjx4YWRlczpDZXJ0Pjx4YWRlczpDZXJ0RGlnZXN0PjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT4zbTZ3OTlUb3lTZDlKcEJsMWdCazhEei9iYlU9PC9kczpEaWdlc3RWYWx1ZT48L3hhZGVzOkNlcnREaWdlc3Q+PHhhZGVzOklzc3VlclNlcmlhbD48ZHM6WDUwOUlzc3Vlck5hbWU+Q049UFJFUFJPRFVDQ0lPIElEQ2F0LCBPVT1FbnRpdGF0IHB1YmxpY2EgZGUgY2VydGlmaWNhY2lvIGRlIGNpdXRhZGFucywgT1U9VmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTIgKGMpMDMsIE9VPVNlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8gRUNWLTIsIEw9UGFzc2F0Z2UgZGUgbGEgQ29uY2VwY2lvIDExIDA4MDA4IEJhcmNlbG9uYSwgTz1BZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNpbyAoTklGIFEtMDgwMTE3Ni1JKSwgQz1FUzwvZHM6WDUwOUlzc3Vlck5hbWU+PGRzOlg1MDlTZXJpYWxOdW1iZXI+OTU1MDg8L2RzOlg1MDlTZXJpYWxOdW1iZXI+PC94YWRlczpJc3N1ZXJTZXJpYWw+PC94YWRlczpDZXJ0PjwveGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjwveGFkZXM6U2lnbmVkU2lnbmF0dXJlUHJvcGVydGllcz48eGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PHhhZGVzOkRhdGFPYmplY3RGb3JtYXQgT2JqZWN0UmVmZXJlbmNlPSIjUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyI+PHhhZGVzOk1pbWVUeXBlPmFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbTwveGFkZXM6TWltZVR5cGU+PHhhZGVzOkVuY29kaW5nPmJhc2U2NDwveGFkZXM6RW5jb2Rpbmc+PC94YWRlczpEYXRhT2JqZWN0Rm9ybWF0PjwveGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PC94YWRlczpTaWduZWRQcm9wZXJ0aWVzPjwveGFkZXM6UXVhbGlmeWluZ1Byb3BlcnRpZXM+PC9kczpPYmplY3Q+PC9kczpTaWduYXR1cmU+ "; + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute signedDoc = new PersonalAttribute(); + signedDoc.setName("signedDoc"); + signedDoc.setIsRequired(false); + ArrayList signed = new ArrayList(); + signed.add(signedDocResponse); + signedDoc.setValue(signed); + palist.add(signedDoc); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + palist.add(isAgeOver); + + authenRequest.setPersonalAttributeList(palist); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponse(authenRequest, response, ipAddress, + isNotHashing); + + authResponse = storkResponse.getTokenSaml(); + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + assertTrue("SignedDoc response should be the same: ", authnResponse + .getPersonalAttributeList().get("signedDoc").getValue().get(0) + .equals(signedDocResponse)); + + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/package-info.java.svn-base b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..34fed0e39 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,20 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Provides the classes necessary to create a SAML message. + * @since 1.0 + */ +package eu.stork.peps.test.simple; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java new file mode 100644 index 000000000..b1443bb0e --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SSETestUtils.java @@ -0,0 +1,173 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import java.io.IOException; +import java.io.InputStream; +import java.io.StringWriter; + +import javax.xml.XMLConstants; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import org.apache.commons.io.IOUtils; +import org.bouncycastle.util.encoders.Base64; +import org.opensaml.Configuration; +import org.opensaml.xml.XMLObject; +import org.opensaml.xml.io.Marshaller; +import org.opensaml.xml.io.MarshallerFactory; +import org.opensaml.xml.io.MarshallingException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +/** + * The Class SSETestUtils. + */ +public final class SSETestUtils { + + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(SSETestUtils.class.getName()); + + /** + * Instantiates a new sSE test utils. + */ + private SSETestUtils() { + } + + /** + * Prints the tree DOM. + * + * @param samlToken the SAML token + * @param isIndent the is indent + * + * @return the string + * @throws TransformerException the exception + */ + public static String printTreeDOM(final Element samlToken, final boolean isIndent) throws TransformerException { + // set up a transformer + final TransformerFactory transfac = TransformerFactory.newInstance(); + final Transformer trans = transfac.newTransformer(); + trans.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + trans.setOutputProperty(OutputKeys.INDENT, String.valueOf(isIndent)); + + // create string from XML tree + final StringWriter stringWriter = new StringWriter(); + final StreamResult result = new StreamResult(stringWriter); + final DOMSource source = new DOMSource(samlToken); + trans.transform(source, result); + final String xmlString = stringWriter.toString(); + + return xmlString; + } + + /** + * Marshall. + * + * @param samlToken the SAML token + * + * @return the byte[] + * + * @throws MarshallingException the marshalling exception + * @throws ParserConfigurationException the parser configuration exception + * @throws TransformerException the transformer exception + */ + public static byte[] marshall(final XMLObject samlToken) + throws MarshallingException, ParserConfigurationException, + TransformerException { + + final javax.xml.parsers.DocumentBuilderFactory dbf = javax.xml.parsers.DocumentBuilderFactory + .newInstance(); + dbf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); + dbf.setNamespaceAware(true); + dbf.setIgnoringComments(true); + final javax.xml.parsers.DocumentBuilder docBuild = dbf + .newDocumentBuilder(); + + // Get the marshaller factory + final MarshallerFactory marshallerFactory = Configuration + .getMarshallerFactory(); + + // Get the Subject marshaller + final Marshaller marshaller = marshallerFactory + .getMarshaller(samlToken); + + final Document doc = docBuild.newDocument(); + + // Marshall the SAML token + marshaller.marshall(samlToken, doc); + + // Obtain a byte array representation of the marshalled SAML object + final DOMSource domSource = new DOMSource(doc); + final StringWriter writer = new StringWriter(); + final StreamResult result = new StreamResult(writer); + final TransformerFactory transFact = TransformerFactory.newInstance(); + final Transformer transformer = transFact.newTransformer(); + transformer.transform(domSource, result); + + return writer.toString().getBytes(); + } + + /** + * Encode SAML token. + * + * @param samlToken the SAML token + * + * @return the string + */ + public static String encodeSAMLToken(final byte[] samlToken) { + return new String(Base64.encode(samlToken)); + } + + /** + * Read stork SAML from file. + * + * @param resource the resource + * + * @return the byte[] + * @throws IOException the exception + * + */ + public static byte[] readStorkSamlFromFile(final String resource) + throws IOException { + InputStream inputStream = null; + byte[] bytes; + + try { + inputStream = StorkAuthRequestTest.class + .getResourceAsStream(resource); + + // Create the byte array to hold the data + bytes = new byte[(int) inputStream.available()]; + inputStream.read(bytes); + } catch (IOException e) { + LOG.error("Error read from file: " + resource); + throw e; + } finally { + IOUtils.closeQuietly(inputStream); + } + return bytes; + + } +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java new file mode 100644 index 000000000..97fa4b7cc --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/SimpleBaseTest.java @@ -0,0 +1,62 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import org.junit.Test; + +import junit.framework.Assert; +import junit.framework.TestCase; +import eu.stork.peps.auth.engine.STORKSAMLEngine; + +/** + * The Class SimpleBaseTest. Defines a set of test the initialization of the + * SAML engine. + */ +public class SimpleBaseTest extends TestCase { + + /** + * Test SAML engine correct configuration name. + */ + @Test + public final void testSamlEngineCorrectInit() { + Assert.assertNotNull(STORKSAMLEngine.getInstance("CONF1")); + } + + /** + * Test SAML engine error configuration name. + */ + @Test + public final void testSamlEngineErrorNameConf() { + Assert.assertNull(STORKSAMLEngine.getInstance("CONF_ERROR")); + } + + /** + * Test SAML engine error name null. + */ + @Test + public final void testSamlEngineErrorNameNull() { + Assert.assertNull(STORKSAMLEngine.getInstance(null)); + } + + /** + * Test SAML engine correct name configuration with spaces. + */ + @Test + public final void testSamlEngineErrorNameSpaces() { + Assert.assertNotNull(STORKSAMLEngine.getInstance(" CONF1 ")); + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java new file mode 100644 index 000000000..7fa305d3b --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java @@ -0,0 +1,790 @@ +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.io.File; +import java.io.FileOutputStream; +import java.util.ArrayList; +import java.util.Arrays; + +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +public class StorkAttrQueryRequestTest { + + /** The engines. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + private static STORKSAMLEngine engine0 = STORKSAMLEngine.getInstance("CONF0"); + private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); + private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); + + + /** + * Instantiates a new stork authentication request test. + */ + public StorkAttrQueryRequestTest() { + pal = new PersonalAttributeList(); + + final PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + final ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + final PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + final PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + eIDNumber.setValue(Arrays.asList("ES/IS/1234567890")); + pal.add(eIDNumber); + + final PersonalAttribute givenName = new PersonalAttribute(); + givenName.setName("givenName"); + givenName.setIsRequired(true); + givenName.setValue(Arrays.asList("Sveinbjorn")); + pal.add(givenName); + + destination = "http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest"; + //assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + + } + + /** The destination. */ + private String destination; + + /** The service provider sector. */ + private String spSector; + + /** The service provider institution. */ + private String spInstitution; + + /** The service provider application. */ + private String spApplication; + + /** The service provider country. */ + private String spCountry; + + /** The service provider id. */ + private String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The List of Personal Attributes. */ + private IPersonalAttributeList pal; + + /** The attribute query request. */ + private static byte[] attrRequest; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkAttrQueryRequestTest.class.getName()); + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + } + + /** + * Test generate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryRequest() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // new parameters + request.setEIDSectorShare(false); + request.setEIDCrossSectorShare(false); + request.setEIDCrossBorderShare(false); + + STORKAttrQueryRequest req1 = engine0.generateSTORKAttrQueryRequest(request); + byte[] reqByte = req1.getTokenSaml(); + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml")); + output.write(reqByte); + } catch (Exception e) { + e.printStackTrace(); + throw new STORKSAMLEngineException(e); + } finally { + try { output.close(); } catch (Exception e) { throw new STORKSAMLEngineException(e); } + } + + + + + LOG.info("STORKAttrQueryRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); + + request.setCitizenCountryCode("IS"); + LOG.info("STORKAttrQueryRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAttrQueryRequest(request).getTokenSaml())); + } + + /** + * Test generate authentication request error personal attribute name error. + */ + @Test + public final void testGenerateAttrQueryRequestPALsErr1() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("attrNotValid"); + worngAttr.setIsRequired(true); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + + // news parameters + request.setEIDSectorShare(false); + request.setEIDCrossSectorShare(false); + request.setEIDCrossBorderShare(false); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + /** + * Test generate authentication request error personal attribute value error. + */ + @Test + public final void testGenerateAttrQueryRequestPALsErr2() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute attrNotValid = new PersonalAttribute(); + attrNotValid.setName("attrNotValid"); + attrNotValid.setIsRequired(true); + palWrong.add(attrNotValid); + + + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request authentication assurance level + * negative value. + */ + @Test + public final void testGenerateAttrQueryRequestQaalErr1() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(-1); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request service provider sector null. + */ + @Test + public final void testGenerateAttrQueryRequestSectorErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + + } + } + + /** + * Test generate authentication request service provider institution null. + */ + @Test + public final void testGenerateAttrQueryRequestInstitutionrErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(null); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAttrQueryRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAttrQueryRequestApplicationErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(null); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider country null. + */ + @Test + public final void testGenerateAttrQueryRequestCountryErr() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(null); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request error with quality authentication + * assurance level wrong. + */ + @Test + public final void testGenerateAttrQueryRequestQaalErr2() { + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(0); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request personal attribute list null value. + */ + @Test + public final void testGenerateAttrQueryRequestPALErr1() { + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(null); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + engine.generateSTORKAttrQueryRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request null parameter. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestNullParam() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAttrQueryRequest(null); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request error bytes encode. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestErrorEncode() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAttrQueryRequest("messageError".getBytes()); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequest() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + attrRequest = engine.generateSTORKAttrQueryRequest(request).getTokenSaml(); + + final STORKAttrQueryRequest validatedRequest = engine.validateSTORKAttrQueryRequest(attrRequest); + + assertEquals("CrossBorderShare incorrect: ", validatedRequest.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", validatedRequest.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", validatedRequest.isEIDSectorShare(), false); + + } + + /** + * Test validate data authenticate request. Verified parameters after + * validation. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateDataAttrQueryRequest() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = engine.validateSTORKAttrQueryRequest(attrRequest); + + assertEquals("Sestination incorrect: ", request.getDestination(), destination); + + assertEquals("CrossBorderShare incorrect: ", request.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", request.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", request.isEIDSectorShare(), false); + + assertEquals("QAAL incorrect: ", request.getQaa(), QAAL); + assertEquals("SPSector incorrect: ", request.getSpSector(), spSector); + assertEquals("SPInstitution incorrect: ", request.getSpInstitution(), null); + assertEquals("SPApplication incorrect: ", request.getSpApplication(), spApplication); + assertEquals("CitizenCountryCode incorrect: ", request.getCitizenCountryCode(), null); + + } + + /** + * Test validate file attribute query request. Validate from XML file. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAttrQueryRequest() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml"); + + try { + engine.validateSTORKAttrQueryRequest(bytes); + fail("testValidateFileAttrQueryRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + } + } + + /** + * Test validate file authentication request tag delete. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAttrRequestTagDelete() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml"); + + try { + engine.validateSTORKAttrQueryRequest(bytes); + fail("validateSTORKAttrQueryRequest(...) should have thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + + } + } + + /** + * Test validate authentication request not trusted token. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestNotTrustedErr1() + throws STORKSAMLEngineException { + + try { + final STORKSAMLEngine engineNotTrusted = STORKSAMLEngine + .getInstance("CONF2"); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineNotTrusted + .generateSTORKAttrQueryRequest(request).getTokenSaml(); + + engine.validateSTORKAttrQueryRequest(authReqNotTrust); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("validateSTORKAttrQueryRequestNotTrusted(...) should not have thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test validate authentication request trusted. