From f170d047fd3955a0b9d219dfb8e527452f2ebe44 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 10 Apr 2014 16:54:16 +0200 Subject: stork docs --- .../stork/VIDP Installation Manual_STORK2_v0.1.docx | Bin 0 -> 359785 bytes .../stork/VIDP Installation Manual_STORK2_v0.1.pdf | Bin 0 -> 1182681 bytes 2 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 id/server/doc/stork/VIDP Installation Manual_STORK2_v0.1.docx create mode 100644 id/server/doc/stork/VIDP Installation Manual_STORK2_v0.1.pdf (limited to 'id/server') diff --git a/id/server/doc/stork/VIDP Installation Manual_STORK2_v0.1.docx b/id/server/doc/stork/VIDP Installation Manual_STORK2_v0.1.docx new file mode 100644 index 000000000..8cc7e2c0b Binary files /dev/null and b/id/server/doc/stork/VIDP Installation Manual_STORK2_v0.1.docx differ diff --git a/id/server/doc/stork/VIDP Installation Manual_STORK2_v0.1.pdf b/id/server/doc/stork/VIDP Installation Manual_STORK2_v0.1.pdf new file mode 100644 index 000000000..f213698a7 Binary files /dev/null and b/id/server/doc/stork/VIDP Installation Manual_STORK2_v0.1.pdf differ -- cgit v1.2.3 From de809dbe57372fd0026765034a490287bf1b57eb Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 16 Apr 2014 18:42:16 +0200 Subject: extending the peps communication and response --- .../data/deploy/conf/moa-id/stork/SamlEngine.xml | 2 +- .../id/protocols/stork2/AttributeCollector.java | 1 + .../id/protocols/stork2/AuthenticationRequest.java | 261 ++++++++++++++++++++- .../moa/id/protocols/stork2/MOASTORKRequest.java | 3 +- .../moa/id/protocols/stork2/MOASTORKResponse.java | 212 ++++++++++++++--- .../stork2/MandateAttributeRequestProvider.java | 2 +- .../protocols/stork2/MandateRetrievalRequest.java | 2 +- .../moa/id/protocols/stork2/STORKProtocol.java | 42 +++- 8 files changed, 477 insertions(+), 48 deletions(-) (limited to 'id/server') diff --git a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml index 166a48ff8..eca38ec8c 100644 --- a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml +++ b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml @@ -61,7 +61,7 @@ - + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 1d9e31674..8f0d259b4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -159,6 +159,7 @@ public class AttributeCollector implements IAction { new ConsentEvaluator().generateSTORKResponse(response, container); return "12345"; // AssertionId + // TODO } catch (ExternalAttributeRequestRequiredException e) { // the attribute request is ongoing and requires an external service. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 5e49fe413..efa77577e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -3,23 +3,30 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.*; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; -import org.joda.time.DateTime; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import org.w3c.dom.Element; import org.w3c.dom.NamedNodeMap; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.io.StringWriter; +import java.security.NoSuchAlgorithmException; /** @@ -41,23 +48,23 @@ public class AuthenticationRequest implements IAction { this.moaSession = moasession; - if (req instanceof MOASTORKRequest) { + if ((req instanceof MOASTORKRequest) && !((MOASTORKRequest) req).getStorkAuthnRequest().getCitizenCountryCode().equals("SI")) { this.moaStorkRequest = (MOASTORKRequest) req; Logger.debug("Entering MOASTORKRequest"); httpResp.reset(); - + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); if (oaParam == null) throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); MOASTORKResponse moaStorkResponse = new MOASTORKResponse(); - + // check if it is attribute query if (moaStorkRequest.isAttrRequest()) { Logger.debug("Starting AttrQueryRequest"); - + moaStorkResponse.setSTORKAttrResponse(new STORKAttrQueryResponse()); } // check if we have authentication request @@ -70,7 +77,7 @@ public class AuthenticationRequest implements IAction { Logger.debug("Starting generation of SAML response"); try { - moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(),httpReq.getRemoteAddr(), false)); + moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(), httpReq.getRemoteAddr(), false)); } catch (STORKSAMLEngineException ex) { // TODO } @@ -80,7 +87,7 @@ public class AuthenticationRequest implements IAction { } - + //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); // Prepare extended attributes @@ -107,20 +114,256 @@ public class AuthenticationRequest implements IAction { arep.setSamlId("xxxx"); arep.setStatusCode("xxxx"); - // arep.setNotBefore(new DateTime().withTimeAtStartOfDay()); - // arep.setNotOnOrAfter(new DateTime().withTimeAtStartOfDay()); + // arep.setNotBefore(new DateTime().withTimeAtStartOfDay()); + // arep.setNotOnOrAfter(new DateTime().withTimeAtStartOfDay()); Logger.debug("Data container prepared"); return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + } // check if we are getting request for citizen of some other country + else if ((req instanceof MOASTORKRequest) && ((MOASTORKRequest) req).getStorkAuthnRequest().getCitizenCountryCode().equals("SI")) { + + // - generate new key + String artifactId = null; + try { + artifactId = new SecureRandomIdentifierGenerator().generateIdentifier(); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } + + STORKAuthnRequest spAuthnRequest = ((MOASTORKRequest) req).getStorkAuthnRequest(); + STORKAuthnRequest storkAuthnRequest = new STORKAuthnRequest(); + + try { + storkAuthnRequest = (STORKAuthnRequest) spAuthnRequest.clone(); + } catch (CloneNotSupportedException e) { + e.printStackTrace(); + } + + storkAuthnRequest.setIssuer("VIDP"); + storkAuthnRequest.setAssertionConsumerServiceURL("https://vm-stork2-vidp:8443/moa-id-auth/stork2/SendPEPSAuthnRequest"); + storkAuthnRequest.setSamlId(artifactId); + + String publicURLPrefix = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + if (publicURLPrefix == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + + + DataContainer originalRequest = new DataContainer(); + originalRequest.setRequest((MOASTORKRequest) req); + + + // preparing redirection for the client + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); + + //STORKAuthnRequest storkAuthnRequest = new STORKAuthnRequest(); + + try { + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + Logger.debug("Starting generation of SAML request"); + storkAuthnRequest = engine.generateSTORKAuthnRequest(storkAuthnRequest); + + //generateSAML Token + Logger.info("SAML response succesfully generated!"); + } catch (STORKSAMLEngineException e) { + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } + + + // store original request from sp in order to be able to extract it in later iteration/response + try { + AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), originalRequest); + Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request"); + } catch (MOADatabaseException e) { + e.printStackTrace(); + } + + byte[] blob; + blob = storkAuthnRequest.getTokenSaml(); + + context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(blob)); + Logger.debug("SAMLRequest original: " + new