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestTrusted() + throws STORKSAMLEngineException { + + final STORKSAMLEngine engineTrusted = STORKSAMLEngine + .getInstance("CONF3"); + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineTrusted.generateSTORKAttrQueryRequest( + request).getTokenSaml(); + + // engine ("CONF1") no have trust certificate from "CONF2" + engine.validateSTORKAttrQueryRequest(authReqNotTrust); + + } + + + + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAttrQueryRequestNADA() { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(null); + request.setSpApplication(null); + request.setSpCountry(null); + + try { + + engine.validateSTORKAttrQueryRequest(attrRequest); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test validate authentication request with unknown elements. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryRequestWithUnknownElements() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute unknown = new PersonalAttribute(); + unknown.setName("unknown"); + unknown.setIsRequired(true); + pAttList.add(unknown); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + STORKAttrQueryRequest req = new STORKAttrQueryRequest(); + + req = engine3.generateSTORKAttrQueryRequest(request); + + req = engine.validateSTORKAttrQueryRequest(req.getTokenSaml()); + + assertNull("The value shouldn't exist", req.getPersonalAttributeList().get("unknown")); + assertNotNull("The value should exist", req.getPersonalAttributeList().get("eIdentifier")); + + } + + /** + * Test generate Request with required elements by default + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryRequestWithIsRequiredElementsByDefault() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + STORKAttrQueryRequest req = new STORKAttrQueryRequest(); + STORKAttrQueryRequest reqTrue = new STORKAttrQueryRequest(); + STORKAttrQueryRequest reqFalse = new STORKAttrQueryRequest(); + + reqTrue = engine.generateSTORKAttrQueryRequest(request); + reqFalse = engine2.generateSTORKAttrQueryRequest(request); + req = engine3.generateSTORKAttrQueryRequest(request); + + + String token = new String(req.getTokenSaml()); + String reqTrueToken = new String(reqTrue.getTokenSaml()); + String reqFalseToken = new String(reqFalse.getTokenSaml()); + + assertTrue("The token must contain the chain 'isRequired'", token.contains("isRequired")); + assertTrue("The token must contain the chain 'isRequired'", reqTrueToken.contains("isRequired")); + assertFalse("The token must contain the chain 'isRequired'", reqFalseToken.contains("isRequired")); + + } + + /** + * Test validating attribute query and getting alias used to save + * the saml trusted certificate into trustore + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAtrrQueryRequestGettingItsAlias() throws STORKSAMLEngineException { + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + + request.setDestination(destination); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + STORKAttrQueryRequest req = new STORKAttrQueryRequest(); + + req = engine3.generateSTORKAttrQueryRequest(request); + req = engine.validateSTORKAttrQueryRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo")); + + req = engine2.generateSTORKAttrQueryRequest(request); + req = engine2.validateSTORKAttrQueryRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo")); + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java new file mode 100644 index 000000000..27c6cfe39 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java @@ -0,0 +1,920 @@ +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; + +import org.junit.Ignore; +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.commons.STORKStatusCode; +import eu.stork.peps.auth.commons.STORKSubStatusCode; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +public class StorkAttrQueryResponseTest { + + /** The engine. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + + /** + * Gets the engine. + * + * @return the engine + */ + public static STORKSAMLEngine getEngine() { + return engine; + } + + /** + * Sets the engine. + * + * @param newEngine the new engine + */ + public static void setEngine(final STORKSAMLEngine newEngine) { + StorkAttrQueryResponseTest.engine = newEngine; + } + + /** The destination. */ + private static String destination; + + /** The service provider sector. */ + private static String spSector; + + /** The service provider institution. */ + private static String spInstitution; + + /** The service provider application. */ + private static String spApplication; + + /** The service provider country. */ + private static String spCountry; + + /** The service provider id. */ + private static String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The state. */ + private static String state = "IS"; + + /** The town. */ + private static String town = "Reykjavik"; + + /** The postal code. */ + private static String postalCode = "105"; + + /** The street name. */ + private static String streetName = "Gudrunartun"; + + /** The street number. */ + private static String streetNumber = "10"; + + /** The List of Personal Attributes. */ + private static IPersonalAttributeList pal; + + /** The assertion consumer URL. */ + private static String assertConsumerUrl; + + /** The attribute query request. */ + private static byte[] attrQueryRequest; + + /** The attribute query response. */ + private static byte[] attrQueryResponse; + + /** The attribute query request. */ + private static STORKAttrQueryRequest attrQueryenRequest; + + /** The attribute query response. */ + private static STORKAttrQueryResponse attrQeuryenResponse; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkAttrQueryResponseTest.class.getName()); + + /** + * Instantiates a new stork response test. + */ + public StorkAttrQueryResponseTest() { + super(); + } + + /** The IP address. */ + private static String ipAddress; + + /** The destination URL. */ + private static String destinationUrl; + + /** The is hashing. */ + private final boolean isHashing = Boolean.TRUE; + + /** The is not hashing. */ + private final boolean isNotHashing = Boolean.FALSE; + + /** The ERROR text. */ + private static final String ERROR_TXT = "generateAttrQueryResponse(...) should've thrown an STORKSAMLEngineException!"; + + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + + pal = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + pal.add(eIDNumber); + + final PersonalAttribute givenName = new PersonalAttribute(); + givenName.setName("givenName"); + givenName.setIsRequired(true); + pal.add(givenName); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + pal.add(canRessAddress); + + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + pal.add(newAttribute); + + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "EN"; + + spId = "EDU001-APP001-APP001"; + + final STORKAttrQueryRequest request = new STORKAttrQueryRequest(); + request.setDestination(destination); + //request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + //request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("IS"); + + try { + attrQueryRequest = getEngine().generateSTORKAttrQueryRequest(request) + .getTokenSaml(); + + attrQueryenRequest = getEngine().validateSTORKAttrQueryRequest(attrQueryRequest); + + } catch (STORKSAMLEngineException e) { + fail("Error create STORKAuthnRequest"); + } + + ipAddress = "111.222.333.444"; + + destinationUrl = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + + pal = new PersonalAttributeList(); + + isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ages = new ArrayList(); + + ages.add("16"); + ages.add("18"); + + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(isAgeOver); + + dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList date = new ArrayList(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(dateOfBirth); + + eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + final ArrayList idNumber = new ArrayList(); + idNumber.add("123456789IS"); + eIDNumber.setValue(idNumber); + eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(eIDNumber); + + canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap address = new HashMap(); + + address.put("state", state); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + + canRessAddress.setComplexValue(address); + pal.add(canRessAddress); + + newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap values = new HashMap(); + + values.put("value1", "value1"); + values.put("value2", "value2"); + values.put("value3", "value3"); + values.put("value4", "value4"); + + newAttribute.setComplexValue(values); + pal.add(newAttribute); + + } + + /** + * Test generate attribute query request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryResponse() throws STORKSAMLEngineException { + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + final STORKAttrQueryResponse storkResponse = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, + destinationUrl, isNotHashing); + + attrQueryResponse = storkResponse.getTokenSaml(); + + FileOutputStream output = null; + + try { + output = new FileOutputStream(new File(System.getProperty("user.dir") + "/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml")); + } catch (FileNotFoundException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + try { + output.write(attrQueryResponse); + } catch (IOException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(attrQueryResponse)); + + + } + + /** + * Test validation id parameter mandatory. + */ + @Test + public final void testResponseMandatoryId() { + final String identifier = attrQueryenRequest.getSamlId(); + attrQueryenRequest.setSamlId(null); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, destinationUrl, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setSamlId(identifier); + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response in response to err1. + */ + @Test + public final void testResponseMandatoryIssuer() { + + final String issuer = attrQueryenRequest.getIssuer(); + attrQueryenRequest.setIssuer(null); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, destinationUrl, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setIssuer(issuer); + LOG.error("Error"); + } + } + + + /** + * Test generate attribute query response assertion consumer null. + */ + /*@Test + public final void testResponseMandatoryAssertionConsumerServiceURL() { + final String asserConsumerUrl = attrQueryenRequest + .getAssertionConsumerServiceURL(); + attrQueryenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setAssertionConsumerServiceURL(asserConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response IP address null. + */ + @Test + public final void testResponseValidationIP() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, null, + destinationUrl, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response with personal attribute list null. + */ + @Test + public final void testResponseMandatoryPersonalAttributeList() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(null); + + + try { + getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, response, + ipAddress, destinationUrl, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate attribute query response token null. + */ + @Test + public final void testResponseInvalidParametersToken() { + try { + getEngine().validateSTORKAttrQueryResponse(null, ipAddress); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate attribute query response IP null. + */ + @Test + public final void STORKAttrQueryResponse() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setPersonalAttributeList(pal); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response parameter name wrong. + */ + @Test + public final void testResponseInvalidParametersAttr() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("AttrWrong"); + wrongList.add(worngAttr); + + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrSimpleValue() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoValue() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoName() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate attribute query response set null complex value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrComplexValue() { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setComplexValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponse(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test validate attribute query response IP distinct and disabled validation + * IP. + */ + @Test + public final void testResponseInvalidParametersIPDistinct() { + try { + // ipAddress origin "111.222.333.444" + // ipAddrValidation = false + // Subject Confirmation Bearer. + + getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, "127.0.0.1"); + } catch (STORKSAMLEngineException e) { + fail("validateAttributeQueryResponse(...) should've thrown an STORKSAMLEngineException!"); + LOG.error("Error"); + } + } + + /** + * Test response invalid parameters invalid token. + */ + @Test + public final void testResponseInvalidParametersTokenMsg() { + try { + // ipAddress origin "111.222.333.444" + // Subject Confirmation Bearer. + getEngine().validateSTORKAttrQueryResponse("errorMessage".getBytes(), + ipAddress); + fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate attribute query response is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + /*@Test + public final void testValidateAuthenticationResponseIsFail() + throws STORKSAMLEngineException { + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertFalse("Generate incorrect response: ", attrQeuryenResponse.isFail()); + } + + /** + * Test validate attribute query response destination. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseDestination() + throws STORKSAMLEngineException { + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertEquals("Destination incorrect: ", + attrQeuryenResponse.getInResponseTo(), attrQueryenRequest.getSamlId()); + } + + /** + * Test validate attribute query response values. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseValuesComplex() + throws STORKSAMLEngineException { + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertEquals("Country incorrect:", attrQeuryenResponse.getCountry(), "ES"); + + final Iterator iterator = attrQeuryenResponse + .getPersonalAttributeList().iterator(); + + while (iterator.hasNext()) { + final PersonalAttribute attribute = iterator.next(); + if (attribute.getName().equalsIgnoreCase( + "canonicalResidenceAddress")) { + assertEquals("State incorrect: ", state, attribute + .getComplexValue().get("state")); + assertEquals("Town incorrect: ", town, attribute + .getComplexValue().get("town")); + assertEquals("Postal code incorrect: ", postalCode, attribute + .getComplexValue().get("postalCode")); + assertEquals("Street name incorrect: ", streetName, attribute + .getComplexValue().get("streetName")); + assertEquals("Street number incorrect: ", streetNumber, + attribute.getComplexValue().get("streetNumber")); + } + } + } + + /** + * Test generate attribute query response fail in response to it's null. + * @throws STORKSAMLEngineException + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test //( expected=STORKSAMLEngineException.class) + public final void testGenerateAttrQueryResponseFailInResponseToNull() throws STORKSAMLEngineException { + final String identifier = attrQueryenRequest.getSamlId(); + attrQueryenRequest.setSamlId(null); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setSamlId(identifier); + LOG.error("Error"); + //throw new STORKSAMLEngineException(e); + } + } + + /** + * Test generate attribute query response fail assertion consumer URL err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + /*@Test + public final void testGenerateAuthnResponseFailAssertionConsumerUrlNull() + throws STORKSAMLEngineException { + + final String assertConsumerUrl = attrQueryenRequest + .getAssertionConsumerServiceURL(); + attrQueryenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + attrQueryResponse = getEngine().generateSTORKAuthnResponseFail(attrQueryenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + attrQueryenRequest.setAssertionConsumerServiceURL(assertConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate attribute query response fail code error err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryResponseFailCodeErrorNull() + throws STORKSAMLEngineException { + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setStatusCode(null); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + fail("generateAttrQueryResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test generate attribute query request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryResponse() throws STORKSAMLEngineException { + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList date = new ArrayList(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(dateOfBirth); + + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + + final ArrayList idNumber = new ArrayList(); + idNumber.add("123456789PÑ"); + + final HashMap complex = new HashMap(); + complex.put("one", "two"); + + //eIDNumber.setValue(null); + //eIDNumber.setValue(idNumber); + //eIDNumber.setComplexValue(complex); + + eIDNumber.