String(blob)); + + Logger.debug("Putting url as action: " + "https://peps-test.mju.gov.si/PEPS/ColleagueRequest"); + context.put("action", "https://peps-test.mju.gov.si/PEPS/ColleagueRequest"); + Logger.debug("Starting template merge"); + StringWriter writer = new StringWriter(); + + Logger.debug("Doing template merge"); + template.merge(context, writer); + Logger.debug("Template merge done"); + + Logger.debug("Sending html content: " + writer.getBuffer().toString()); + Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); + + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + } + return "xxxx";// TODO + + } // check if we got the response from peps, if so then process it and forward to sp + else if ((req instanceof MOASTORKResponse)) { + + MOASTORKResponse moastorkResponse = (MOASTORKResponse) req; + + + STORKAuthnResponse authnResponse = null; + // check if valid authn request is contained + + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + + try { + authnResponse = engine.validateSTORKAuthnResponse(moastorkResponse.getSTORKAuthnResponseToken(), httpReq.getRemoteAddr()); + } catch (STORKSAMLEngineException ex) { + Logger.error("Unable to validate Stork AuthenticationResponse: " + ex.getMessage()); + } + + Logger.info("Requesting artifactId " + authnResponse.getInResponseTo() + " from store."); + + DataContainer dataContainer = null; + + try { + dataContainer = AssertionStorage.getInstance().get(authnResponse.getInResponseTo(), DataContainer.class); + } catch (MOADatabaseException e) { + e.printStackTrace(); + } + + authnResponse.setInResponseTo(dataContainer.getRequest().getStorkAuthnRequest().getSamlId()); + authnResponse.setAudienceRestriction(dataContainer.getRequest().getAssertionConsumerServiceURL()); + + + try { + //Get SAMLEngine instance + STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("VIDP"); + Logger.debug("Starting generation of SAML response"); + + authnResponse = engine2.generateSTORKAuthnResponse(dataContainer.getRequest().getStorkAuthnRequest(), authnResponse, httpReq.getRemoteAddr(), false); + + //generateSAML Token + Logger.info("SAML response succesfully generated!"); + } catch (STORKSAMLEngineException e) { + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } + + // preparing redirection for the client + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); + + byte[] blob; + blob = authnResponse.getTokenSaml(); + + context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); + Logger.debug("SAMLResponse original: " + new String(blob)); + + Logger.debug("Putting assertion consumer url as action: " + dataContainer.getRequest().getAssertionConsumerServiceURL()); + context.put("action", dataContainer.getRequest().getAssertionConsumerServiceURL()); + + Logger.debug("Starting template merge"); + StringWriter writer = new StringWriter(); + + Logger.debug("Doing template merge"); + template.merge(context, writer); + Logger.debug("Template merge done"); + + Logger.debug("Sending html content: " + writer.getBuffer().toString()); + Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); + + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + } + + + return "yyyyy"; // TODO } else { Logger.error("Could not recognize request."); throw new MOAIDException("stork.15", null); } } + + public void generatePEPSRedirect(HttpServletResponse httpResp, DataContainer container) throws MOAIDException { + MOASTORKRequest request = container.getRequest(); + MOASTORKResponse response = container.getResponse(); + + Logger.info("generating stork response..."); + + try { + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + Logger.debug("Starting generation of SAML response"); + if (response.isAuthnResponse()) + response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false)); + else + response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false)); + + + //generateSAML Token + Logger.info("SAML response succesfully generated!"); + } catch (STORKSAMLEngineException e) { + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } + + // preparing redirection for the client + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); + + byte[] blob; + if (request.isAttrRequest()) + blob = response.getStorkAttrQueryResponse().getTokenSaml(); + else + blob = response.getStorkAuthnResponse().getTokenSaml(); + + context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); + Logger.debug("SAMLResponse original: " + new String(blob)); + + Logger.debug("Putting assertion consumer url as action: " + request.getAssertionConsumerServiceURL()); + context.put("action", request.getAssertionConsumerServiceURL()); + Logger.debug("Starting template merge"); + StringWriter writer = new StringWriter(); + + Logger.debug("Doing template merge"); + template.merge(context, writer); + Logger.debug("Template merge done"); + + Logger.debug("Sending html content: " + writer.getBuffer().toString()); + Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); + + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + + } catch (Exception e) { + Logger.error("Velocity error: " + e.getMessage()); + } + } + + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + + if (req instanceof MOASTORKRequest) { + if (((MOASTORKRequest) req).getStorkAuthnRequest().getCitizenCountryCode().equals("SI")) { + return false; + + } + } else if (req instanceof MOASTORKResponse) { + return false; + } + return true; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index 9ea33c8ef..a5a91fa55 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -7,6 +7,7 @@ import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; /** * Implements MOA request and stores StorkAuthn/Attr-Request related data. @@ -36,6 +37,7 @@ public class MOASTORKRequest implements IRequest, Serializable { /** The stork attr query request. */ private STORKAttrQueryRequest storkAttrQueryRequest; + /** * Sets the sTORK authn request. * @@ -72,7 +74,6 @@ public class MOASTORKRequest implements IRequest, Serializable { return null != storkAuthnRequest; } - /** * Gets the stork authn request. * diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java index 4e0f57779..7d9e20cd0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java @@ -1,28 +1,124 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import java.io.Serializable; - +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttributeList; import eu.stork.peps.auth.commons.STORKAttrQueryResponse; import eu.stork.peps.auth.commons.STORKAuthnResponse; +import java.io.Serializable; + /** * Implements MOA request and stores StorkAuthn/Attr-Request related data. * * @author bsuzic */ -public class MOASTORKResponse implements Serializable { - - /** The Constant serialVersionUID. */ - private static final long serialVersionUID = -5798803155055518747L; - - /** The stork authn request. */ - private STORKAuthnResponse storkAuthnResponse; - - /** The stork attr query request. */ +public class MOASTORKResponse implements IRequest, Serializable { + + /** + * The Constant serialVersionUID. + */ + private static final long serialVersionUID = -5798803155055518747L; + + /** + * The stork authn request. + */ + private STORKAuthnResponse