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.toString()); + palist.add(eIDNumber); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap address = new HashMap(); + + address.put("state", state); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + + canRessAddress.setComplexValue(address); + palist.add(canRessAddress); + + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAttrQueryResponse storkResponse = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, + destinationUrl, isNotHashing); + + attrQueryResponse = storkResponse.getTokenSaml(); + LOG.info("Request id: " + attrQueryenRequest.getSamlId()); + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(attrQueryResponse)); + + + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + LOG.info("RESPONSE ID: " + attrQeuryenResponse.getSamlId()); + LOG.info("RESPONSE IN_RESPONSE_TO: " + attrQeuryenResponse.getInResponseTo()); + LOG.info("RESPONSE COUNTRY: " + attrQeuryenResponse.getCountry()); + + } + + + + + + /** + * Test validate attribute query response fail is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAttrQueryResponseFailIsFail() + throws STORKSAMLEngineException { + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage("message"); + + attrQueryResponse = getEngine().generateSTORKAttrQueryResponseFail(attrQueryenRequest, + response, ipAddress, destinationUrl, isNotHashing).getTokenSaml(); + + LOG.error("ERROR_FAIL: " + PEPSUtil.encodeSAMLToken(attrQueryResponse)); + + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + LOG.info("COUNTRY: " + attrQeuryenResponse.getCountry()); + assertTrue("Generate incorrect response: ", attrQeuryenResponse.isFail()); + } + + /** + * Test generate/validate response with signedDoc + * + * @throws STORKSAMLEngineException + * the STORKSAML engine exception + */ + @Test + public final void testGenerateAttrQueryResponseWithSignedDoc() + throws STORKSAMLEngineException { + + String signedDocResponse = " urn:oasis:names:tc:dss:1.0:resultmajor:Success PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBJZD0iUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI09iamVjdCIgVVJJPSIjT2JqZWN0LTk4NzMzY2RlLThiY2MtNDhhMC05Yjc3LTBlOTk5N2JkZDA1OCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNiYXNlNjQiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkNrMVZxTmQ0NVFJdnEzQVpkOFhZUUx2RWh0QT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjxkczpSZWZlcmVuY2UgVHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5BNVk5MW40cXBMZ3l0VFc3ZnhqWENVZVJ2NTQ9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48ZHM6UmVmZXJlbmNlIFVSST0iI1NpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItS2V5SW5mbyI+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPlZQWDRuS0Z5UzZyRitGNmNSUjBQck5aZHc2Zz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWUgSWQ9IlNpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItU2lnbmF0dXJlVmFsdWUiPkxiS04vL0M3WGt5eFR0WVRpQ1VScjhuWnp4QW1zdGNNZDBDZ0VBQ3JLMWR5Z1JIcUdjSzR4dHMrV0NVOFB5RXFXclJJVFl6SXV3LzcNClY0Wno5VFQ2MHA0S1RNZXd1UUw2NHNrRVN4MllnMkVkaWtTTyt0S3hXa2hyYVVzbVZiR2JQbW1jbUR2OTd0SER3ODg3NDdlRnE1RjUNCnYrYVZTeUF6MDNpVUttdVNlSDg9PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbyBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1LZXlJbmZvIj48ZHM6S2V5VmFsdWU+PGRzOlJTQUtleVZhbHVlPjxkczpNb2R1bHVzPnd1Y21qOXRJV3J2d2JTVFVEZndLbCtKdERNTUVSMGNMZDZEa0JTcjc5MHQrckdOakVTcVlqUndFSWVCbktvUUhQeDVIb1JlRjg4L3QNCnFZOStDaEVYcExITHM5cDVhWDdTREp1YnBRTWZwMXRERlgzNHl3Z3hTUXZjZWVKUVdCWGppZXVJbWZDMjFzNGJPY2dKYlYxaGJpZ1MNCnpPS1RRS3IxVHpkR1IrdVJ5MDA9PC9kczpNb2R1bHVzPjxkczpFeHBvbmVudD5BUUFCPC9kczpFeHBvbmVudD48L2RzOlJTQUtleVZhbHVlPjwvZHM6S2V5VmFsdWU+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJSW1UQ0NCNEdnQXdJQkFnSURBWFVVTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUlCT3pFTE1Ba0dBMVVFQmhNQ1JWTXhPekE1QmdOVg0KQkFvVE1rRm5aVzVqYVdFZ1EyRjBZV3hoYm1FZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUNoT1NVWWdVUzB3T0RBeE1UYzJMVWtwTVRRdw0KTWdZRFZRUUhFeXRRWVhOellYUm5aU0JrWlNCc1lTQkRiMjVqWlhCamFXOGdNVEVnTURnd01EZ2dRbUZ5WTJWc2IyNWhNUzR3TEFZRA0KVlFRTEV5VlRaWEoyWldseklGQjFZbXhwWTNNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVWRFZpMHlNVFV3TXdZRFZRUUxFeXhXWldkbA0KZFNCb2RIUndjem92TDNkM2R5NWpZWFJqWlhKMExtNWxkQzkyWlhKRFNVTXRNaUFvWXlrd016RTFNRE1HQTFVRUN4TXNSVzUwYVhSaA0KZENCd2RXSnNhV05oSUdSbElHTmxjblJwWm1sallXTnBieUJrWlNCamFYVjBZV1JoYm5NeEd6QVpCZ05WQkFNVEVsQlNSVkJTVDBSVg0KUTBOSlR5QkpSRU5oZERBZUZ3MHhNREF5TVRFeE9ESXlNRFJhRncweE5EQXlNVEF4T0RJeU1EUmFNSUd3TVFzd0NRWURWUVFHRXdKRg0KVXpFMU1ETUdBMVVFQ3hNc1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5U1VSRFlYUWdLR01wTURNeA0KRmpBVUJnTlZCQVFURFVKRlVreEJUa2RCSUZOUFZFOHhGekFWQmdOVkJDb1REazFCVWtsQklFVk9SMUpCUTBsQk1SSXdFQVlEVlFRRg0KRXdreE1EQXdNRGswTkZNeEpUQWpCZ05WQkFNVEhFMUJVa2xCSUVWT1IxSkJRMGxCSUVKRlVreEJUa2RCSUZOUFZFOHdnWjh3RFFZSg0KS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNTG5Kby9iU0ZxNzhHMGsxQTM4Q3BmaWJRekRCRWRIQzNlZzVBVXErL2RMZnF4ag0KWXhFcW1JMGNCQ0hnWnlxRUJ6OGVSNkVYaGZQUDdhbVBmZ29SRjZTeHk3UGFlV2wrMGd5Ym02VURINmRiUXhWOStNc0lNVWtMM0huaQ0KVUZnVjQ0bnJpSm53dHRiT0d6bklDVzFkWVc0b0VzemlrMENxOVU4M1JrZnJrY3ROQWdNQkFBR2pnZ1N3TUlJRXJEQU1CZ05WSFJNQg0KQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQ0J6QVlEVlIwUkJJSEVNSUhCZ1E5aWMyOTBiMEJuYldGcGJDNWpiMjJrZ1lVdw0KZ1lJeEN6QUpCZ05WQkFZVEFrVlRNU3N3S1FZRFZRUUtGQ0pCWjhPb2JtTnBZU0JEWVhSaGJHRnVZU0JrWlNCRFpYSjBhV1pwWTJGag0KYWNPek1RNHdEQVlEVlFRTEV3VkpSRU5CVkRFUE1BMEdBMVVFQlJNR01ERTNOVEUwTVNVd0l3WURWUVFERXh4TlFWSkpRU0JGVGtkUw0KUVVOSlFTQkNSVkpNUVU1SFFTQlRUMVJQb0JBR0Npc0dBUVFCOVhnQkFRR2dBZ3dBb0JRR0RsWUVBQUVEQmdFRUFmVjRBUUVDb0FJTQ0KQURBZkJnTlZIUklFR0RBV2dSUmxZMTlwWkdOaGRFQmpZWFJqWlhKMExtNWxkREFkQmdOVkhRNEVGZ1FVQUZYanVOc2tCMk1seXZVQg0KaDdwOFRKMHVKMHd3Z2dGSUJnTlZIU01FZ2dFL01JSUJPNEFVUkt2Y2tVaE4xNGg0Q24vZ2RPRG42NzIzS1Z5aGdnRVBwSUlCQ3pDQw0KQVFjeEN6QUpCZ05WQkFZVEFrVlRNVHN3T1FZRFZRUUtFekpCWjJWdVkybGhJRU5oZEdGc1lXNWhJR1JsSUVObGNuUnBabWxqWVdOcA0KYnlBb1RrbEdJRkV0TURnd01URTNOaTFKS1RFb01DWUdBMVVFQ3hNZlUyVnlkbVZwY3lCUWRXSnNhV056SUdSbElFTmxjblJwWm1sag0KWVdOcGJ6RThNRG9HQTFVRUN4TXpWbVZuWlhVZ2FIUjBjSE02THk5M2QzY3VZMkYwWTJWeWRDNXVaWFF2ZG1WeWNISmxjSEp2WkhWag0KWTJsdklDaGpLVEF6TVRVd013WURWUVFMRXl4S1pYSmhjbkYxYVdFZ1JXNTBhWFJoZEhNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVOaA0KZEdGc1lXNWxjekVjTUJvR0ExVUVBeE1UVUZKRlVGSlBSRlZEUTBsUElFVkRMVUZEUTRJUWR3S1R0TTFFRVU5RkVQWFVZSGdnaERBZA0KQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRd0VRWUpZSVpJQVliNFFnRUJCQVFEQWdXZ01EUUdDQ3NHQVFVRg0KQndFQkJDZ3dKakFrQmdnckJnRUZCUWN3QVlZWWFIUjBjSE02THk5dlkzTndMbU5oZEdObGNuUXVibVYwTUJnR0NDc0dBUVVGQndFRA0KQkF3d0NqQUlCZ1lFQUk1R0FRRXdnWVlHQTFVZEh3Ui9NSDB3UEtBNm9EaUdObWgwZEhBNkx5OWxjSE5qWkM1allYUmpaWEowTG01bA0KZEM5amNtd3ZjSEpsY0hKdlpIVmpZMmx2WDJWakxXbGtZMkYwTG1OeWJEQTlvRHVnT1lZM2FIUjBjRG92TDJWd2MyTmtNaTVqWVhSag0KWlhKMExtNWxkQzlqY213dmNISmxjSEp2WkhWalkybHZYMlZqTFdsa1kyRjBMbU55YkRDQjlnWURWUjBnQklIdU1JSHJNSUhvQmd3cg0KQmdFRUFmVjRBUU1CVmdFd2dkY3dMQVlJS3dZQkJRVUhBZ0VXSUdoMGRIQnpPaTh2ZDNkM0xtTmhkR05sY25RdWJtVjBMM1psY2tsRQ0KUTJGME1JR21CZ2dyQmdFRkJRY0NBakNCbVJxQmxrRnhkV1Z6ZENEdnY3MXpJSFZ1SUdObGNuUnBabWxqWVhRZ2NHVnljMjl1WVd3Zw0KU1VSRFFWUXNJSEpsWTI5dVpXZDFkQ0JrSjJsa1pXNTBhV1pwWTJGajc3KzlMQ0J6YVdkdVlYUjFjbUVnYVNCNGFXWnlZWFFnWkdVZw0KWTJ4aGMzTmxJRElnYVc1a2FYWnBaSFZoYkM0Z1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5UkVOaA0KZERBdEJnTlZIUWtFSmpBa01CQUdDQ3NHQVFVRkJ3a0VNUVFUQWtWVE1CQUdDQ3NHQVFVRkJ3a0ZNUVFUQWtWVE1BMEdDU3FHU0liMw0KRFFFQkJRVUFBNElCQVFDcTc3ODBSR1FNTEIxZ2tkTk1mTFhuZ3FNb1JIR0taYnZ6a3JxSUFtVDhXQWQxRThyQXBoUjkveExKVXRwNQ0KbGJnMmZScjVibDJqOE9WREJLMlltRzQxaDhBRG40U1RJL0FwZU5JTlNmalpzNk5Sc25XekZ5ZlhYbVBDSFlGQi9YV3p5aW1DRXhndg0KdnR1SCszUUF3Y3dobjUwUExFdWh3NUM1dmxYN0x5NUs2ckxMTUZOVVVNYldWeTFoWmVsSy9DQlRjQWpJTzM4TlkrdllSQU1LU2Y0TQ0KL2daUXo0cUJlRlZKYTUyUjdOY0FxQ2ZyZkxmYVhwYkRTZzk4eG9CZU5zMmluR3p4OFVTZ0VyTFpqS0pzZG4vS2pURDlnUy9zVGRRNg0KUTdpZHFsZDJMRlZsTzIvYjk0Wk5aQmNTLzc4RU9EWGdkV2ZreVBDN1J3OHJlOW5JMy9qVDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjxkczpPYmplY3QgRW5jb2Rpbmc9ImJhc2U2NCIgSWQ9Ik9iamVjdC05ODczM2NkZS04YmNjLTQ4YTAtOWI3Ny0wZTk5OTdiZGQwNTgiIE1pbWVUeXBlPSJhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0iPlNHVnNiRzhnVjI5eWJHUT08L2RzOk9iamVjdD48ZHM6T2JqZWN0Pjx4YWRlczpRdWFsaWZ5aW5nUHJvcGVydGllcyB4bWxuczp4YWRlcz0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMy92MS4zLjIjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1RdWFsaWZ5aW5nUHJvcGVydGllcyIgVGFyZ2V0PSIjU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjx4YWRlczpTaWduZWRQcm9wZXJ0aWVzIElkPSJTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjx4YWRlczpTaWduZWRTaWduYXR1cmVQcm9wZXJ0aWVzPjx4YWRlczpTaWduaW5nVGltZT4yMDExLTAzLTIxVDExOjQ0OjQyKzAxOjAwPC94YWRlczpTaWduaW5nVGltZT48eGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjx4YWRlczpDZXJ0Pjx4YWRlczpDZXJ0RGlnZXN0PjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT4zbTZ3OTlUb3lTZDlKcEJsMWdCazhEei9iYlU9PC9kczpEaWdlc3RWYWx1ZT48L3hhZGVzOkNlcnREaWdlc3Q+PHhhZGVzOklzc3VlclNlcmlhbD48ZHM6WDUwOUlzc3Vlck5hbWU+Q049UFJFUFJPRFVDQ0lPIElEQ2F0LCBPVT1FbnRpdGF0IHB1YmxpY2EgZGUgY2VydGlmaWNhY2lvIGRlIGNpdXRhZGFucywgT1U9VmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTIgKGMpMDMsIE9VPVNlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8gRUNWLTIsIEw9UGFzc2F0Z2UgZGUgbGEgQ29uY2VwY2lvIDExIDA4MDA4IEJhcmNlbG9uYSwgTz1BZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNpbyAoTklGIFEtMDgwMTE3Ni1JKSwgQz1FUzwvZHM6WDUwOUlzc3Vlck5hbWU+PGRzOlg1MDlTZXJpYWxOdW1iZXI+OTU1MDg8L2RzOlg1MDlTZXJpYWxOdW1iZXI+PC94YWRlczpJc3N1ZXJTZXJpYWw+PC94YWRlczpDZXJ0PjwveGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjwveGFkZXM6U2lnbmVkU2lnbmF0dXJlUHJvcGVydGllcz48eGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PHhhZGVzOkRhdGFPYmplY3RGb3JtYXQgT2JqZWN0UmVmZXJlbmNlPSIjUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyI+PHhhZGVzOk1pbWVUeXBlPmFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbTwveGFkZXM6TWltZVR5cGU+PHhhZGVzOkVuY29kaW5nPmJhc2U2NDwveGFkZXM6RW5jb2Rpbmc+PC94YWRlczpEYXRhT2JqZWN0Rm9ybWF0PjwveGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PC94YWRlczpTaWduZWRQcm9wZXJ0aWVzPjwveGFkZXM6UXVhbGlmeWluZ1Byb3BlcnRpZXM+PC9kczpPYmplY3Q+PC9kczpTaWduYXR1cmU+ "; + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute signedDoc = new PersonalAttribute(); + signedDoc.setName("signedDoc"); + signedDoc.setIsRequired(false); + ArrayList signed = new ArrayList(); + signed.add(signedDocResponse); + signedDoc.setValue(signed); + palist.add(signedDoc); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + palist.add(isAgeOver); + + attrQueryenRequest.setPersonalAttributeList(palist); + + final STORKAttrQueryResponse response = new STORKAttrQueryResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAttrQueryResponse storkResponse = getEngine() + .generateSTORKAttrQueryResponse(attrQueryenRequest, response, ipAddress, + destinationUrl, isNotHashing); + + attrQueryResponse = storkResponse.getTokenSaml(); + attrQeuryenResponse = getEngine().validateSTORKAttrQueryResponse(attrQueryResponse, + ipAddress); + + assertTrue("SignedDoc response should be the same: ", attrQeuryenResponse + .getPersonalAttributeList().get("signedDoc").getValue().get(0) + .equals(signedDocResponse)); + + } +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java new file mode 100644 index 000000000..7223ab483 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkAuthRequestTest.java @@ -0,0 +1,966 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.util.ArrayList; + +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * The Class StorkAuthRequestTest defines a class to . + */ +public class StorkAuthRequestTest { + + /** The engines. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + private static STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("CONF2"); + private static STORKSAMLEngine engine3 = STORKSAMLEngine.getInstance("CONF3"); + + + /** + * Instantiates a new stork authentication request test. + */ + public StorkAuthRequestTest() { + pal = new PersonalAttributeList(); + + final PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + final ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + final PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + final PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + pal.add(eIDNumber); + + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + + spName = "University of Oxford"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "EN"; + + spId = "EDU001-OXF001-APP001"; + + } + + /** The destination. */ + private String destination; + + /** The service provider name. */ + private String spName; + + /** The service provider sector. */ + private String spSector; + + /** The service provider institution. */ + private String spInstitution; + + /** The service provider application. */ + private String spApplication; + + /** The service provider country. */ + private String spCountry; + + /** The service provider id. */ + private String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The List of Personal Attributes. */ + private IPersonalAttributeList pal; + + /** The assertion consumer URL. */ + private String assertConsumerUrl; + + /** The authentication request. */ + private static byte[] authRequest; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkAuthRequestTest.class.getName()); + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + } + + /** + * Test generate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnRequest() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + //engine.generateSTORKAuthnRequest(request); + + LOG.info("STORKAuthnRequest 1: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAuthnRequest(request).getTokenSaml())); + request.setCitizenCountryCode("ES"); + LOG.info("STORKAuthnRequest 2: " + SSETestUtils.encodeSAMLToken(engine.generateSTORKAuthnRequest(request).getTokenSaml())); + } + + + /** + * Test generate authentication request error personal attribute name error. + */ + @Test + public final void testGenerateAuthnRequestPALsErr1() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("attrNotValid"); + worngAttr.setIsRequired(true); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + /** + * Test generate authentication request error personal attribute value error. + */ + @Test + public final void testGenerateAuthnRequestPALsErr2() { + + final IPersonalAttributeList palWrong = new PersonalAttributeList(); + + final PersonalAttribute attrNotValid = new PersonalAttribute(); + attrNotValid.setName("attrNotValid"); + attrNotValid.setIsRequired(true); + palWrong.add(attrNotValid); + + + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(palWrong); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request error provider name null. + */ + @Test + public final void testGenerateAuthnRequestSPNAmeErr1() { + + + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(null); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try + { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + catch (STORKSAMLEngineException e) + { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request authentication assurance level + * negative value. + */ + @Test + public final void testGenerateAuthnRequestQaalErr1() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(-1); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request service provider sector null. + */ + @Test + public final void testGenerateAuthnRequestSectorErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + + } + } + + /** + * Test generate authentication request service provider institution null. + */ + @Test + public final void testGenerateAuthnRequestInstitutionrErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(null); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAuthnRequestApplicationErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(null); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request service provider country null. + */ + @Test + public final void testGenerateAuthnRequestCountryErr() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(null); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test generate authentication request error with quality authentication + * assurance level wrong. + */ + @Test + public final void testGenerateAuthnRequestQaalErr2() { + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(0); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request personal attribute list null value. + */ + @Test + public final void testGenerateAuthnRequestPALErr1() { + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(null); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication request error with assertion consumer URL + * null. + */ + @Test + public final void testGenerateAuthnRequestAssertionConsumerErr1() { + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(null); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + engine.generateSTORKAuthnRequest(request); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request null parameter. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestNullParam() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAuthnRequest(null); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request error bytes encode. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestErrorEncode() + throws STORKSAMLEngineException { + try { + engine.validateSTORKAuthnRequest("messageError".getBytes()); + fail("validateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication request. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequest() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + authRequest = engine.generateSTORKAuthnRequest(request).getTokenSaml(); + + final STORKAuthnRequest validatedRequest = engine.validateSTORKAuthnRequest(authRequest); + + assertEquals("CrossBorderShare incorrect: ", validatedRequest.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", validatedRequest.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", validatedRequest.isEIDSectorShare(), false); + + } + + /** + * Test validate data authenticate request. Verified parameters after + * validation. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateDataAuthnRequest() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = engine.validateSTORKAuthnRequest(authRequest); + + assertEquals("Sestination incorrect: ", request.getDestination(), destination); + + assertEquals("CrossBorderShare incorrect: ", request.isEIDCrossBorderShare(), false); + assertEquals("CrossSectorShare incorrect: ", request.isEIDCrossSectorShare(), false); + assertEquals("SectorShare incorrect: ", request.isEIDSectorShare(), false); + + assertEquals("Service provider incorrect: ", request.getProviderName(), spName); + assertEquals("QAAL incorrect: ", request.getQaa(), QAAL); + assertEquals("SPSector incorrect: ", request.getSpSector(), spSector); + assertEquals("SPInstitution incorrect: ", request.getSpInstitution(), null); + assertEquals("SPApplication incorrect: ", request.getSpApplication(), spApplication); + assertEquals("Asserition consumer URL incorrect: ", request.getAssertionConsumerServiceURL(), assertConsumerUrl); + + assertEquals("SP Country incorrect: ", request.getSpCountry(), spCountry); + assertEquals("SP Id incorrect: ", request.getSPID(), spId); + assertEquals("CitizenCountryCode incorrect: ", request.getCitizenCountryCode(), "ES"); + + } + + /** + * Test validate file authentication request. Validate from XML file. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAuthnRequest() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml"); + + try { + engine.validateSTORKAuthnRequest(bytes); + fail("testValidateFileAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + } + } + + /** + * Test validate file authentication request tag delete. + * + * @throws Exception the exception + */ + @Test + public final void testValidateFileAuthnRequestTagDelete() throws Exception { + + final byte[] bytes = SSETestUtils.readStorkSamlFromFile("/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml"); + + try { + engine.validateSTORKAuthnRequest(bytes); + fail("validateSTORKAuthnRequest(...) should have thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error(e.getMessage()); + + } + } + + /** + * Test validate authentication request not trusted token. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestNotTrustedErr1() + throws STORKSAMLEngineException { + + try { + final STORKSAMLEngine engineNotTrusted = STORKSAMLEngine + .getInstance("CONF2"); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineNotTrusted + .generateSTORKAuthnRequest(request).getTokenSaml(); + + engine.validateSTORKAuthnRequest(authReqNotTrust); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + fail("validateSTORKAuthnRequestNotTrusted(...) should not have thrown an STORKSAMLEngineException!"); + } + } + + /** + * Test validate authentication request trusted. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestTrusted() + throws STORKSAMLEngineException { + + final STORKSAMLEngine engineTrusted = STORKSAMLEngine + .getInstance("CONF3"); + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + + final byte[] authReqNotTrust = engineTrusted.generateSTORKAuthnRequest( + request).getTokenSaml(); + + // engine ("CONF1") no have trust certificate from "CONF2" + engine.validateSTORKAuthnRequest(authReqNotTrust); + + } + + /** + * Test generate authentication request service provider application null. + */ + @Test + public final void testGenerateAuthnRequestNADA() { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(null); + request.setSpInstitution(null); + request.setSpApplication(null); + request.setSpCountry(null); + + try { + engine.validateSTORKAuthnRequest(authRequest); + fail("generateSTORKAuthnRequest(...) should've thrown an STORKSAMLEngineException!"); + + } catch (STORKSAMLEngineException e) { + LOG.error("Error: " + e.getMessage()); + } + } + + /** + * Test validate authentication request with unknown elements. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestWithUnknownElements() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute unknown = new PersonalAttribute(); + unknown.setName("unknown"); + unknown.setIsRequired(true); + pAttList.add(unknown); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + + req = engine3.generateSTORKAuthnRequest(request); + + req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); + + assertNull("The value shouldn't exist", req.getPersonalAttributeList().get("unknown")); + assertNotNull("The value should exist", req.getPersonalAttributeList().get("eIdentifier")); + + } + + /** + * Test generate Request with required elements by default + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnRequestWithIsRequiredElementsByDefault() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + STORKAuthnRequest reqTrue = new STORKAuthnRequest(); + STORKAuthnRequest reqFalse = new STORKAuthnRequest(); + + reqTrue = engine.generateSTORKAuthnRequest(request); + reqFalse = engine2.generateSTORKAuthnRequest(request); + req = engine3.generateSTORKAuthnRequest(request); + + + String token = new String(req.getTokenSaml()); + String reqTrueToken = new String(reqTrue.getTokenSaml()); + String reqFalseToken = new String(reqFalse.getTokenSaml()); + + assertTrue("The token must contain the chain 'isRequired'", token.contains("isRequired")); + assertTrue("The token must contain the chain 'isRequired'", reqTrueToken.contains("isRequired")); + assertFalse("The token must contain the chain 'isRequired'", reqFalseToken.contains("isRequired")); + + } + + /** + * Test validating request and getting alias used to save + * the saml trusted certificate into trustore + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnRequestGettingItsAlias() throws STORKSAMLEngineException { + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + IPersonalAttributeList pAttList = new PersonalAttributeList(); + + final PersonalAttribute eIdentifier = new PersonalAttribute(); + eIdentifier.setName("eIdentifier"); + eIdentifier.setIsRequired(true); + pAttList.add(eIdentifier); + + request.setPersonalAttributeList(pAttList); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + + req = engine3.generateSTORKAuthnRequest(request); + req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo")); + + req = engine2.generateSTORKAuthnRequest(request); + req = engine2.validateSTORKAuthnRequest(req.getTokenSaml()); + assertTrue("The alias should match this value", req.getAlias().equals("local-demo")); + + + + } + + /** + * Test generating/validating request with signedDoc + * + * @throws STORKSAMLEngineException + * the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnRequestWithSignedDoc() + throws STORKSAMLEngineException { + + String signedDocRequest = "VGVzdCB0ZXh0"; + + final STORKAuthnRequest request = new STORKAuthnRequest(); + + PersonalAttributeList paler = new PersonalAttributeList(); + + final PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + paler.add(eIDNumber); + + final PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + final ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + paler.add(isAgeOver); + + final PersonalAttribute signedDoc = new PersonalAttribute(); + signedDoc.setName("signedDoc"); + final ArrayList signedDocs = new ArrayList(); + signedDocs.add(signedDocRequest); + signedDoc.setValue(signedDocs); + signedDoc.setIsRequired(false); + paler.add(signedDoc); + + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(paler); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // new parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + STORKAuthnRequest req = new STORKAuthnRequest(); + + req = engine.generateSTORKAuthnRequest(request); + req = engine.validateSTORKAuthnRequest(req.getTokenSaml()); + + assertTrue("SignedDoc request should be the same: ", req + .getPersonalAttributeList().get("signedDoc").getValue().get(0) + .equals(signedDocRequest)); + + + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java new file mode 100644 index 000000000..481cbc28c --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/StorkResponseTest.java @@ -0,0 +1,931 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +package eu.stork.peps.test.simple; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; + +import org.junit.Test; +import org.opensaml.xml.parse.BasicParserPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.commons.STORKStatusCode; +import eu.stork.peps.auth.commons.STORKSubStatusCode; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; + +/** + * The Class AuthRequestTest. + */ +public class StorkResponseTest { + + /** The engine. */ + private static STORKSAMLEngine engine = STORKSAMLEngine.getInstance("CONF1"); + + /** + * Gets the engine. + * + * @return the engine + */ + public static STORKSAMLEngine getEngine() { + return engine; + } + + /** + * Sets the engine. + * + * @param newEngine the new engine + */ + public static void setEngine(final STORKSAMLEngine newEngine) { + StorkResponseTest.engine = newEngine; + } + + /** The destination. */ + private static String destination; + + /** The service provider name. */ + private static String spName; + + /** The service provider sector. */ + private static String spSector; + + /** The service provider institution. */ + private static String spInstitution; + + /** The service provider application. */ + private static String spApplication; + + /** The service provider country. */ + private static String spCountry; + + /** The service provider id. */ + private static String spId; + + /** The quality authentication assurance level. */ + private static final int QAAL = 3; + + /** The state. */ + private static String state = "ES"; + + /** The town. */ + private static String town = "Madrid"; + + /** The municipality code. */ + private static String municipalityCode = "MA001"; + + /** The postal code. */ + private static String postalCode = "28038"; + + /** The street name. */ + private static String streetName = "Marchamalo"; + + /** The street number. */ + private static String streetNumber = "3"; + + /** The apartament number. */ + private static String apartamentNumber = "5º E"; + + /** The List of Personal Attributes. */ + private static IPersonalAttributeList pal; + + /** The assertion consumer URL. */ + private static String assertConsumerUrl; + + /** The authentication request. */ + private static byte[] authRequest; + + /** The authentication response. */ + private static byte[] authResponse; + + /** The authentication request. */ + private static STORKAuthnRequest authenRequest; + + /** The authentication response. */ + private static STORKAuthnResponse authnResponse; + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory + .getLogger(StorkResponseTest.class.getName()); + + /** + * Instantiates a new stork response test. + */ + public StorkResponseTest() { + super(); + } + + /** The IP address. */ + private static String ipAddress; + + /** The is hashing. */ + private final boolean isHashing = Boolean.TRUE; + + /** The is not hashing. */ + private final boolean isNotHashing = Boolean.FALSE; + + /** The ERROR text. */ + private static final String ERROR_TXT = "generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"; + + + /** Parser manager used to parse XML. */ + private static BasicParserPool parser; + + + + static { + parser = new BasicParserPool(); + parser.setNamespaceAware(true); + + pal = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + pal.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + pal.add(dateOfBirth); + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + pal.add(eIDNumber); + + final PersonalAttribute givenName = new PersonalAttribute(); + givenName.setName("givenName"); + givenName.setIsRequired(true); + pal.add(givenName); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + pal.add(canRessAddress); + + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + pal.add(newAttribute); + + destination = "http://C-PEPS.gov.xx/PEPS/ColleagueRequest"; + assertConsumerUrl = "http://S-PEPS.gov.xx/PEPS/ColleagueResponse"; + spName = "University Oxford"; + + spName = "University of Oxford"; + spSector = "EDU001"; + spInstitution = "OXF001"; + spApplication = "APP001"; + spCountry = "EN"; + + spId = "EDU001-APP001-APP001"; + + final STORKAuthnRequest request = new STORKAuthnRequest(); + request.setDestination(destination); + request.setProviderName(spName); + request.setQaa(QAAL); + request.setPersonalAttributeList(pal); + request.setAssertionConsumerServiceURL(assertConsumerUrl); + + // news parameters + request.setSpSector(spSector); + request.setSpInstitution(spInstitution); + request.setSpApplication(spApplication); + request.setSpCountry(spCountry); + request.setSPID(spId); + request.setCitizenCountryCode("ES"); + + try { + authRequest = getEngine().generateSTORKAuthnRequest(request) + .getTokenSaml(); + + authenRequest = getEngine().validateSTORKAuthnRequest(authRequest); + + } catch (STORKSAMLEngineException e) { + fail("Error create STORKAuthnRequest"); + } + + ipAddress = "111.222.333.444"; + + pal = new PersonalAttributeList(); + + isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ages = new ArrayList(); + + ages.add("16"); + ages.add("18"); + + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(isAgeOver); + + dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList date = new ArrayList(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(dateOfBirth); + + eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + final ArrayList idNumber = new ArrayList(); + idNumber.add("123456789PÑ"); + eIDNumber.setValue(idNumber); + eIDNumber.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + pal.add(eIDNumber); + + canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap address = new HashMap(); + + address.put("state", state); + address.put("municipalityCode", municipalityCode); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + address.put("apartamentNumber", apartamentNumber); + + canRessAddress.setComplexValue(address); + pal.add(canRessAddress); + + newAttribute = new PersonalAttribute(); + newAttribute.setName("newAttribute2"); + newAttribute.setIsRequired(true); + newAttribute.