storkAuthnResponse; + + /** + * The stork attr query request. + */ private STORKAttrQueryResponse storkAttrQueryResponse; - + + /** + * The action. + */ + String action = null; + + /** + * The token + */ + private byte[] storkAuthnResponseToken = null; + + /** + * The request id. + */ + private String requestID; + + + /** + * The module. + */ + String module = null; + + /** + * The target. + */ + private String target = null; + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedModule() + */ + public String requestedModule() { + return this.module; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#requestedAction() + */ + public String requestedAction() { + return action; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getRequestID() + */ + public String getRequestID() { + return this.requestID; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getTarget() + */ + public String getTarget() { + return this.target; + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#isSSOSupported() + */ + public boolean isSSOSupported() { + return false; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#forceAuth() + */ + public boolean forceAuth() { + return false; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#setModule(java.lang.String) + */ + public void setModule(String module) { + this.module = module; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#setRequestID(java.lang.String) + */ + public void setRequestID(String id) { + this.requestID = id; + } + /** * Sets the sTORK authn response. * @@ -32,6 +128,23 @@ public class MOASTORKResponse implements Serializable { this.storkAuthnResponse = request; } + /** + * Sets the sTORK authn response token + * + * @param request the new sTORK authn response token + */ + public void setSTORKAuthnResponseToken(byte[] token) { + this.storkAuthnResponseToken = token; + } + + /** + * Gets the sTORK authn response token . + * + * @param request the new sTORK authn response + */ + public byte[] getSTORKAuthnResponseToken() { + return this.storkAuthnResponseToken; + } /** * Sets the sTORK attr response. * @@ -77,17 +190,17 @@ public class MOASTORKResponse implements Serializable { public STORKAttrQueryResponse getStorkAttrQueryResponse() { return this.storkAttrQueryResponse; } - + /** * Gets the personal attribute list. * * @return the personal attribute list */ public IPersonalAttributeList getPersonalAttributeList() { - if(isAttrResponse()) - return this.storkAttrQueryResponse.getPersonalAttributeList(); - else - return this.storkAuthnResponse.getPersonalAttributeList(); + if (isAttrResponse()) + return this.storkAttrQueryResponse.getPersonalAttributeList(); + else + return this.storkAuthnResponse.getPersonalAttributeList(); } /** @@ -96,22 +209,53 @@ public class MOASTORKResponse implements Serializable { * @param populateAttributes the new personal attribute list */ public void setPersonalAttributeList(PersonalAttributeList populateAttributes) { - if(isAttrResponse()) - this.storkAttrQueryResponse.setPersonalAttributeList(populateAttributes); - else - this.storkAuthnResponse.setPersonalAttributeList(populateAttributes); - } - - /** - * Sets the country. - * - * @param spCountry the new country - */ - public void setCountry(String spCountry) { - if(isAttrResponse()) - this.storkAttrQueryResponse.setCountry(spCountry); - else - this.storkAuthnResponse.setCountry(spCountry); - } + if (isAttrResponse()) + this.storkAttrQueryResponse.setPersonalAttributeList(populateAttributes); + else + this.storkAuthnResponse.setPersonalAttributeList(populateAttributes); + } + + /** + * Sets the country. + * + * @param spCountry the new country + */ + public void setCountry(String spCountry) { + if (isAttrResponse()) + this.storkAttrQueryResponse.setCountry(spCountry); + else + this.storkAuthnResponse.setCountry(spCountry); + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#getOAURL() + */ + public String getOAURL() { + if (isAuthnResponse()) + return storkAuthnResponse.getAudienceRestriction(); + else if (isAttrResponse()) + return storkAttrQueryResponse.getAudienceRestriction(); + else { + Logger.error("There is no authentication or attribute request contained in MOASTORKRequest."); + return null; + } + } + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#isPassiv() + */ + public boolean isPassiv() { + return false; + } + + + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.moduls.IRequest#setAction(java.lang.String) + */ + public void setAction(String action) { + this.action = action; + } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java index 0e94600db..5d13ccb45 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java @@ -68,7 +68,7 @@ public class MandateAttributeRequestProvider implements AttributeProvider { String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); String spApplication = spInstitution; - //generate AuthnRquest + //generate AttrQueryRequest STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest(); attributeRequest.setDestination(destination); attributeRequest.setAssertionConsumerServiceURL(url); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index 3bd1686b4..077867fe0 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -14,7 +14,7 @@ import javax.servlet.http.HttpServletResponse; */ public class MandateRetrievalRequest implements IAction { public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { - Logger.info("Entering mandateretrievalrequest"); + Logger.error("Entering mandateretrievalrequest"); return null; // } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 00f919c82..689aed8aa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -64,10 +64,46 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.debug("Initiating action: " + action); MOASTORKRequest STORK2Request = new MOASTORKRequest(); + MOASTORKResponse STORK2Response = new MOASTORKResponse(); - if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluator.class.getSimpleName().equals(action)) + + if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluator.class.getSimpleName().equals(action)) return STORK2Request; + + if (request.getParameter("SAMLResponse") != null) { + //extract STORK Response from HTTP Request + byte[] decSamlToken; + try { + decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLResponse")); + } catch (NullPointerException e) { + if (request.getRemoteHost().contains("129.27.142")) { + Logger.warn("Availability check by " + request.getRemoteHost() + " on URI: " + request.getRequestURI()); + } else { + Logger.error("Unable to retrieve STORK Request for host: " + request.getRemoteHost() + " and URI: " + request.getRequestURI(), e); + } + throw new MOAIDException("stork.04", null); + } + + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + + STORKAuthnResponse authnResponse = null; + + + // check if valid authn request is contained + try { + authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, request.getRemoteAddr()); + } catch (STORKSAMLEngineException ex) { + Logger.error("Unable to validate Stork AuthenticationResponse: " + ex.getMessage()); + } + + STORK2Response.setSTORKAuthnResponseToken(decSamlToken); + + return STORK2Response; + + } else if (request.getParameter("SAMLRequest") != null) { + //extract STORK Response from HTTP Request byte[] decSamlToken; try { @@ -87,6 +123,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { STORKAuthnRequest authnRequest = null; STORKAttrQueryRequest attrRequest = null; + // check if valid authn request is contained try { authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); @@ -112,6 +149,9 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { STORK2Request.setSTORKAttrRequest(attrRequest); return STORK2Request; + } else { + throw new MOAIDException("stork.14", null); // TODO Specify message + } } public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) { -- cgit v1.2.3 From 864ec32bc1e902615c2af23341f55faeaa81a120 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 17 Apr 2014 14:12:59 +0200 Subject: refactoring moastorkresponse --- .../id/protocols/stork2/AuthenticationRequest.java | 191 +++++++++++---------- 1 file changed, 104 insertions(+), 87 deletions(-) (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index efa77577e..dc30e4e12 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -25,6 +25,7 @@ import org.w3c.dom.NamedNodeMap; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.io.IOException; import java.io.StringWriter; import java.security.NoSuchAlgorithmException; @@ -48,6 +49,11 @@ public class AuthenticationRequest implements IAction { this.moaSession = moasession; + Logger.info("CPEPS " + AuthConfigurationProvider.getInstance().getStorkConfig().getCPEPS("SI").getPepsURL().toString()); + + + //AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap(). + if ((req instanceof MOASTORKRequest) && !((MOASTORKRequest) req).getStorkAuthnRequest().getCitizenCountryCode().equals("SI")) { this.moaStorkRequest = (MOASTORKRequest) req; @@ -155,36 +161,37 @@ public class AuthenticationRequest implements IAction { // preparing redirection for the client + + //STORKAuthnRequest storkAuthnRequest = new STORKAuthnRequest(); + try { - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); - VelocityContext context = new VelocityContext(); + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + Logger.debug("Starting generation of SAML request"); + storkAuthnRequest = engine.generateSTORKAuthnRequest(storkAuthnRequest); - //STORKAuthnRequest storkAuthnRequest = new STORKAuthnRequest(); + //generateSAML Token + Logger.info("SAML response succesfully generated!"); + } catch (STORKSAMLEngineException e) { + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); + } - try { - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - Logger.debug("Starting generation of SAML request"); - storkAuthnRequest = engine.generateSTORKAuthnRequest(storkAuthnRequest); - - //generateSAML Token - Logger.info("SAML response succesfully generated!"); - } catch (STORKSAMLEngineException e) { - Logger.error("Failed to generate STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } + // store original request from sp in order to be able to extract it in later iteration/response + try { + AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), originalRequest); + Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request"); + } catch (MOADatabaseException e) { + e.printStackTrace(); + } - // store original request from sp in order to be able to extract it in later iteration/response - try { - AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), originalRequest); - Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request"); - } catch (MOADatabaseException e) { - e.printStackTrace(); - } + byte[] blob; + try { - byte[] blob; + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); blob = storkAuthnRequest.getTokenSaml(); context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(blob)); @@ -209,91 +216,101 @@ public class AuthenticationRequest implements IAction { } return "xxxx";// TODO - } // check if we got the response from peps, if so then process it and forward to sp - else if ((req instanceof MOASTORKResponse)) { - - MOASTORKResponse moastorkResponse = (MOASTORKResponse) req; - - - STORKAuthnResponse authnResponse = null; - // check if valid authn request is contained + } else if ((req instanceof MOASTORKResponse)) { + // Check if we got the response from PEPS + // If so then process it and forward to SP - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - - try { - authnResponse = engine.validateSTORKAuthnResponse(moastorkResponse.getSTORKAuthnResponseToken(), httpReq.getRemoteAddr()); - } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationResponse: " + ex.getMessage()); - } + return handleMOAStorkResponse("VIDP", (MOASTORKResponse) req, httpReq.getRemoteAddr(), httpResp); + } else { + Logger.error("Could not recognize request."); + throw new MOAIDException("stork.15", null); + } + } - Logger.info("Requesting artifactId " + authnResponse.getInResponseTo() + " from store."); + /* + Handles STORKAuthnResponse received from PEPS (return to SP) + */ + private String handleMOAStorkResponse(String instanceName, MOASTORKResponse moastorkResponse, String remoteAddr, HttpServletResponse httpResp) throws MOAIDException { - DataContainer dataContainer = null; + STORKAuthnResponse authnResponse = null; - try { - dataContainer = AssertionStorage.getInstance().get(authnResponse.getInResponseTo(), DataContainer.class); - } catch (MOADatabaseException e) { - e.printStackTrace(); - } + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance(instanceName); - authnResponse.setInResponseTo(dataContainer.getRequest().getStorkAuthnRequest().getSamlId()); - authnResponse.setAudienceRestriction(dataContainer.getRequest().getAssertionConsumerServiceURL()); + try { + authnResponse = engine.validateSTORKAuthnResponse(moastorkResponse.getSTORKAuthnResponseToken(), remoteAddr); + } catch (STORKSAMLEngineException ex) { + Logger.error("Unable to validate Stork AuthenticationResponse: " + ex.getMessage()); + throw new MOAIDException("stork.15", null); // TODO + } + Logger.debug("Requesting artifactId " + authnResponse.getInResponseTo() + " from store."); - try { - //Get SAMLEngine instance - STORKSAMLEngine engine2 = STORKSAMLEngine.getInstance("VIDP"); - Logger.debug("Starting generation of SAML response"); + DataContainer dataContainer = null; + try { + dataContainer = AssertionStorage.getInstance().get(authnResponse.getInResponseTo(), DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Unable to retrieve datacontainer with reference authentication request. Database exception."); + throw new MOAIDException("stork.15", null); // TODO + } - authnResponse = engine2.generateSTORKAuthnResponse(dataContainer.getRequest().getStorkAuthnRequest(), authnResponse, httpReq.getRemoteAddr(), false); + // setting new reference request and return url + authnResponse.setInResponseTo(dataContainer.getRequest().getStorkAuthnRequest().getSamlId()); + authnResponse.setAudienceRestriction(dataContainer.getRequest().getAssertionConsumerServiceURL()); - //generateSAML Token - Logger.info("SAML response succesfully generated!"); - } catch (STORKSAMLEngineException