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap values = new HashMap(); + + values.put("value1", "value1"); + values.put("value2", "value2"); + values.put("value3", "value3"); + values.put("value4", "value4"); + + newAttribute.setComplexValue(values); + pal.add(newAttribute); + + } + + /** + * Test generate authentication request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponse() throws STORKSAMLEngineException { + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponse(authenRequest, response, ipAddress, + isNotHashing); + + authResponse = storkResponse.getTokenSaml(); + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(authResponse)); + } + + /** + * Test validation id parameter mandatory. + */ + @Test + public final void testResponseMandatoryId() { + final String identifier = authenRequest.getSamlId(); + authenRequest.setSamlId(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + authenRequest.setSamlId(identifier); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response in response to err1. + */ + @Test + public final void testResponseMandatoryIssuer() { + + final String issuer = authenRequest.getIssuer(); + authenRequest.setIssuer(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + authenRequest.setIssuer(issuer); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response assertion consumer null. + */ + @Test + public final void testResponseMandatoryAssertionConsumerServiceURL() { + final String asserConsumerUrl = authenRequest + .getAssertionConsumerServiceURL(); + authenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + authenRequest.setAssertionConsumerServiceURL(asserConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response IP address null. + */ + @Test + public final void testResponseValidationIP() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, null, + isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test generate authentication response with personal attribute list null. + */ + @Test + public final void testResponseMandatoryPersonalAttributeList() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(null); + + + try { + getEngine().generateSTORKAuthnResponse(authenRequest, response, + ipAddress, isHashing); + fail("generateAuthnResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication response token null. + */ + @Test + public final void testResponseInvalidParametersToken() { + try { + getEngine().validateSTORKAuthnResponse(null, ipAddress); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication response IP null. + */ + @Test + public final void testResponseInvalidParametersIP() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setPersonalAttributeList(pal); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response parameter name wrong. + */ + @Test + public final void testResponseInvalidParametersAttr() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("AttrWrong"); + wrongList.add(worngAttr); + + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrSimpleValue() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoValue() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrNoName() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + /** + * Test validate authentication response set null complex value into attribute. + */ + @Test + public final void testResponseInvalidParametersAttrComplexValue() { + final STORKAuthnResponse response = new STORKAuthnResponse(); + final IPersonalAttributeList wrongList = new PersonalAttributeList(); + + final PersonalAttribute worngAttr = new PersonalAttribute(); + worngAttr.setName("isAgeOver"); + worngAttr.setComplexValue(null); + wrongList.add(worngAttr); + + response.setPersonalAttributeList(wrongList); + try { + authResponse = getEngine().generateSTORKAuthnResponse(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + // In Conf1 ipValidate is false + getEngine().validateSTORKAuthnResponse(authResponse, null); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test validate authentication response IP distinct and disabled validation + * IP. + */ + @Test + public final void testResponseInvalidParametersIPDistinct() { + try { + // ipAddress origin "111.222.333.444" + // ipAddrValidation = false + // Subject Confirmation Bearer. + + getEngine().validateSTORKAuthnResponse(authResponse, "127.0.0.1"); + fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test response invalid parameters invalid token. + */ + @Test + public final void testResponseInvalidParametersTokenMsg() { + try { + // ipAddress origin "111.222.333.444" + // Subject Confirmation Bearer. + getEngine().validateSTORKAuthnResponse("errorMessage".getBytes(), + ipAddress); + fail("validateAuthenticationResponse(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + /** + * Test validate authentication response is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseIsFail() + throws STORKSAMLEngineException { + try { + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + fail("Generate incorrect response"); + } catch (Exception e) { + LOG.error("ERROR: " + e.getMessage()); + } + } + + /** + * Test validate authentication response destination. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseDestination() + throws STORKSAMLEngineException { + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + assertEquals("Destination incorrect: ", + authnResponse.getInResponseTo(), authenRequest.getSamlId()); + } + + /** + * Test validate authentication response values. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + public final void testValidateAuthenticationResponseValuesComplex() + throws STORKSAMLEngineException { + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + assertEquals("Country incorrect:", authnResponse.getCountry(), "EN"); + + final Iterator iterator = authnResponse + .getPersonalAttributeList().iterator(); + + while (iterator.hasNext()) { + final PersonalAttribute attribute = iterator.next(); + if (attribute.getName().equalsIgnoreCase( + "canonicalResidenceAddress")) { + assertEquals("State incorrect: ", state, attribute + .getComplexValue().get("state")); + assertEquals("Municipality Code incorrect: ", municipalityCode, + attribute.getComplexValue().get("municipalityCode")); + assertEquals("Town incorrect: ", town, attribute + .getComplexValue().get("town")); + assertEquals("Postal code incorrect: ", postalCode, attribute + .getComplexValue().get("postalCode")); + assertEquals("Street name incorrect: ", streetName, attribute + .getComplexValue().get("streetName")); + assertEquals("Street number incorrect: ", streetNumber, + attribute.getComplexValue().get("streetNumber")); + assertEquals("Apartament number incorrect: ", apartamentNumber, + attribute.getComplexValue().get("apartamentNumber")); + } + } + } + + /** + * Test generate authenticate response fail in response to it's null. + * @throws STORKSAMLEngineException + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test //( expected=STORKSAMLEngineException.class) + public final void testGenerateAuthnResponseFailInResponseToNull() throws STORKSAMLEngineException { + final String identifier = authenRequest.getSamlId(); + authenRequest.setSamlId(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail(ERROR_TXT); + } catch (STORKSAMLEngineException e) { + authenRequest.setSamlId(identifier); + LOG.error("Error"); + //throw new STORKSAMLEngineException(e); + } + } + + /** + * Test generate authenticate response fail assertion consumer URL err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponseFailAssertionConsumerUrlNull() + throws STORKSAMLEngineException { + + final String assertConsumerUrl = authenRequest + .getAssertionConsumerServiceURL(); + authenRequest.setAssertionConsumerServiceURL(null); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + authenRequest.setAssertionConsumerServiceURL(assertConsumerUrl); + LOG.error("Error"); + } + } + + /** + * Test generate authentication response fail code error err1. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthnResponseFailCodeErrorNull() + throws STORKSAMLEngineException { + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(null); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage(""); + + try { + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + fail("generateAuthnResponseFail(...) should've thrown an STORKSAMLEngineException!"); + } catch (STORKSAMLEngineException e) { + LOG.error("Error"); + } + } + + + + + /** + * Test generate authentication request without errors. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthnResponse() throws STORKSAMLEngineException { + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(true); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + isAgeOver.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(isAgeOver); + + PersonalAttribute dateOfBirth = new PersonalAttribute(); + dateOfBirth.setName("dateOfBirth"); + dateOfBirth.setIsRequired(false); + final ArrayList date = new ArrayList(); + date.add("16/12/2008"); + dateOfBirth.setValue(date); + dateOfBirth.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + palist.add(dateOfBirth); + + + PersonalAttribute eIDNumber = new PersonalAttribute(); + eIDNumber.setName("eIdentifier"); + eIDNumber.setIsRequired(true); + + final ArrayList idNumber = new ArrayList(); + idNumber.add("123456789PÑ"); + + final HashMap complex = new HashMap(); + complex.put("one", "two"); + + //eIDNumber.setValue(null); + //eIDNumber.setValue(idNumber); + //eIDNumber.setComplexValue(complex); + + eIDNumber.setStatus(STORKStatusCode.STATUS_NOT_AVAILABLE.toString()); + palist.add(eIDNumber); + + PersonalAttribute canRessAddress = new PersonalAttribute(); + canRessAddress.setName("canonicalResidenceAddress"); + canRessAddress.setIsRequired(true); + canRessAddress.setStatus(STORKStatusCode.STATUS_AVAILABLE.toString()); + final HashMap address = new HashMap(); + + address.put("state", state); + address.put("municipalityCode", municipalityCode); + address.put("town", town); + address.put("postalCode", postalCode); + address.put("streetName", streetName); + address.put("streetNumber", streetNumber); + address.put("apartamentNumber", apartamentNumber); + + canRessAddress.setComplexValue(address); + palist.add(canRessAddress); + + + final STORKAuthnResponse response = new STORKAuthnResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponse(authenRequest, response, ipAddress, + isNotHashing); + + authResponse = storkResponse.getTokenSaml(); + LOG.info("Request id: " + authenRequest.getSamlId()); + + LOG.info("RESPONSE: " + SSETestUtils.encodeSAMLToken(authResponse)); + + + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + LOG.info("RESPONSE ID: " + authnResponse.getSamlId()); + LOG.info("RESPONSE IN_RESPONSE_TO: " + authnResponse.getInResponseTo()); + LOG.info("RESPONSE COUNTRY: " + authnResponse.getCountry()); + + } + + + + + + /** + * Test validate authentication response fail is fail. + * + * @throws STORKSAMLEngineException the STORKSAML engine exception + */ + @Test + public final void testValidateAuthenticationResponseFailIsFail() + throws STORKSAMLEngineException { + + final STORKAuthnResponse response = new STORKAuthnResponse(); + response.setStatusCode(STORKStatusCode.REQUESTER_URI.toString()); + response.setSubStatusCode(STORKSubStatusCode.AUTHN_FAILED_URI.toString()); + response.setMessage("message"); + + authResponse = getEngine().generateSTORKAuthnResponseFail(authenRequest, + response, ipAddress, isNotHashing).getTokenSaml(); + + LOG.error("ERROR_FAIL: " + PEPSUtil.encodeSAMLToken(authResponse)); + + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + LOG.info("COUNTRY: " + authnResponse.getCountry()); + assertTrue("Generate incorrect response: ", authnResponse.isFail()); + } + + /** + * Test generate/validate response with signedDoc + * + * @throws STORKSAMLEngineException + * the STORKSAML engine exception + */ + @Test + public final void testGenerateAuthenResponseWithSignedDoc() + throws STORKSAMLEngineException { + + String signedDocResponse = " urn:oasis:names:tc:dss:1.0:resultmajor:Success PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjxkczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvVFIvMjAwMS9SRUMteG1sLWMxNG4tMjAwMTAzMTUiLz48ZHM6U2lnbmF0dXJlTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3JzYS1zaGExIi8+PGRzOlJlZmVyZW5jZSBJZD0iUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyIgVHlwZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI09iamVjdCIgVVJJPSIjT2JqZWN0LTk4NzMzY2RlLThiY2MtNDhhMC05Yjc3LTBlOTk5N2JkZDA1OCI+PGRzOlRyYW5zZm9ybXM+PGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNiYXNlNjQiLz48L2RzOlRyYW5zZm9ybXM+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPkNrMVZxTmQ0NVFJdnEzQVpkOFhZUUx2RWh0QT08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjxkczpSZWZlcmVuY2UgVHlwZT0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMyNTaWduZWRQcm9wZXJ0aWVzIiBVUkk9IiNTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5BNVk5MW40cXBMZ3l0VFc3ZnhqWENVZVJ2NTQ9PC9kczpEaWdlc3RWYWx1ZT48L2RzOlJlZmVyZW5jZT48ZHM6UmVmZXJlbmNlIFVSST0iI1NpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItS2V5SW5mbyI+PGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzOkRpZ2VzdFZhbHVlPlZQWDRuS0Z5UzZyRitGNmNSUjBQck5aZHc2Zz08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWUgSWQ9IlNpZ25hdHVyZS04ZWFiZDBhNS02NjBkLTRhZmQtOTkwNS0wYWJjNzU1M2QxOTItU2lnbmF0dXJlVmFsdWUiPkxiS04vL0M3WGt5eFR0WVRpQ1VScjhuWnp4QW1zdGNNZDBDZ0VBQ3JLMWR5Z1JIcUdjSzR4dHMrV0NVOFB5RXFXclJJVFl6SXV3LzcNClY0Wno5VFQ2MHA0S1RNZXd1UUw2NHNrRVN4MllnMkVkaWtTTyt0S3hXa2hyYVVzbVZiR2JQbW1jbUR2OTd0SER3ODg3NDdlRnE1RjUNCnYrYVZTeUF6MDNpVUttdVNlSDg9PC9kczpTaWduYXR1cmVWYWx1ZT48ZHM6S2V5SW5mbyBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1LZXlJbmZvIj48ZHM6S2V5VmFsdWU+PGRzOlJTQUtleVZhbHVlPjxkczpNb2R1bHVzPnd1Y21qOXRJV3J2d2JTVFVEZndLbCtKdERNTUVSMGNMZDZEa0JTcjc5MHQrckdOakVTcVlqUndFSWVCbktvUUhQeDVIb1JlRjg4L3QNCnFZOStDaEVYcExITHM5cDVhWDdTREp1YnBRTWZwMXRERlgzNHl3Z3hTUXZjZWVKUVdCWGppZXVJbWZDMjFzNGJPY2dKYlYxaGJpZ1MNCnpPS1RRS3IxVHpkR1IrdVJ5MDA9PC9kczpNb2R1bHVzPjxkczpFeHBvbmVudD5BUUFCPC9kczpFeHBvbmVudD48L2RzOlJTQUtleVZhbHVlPjwvZHM6S2V5VmFsdWU+PGRzOlg1MDlEYXRhPjxkczpYNTA5Q2VydGlmaWNhdGU+TUlJSW1UQ0NCNEdnQXdJQkFnSURBWFVVTUEwR0NTcUdTSWIzRFFFQkJRVUFNSUlCT3pFTE1Ba0dBMVVFQmhNQ1JWTXhPekE1QmdOVg0KQkFvVE1rRm5aVzVqYVdFZ1EyRjBZV3hoYm1FZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUNoT1NVWWdVUzB3T0RBeE1UYzJMVWtwTVRRdw0KTWdZRFZRUUhFeXRRWVhOellYUm5aU0JrWlNCc1lTQkRiMjVqWlhCamFXOGdNVEVnTURnd01EZ2dRbUZ5WTJWc2IyNWhNUzR3TEFZRA0KVlFRTEV5VlRaWEoyWldseklGQjFZbXhwWTNNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVWRFZpMHlNVFV3TXdZRFZRUUxFeXhXWldkbA0KZFNCb2RIUndjem92TDNkM2R5NWpZWFJqWlhKMExtNWxkQzkyWlhKRFNVTXRNaUFvWXlrd016RTFNRE1HQTFVRUN4TXNSVzUwYVhSaA0KZENCd2RXSnNhV05oSUdSbElHTmxjblJwWm1sallXTnBieUJrWlNCamFYVjBZV1JoYm5NeEd6QVpCZ05WQkFNVEVsQlNSVkJTVDBSVg0KUTBOSlR5QkpSRU5oZERBZUZ3MHhNREF5TVRFeE9ESXlNRFJhRncweE5EQXlNVEF4T0RJeU1EUmFNSUd3TVFzd0NRWURWUVFHRXdKRg0KVXpFMU1ETUdBMVVFQ3hNc1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5U1VSRFlYUWdLR01wTURNeA0KRmpBVUJnTlZCQVFURFVKRlVreEJUa2RCSUZOUFZFOHhGekFWQmdOVkJDb1REazFCVWtsQklFVk9SMUpCUTBsQk1SSXdFQVlEVlFRRg0KRXdreE1EQXdNRGswTkZNeEpUQWpCZ05WQkFNVEhFMUJVa2xCSUVWT1IxSkJRMGxCSUVKRlVreEJUa2RCSUZOUFZFOHdnWjh3RFFZSg0KS29aSWh2Y05BUUVCQlFBRGdZMEFNSUdKQW9HQkFNTG5Kby9iU0ZxNzhHMGsxQTM4Q3BmaWJRekRCRWRIQzNlZzVBVXErL2RMZnF4ag0KWXhFcW1JMGNCQ0hnWnlxRUJ6OGVSNkVYaGZQUDdhbVBmZ29SRjZTeHk3UGFlV2wrMGd5Ym02VURINmRiUXhWOStNc0lNVWtMM0huaQ0KVUZnVjQ0bnJpSm53dHRiT0d6bklDVzFkWVc0b0VzemlrMENxOVU4M1JrZnJrY3ROQWdNQkFBR2pnZ1N3TUlJRXJEQU1CZ05WSFJNQg0KQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRm9EQ0J6QVlEVlIwUkJJSEVNSUhCZ1E5aWMyOTBiMEJuYldGcGJDNWpiMjJrZ1lVdw0KZ1lJeEN6QUpCZ05WQkFZVEFrVlRNU3N3S1FZRFZRUUtGQ0pCWjhPb2JtTnBZU0JEWVhSaGJHRnVZU0JrWlNCRFpYSjBhV1pwWTJGag0KYWNPek1RNHdEQVlEVlFRTEV3VkpSRU5CVkRFUE1BMEdBMVVFQlJNR01ERTNOVEUwTVNVd0l3WURWUVFERXh4TlFWSkpRU0JGVGtkUw0KUVVOSlFTQkNSVkpNUVU1SFFTQlRUMVJQb0JBR0Npc0dBUVFCOVhnQkFRR2dBZ3dBb0JRR0RsWUVBQUVEQmdFRUFmVjRBUUVDb0FJTQ0KQURBZkJnTlZIUklFR0RBV2dSUmxZMTlwWkdOaGRFQmpZWFJqWlhKMExtNWxkREFkQmdOVkhRNEVGZ1FVQUZYanVOc2tCMk1seXZVQg0KaDdwOFRKMHVKMHd3Z2dGSUJnTlZIU01FZ2dFL01JSUJPNEFVUkt2Y2tVaE4xNGg0Q24vZ2RPRG42NzIzS1Z5aGdnRVBwSUlCQ3pDQw0KQVFjeEN6QUpCZ05WQkFZVEFrVlRNVHN3T1FZRFZRUUtFekpCWjJWdVkybGhJRU5oZEdGc1lXNWhJR1JsSUVObGNuUnBabWxqWVdOcA0KYnlBb1RrbEdJRkV0TURnd01URTNOaTFKS1RFb01DWUdBMVVFQ3hNZlUyVnlkbVZwY3lCUWRXSnNhV056SUdSbElFTmxjblJwWm1sag0KWVdOcGJ6RThNRG9HQTFVRUN4TXpWbVZuWlhVZ2FIUjBjSE02THk5M2QzY3VZMkYwWTJWeWRDNXVaWFF2ZG1WeWNISmxjSEp2WkhWag0KWTJsdklDaGpLVEF6TVRVd013WURWUVFMRXl4S1pYSmhjbkYxYVdFZ1JXNTBhWFJoZEhNZ1pHVWdRMlZ5ZEdsbWFXTmhZMmx2SUVOaA0KZEdGc1lXNWxjekVjTUJvR0ExVUVBeE1UVUZKRlVGSlBSRlZEUTBsUElFVkRMVUZEUTRJUWR3S1R0TTFFRVU5RkVQWFVZSGdnaERBZA0KQmdOVkhTVUVGakFVQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRd0VRWUpZSVpJQVliNFFnRUJCQVFEQWdXZ01EUUdDQ3NHQVFVRg0KQndFQkJDZ3dKakFrQmdnckJnRUZCUWN3QVlZWWFIUjBjSE02THk5dlkzTndMbU5oZEdObGNuUXVibVYwTUJnR0NDc0dBUVVGQndFRA0KQkF3d0NqQUlCZ1lFQUk1R0FRRXdnWVlHQTFVZEh3Ui9NSDB3UEtBNm9EaUdObWgwZEhBNkx5OWxjSE5qWkM1allYUmpaWEowTG01bA0KZEM5amNtd3ZjSEpsY0hKdlpIVmpZMmx2WDJWakxXbGtZMkYwTG1OeWJEQTlvRHVnT1lZM2FIUjBjRG92TDJWd2MyTmtNaTVqWVhSag0KWlhKMExtNWxkQzlqY213dmNISmxjSEp2WkhWalkybHZYMlZqTFdsa1kyRjBMbU55YkRDQjlnWURWUjBnQklIdU1JSHJNSUhvQmd3cg0KQmdFRUFmVjRBUU1CVmdFd2dkY3dMQVlJS3dZQkJRVUhBZ0VXSUdoMGRIQnpPaTh2ZDNkM0xtTmhkR05sY25RdWJtVjBMM1psY2tsRQ0KUTJGME1JR21CZ2dyQmdFRkJRY0NBakNCbVJxQmxrRnhkV1Z6ZENEdnY3MXpJSFZ1SUdObGNuUnBabWxqWVhRZ2NHVnljMjl1WVd3Zw0KU1VSRFFWUXNJSEpsWTI5dVpXZDFkQ0JrSjJsa1pXNTBhV1pwWTJGajc3KzlMQ0J6YVdkdVlYUjFjbUVnYVNCNGFXWnlZWFFnWkdVZw0KWTJ4aGMzTmxJRElnYVc1a2FYWnBaSFZoYkM0Z1ZtVm5aWFVnYUhSMGNITTZMeTkzZDNjdVkyRjBZMlZ5ZEM1dVpYUXZkbVZ5UkVOaA0KZERBdEJnTlZIUWtFSmpBa01CQUdDQ3NHQVFVRkJ3a0VNUVFUQWtWVE1CQUdDQ3NHQVFVRkJ3a0ZNUVFUQWtWVE1BMEdDU3FHU0liMw0KRFFFQkJRVUFBNElCQVFDcTc3ODBSR1FNTEIxZ2tkTk1mTFhuZ3FNb1JIR0taYnZ6a3JxSUFtVDhXQWQxRThyQXBoUjkveExKVXRwNQ0KbGJnMmZScjVibDJqOE9WREJLMlltRzQxaDhBRG40U1RJL0FwZU5JTlNmalpzNk5Sc25XekZ5ZlhYbVBDSFlGQi9YV3p5aW1DRXhndg0KdnR1SCszUUF3Y3dobjUwUExFdWh3NUM1dmxYN0x5NUs2ckxMTUZOVVVNYldWeTFoWmVsSy9DQlRjQWpJTzM4TlkrdllSQU1LU2Y0TQ0KL2daUXo0cUJlRlZKYTUyUjdOY0FxQ2ZyZkxmYVhwYkRTZzk4eG9CZU5zMmluR3p4OFVTZ0VyTFpqS0pzZG4vS2pURDlnUy9zVGRRNg0KUTdpZHFsZDJMRlZsTzIvYjk0Wk5aQmNTLzc4RU9EWGdkV2ZreVBDN1J3OHJlOW5JMy9qVDwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjxkczpPYmplY3QgRW5jb2Rpbmc9ImJhc2U2NCIgSWQ9Ik9iamVjdC05ODczM2NkZS04YmNjLTQ4YTAtOWI3Ny0wZTk5OTdiZGQwNTgiIE1pbWVUeXBlPSJhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0iPlNHVnNiRzhnVjI5eWJHUT08L2RzOk9iamVjdD48ZHM6T2JqZWN0Pjx4YWRlczpRdWFsaWZ5aW5nUHJvcGVydGllcyB4bWxuczp4YWRlcz0iaHR0cDovL3VyaS5ldHNpLm9yZy8wMTkwMy92MS4zLjIjIiBJZD0iU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1RdWFsaWZ5aW5nUHJvcGVydGllcyIgVGFyZ2V0PSIjU2lnbmF0dXJlLThlYWJkMGE1LTY2MGQtNGFmZC05OTA1LTBhYmM3NTUzZDE5Mi1TaWduYXR1cmUiPjx4YWRlczpTaWduZWRQcm9wZXJ0aWVzIElkPSJTaWduYXR1cmUtOGVhYmQwYTUtNjYwZC00YWZkLTk5MDUtMGFiYzc1NTNkMTkyLVNpZ25lZFByb3BlcnRpZXMiPjx4YWRlczpTaWduZWRTaWduYXR1cmVQcm9wZXJ0aWVzPjx4YWRlczpTaWduaW5nVGltZT4yMDExLTAzLTIxVDExOjQ0OjQyKzAxOjAwPC94YWRlczpTaWduaW5nVGltZT48eGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjx4YWRlczpDZXJ0Pjx4YWRlczpDZXJ0RGlnZXN0PjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT4zbTZ3OTlUb3lTZDlKcEJsMWdCazhEei9iYlU9PC9kczpEaWdlc3RWYWx1ZT48L3hhZGVzOkNlcnREaWdlc3Q+PHhhZGVzOklzc3VlclNlcmlhbD48ZHM6WDUwOUlzc3Vlck5hbWU+Q049UFJFUFJPRFVDQ0lPIElEQ2F0LCBPVT1FbnRpdGF0IHB1YmxpY2EgZGUgY2VydGlmaWNhY2lvIGRlIGNpdXRhZGFucywgT1U9VmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTIgKGMpMDMsIE9VPVNlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8gRUNWLTIsIEw9UGFzc2F0Z2UgZGUgbGEgQ29uY2VwY2lvIDExIDA4MDA4IEJhcmNlbG9uYSwgTz1BZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNpbyAoTklGIFEtMDgwMTE3Ni1JKSwgQz1FUzwvZHM6WDUwOUlzc3Vlck5hbWU+PGRzOlg1MDlTZXJpYWxOdW1iZXI+OTU1MDg8L2RzOlg1MDlTZXJpYWxOdW1iZXI+PC94YWRlczpJc3N1ZXJTZXJpYWw+PC94YWRlczpDZXJ0PjwveGFkZXM6U2lnbmluZ0NlcnRpZmljYXRlPjwveGFkZXM6U2lnbmVkU2lnbmF0dXJlUHJvcGVydGllcz48eGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PHhhZGVzOkRhdGFPYmplY3RGb3JtYXQgT2JqZWN0UmVmZXJlbmNlPSIjUmVmZXJlbmNlLWJhYmE0ZDFhLWExN2UtNDJjNi05N2QyLWJlZWUxMzUwOTUwMyI+PHhhZGVzOk1pbWVUeXBlPmFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbTwveGFkZXM6TWltZVR5cGU+PHhhZGVzOkVuY29kaW5nPmJhc2U2NDwveGFkZXM6RW5jb2Rpbmc+PC94YWRlczpEYXRhT2JqZWN0Rm9ybWF0PjwveGFkZXM6U2lnbmVkRGF0YU9iamVjdFByb3BlcnRpZXM+PC94YWRlczpTaWduZWRQcm9wZXJ0aWVzPjwveGFkZXM6UXVhbGlmeWluZ1Byb3BlcnRpZXM+PC9kczpPYmplY3Q+PC9kczpTaWduYXR1cmU+ "; + + IPersonalAttributeList palist = new PersonalAttributeList(); + + PersonalAttribute signedDoc = new PersonalAttribute(); + signedDoc.setName("signedDoc"); + signedDoc.setIsRequired(false); + ArrayList signed = new ArrayList(); + signed.add(signedDocResponse); + signedDoc.setValue(signed); + palist.add(signedDoc); + + PersonalAttribute isAgeOver = new PersonalAttribute(); + isAgeOver.setName("isAgeOver"); + isAgeOver.setIsRequired(false); + ArrayList ages = new ArrayList(); + ages.add("16"); + ages.add("18"); + isAgeOver.setValue(ages); + palist.add(isAgeOver); + + authenRequest.setPersonalAttributeList(palist); + + final STORKAuthnResponse response = new STORKAuthnResponse(); + + response.setPersonalAttributeList(palist); + + final STORKAuthnResponse storkResponse = getEngine() + .generateSTORKAuthnResponse(authenRequest, response, ipAddress, + isNotHashing); + + authResponse = storkResponse.getTokenSaml(); + authnResponse = getEngine().validateSTORKAuthnResponse(authResponse, + ipAddress); + + assertTrue("SignedDoc response should be the same: ", authnResponse + .getPersonalAttributeList().get("signedDoc").getValue().get(0) + .equals(signedDocResponse)); + + } + +} diff --git a/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java new file mode 100644 index 000000000..34fed0e39 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/java/eu/stork/peps/test/simple/package-info.java @@ -0,0 +1,20 @@ +/* + * Licensed under the EUPL, Version 1.1 or – as soon they will be approved by + * the European Commission - subsequent versions of the EUPL (the "Licence"); + * You may not use this work except in compliance with the Licence. You may + * obtain a copy of the Licence at: + * + * http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the Licence is distributed on an "AS IS" basis, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * Licence for the specific language governing permissions and limitations under + * the Licence. + */ + +/** + * Provides the classes necessary to create a SAML message. + * @since 1.0 + */ +package eu.stork.peps.test.simple; \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/resources/.svn/all-wcprops new file mode 100644 index 000000000..fe8b26f95 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/all-wcprops @@ -0,0 +1,101 @@ +K 25 +svn:wc:ra_dav:version-url +V 67 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources +END +keyStoreCountry1.jks +K 25 +svn:wc:ra_dav:version-url +V 88 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/keyStoreCountry1.jks +END +keyStoreCountry2.jks +K 25 +svn:wc:ra_dav:version-url +V 88 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/keyStoreCountry2.jks +END +keyStoreCountry3.jks +K 25 +svn:wc:ra_dav:version-url +V 88 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/keyStoreCountry3.jks +END +p11Conf.cfg +K 25 +svn:wc:ra_dav:version-url +V 78 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/test/resources/p11Conf.cfg +END +logback-test.xml +K 25 +svn:wc:ra_dav:version-url +V 83 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/test/resources/logback-test.xml +END +SamlEngine.xml +K 25 +svn:wc:ra_dav:version-url +V 81 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/test/resources/SamlEngine.xml +END +SignModule_P11.xml +K 25 +svn:wc:ra_dav:version-url +V 85 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/test/resources/SignModule_P11.xml +END +StorkSamlEngine_Conf0.xml +K 25 +svn:wc:ra_dav:version-url +V 92 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/test/resources/StorkSamlEngine_Conf0.xml +END +StorkSamlEngine_Conf1.xml +K 25 +svn:wc:ra_dav:version-url +V 92 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/test/resources/StorkSamlEngine_Conf1.xml +END +SignModule_Conf0.xml +K 25 +svn:wc:ra_dav:version-url +V 88 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/SignModule_Conf0.xml +END +StorkSamlEngine_Conf2.xml +K 25 +svn:wc:ra_dav:version-url +V 92 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/test/resources/StorkSamlEngine_Conf2.xml +END +SignModule_Conf1.xml +K 25 +svn:wc:ra_dav:version-url +V 88 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/SignModule_Conf1.xml +END +StorkSamlEngine_Conf3.xml +K 25 +svn:wc:ra_dav:version-url +V 92 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/test/resources/StorkSamlEngine_Conf3.xml +END +SignModule_Conf2.xml +K 25 +svn:wc:ra_dav:version-url +V 88 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/SignModule_Conf2.xml +END +SignModule_Conf3.xml +K 25 +svn:wc:ra_dav:version-url +V 88 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/SignModule_Conf3.xml +END +keyStoreCountry0.jks +K 25 +svn:wc:ra_dav:version-url +V 88 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/keyStoreCountry0.jks +END diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/entries b/id/server/stork2-saml-engine/src/test/resources/.svn/entries new file mode 100644 index 000000000..1afc5a426 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/entries @@ -0,0 +1,575 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/resources +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +data +dir + +logback-test.xml +file + + + + +2013-12-20T12:27:57.250475Z +9645eaa7005e2fd5856a650a46e58b75 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +530 + +SamlEngine.xml +file + + + + +2013-12-20T12:27:57.250475Z +e2a6926fe3dabd0b07ea0c7f61a5c9a9 +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2236 + +SignModule_P11.xml +file + + + + +2013-12-20T12:27:57.254475Z +13d70d84e25f491976cbbd9a0e3edafe +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +436 + +StorkSamlEngine_Conf0.xml +file + + + + +2013-12-20T12:27:57.250475Z +4ec0bc5ac4fafef57b60184cded62f9f +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +3912 + +StorkSamlEngine_Conf1.xml +file + + + + +2013-12-20T12:27:57.250475Z +4ec0bc5ac4fafef57b60184cded62f9f +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +3912 + +SignModule_Conf0.xml +file + + + + +2013-12-20T12:27:57.250475Z +ad61baa5b5d5a0c648b2e4c05b637add +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +541 + +StorkSamlEngine_Conf2.xml +file + + + + +2013-12-20T12:27:57.250475Z +7092c091691b1862d989f856cdc57b82 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2827 + +SignModule_Conf1.xml +file + + + + +2013-12-20T12:27:57.250475Z +16be2497f59cbd9c57acc81b783ecff1 +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +522 + +StorkSamlEngine_Conf3.xml +file + + + + +2013-12-20T12:27:57.250475Z +44066ee14d9b2a03f7ee2f72c965c287 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2774 + +SignModule_Conf2.xml +file + + + + +2013-12-20T12:27:57.250475Z +fb7a26c03ef7400fe296b7d60837dff0 +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +522 + +SignModule_Conf3.xml +file + + + + +2013-12-20T12:27:57.250475Z +128795cf3937e23a2af256cc5db88b84 +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +540 + +keyStoreCountry0.jks +file + + + + +2013-12-20T12:27:57.250475Z +241d66f1af1a3937dfbbcccc7b7432c8 +2013-12-16T15:04:09.136643Z +316 +emsomavmi +has-props + + + + + + + + + + + + + + + + + + + + +1376 + +keyStoreCountry1.jks +file + + + + +2013-12-20T12:27:57.250475Z +821660c55e39b47f7cd6c750e366531d +2013-12-16T15:04:09.136643Z +316 +emsomavmi +has-props + + + + + + + + + + + + + + + + + + + + +1313 + +keyStoreCountry2.jks +file + + + + +2013-12-20T12:27:57.250475Z +821660c55e39b47f7cd6c750e366531d +2013-12-16T15:04:09.136643Z +316 +emsomavmi +has-props + + + + + + + + + + + + + + + + + + + + +1313 + +keyStoreCountry3.jks +file + + + + +2013-12-20T12:27:57.250475Z +821660c55e39b47f7cd6c750e366531d +2013-12-16T15:04:09.136643Z +316 +emsomavmi +has-props + + + + + + + + + + + + + + + + + + + + +1313 + +p11Conf.cfg +file + + + + +2013-12-20T12:27:57.250475Z +d7154f1fb90d3edbad739f703a30ff3d +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +510 + diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry0.jks.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry0.jks.svn-base new file mode 100644 index 000000000..5e9587e65 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry0.jks.svn-base @@ -0,0 +1,5 @@ +K 13 +svn:mime-type +V 24 +application/octet-stream +END diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry1.jks.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry1.jks.svn-base new file mode 100644 index 000000000..5e9587e65 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry1.jks.svn-base @@ -0,0 +1,5 @@ +K 13 +svn:mime-type +V 24 +application/octet-stream +END diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry2.jks.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry2.jks.svn-base new file mode 100644 index 000000000..5e9587e65 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry2.jks.svn-base @@ -0,0 +1,5 @@ +K 13 +svn:mime-type +V 24 +application/octet-stream +END diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry3.jks.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry3.jks.svn-base new file mode 100644 index 000000000..5e9587e65 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/prop-base/keyStoreCountry3.jks.svn-base @@ -0,0 +1,5 @@ +K 13 +svn:mime-type +V 24 +application/octet-stream +END diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SamlEngine.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SamlEngine.xml.svn-base new file mode 100644 index 000000000..6bb61ae29 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SamlEngine.xml.svn-base @@ -0,0 +1,63 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf0.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf0.xml.svn-base new file mode 100644 index 000000000..eb9ed6f5d --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf0.xml.svn-base @@ -0,0 +1,12 @@ + + + + + SWModule sign with JKS. + src/test/resources/keyStoreCountry0.jks + local-demo + local-demo + CN=saml-demo-cert,OU=STORK2,O=Advania,L=Reykjavik,ST=Reykjavik,C=IS + 529E05C8 + JKS + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf1.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf1.xml.svn-base new file mode 100644 index 000000000..af68d33aa --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf1.xml.svn-base @@ -0,0 +1,12 @@ + + + + + SWModule sign with JKS. + src/test/resources/keyStoreCountry1.jks + local-demo + local-demo + CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES + 529E04FF + JKS + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf2.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf2.xml.svn-base new file mode 100644 index 000000000..b13cb390a --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf2.xml.svn-base @@ -0,0 +1,12 @@ + + + + + SWModule sign with JKS. + src/test/resources/keyStoreCountry2.jks + local-demo + local-demo + CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES + 529E04FF + JKS + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf3.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf3.xml.svn-base new file mode 100644 index 000000000..ed933020a --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_Conf3.xml.svn-base @@ -0,0 +1,12 @@ + + + + + SWModule sign with JKS. + src/test/resources/keyStoreCountry3.jks + local-demo + local-demo + CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES + 529E04FF + JKS + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_P11.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_P11.xml.svn-base new file mode 100644 index 000000000..64eb426c8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/SignModule_P11.xml.svn-base @@ -0,0 +1,11 @@ + + + + + HWModule sign with interface PKCS11. + p11Config.cfg + ******* + CN=XXXXXXXXX + xxxxxxxxxxxxxx + PKCS11 + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf0.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf0.xml.svn-base new file mode 100644 index 000000000..0a28a5de8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf0.xml.svn-base @@ -0,0 +1,91 @@ + + + + + SAML constants for AuthnRequests and Responses. + + + unspecified + + + obtained + + + entity + + + + HTTP-POST + + + + + + + + + + false + + + true + + + http://S-PEPS.gov.xx + + + http://C-PEPS.gov.xx + + + 300 + + + false + + + + http://www.stork.gov.eu/1.0/eIdentifier + http://www.stork.gov.eu/1.0/givenName + http://www.stork.gov.eu/1.0/surname + http://www.stork.gov.eu/1.0/inheritedFamilyName + http://www.stork.gov.eu/1.0/adoptedFamilyName + http://www.stork.gov.eu/1.0/gender + http://www.stork.gov.eu/1.0/dateOfBirth + http://www.stork.gov.eu/1.0/countryCodeOfBirth + http://www.stork.gov.eu/1.0/nationalityCode + http://www.stork.gov.eu/1.0/maritalStatus + http://www.stork.gov.eu/1.0/residenceAddress + http://www.stork.gov.eu/1.0/eMail + http://www.stork.gov.eu/1.0/academicTitle + http://www.stork.gov.eu/1.0/pseudonym + http://www.stork.gov.eu/1.0/age + http://www.stork.gov.eu/1.0/isAgeOver + + http://www.stork.gov.eu/1.0/textResidenceAddress + http://www.stork.gov.eu/1.0/canonicalResidenceAddress + + http://www.stork.gov.eu/1.0/title + http://www.stork.gov.eu/1.0/residencePermit + + http://www.stork.gov.eu/1.0/signedDoc + http://www.stork.gov.eu/1.0/citizen509Certificate + + http://www.stork.gov.eu/1.0/newAttribute1 + http://www.stork.gov.eu/1.0/newAttribute2 + http://www.stork.gov.eu/1.0/hasDegree + http://www.stork.gov.eu/1.0/mandateContent + + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf1.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf1.xml.svn-base new file mode 100644 index 000000000..0a28a5de8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf1.xml.svn-base @@ -0,0 +1,91 @@ + + + + + SAML constants for AuthnRequests and Responses. + + + unspecified + + + obtained + + + entity + + + + HTTP-POST + + + + + + + + + + false + + + true + + + http://S-PEPS.gov.xx + + + http://C-PEPS.gov.xx + + + 300 + + + false + + + + http://www.stork.gov.eu/1.0/eIdentifier + http://www.stork.gov.eu/1.0/givenName + http://www.stork.gov.eu/1.0/surname + http://www.stork.gov.eu/1.0/inheritedFamilyName + http://www.stork.gov.eu/1.0/adoptedFamilyName + http://www.stork.gov.eu/1.0/gender + http://www.stork.gov.eu/1.0/dateOfBirth + http://www.stork.gov.eu/1.0/countryCodeOfBirth + http://www.stork.gov.eu/1.0/nationalityCode + http://www.stork.gov.eu/1.0/maritalStatus + http://www.stork.gov.eu/1.0/residenceAddress + http://www.stork.gov.eu/1.0/eMail + http://www.stork.gov.eu/1.0/academicTitle + http://www.stork.gov.eu/1.0/pseudonym + http://www.stork.gov.eu/1.0/age + http://www.stork.gov.eu/1.0/isAgeOver + + http://www.stork.gov.eu/1.0/textResidenceAddress + http://www.stork.gov.eu/1.0/canonicalResidenceAddress + + http://www.stork.gov.eu/1.0/title + http://www.stork.gov.eu/1.0/residencePermit + + http://www.stork.gov.eu/1.0/signedDoc + http://www.stork.gov.eu/1.0/citizen509Certificate + + http://www.stork.gov.eu/1.0/newAttribute1 + http://www.stork.gov.eu/1.0/newAttribute2 + http://www.stork.gov.eu/1.0/hasDegree + http://www.stork.gov.eu/1.0/mandateContent + + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf2.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf2.xml.svn-base new file mode 100644 index 000000000..435ef4b82 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf2.xml.svn-base @@ -0,0 +1,64 @@ + + + + + SAML constants for AuthnRequests and Responses. + + + unspecified + + obtained + + + entity + + + + HTTP-POST + + false + false + false + + + http://S-PEPS.gov.xx + + + http://C-PEPS.gov.xx + + + 300 + + + false + + + false + + + + http://www.stork.gov.eu/1.0/eIdentifier + http://www.stork.gov.eu/1.0/givenName + http://www.stork.gov.eu/1.0/surname + http://www.stork.gov.eu/1.0/inheritedFamilyName + http://www.stork.gov.eu/1.0/adoptedFamilyName + http://www.stork.gov.eu/1.0/gender + http://www.stork.gov.eu/1.0/dateOfBirth + http://www.stork.gov.eu/1.0/countryCodeOfBirth + http://www.stork.gov.eu/1.0/nationalityCode + http://www.stork.gov.eu/1.0/maritalStatus + http://www.stork.gov.eu/1.0/residenceAddress + http://www.stork.gov.eu/1.0/eMail + http://www.stork.gov.eu/1.0/academicTitle + http://www.stork.gov.eu/1.0/pseudonym + http://www.stork.gov.eu/1.0/age + http://www.stork.gov.eu/1.0/isAgeOver + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf3.