e) { - Logger.error("Failed to generate STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } + Logger.debug("Starting generation of SAML response"); + try { + authnResponse = engine.generateSTORKAuthnResponse(dataContainer.getRequest().getStorkAuthnRequest(), authnResponse, remoteAddr, false); + } catch (STORKSAMLEngineException e) { + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); // TODO check + } - // preparing redirection for the client - try { - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); - VelocityContext context = new VelocityContext(); + Logger.info("SAML response succesfully generated."); - byte[] blob; - blob = authnResponse.getTokenSaml(); + // preparing redirection for the client + performRedirection("SAMLResponse", dataContainer.getRequest().getAssertionConsumerServiceURL(), authnResponse.getTokenSaml(), httpResp); + return "yyyyy"; // TODO + } - context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); - Logger.debug("SAMLResponse original: " + new String(blob)); + /* + Perform redirection of the client based on post binding + */ + private void performRedirection(String actionType, String assertionConsumerURL, byte[] tokenSaml, HttpServletResponse httpResp) throws MOAIDException { + Logger.info("Performing redirection, using action type: " + actionType); - Logger.debug("Putting assertion consumer url as action: " + dataContainer.getRequest().getAssertionConsumerServiceURL()); - context.put("action", dataContainer.getRequest().getAssertionConsumerServiceURL()); + try { + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); + VelocityContext context = new VelocityContext(); - Logger.debug("Starting template merge"); - StringWriter writer = new StringWriter(); + context.put(actionType, PEPSUtil.encodeSAMLToken(tokenSaml)); + Logger.debug("Encoded " + actionType + " original: " + new String(tokenSaml)); - Logger.debug("Doing template merge"); - template.merge(context, writer); - Logger.debug("Template merge done"); + Logger.debug("Using assertion consumer url as action: " + assertionConsumerURL); + context.put("action", assertionConsumerURL); - Logger.debug("Sending html content: " + writer.getBuffer().toString()); - Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); + Logger.debug("Starting template merge"); + StringWriter writer = new StringWriter(); - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + Logger.debug("Doing template merge"); + template.merge(context, writer); + Logger.debug("Template merge done"); - } catch (Exception e) { - Logger.error("Velocity error: " + e.getMessage()); - } + Logger.debug("Sending html content: " + writer.getBuffer().toString()); + Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); + httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); - return "yyyyy"; // TODO - } else { - Logger.error("Could not recognize request."); - throw new MOAIDException("stork.15", null); + } catch (IOException e) { + Logger.error("Velocity IO error: " + e.getMessage()); + throw new MOAIDException("stork.15", null); // TODO + } catch (Exception e) { + Logger.error("Velocity general error: " + e.getMessage()); + throw new MOAIDException("stork.15", null); // TODO } - } + } public void generatePEPSRedirect(HttpServletResponse httpResp, DataContainer container) throws MOAIDException { MOASTORKRequest request = container.getRequest(); -- cgit v1.2.3 From 9f7103359b06b3cd7bff6073edf18142c21cef9a Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 17 Apr 2014 17:49:50 +0200 Subject: refactoring again --- .../id/protocols/stork2/AuthenticationRequest.java | 170 ++++++++++----------- 1 file changed, 84 insertions(+), 86 deletions(-) (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index dc30e4e12..599d0c302 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -19,7 +19,9 @@ import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; +import org.opensaml.saml2.core.AudienceRestriction; +import org.opensaml.saml2.core.impl.AudienceRestrictionBuilder; +import org.opensaml.saml2.core.impl.AudienceRestrictionImpl; import org.w3c.dom.Element; import org.w3c.dom.NamedNodeMap; @@ -27,7 +29,8 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.StringWriter; -import java.security.NoSuchAlgorithmException; +import java.net.MalformedURLException; +import java.net.URL; /** @@ -49,12 +52,7 @@ public class AuthenticationRequest implements IAction { this.moaSession = moasession; - Logger.info("CPEPS " + AuthConfigurationProvider.getInstance().getStorkConfig().getCPEPS("SI").getPepsURL().toString()); - - - //AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap(). - - if ((req instanceof MOASTORKRequest) && !((MOASTORKRequest) req).getStorkAuthnRequest().getCitizenCountryCode().equals("SI")) { + if ((req instanceof MOASTORKRequest) && ((MOASTORKRequest) req).getStorkAuthnRequest().getCitizenCountryCode().equals("AT")) { this.moaStorkRequest = (MOASTORKRequest) req; @@ -78,20 +76,18 @@ public class AuthenticationRequest implements IAction { Logger.debug("Starting AuthenticationRequest"); moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse()); - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); Logger.debug("Starting generation of SAML response"); try { moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(), httpReq.getRemoteAddr(), false)); } catch (STORKSAMLEngineException ex) { - // TODO + Logger.error("Failed to generate STORK SAML Response", ex); + throw new MOAIDException("stork.05", null); // TODO } // Get personal attributtes from MOA/IdentityLink moaStorkResponse.setPersonalAttributeList(populateAttributes()); - - } //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); @@ -110,60 +106,66 @@ public class AuthenticationRequest implements IAction { container.setRemoteAddress(httpReq.getRemoteAddr()); - - STORKAuthnResponse arep = moaStorkResponse.getStorkAuthnResponse(); - - - arep.setCountry("XX"); - arep.setInResponseTo("xxxx"); - arep.setMessage("xxxx"); - arep.setSamlId("xxxx"); - arep.setStatusCode("xxxx"); - - // arep.setNotBefore(new DateTime().withTimeAtStartOfDay()); - // arep.setNotOnOrAfter(new DateTime().withTimeAtStartOfDay()); - - Logger.debug("Data container prepared"); return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); - } // check if we are getting request for citizen of some other country - else if ((req instanceof MOASTORKRequest) && ((MOASTORKRequest) req).getStorkAuthnRequest().getCitizenCountryCode().equals("SI")) { - - // - generate new key - String artifactId = null; - try { - artifactId = new SecureRandomIdentifierGenerator().generateIdentifier(); - } catch (NoSuchAlgorithmException e) { - e.printStackTrace(); - } - + } + // check if we are getting request for citizen of some other country + else if (req instanceof MOASTORKRequest) { STORKAuthnRequest spAuthnRequest = ((MOASTORKRequest) req).getStorkAuthnRequest(); - STORKAuthnRequest storkAuthnRequest = new STORKAuthnRequest(); + STORKAuthnRequest storkAuthnRequest = null; + + String citizenCountryCode = spAuthnRequest.getCitizenCountryCode(); + Logger.info("Got authentication request for citizen of " + citizenCountryCode); try { storkAuthnRequest = (STORKAuthnRequest) spAuthnRequest.clone(); } catch (CloneNotSupportedException e) { - e.printStackTrace(); + Logger.error("Could not clone AuthnRequest ", e); + throw new MOAIDException("stork.05", null); // TODO } - storkAuthnRequest.setIssuer("VIDP"); - storkAuthnRequest.setAssertionConsumerServiceURL("https://vm-stork2-vidp:8443/moa-id-auth/stork2/SendPEPSAuthnRequest"); - storkAuthnRequest.setSamlId(artifactId); - String publicURLPrefix = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); - if (publicURLPrefix == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + // check if citizen country is configured in the system + if (!(AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode))) { + Logger.error("Citizen country PEPS not configured in MOA instance: " + citizenCountryCode); + throw new MOAIDException("stork.05", null); // TODO + } + // extracting basic settings and adjusting assertion consumer + String issuer = null; + String assertionConsumerURL = null; + String publicURLPrefix = null; + String destinationURL = null; - DataContainer originalRequest = new DataContainer(); - originalRequest.setRequest((MOASTORKRequest) req); + try { + issuer = new URL(AuthConfigurationProvider.getInstance().getPublicURLPrefix()).toString(); + destinationURL = AuthConfigurationProvider.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString(); + publicURLPrefix = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest"; + } catch (MalformedURLException ex) { + Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix(), ex); + throw new MOAIDException("stork.05", null); // TODO + } catch (Exception ex) { + Logger.error("Problem with PEPS configuration of MOA instance.", ex); + throw new MOAIDException("stork.05", null); // TODO + } - // preparing redirection for the client + // drop if we do not have publicprefix url configured on the instance + if (publicURLPrefix == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - //STORKAuthnRequest storkAuthnRequest = new STORKAuthnRequest(); + // adjusting request + storkAuthnRequest.setEIDCrossBorderShare(spAuthnRequest.isEIDCrossBorderShare()); + storkAuthnRequest.setEIDSectorShare(spAuthnRequest.isEIDSectorShare()); + storkAuthnRequest.setEIDCrossSectorShare(spAuthnRequest.isEIDCrossSectorShare()); + storkAuthnRequest.setCitizenCountryCode(spAuthnRequest.getCitizenCountryCode()); + storkAuthnRequest.setIssuer(issuer); + storkAuthnRequest.setAssertionConsumerServiceURL(assertionConsumerURL); + storkAuthnRequest.setDestination(destinationURL); + // regenerate request try { //Get SAMLEngine instance STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); @@ -177,49 +179,26 @@ public class AuthenticationRequest implements IAction { throw new MOAIDException("stork.05", null); } + // store original request from SP in order to be able to extract it in later iteration/response + DataContainer spRequestContainer = new DataContainer(); + spRequestContainer.setRequest((MOASTORKRequest) req); - // store original request from sp in order to be able to extract it in later iteration/response try { - AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), originalRequest); - Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request"); + AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), spRequestContainer); + Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request with id " + spAuthnRequest.getSamlId()); } catch (MOADatabaseException e) { e.printStackTrace(); } - byte[] blob; - try { - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); - VelocityContext context = new VelocityContext(); - blob = storkAuthnRequest.getTokenSaml(); - - context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(blob)); - Logger.debug("SAMLRequest original: " + new String(blob)); - - Logger.debug("Putting url as action: " + "https://peps-test.mju.gov.si/PEPS/ColleagueRequest"); - context.put("action", "https://peps-test.mju.gov.si/PEPS/ColleagueRequest"); - Logger.debug("Starting template merge"); - StringWriter writer = new StringWriter(); - - Logger.debug("Doing template merge"); - template.merge(context, writer); - Logger.debug("Template merge done"); - - Logger.debug("Sending html content: " + writer.getBuffer().toString()); - Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); - - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); - - } catch (Exception e) { - Logger.error("Velocity error: " + e.getMessage()); - } + // preparing redirection for the client + performRedirection("SAMLRequest", destinationURL, storkAuthnRequest.getTokenSaml(), httpResp); return "xxxx";// TODO - } else if ((req instanceof MOASTORKResponse)) { - // Check if we got the response from PEPS - // If so then process it and forward to SP + } + // Check if we got the response from PEPS + // If so then process it and forward to SP + else if ((req instanceof MOASTORKResponse)) { return handleMOAStorkResponse("VIDP", (MOASTORKResponse) req, httpReq.getRemoteAddr(), httpResp); } else { Logger.error("Could not recognize request."); @@ -227,6 +206,11 @@ public class AuthenticationRequest implements IAction { } } + + private String handleMOAStorkRequest(String instanceName, MOASTORKRequest moastorkRequest, String remoteAddr, HttpServletResponse httpResp) { + + } + /* Handles STORKAuthnResponse received from PEPS (return to SP) */ @@ -257,6 +241,10 @@ public class AuthenticationRequest implements IAction { // setting new reference request and return url authnResponse.setInResponseTo(dataContainer.getRequest().getStorkAuthnRequest().getSamlId()); authnResponse.setAudienceRestriction(dataContainer.getRequest().getAssertionConsumerServiceURL()); + //AudienceRestrictionBuilder audienceRestrictionBuilder = new AudienceRestrictionBuilder(); + //AudienceRestriction audienceRestriction = audienceRestrictionBuilder.buildObject(dataContainer.getRequest().getAssertionConsumerServiceURL(), "localname", "nameprefix"); + + //authnResponse.getAssertions().get(0).getConditions().getAudienceRestrictions().add(audienceRestriction); Logger.debug("Starting generation of SAML response"); try { @@ -372,11 +360,21 @@ public class AuthenticationRequest implements IAction { public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + // authentication is not needed if we have authentication request from SP for citizen of configured PEPS country if (req instanceof MOASTORKRequest) { - if (((MOASTORKRequest) req).getStorkAuthnRequest().getCitizenCountryCode().equals("SI")) { - return false; - + MOASTORKRequest moastorkRequest = (MOASTORKRequest) req; + if (moastorkRequest.getStorkAuthnRequest() != null) { + String citizenCountryCode = moastorkRequest.getStorkAuthnRequest().getCitizenCountryCode(); + // check if citizen country is configured in the system + try { + if (AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode)) { + return false; + } + } catch (MOAIDException e) { + Logger.error("Could not initialize AuthConfigurationProvider"); + } } + // authentication is not required if received authentication response } else if (req instanceof MOASTORKResponse) { return false; } -- cgit v1.2.3 From 