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf3.xml.svn-base new file mode 100644 index 000000000..bec8934f8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/StorkSamlEngine_Conf3.xml.svn-base @@ -0,0 +1,61 @@ + + + + + SAML constants for AuthnRequests and Responses. + + + unspecified + + obtained + + + entity + + + + HTTP-POST + + false + false + false + + + http://S-PEPS.gov.xx + + + http://C-PEPS.gov.xx + + + 300 + + + false + + + http://www.stork.gov.eu/1.0/eIdentifier + http://www.stork.gov.eu/1.0/givenName + http://www.stork.gov.eu/1.0/surname + http://www.stork.gov.eu/1.0/inheritedFamilyName + http://www.stork.gov.eu/1.0/adoptedFamilyName + http://www.stork.gov.eu/1.0/gender + http://www.stork.gov.eu/1.0/dateOfBirth + http://www.stork.gov.eu/1.0/countryCodeOfBirth + http://www.stork.gov.eu/1.0/nationalityCode + http://www.stork.gov.eu/1.0/maritalStatus + http://www.stork.gov.eu/1.0/residenceAddress + http://www.stork.gov.eu/1.0/eMail + http://www.stork.gov.eu/1.0/academicTitle + http://www.stork.gov.eu/1.0/pseudonym + http://www.stork.gov.eu/1.0/age + http://www.stork.gov.eu/1.0/isAgeOver + http://www.stork.gov.eu/1.0/unknown + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry0.jks.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry0.jks.svn-base new file mode 100644 index 000000000..289e952fe Binary files /dev/null and b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry0.jks.svn-base differ diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry1.jks.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry1.jks.svn-base new file mode 100644 index 000000000..5399bf689 Binary files /dev/null and b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry1.jks.svn-base differ diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry2.jks.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry2.jks.svn-base new file mode 100644 index 000000000..5399bf689 Binary files /dev/null and b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry2.jks.svn-base differ diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry3.jks.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry3.jks.svn-base new file mode 100644 index 000000000..5399bf689 Binary files /dev/null and b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/keyStoreCountry3.jks.svn-base differ diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/logback-test.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/logback-test.xml.svn-base new file mode 100644 index 000000000..ff900e124 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/logback-test.xml.svn-base @@ -0,0 +1,23 @@ + + + + + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n + + + + + + + + + + + + + + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/p11Conf.cfg.svn-base b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/p11Conf.cfg.svn-base new file mode 100644 index 000000000..b712219c1 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/.svn/text-base/p11Conf.cfg.svn-base @@ -0,0 +1,24 @@ +//ATTRIBUTE VALUE +//name name suffix of this provider instance +//library pathname of PKCS#11 implementation +//slotListIndex slot index + +//PREFIX DESCRIPTION +//CKO_ Object class +//CKA_ Attribute +//CKK_ Key type + +//attributes(operation, keytype, keyalgorithm) = { +// name1 = value1 +// [...] +//} + +name=nameProvider +library=library.dll +slotListIndex=0 +attributes(*,CKO_PUBLIC_KEY,CKK_RSA)={ + CKA_VERIFY=true +} +attributes(*,CKO_PRIVATE_KEY,CKK_RSA)={ + CKA_SIGN=true +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml b/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml new file mode 100644 index 000000000..6b0482795 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml @@ -0,0 +1,81 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml new file mode 100644 index 000000000..99c1b043d --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml @@ -0,0 +1,12 @@ + + + + + SWModule sign with JKS. + projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks + local-demo + local-demo + CN=saml-demo-cert,OU=STORK2,O=Advania,L=Reykjavik,ST=Reykjavik,C=IS + 529E05C8 + JKS + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml new file mode 100644 index 000000000..af68d33aa --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml @@ -0,0 +1,12 @@ + + + + + SWModule sign with JKS. + src/test/resources/keyStoreCountry1.jks + local-demo + local-demo + CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES + 529E04FF + JKS + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml new file mode 100644 index 000000000..b13cb390a --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml @@ -0,0 +1,12 @@ + + + + + SWModule sign with JKS. + src/test/resources/keyStoreCountry2.jks + local-demo + local-demo + CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES + 529E04FF + JKS + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml new file mode 100644 index 000000000..ed933020a --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml @@ -0,0 +1,12 @@ + + + + + SWModule sign with JKS. + src/test/resources/keyStoreCountry3.jks + local-demo + local-demo + CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES + 529E04FF + JKS + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml new file mode 100644 index 000000000..64eb426c8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml @@ -0,0 +1,11 @@ + + + + + HWModule sign with interface PKCS11. + p11Config.cfg + ******* + CN=XXXXXXXXX + xxxxxxxxxxxxxx + PKCS11 + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_demo.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_demo.xml new file mode 100644 index 000000000..c7cee3af4 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_demo.xml @@ -0,0 +1,12 @@ + + + + + SWModule sign with JKS. + projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks + local-demo + local-demo + CN=local-demo-cert, O=Indra, L=Madrid, ST=Spain, C=ES + 4BA89DB2 + JKS + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml new file mode 100644 index 000000000..0a28a5de8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml @@ -0,0 +1,91 @@ + + + + + SAML constants for AuthnRequests and Responses. + + + unspecified + + + obtained + + + entity + + + + HTTP-POST + + + + + + + + + + false + + + true + + + http://S-PEPS.gov.xx + + + http://C-PEPS.gov.xx + + + 300 + + + false + + + + http://www.stork.gov.eu/1.0/eIdentifier + http://www.stork.gov.eu/1.0/givenName + http://www.stork.gov.eu/1.0/surname + http://www.stork.gov.eu/1.0/inheritedFamilyName + http://www.stork.gov.eu/1.0/adoptedFamilyName + http://www.stork.gov.eu/1.0/gender + http://www.stork.gov.eu/1.0/dateOfBirth + http://www.stork.gov.eu/1.0/countryCodeOfBirth + http://www.stork.gov.eu/1.0/nationalityCode + http://www.stork.gov.eu/1.0/maritalStatus + http://www.stork.gov.eu/1.0/residenceAddress + http://www.stork.gov.eu/1.0/eMail + http://www.stork.gov.eu/1.0/academicTitle + http://www.stork.gov.eu/1.0/pseudonym + http://www.stork.gov.eu/1.0/age + http://www.stork.gov.eu/1.0/isAgeOver + + http://www.stork.gov.eu/1.0/textResidenceAddress + http://www.stork.gov.eu/1.0/canonicalResidenceAddress + + http://www.stork.gov.eu/1.0/title + http://www.stork.gov.eu/1.0/residencePermit + + http://www.stork.gov.eu/1.0/signedDoc + http://www.stork.gov.eu/1.0/citizen509Certificate + + http://www.stork.gov.eu/1.0/newAttribute1 + http://www.stork.gov.eu/1.0/newAttribute2 + http://www.stork.gov.eu/1.0/hasDegree + http://www.stork.gov.eu/1.0/mandateContent + + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml new file mode 100644 index 000000000..0a28a5de8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml @@ -0,0 +1,91 @@ + + + + + SAML constants for AuthnRequests and Responses. + + + unspecified + + + obtained + + + entity + + + + HTTP-POST + + + + + + + + + + false + + + true + + + http://S-PEPS.gov.xx + + + http://C-PEPS.gov.xx + + + 300 + + + false + + + + http://www.stork.gov.eu/1.0/eIdentifier + http://www.stork.gov.eu/1.0/givenName + http://www.stork.gov.eu/1.0/surname + http://www.stork.gov.eu/1.0/inheritedFamilyName + http://www.stork.gov.eu/1.0/adoptedFamilyName + http://www.stork.gov.eu/1.0/gender + http://www.stork.gov.eu/1.0/dateOfBirth + http://www.stork.gov.eu/1.0/countryCodeOfBirth + http://www.stork.gov.eu/1.0/nationalityCode + http://www.stork.gov.eu/1.0/maritalStatus + http://www.stork.gov.eu/1.0/residenceAddress + http://www.stork.gov.eu/1.0/eMail + http://www.stork.gov.eu/1.0/academicTitle + http://www.stork.gov.eu/1.0/pseudonym + http://www.stork.gov.eu/1.0/age + http://www.stork.gov.eu/1.0/isAgeOver + + http://www.stork.gov.eu/1.0/textResidenceAddress + http://www.stork.gov.eu/1.0/canonicalResidenceAddress + + http://www.stork.gov.eu/1.0/title + http://www.stork.gov.eu/1.0/residencePermit + + http://www.stork.gov.eu/1.0/signedDoc + http://www.stork.gov.eu/1.0/citizen509Certificate + + http://www.stork.gov.eu/1.0/newAttribute1 + http://www.stork.gov.eu/1.0/newAttribute2 + http://www.stork.gov.eu/1.0/hasDegree + http://www.stork.gov.eu/1.0/mandateContent + + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml new file mode 100644 index 000000000..435ef4b82 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml @@ -0,0 +1,64 @@ + + + + + SAML constants for AuthnRequests and Responses. + + + unspecified + + obtained + + + entity + + + + HTTP-POST + + false + false + false + + + http://S-PEPS.gov.xx + + + http://C-PEPS.gov.xx + + + 300 + + + false + + + false + + + + http://www.stork.gov.eu/1.0/eIdentifier + http://www.stork.gov.eu/1.0/givenName + http://www.stork.gov.eu/1.0/surname + http://www.stork.gov.eu/1.0/inheritedFamilyName + http://www.stork.gov.eu/1.0/adoptedFamilyName + http://www.stork.gov.eu/1.0/gender + http://www.stork.gov.eu/1.0/dateOfBirth + http://www.stork.gov.eu/1.0/countryCodeOfBirth + http://www.stork.gov.eu/1.0/nationalityCode + http://www.stork.gov.eu/1.0/maritalStatus + http://www.stork.gov.eu/1.0/residenceAddress + http://www.stork.gov.eu/1.0/eMail + http://www.stork.gov.eu/1.0/academicTitle + http://www.stork.gov.eu/1.0/pseudonym + http://www.stork.gov.eu/1.0/age + http://www.stork.gov.eu/1.0/isAgeOver + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml new file mode 100644 index 000000000..bec8934f8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml @@ -0,0 +1,61 @@ + + + + + SAML constants for AuthnRequests and Responses. + + + unspecified + + obtained + + + entity + + + + HTTP-POST + + false + false + false + + + http://S-PEPS.gov.xx + + + http://C-PEPS.gov.xx + + + 300 + + + false + + + http://www.stork.gov.eu/1.0/eIdentifier + http://www.stork.gov.eu/1.0/givenName + http://www.stork.gov.eu/1.0/surname + http://www.stork.gov.eu/1.0/inheritedFamilyName + http://www.stork.gov.eu/1.0/adoptedFamilyName + http://www.stork.gov.eu/1.0/gender + http://www.stork.gov.eu/1.0/dateOfBirth + http://www.stork.gov.eu/1.0/countryCodeOfBirth + http://www.stork.gov.eu/1.0/nationalityCode + http://www.stork.gov.eu/1.0/maritalStatus + http://www.stork.gov.eu/1.0/residenceAddress + http://www.stork.gov.eu/1.0/eMail + http://www.stork.gov.eu/1.0/academicTitle + http://www.stork.gov.eu/1.0/pseudonym + http://www.stork.gov.eu/1.0/age + http://www.stork.gov.eu/1.0/isAgeOver + http://www.stork.gov.eu/1.0/unknown + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_demo.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_demo.xml new file mode 100644 index 000000000..0a28a5de8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_demo.xml @@ -0,0 +1,91 @@ + + + + + SAML constants for AuthnRequests and Responses. + + + unspecified + + + obtained + + + entity + + + + HTTP-POST + + + + + + + + + + false + + + true + + + http://S-PEPS.gov.xx + + + http://C-PEPS.gov.xx + + + 300 + + + false + + + + http://www.stork.gov.eu/1.0/eIdentifier + http://www.stork.gov.eu/1.0/givenName + http://www.stork.gov.eu/1.0/surname + http://www.stork.gov.eu/1.0/inheritedFamilyName + http://www.stork.gov.eu/1.0/adoptedFamilyName + http://www.stork.gov.eu/1.0/gender + http://www.stork.gov.eu/1.0/dateOfBirth + http://www.stork.gov.eu/1.0/countryCodeOfBirth + http://www.stork.gov.eu/1.0/nationalityCode + http://www.stork.gov.eu/1.0/maritalStatus + http://www.stork.gov.eu/1.0/residenceAddress + http://www.stork.gov.eu/1.0/eMail + http://www.stork.gov.eu/1.0/academicTitle + http://www.stork.gov.eu/1.0/pseudonym + http://www.stork.gov.eu/1.0/age + http://www.stork.gov.eu/1.0/isAgeOver + + http://www.stork.gov.eu/1.0/textResidenceAddress + http://www.stork.gov.eu/1.0/canonicalResidenceAddress + + http://www.stork.gov.eu/1.0/title + http://www.stork.gov.eu/1.0/residencePermit + + http://www.stork.gov.eu/1.0/signedDoc + http://www.stork.gov.eu/1.0/citizen509Certificate + + http://www.stork.gov.eu/1.0/newAttribute1 + http://www.stork.gov.eu/1.0/newAttribute2 + http://www.stork.gov.eu/1.0/hasDegree + http://www.stork.gov.eu/1.0/mandateContent + + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/resources/data/.svn/all-wcprops new file mode 100644 index 000000000..3843fc6b7 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 72 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/data +END diff --git a/id/server/stork2-saml-engine/src/test/resources/data/.svn/entries b/id/server/stork2-saml-engine/src/test/resources/data/.svn/entries new file mode 100644 index 000000000..2eb50bbe8 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/resources/data +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +eu +dir + diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/resources/data/eu/.svn/all-wcprops new file mode 100644 index 000000000..56d18dd28 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 75 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/data/eu +END diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/.svn/entries b/id/server/stork2-saml-engine/src/test/resources/data/eu/.svn/entries new file mode 100644 index 000000000..798ea16b3 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/resources/data/eu +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +stork +dir + diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/.svn/all-wcprops new file mode 100644 index 000000000..16ec86311 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 81 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/data/eu/stork +END diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/.svn/entries b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/.svn/entries new file mode 100644 index 000000000..8ec7f9903 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/resources/data/eu/stork +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +STORKSAMLEngine +dir + diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/all-wcprops b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/all-wcprops new file mode 100644 index 000000000..178273e8c --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/all-wcprops @@ -0,0 +1,41 @@ +K 25 +svn:wc:ra_dav:version-url +V 97 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/data/eu/stork/STORKSAMLEngine +END +AuthnRequestTagDelete.xml +K 25 +svn:wc:ra_dav:version-url +V 122 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml +END +AttrQueryRequestTagDelete.xml +K 25 +svn:wc:ra_dav:version-url +V 126 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml +END +AuthnRequest.xml +K 25 +svn:wc:ra_dav:version-url +V 113 +/CITnet/svn/STORK2/!svn/ver/22/trunk/SamlEngine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml +END +AttrQueryRequest.xml +K 25 +svn:wc:ra_dav:version-url +V 118 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml +END +AuthnRequestTagDeleteEncoded.xml +K 25 +svn:wc:ra_dav:version-url +V 129 +/CITnet/svn/STORK2/!svn/ver/56/trunk/SamlEngine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml +END +AttrQueryResponse.xml +K 25 +svn:wc:ra_dav:version-url +V 119 +/CITnet/svn/STORK2/!svn/ver/316/trunk/SamlEngine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml +END diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/entries b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/entries new file mode 100644 index 000000000..16e2ccd8d --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/entries @@ -0,0 +1,232 @@ +10 + +dir +357 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/SamlEngine/src/test/resources/data/eu/stork/STORKSAMLEngine +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +AttrQueryResponse.xml +file + + + + +2013-12-20T12:27:57.242475Z +8f576c406bd8b2756899bbe1738e56d6 +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +6092 + +AuthnRequestTagDelete.xml +file + + + + +2013-12-20T12:27:57.242475Z +13df3f7c9b0fb6e10ac782c43b8f3cdb +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2611 + +AttrQueryRequestTagDelete.xml +file + + + + +2013-12-20T12:27:57.242475Z +cd245752b96826be0c3b72e3428c6aac +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +4045 + +AuthnRequest.xml +file + + + + +2013-12-20T12:27:57.242475Z +e993b1b24f5abbfa974485b0cbbc0211 +2013-07-25T08:47:40.940990Z +6 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +3898 + +AttrQueryRequest.xml +file + + + + +2013-12-20T12:27:57.242475Z +d78d68c7f18dc10e7cd7343954388987 +2013-12-16T15:04:09.136643Z +316 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +4253 + +AuthnRequestTagDeleteEncoded.xml +file + + + + +2013-12-20T12:27:57.242475Z +c5122af357fd2a8339239853479b4aed +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +2612 + diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryRequest.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryRequest.xml.svn-base new file mode 100644 index 000000000..852727dc5 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryRequest.xml.svn-base @@ -0,0 +1,11 @@ +http://S-PEPS.gov.xxyV0IRPZSAh6PRmjZ1vaPVU6z/zg=bVgqD3CtVQ3eRE/2Xx8Wr5UMkxNk2GBjo70H+PvMCSlIymZjyje79Xi7sJg/eEj0fAGb0go+gfQGQVRYweanFFwqTcinz8XoF2slPosg/8BBq+1vWDDxtbdvg4jOzgvIlAWkDrwHwMOeg0mWCma5ev2nJx8qF8MX5cEfbSkczXI=MIICVDCCAb0CBFKeBcgwDQYJKoZIhvcNAQEFBQAwcTELMAkGA1UEBhMCSVMxEjAQBgNVBAgMCVJl +eWtqYXZpazESMBAGA1UEBwwJUmV5a2phdmlrMRAwDgYDVQQKDAdBZHZhbmlhMQ8wDQYDVQQLDAZT +VE9SSzIxFzAVBgNVBAMMDnNhbWwtZGVtby1jZXJ0MB4XDTEzMTIwMzE2MjQ0MFoXDTIzMTIwMTE2 +MjQ0MFowcTELMAkGA1UEBhMCSVMxEjAQBgNVBAgMCVJleWtqYXZpazESMBAGA1UEBwwJUmV5a2ph +dmlrMRAwDgYDVQQKDAdBZHZhbmlhMQ8wDQYDVQQLDAZTVE9SSzIxFzAVBgNVBAMMDnNhbWwtZGVt +by1jZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUhM/yeonkcmLA82MJeRM36WOelr55 +2SE0xBSt+n6CFmem5qRRAleP7n8vzXwCsnvs3HZtiEYBhl+k1ktp5MkZAh4zKPzChKW3JZBm37mj +9/1QBKINCMCsIR8ppUEU8EyYxOVx83sggv110BNB0CkSp7YRE45QSL6/gSg/iSlHmQIDAQABMA0G +CSqGSIb3DQEBBQUAA4GBAGYjXnRO7YsEp7g40Nldg+kGBCgMHOoDUTcbCrory1XL2E8eHHQgNfQl +XQ+a9QPTBRAeDZ83mPkXv6OEDNmReKIZVWd4vcjcKaZxraQU8MgifyO3wz25uAHAR+hvBHn6whsK +W9BoMNzFTV0xrsZVW8CNRHsiR6Yh6fwkGO2brhrr3falsefalsefalse1618SveinbjornES/IS/1234567890 \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryRequestTagDelete.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryRequestTagDelete.xml.svn-base new file mode 100644 index 000000000..9f9fe5156 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryRequestTagDelete.xml.svn-base @@ -0,0 +1,15 @@ +http://S-PEPS.gov.xxhhQXDKNrJJ3Yy/pkZNZF4GlWrA/Xsx4CH9chgVa5HK4qZQvFXvZwegdw6U7rm7qv0zmI4xaLTv/bpmqJzEPfY3sIvrDRu9EouEKwtjbMbcvVQsx7I+j0yy7/cBcQJe3lRwQwyvazfYVbnSeGFxBN6WOHPqv6uInaQO/hXkicT3tBtm8o3UgUDY6c8wIMuD5A0hWTkL6z6f893AbdN85OQYAdHItNsQWeLOIeiGC918X7qqTfhFtBAB2oGVjlsSEqWox1jNqrPl1jjA0dP76m5SIVSqF8XcDR306ZB9GLJywOHKba0lxGLsXOAzJ+8u9jeixJ6VZKFqZg2Fhl/saKbg==MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw +YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v +LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG +A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv +Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab +ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU +0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n +6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5 +y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z +9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F +6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM +pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT +/NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq +yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7 +Ppm8IFVTk8mYfX8/jw==3falsefalsefalse1618SveinbjörnES/IS/1234567890 \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryResponse.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryResponse.xml.svn-base new file mode 100644 index 000000000..b7e578c2d --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AttrQueryResponse.xml.svn-base @@ -0,0 +1,10 @@ +http://C-PEPS.gov.xx1/Vy066o+9GL0ah5FsUU9ddh4/Q=aLnFnTtAOWeBnCMazs8yYEwwQtRBmOl9idpOY8gFHdC6zdvozEEN5O2iYnuozbIJ6fSle+GCPFW2g/XlDAni1TvqX5ed65oDRYxGaF9atW9ZiZJGZSVkGEP6hWOMDYl0on3jTsdmBY54ss4H4zYqb1OwgldQhSeOI70Uh53ut+M=MIICGDCCAYECBFKeBP8wDQYJKoZIhvcNAQEFBQAwUzELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw +YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRMwEQYDVQQDDApsb2NhbC1kZW1v +MB4XDTEzMTIwMzE2MjExOVoXDTIzMTIwMTE2MjExOVowUzELMAkGA1UEBhMCRVMxDjAMBgNVBAgM +BVNwYWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRMwEQYDVQQDDApsb2NhbC1k +ZW1vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuiK9M7zf3YgS0lsowvMm72QN+9Gx9UDja +Ykip2ZLpaV7d5J4FjLlXsJBEL8V3IwJrFrbpbe8yZCNx9Y5p7fUYBopv9Wa2Y54FNUPQ6FjPOw7/ +525KdwY2Addrk74bITfs6U03q+TWQmzGVObFOeKR36dHXZTPDZpqJ3uxqODUXQIDAQABMA0GCSqG +SIb3DQEBBQUAA4GBAEjNnqCaWVDBsN3trKmaNuB6chqXa6UvBMJiDDlXScnRsT8vKydynu+IJKtr +y9tWuegMoEnsezvv5hBoGRYGFuKJ9vDdVXfwcUI/Gd0ec55QGqg9veN9aZEIeWfU7lJnhdgMdRVG +1CMYDZxNo4Kpytc5gSKwZExmuwiQrw34ras1urn:oasis:names:tc:SAML:2.0:status:Successhttp://C-PEPS.gov.xxurn:oasis:names:tc:SAML:1.1:nameid-format:unspecifiedhttp://S-PEPS.gov.xx16/12/2008105IS10GudrunartunReykjavikvalue3value4value1value21618123456789IS \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequest.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequest.xml.svn-base new file mode 100644 index 000000000..c822702df --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequest.xml.svn-base @@ -0,0 +1,26 @@ +http://S-PEPS.gov.xx + + + + + + + + + +yzsqaxBNicOrixBUno5cL0CBOpE= + + + +Xycll1PF7hh3Xdykpr6nIr8Q6PQ6OxLIBBBugoGpAm/V4Hu7tKakHJp8TgtRWZ30jG5eolOXnJkC +wiaTVUFaQz7cNn27syRJkdA+eYlz9doiwUJ5eD1cAyddZYsNPpSeAj5UK45oN0qCH+/pI9mRw8Oi +YIN/BUEtXkoYTjPtkmA= + +MIIBmDCCAQECBEuWisIwDQYJKoZIhvcNAQEFBQAwEzERMA8GA1UEAxMIY291bnRyeTEwHhcNMTAw +MzA5MTc1MjAyWhcNMTAwNjA3MTc1MjAyWjATMREwDwYDVQQDEwhjb3VudHJ5MTCBnzANBgkqhkiG +9w0BAQEFAAOBjQAwgYkCgYEAnb2gcchwxvJBclcsfCBWJnYefLJYQnDGCQ3RUtYZc26JznnLXclu +h1XfLJlWgYk/pFKz7B9KfJztal47c6mBfisnxjhdcLqcbXOuRIm7E8TZPzdbHEd60WHPDv20jr+r +/WkOQs12tKQMbgDX2wtBBcJODLYCDiYa1oQsnyhdOGkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBk +3luVRc0EqEE1zZeYvRPi5a2yOZfI9H+/rXI1qNLwmICnuJX++ukUbqJHm/FV1iSPM9O9oqzifJ/K +eKL5EcUugJ76Tu5XO8za2FoJvYr+jIZDsEkCg+OSzcp/eljiWAIh2enZcQ/ON6QxWXeSNJPH0xOq +KAoZgbUK0Zld3Dsheg==3EDU001OXF001APP001ENtruetruetrue1618 \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequestTagDelete.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequestTagDelete.xml.svn-base new file mode 100644 index 000000000..2a54c7d59 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequestTagDelete.xml.svn-base @@ -0,0 +1,14 @@ +http://S-PEPS.gov.xx + +S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR +Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC +Xt8p8tK3EoMocZse2hw= + +MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw +OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl +lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK +ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl +r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w +kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS +3cyl/wz83falsefalsefalse \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequestTagDeleteEncoded.xml.svn-base b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequestTagDeleteEncoded.xml.svn-base new file mode 100644 index 000000000..3239cf6e7 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/.svn/text-base/AuthnRequestTagDeleteEncoded.xml.svn-base @@ -0,0 +1,14 @@ +http://S-PEPS.gov.xx + +S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR +Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC +Xt8p8tK3EoMocZse2hw= + +MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw +OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl +lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK +ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl +r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w +kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS +3cyl/wz83falsefalsefalse \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml new file mode 100644 index 000000000..852727dc5 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml @@ -0,0 +1,11 @@ +http://S-PEPS.gov.xxyV0IRPZSAh6PRmjZ1vaPVU6z/zg=bVgqD3CtVQ3eRE/2Xx8Wr5UMkxNk2GBjo70H+PvMCSlIymZjyje79Xi7sJg/eEj0fAGb0go+gfQGQVRYweanFFwqTcinz8XoF2slPosg/8BBq+1vWDDxtbdvg4jOzgvIlAWkDrwHwMOeg0mWCma5ev2nJx8qF8MX5cEfbSkczXI=MIICVDCCAb0CBFKeBcgwDQYJKoZIhvcNAQEFBQAwcTELMAkGA1UEBhMCSVMxEjAQBgNVBAgMCVJl +eWtqYXZpazESMBAGA1UEBwwJUmV5a2phdmlrMRAwDgYDVQQKDAdBZHZhbmlhMQ8wDQYDVQQLDAZT +VE9SSzIxFzAVBgNVBAMMDnNhbWwtZGVtby1jZXJ0MB4XDTEzMTIwMzE2MjQ0MFoXDTIzMTIwMTE2 +MjQ0MFowcTELMAkGA1UEBhMCSVMxEjAQBgNVBAgMCVJleWtqYXZpazESMBAGA1UEBwwJUmV5a2ph +dmlrMRAwDgYDVQQKDAdBZHZhbmlhMQ8wDQYDVQQLDAZTVE9SSzIxFzAVBgNVBAMMDnNhbWwtZGVt +by1jZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUhM/yeonkcmLA82MJeRM36WOelr55 +2SE0xBSt+n6CFmem5qRRAleP7n8vzXwCsnvs3HZtiEYBhl+k1ktp5MkZAh4zKPzChKW3JZBm37mj +9/1QBKINCMCsIR8ppUEU8EyYxOVx83sggv110BNB0CkSp7YRE45QSL6/gSg/iSlHmQIDAQABMA0G +CSqGSIb3DQEBBQUAA4GBAGYjXnRO7YsEp7g40Nldg+kGBCgMHOoDUTcbCrory1XL2E8eHHQgNfQl +XQ+a9QPTBRAeDZ83mPkXv6OEDNmReKIZVWd4vcjcKaZxraQU8MgifyO3wz25uAHAR+hvBHn6whsK +W9BoMNzFTV0xrsZVW8CNRHsiR6Yh6fwkGO2brhrr3falsefalsefalse1618SveinbjornES/IS/1234567890 \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml new file mode 100644 index 000000000..9f9fe5156 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml @@ -0,0 +1,15 @@ +http://S-PEPS.gov.xxhhQXDKNrJJ3Yy/pkZNZF4GlWrA/Xsx4CH9chgVa5HK4qZQvFXvZwegdw6U7rm7qv0zmI4xaLTv/bpmqJzEPfY3sIvrDRu9EouEKwtjbMbcvVQsx7I+j0yy7/cBcQJe3lRwQwyvazfYVbnSeGFxBN6WOHPqv6uInaQO/hXkicT3tBtm8o3UgUDY6c8wIMuD5A0hWTkL6z6f893AbdN85OQYAdHItNsQWeLOIeiGC918X7qqTfhFtBAB2oGVjlsSEqWox1jNqrPl1jjA0dP76m5SIVSqF8XcDR306ZB9GLJywOHKba0lxGLsXOAzJ+8u9jeixJ6VZKFqZg2Fhl/saKbg==MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw +YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v +LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG +A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv +Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab +ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU +0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n +6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5 +y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z +9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F +6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM +pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT +/NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq +yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7 +Ppm8IFVTk8mYfX8/jw==3falsefalsefalse1618SveinbjörnES/IS/1234567890 \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml new file mode 100644 index 000000000..b7e578c2d --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml @@ -0,0 +1,10 @@ +http://C-PEPS.gov.xx1/Vy066o+9GL0ah5FsUU9ddh4/Q=aLnFnTtAOWeBnCMazs8yYEwwQtRBmOl9idpOY8gFHdC6zdvozEEN5O2iYnuozbIJ6fSle+GCPFW2g/XlDAni1TvqX5ed65oDRYxGaF9atW9ZiZJGZSVkGEP6hWOMDYl0on3jTsdmBY54ss4H4zYqb1OwgldQhSeOI70Uh53ut+M=MIICGDCCAYECBFKeBP8wDQYJKoZIhvcNAQEFBQAwUzELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw +YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRMwEQYDVQQDDApsb2NhbC1kZW1v +MB4XDTEzMTIwMzE2MjExOVoXDTIzMTIwMTE2MjExOVowUzELMAkGA1UEBhMCRVMxDjAMBgNVBAgM +BVNwYWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRMwEQYDVQQDDApsb2NhbC1k +ZW1vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuiK9M7zf3YgS0lsowvMm72QN+9Gx9UDja +Ykip2ZLpaV7d5J4FjLlXsJBEL8V3IwJrFrbpbe8yZCNx9Y5p7fUYBopv9Wa2Y54FNUPQ6FjPOw7/ +525KdwY2Addrk74bITfs6U03q+TWQmzGVObFOeKR36dHXZTPDZpqJ3uxqODUXQIDAQABMA0GCSqG +SIb3DQEBBQUAA4GBAEjNnqCaWVDBsN3trKmaNuB6chqXa6UvBMJiDDlXScnRsT8vKydynu+IJKtr +y9tWuegMoEnsezvv5hBoGRYGFuKJ9vDdVXfwcUI/Gd0ec55QGqg9veN9aZEIeWfU7lJnhdgMdRVG +1CMYDZxNo4Kpytc5gSKwZExmuwiQrw34ras1urn:oasis:names:tc:SAML:2.0:status:Successhttp://C-PEPS.gov.xxurn:oasis:names:tc:SAML:1.1:nameid-format:unspecifiedhttp://S-PEPS.gov.xx16/12/2008105IS10GudrunartunReykjavikvalue3value4value1value21618123456789IS \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml new file mode 100644 index 000000000..c822702df --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml @@ -0,0 +1,26 @@ +http://S-PEPS.gov.xx + + + + + + + + + +yzsqaxBNicOrixBUno5cL0CBOpE= + + + +Xycll1PF7hh3Xdykpr6nIr8Q6PQ6OxLIBBBugoGpAm/V4Hu7tKakHJp8TgtRWZ30jG5eolOXnJkC +wiaTVUFaQz7cNn27syRJkdA+eYlz9doiwUJ5eD1cAyddZYsNPpSeAj5UK45oN0qCH+/pI9mRw8Oi +YIN/BUEtXkoYTjPtkmA= + +MIIBmDCCAQECBEuWisIwDQYJKoZIhvcNAQEFBQAwEzERMA8GA1UEAxMIY291bnRyeTEwHhcNMTAw +MzA5MTc1MjAyWhcNMTAwNjA3MTc1MjAyWjATMREwDwYDVQQDEwhjb3VudHJ5MTCBnzANBgkqhkiG +9w0BAQEFAAOBjQAwgYkCgYEAnb2gcchwxvJBclcsfCBWJnYefLJYQnDGCQ3RUtYZc26JznnLXclu +h1XfLJlWgYk/pFKz7B9KfJztal47c6mBfisnxjhdcLqcbXOuRIm7E8TZPzdbHEd60WHPDv20jr+r +/WkOQs12tKQMbgDX2wtBBcJODLYCDiYa1oQsnyhdOGkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBk +3luVRc0EqEE1zZeYvRPi5a2yOZfI9H+/rXI1qNLwmICnuJX++ukUbqJHm/FV1iSPM9O9oqzifJ/K +eKL5EcUugJ76Tu5XO8za2FoJvYr+jIZDsEkCg+OSzcp/eljiWAIh2enZcQ/ON6QxWXeSNJPH0xOq +KAoZgbUK0Zld3Dsheg==3EDU001OXF001APP001ENtruetruetrue1618 \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml new file mode 100644 index 000000000..2a54c7d59 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml @@ -0,0 +1,14 @@ +http://S-PEPS.gov.xx + +S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR +Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC +Xt8p8tK3EoMocZse2hw= + +MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw +OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl +lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK +ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl +r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w +kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS +3cyl/wz83falsefalsefalse \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml new file mode 100644 index 000000000..3239cf6e7 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml @@ -0,0 +1,14 @@ +http://S-PEPS.gov.xx + +S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR +Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC +Xt8p8tK3EoMocZse2hw= + +MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw +OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl +lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK +ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl +r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w +kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS +3cyl/wz83falsefalsefalse \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks new file mode 100644 index 000000000..289e952fe Binary files /dev/null and b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry0.jks differ diff --git a/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry1.jks b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry1.jks new file mode 100644 index 000000000..5399bf689 Binary files /dev/null and b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry1.jks differ diff --git a/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry2.jks b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry2.jks new file mode 100644 index 000000000..5399bf689 Binary files /dev/null and b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry2.jks differ diff --git a/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry3.jks b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry3.jks new file mode 100644 index 000000000..5399bf689 Binary files /dev/null and b/id/server/stork2-saml-engine/src/test/resources/keyStoreCountry3.jks differ diff --git a/id/server/stork2-saml-engine/src/test/resources/logback-test.xml b/id/server/stork2-saml-engine/src/test/resources/logback-test.xml new file mode 100644 index 000000000..ff900e124 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/logback-test.xml @@ -0,0 +1,23 @@ + + + + + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n + + + + + + + + + + + + + + \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg b/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg new file mode 100644 index 000000000..b712219c1 --- /dev/null +++ b/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg @@ -0,0 +1,24 @@ +//ATTRIBUTE VALUE +//name name suffix of this provider instance +//library pathname of PKCS#11 implementation +//slotListIndex slot index + +//PREFIX DESCRIPTION +//CKO_ Object class +//CKA_ Attribute +//CKK_ Key type + +//attributes(operation, keytype, keyalgorithm) = { +// name1 = value1 +// [...] +//} + +name=nameProvider +library=library.dll +slotListIndex=0 +attributes(*,CKO_PUBLIC_KEY,CKK_RSA)={ + CKA_VERIFY=true +} +attributes(*,CKO_PRIVATE_KEY,CKK_RSA)={ + CKA_SIGN=true +} \ No newline at end of file diff --git a/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks b/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks new file mode 100644 index 000000000..efaeac86c Binary files /dev/null and b/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks differ -- cgit v1.2.3