3d08ca18a290e57f6dd70f4b6914f0e3d5840bb7 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 17 Apr 2014 18:01:18 +0200 Subject: fixing authnreq error --- .../id/protocols/stork2/AuthenticationRequest.java | 179 ++++++++++----------- 1 file changed, 89 insertions(+), 90 deletions(-) (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 599d0c302..51ec1fff3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -19,9 +19,6 @@ import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; -import org.opensaml.saml2.core.AudienceRestriction; -import org.opensaml.saml2.core.impl.AudienceRestrictionBuilder; -import org.opensaml.saml2.core.impl.AudienceRestrictionImpl; import org.w3c.dom.Element; import org.w3c.dom.NamedNodeMap; @@ -76,15 +73,15 @@ public class AuthenticationRequest implements IAction { Logger.debug("Starting AuthenticationRequest"); moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse()); - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + //STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - Logger.debug("Starting generation of SAML response"); - try { - moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(), httpReq.getRemoteAddr(), false)); - } catch (STORKSAMLEngineException ex) { - Logger.error("Failed to generate STORK SAML Response", ex); - throw new MOAIDException("stork.05", null); // TODO - } + // Logger.debug("Starting generation of SAML response"); + // try { + // moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(), httpReq.getRemoteAddr(), false)); + // } catch (STORKSAMLEngineException ex) { + // Logger.error("Failed to generate STORK SAML Response", ex); + // throw new MOAIDException("stork.05", null); // TODO + // } // Get personal attributtes from MOA/IdentityLink moaStorkResponse.setPersonalAttributeList(populateAttributes()); @@ -112,103 +109,105 @@ public class AuthenticationRequest implements IAction { } // check if we are getting request for citizen of some other country else if (req instanceof MOASTORKRequest) { - STORKAuthnRequest spAuthnRequest = ((MOASTORKRequest) req).getStorkAuthnRequest(); - STORKAuthnRequest storkAuthnRequest = null; - - String citizenCountryCode = spAuthnRequest.getCitizenCountryCode(); - Logger.info("Got authentication request for citizen of " + citizenCountryCode); + return handleMOAStorkRequest("VIDP", (MOASTORKRequest) req, httpReq.getRemoteAddr(), httpResp); + } - try { - storkAuthnRequest = (STORKAuthnRequest) spAuthnRequest.clone(); - } catch (CloneNotSupportedException e) { - Logger.error("Could not clone AuthnRequest ", e); - throw new MOAIDException("stork.05", null); // TODO - } + // Check if we got the response from PEPS + // If so then process it and forward to SP + else if ((req instanceof MOASTORKResponse)) { + return handleMOAStorkResponse("VIDP", (MOASTORKResponse) req, httpReq.getRemoteAddr(), httpResp); + } else { + Logger.error("Could not recognize request."); + throw new MOAIDException("stork.15", null); + } + } + /* + Handles STORKAuthnRequeste received for citizens of other countries + */ + private String handleMOAStorkRequest(String instanceName, MOASTORKRequest moastorkRequest, String remoteAddr, HttpServletResponse httpResp) throws MOAIDException { - // check if citizen country is configured in the system - if (!(AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode))) { - Logger.error("Citizen country PEPS not configured in MOA instance: " + citizenCountryCode); - throw new MOAIDException("stork.05", null); // TODO - } + STORKAuthnRequest spAuthnRequest = moastorkRequest.getStorkAuthnRequest(); + STORKAuthnRequest storkAuthnRequest = null; - // extracting basic settings and adjusting assertion consumer - String issuer = null; - String assertionConsumerURL = null; - String publicURLPrefix = null; - String destinationURL = null; + String citizenCountryCode = spAuthnRequest.getCitizenCountryCode(); + Logger.info("Got authentication request for citizen of " + citizenCountryCode); - try { - issuer = new URL(AuthConfigurationProvider.getInstance().getPublicURLPrefix()).toString(); - destinationURL = AuthConfigurationProvider.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString(); - publicURLPrefix = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); - assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest"; - } catch (MalformedURLException ex) { - Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix(), ex); - throw new MOAIDException("stork.05", null); // TODO - } catch (Exception ex) { - Logger.error("Problem with PEPS configuration of MOA instance.", ex); - throw new MOAIDException("stork.05", null); // TODO - } + try { + storkAuthnRequest = (STORKAuthnRequest) spAuthnRequest.clone(); + } catch (CloneNotSupportedException e) { + Logger.error("Could not clone AuthnRequest ", e); + throw new MOAIDException("stork.05", null); // TODO + } - // drop if we do not have publicprefix url configured on the instance - if (publicURLPrefix == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + // check if citizen country is configured in the system + if (!(AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode))) { + Logger.error("Citizen country PEPS not configured in MOA instance: " + citizenCountryCode); + throw new MOAIDException("stork.05", null); // TODO + } - // adjusting request - storkAuthnRequest.setEIDCrossBorderShare(spAuthnRequest.isEIDCrossBorderShare()); - storkAuthnRequest.setEIDSectorShare(spAuthnRequest.isEIDSectorShare()); - storkAuthnRequest.setEIDCrossSectorShare(spAuthnRequest.isEIDCrossSectorShare()); - storkAuthnRequest.setCitizenCountryCode(spAuthnRequest.getCitizenCountryCode()); - storkAuthnRequest.setIssuer(issuer); - storkAuthnRequest.setAssertionConsumerServiceURL(assertionConsumerURL); - storkAuthnRequest.setDestination(destinationURL); + // extracting basic settings and adjusting assertion consumer + String issuer = null; + String assertionConsumerURL = null; + String publicURLPrefix = null; + String destinationURL = null; - // regenerate request - try { - //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); - Logger.debug("Starting generation of SAML request"); - storkAuthnRequest = engine.generateSTORKAuthnRequest(storkAuthnRequest); - - //generateSAML Token - Logger.info("SAML response succesfully generated!"); - } catch (STORKSAMLEngineException e) { - Logger.error("Failed to generate STORK SAML Response", e); - throw new MOAIDException("stork.05", null); - } + try { + issuer = new URL(AuthConfigurationProvider.getInstance().getPublicURLPrefix()).toString(); + destinationURL = AuthConfigurationProvider.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString(); + publicURLPrefix = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest"; + } catch (MalformedURLException ex) { + Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix(), ex); + throw new MOAIDException("stork.05", null); // TODO + } catch (Exception ex) { + Logger.error("Problem with PEPS configuration of MOA instance.", ex); + throw new MOAIDException("stork.05", null); // TODO + } - // store original request from SP in order to be able to extract it in later iteration/response - DataContainer spRequestContainer = new DataContainer(); - spRequestContainer.setRequest((MOASTORKRequest) req); - try { - AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), spRequestContainer); - Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request with id " + spAuthnRequest.getSamlId()); - } catch (MOADatabaseException e) { - e.printStackTrace(); - } + // drop if we do not have publicprefix url configured on the instance + if (publicURLPrefix == null) + throw new AuthenticationException("stork.12", new String[]{"PublicURLPrefix"}); - // preparing redirection for the client - performRedirection("SAMLRequest", destinationURL, storkAuthnRequest.getTokenSaml(), httpResp); - return "xxxx";// TODO + // adjusting request + storkAuthnRequest.setEIDCrossBorderShare(spAuthnRequest.isEIDCrossBorderShare()); + storkAuthnRequest.setEIDSectorShare(spAuthnRequest.isEIDSectorShare()); + storkAuthnRequest.setEIDCrossSectorShare(spAuthnRequest.isEIDCrossSectorShare()); + storkAuthnRequest.setCitizenCountryCode(spAuthnRequest.getCitizenCountryCode()); + storkAuthnRequest.setIssuer(issuer); + storkAuthnRequest.setAssertionConsumerServiceURL(assertionConsumerURL); + storkAuthnRequest.setDestination(destinationURL); - } + // regenerate request + try { + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + Logger.debug("Starting generation of SAML request"); + storkAuthnRequest = engine.generateSTORKAuthnRequest(storkAuthnRequest); - // Check if we got the response from PEPS - // If so then process it and forward to SP - else if ((req instanceof MOASTORKResponse)) { - return handleMOAStorkResponse("VIDP", (MOASTORKResponse) req, httpReq.getRemoteAddr(), httpResp); - } else { - Logger.error("Could not recognize request."); - throw new MOAIDException("stork.15", null); + //generateSAML Token + Logger.info("SAML response succesfully generated!"); + } catch (STORKSAMLEngineException e) { + Logger.error("Failed to generate STORK SAML Response", e); + throw new MOAIDException("stork.05", null); } - } + // store original request from SP in order to be able to extract it in later iteration/response + DataContainer spRequestContainer = new DataContainer(); + spRequestContainer.setRequest(moastorkRequest); - private String handleMOAStorkRequest(String instanceName, MOASTORKRequest moastorkRequest, String remoteAddr, HttpServletResponse httpResp) { + try { + AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), spRequestContainer); + Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request with id " + spAuthnRequest.getSamlId()); + } catch (MOADatabaseException e) { + e.printStackTrace(); + } + // preparing redirection for the client + performRedirection("SAMLRequest", destinationURL, storkAuthnRequest.getTokenSaml(), httpResp); + return "xxxx";// TODO } /* -- cgit v1.2.3 From 592c6ee57ba5d4955fe06941040f7a158bdec67d Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Fri, 25 Apr 2014 17:08:39 +0200 Subject: adjusting attribute collector --- .../id/protocols/stork2/AttributeCollector.java | 3 +- .../stork2/MandateAttributeRequestProvider.java | 3 + .../protocols/stork2/MandateRetrievalRequest.java | 95 ++++++++++++++++++++++ .../stork/peps/auth/commons/STORKAuthnRequest.java | 2 +- 4 files changed, 101 insertions(+), 2 deletions(-) (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 8f0d259b4..47a631ce3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -84,7 +84,8 @@ public class AttributeCollector implements IAction { } // - insert the embedded attribute(s) into the container - addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes); + if (null != newAttributes) + addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes); // see if we need some more attributes return processRequest(container, httpReq, httpResp, moasession, oaParam); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java index 5d13ccb45..cae5e698b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateAttributeRequestProvider.java @@ -58,6 +58,9 @@ public class MandateAttributeRequestProvider implements AttributeProvider { } PersonalAttributeList result = new PersonalAttributeList(); //return result; + + + Logger.info("Thrown external request by: " + getAttrProviderName()); throw new ExternalAttributeRequestRequiredException(this); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index 077867fe0..c473e6f82 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -1,20 +1,112 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.util.ArrayList; +import java.util.List; /** * */ public class MandateRetrievalRequest implements IAction { + + private AuthenticationSession moaSession; + private MOASTORKRequest moaStorkRequest; + public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { Logger.error("Entering mandateretrievalrequest"); + + this.moaSession = moasession; + + if ((req instanceof MOASTORKRequest)) { + this.moaStorkRequest = (MOASTORKRequest)req; + + } else { + return null; // TODO + } + + + if (moaStorkRequest.isAttrRequest() && moaStorkRequest.getStorkAttrQueryRequest() != null) { + + + Logger.debug("Entering AttributeRequest for MandateProvider"); + httpResp.reset(); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + + MOASTORKResponse moaStorkResponse = new MOASTORKResponse(); + STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse(); + +// moaStorkResponse.setPersonalAttributeList(populateAttributes()); + + //moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); + + IPersonalAttributeList sourceAttributeList = moaStorkRequest.getStorkAttrQueryRequest().getPersonalAttributeList(); + + IPersonalAttributeList attributeList = new PersonalAttributeList(); + + for (PersonalAttribute currentAttribute : sourceAttributeList) { + Logger.debug("Evaluationg currentattribute " + currentAttribute.getName()); + if (currentAttribute.getName().equals("mandateContent")) { + PersonalAttribute mandateContent = new PersonalAttribute(); + List x = new ArrayList(); + x.add("12345234k32jekqwjeqwe"); + mandateContent.setName(currentAttribute.getName()); + mandateContent.setFriendlyName(currentAttribute.getFriendlyName()); + mandateContent.setIsRequired(currentAttribute.isRequired()); + mandateContent.setValue(x); + mandateContent.setStatus("Available"); + attributeList.add(mandateContent); + Logger.debug("Setting currentattribute " + currentAttribute.getName()); + + } + } + + attrResponse.setPersonalAttributeList(attributeList); + moaStorkResponse.setSTORKAttrResponse(attrResponse); + + Logger.debug("Attributes " + moaStorkResponse.getStorkAttrQueryResponse().getPersonalAttributeList().size()); + + // Prepare extended attributes + Logger.debug("Preparing data container"); + + // create fresh container + DataContainer container = new DataContainer(); + + // - fill in the request we extracted above + container.setRequest(moaStorkRequest); + + // - fill in the partial response created above + container.setResponse(moaStorkResponse); + + container.setRemoteAddress(httpReq.getRemoteAddr()); + + Logger.debug("Data container prepared"); + + // ask for consent if necessary + if(oaParam.isRequireConsentForStorkAttributes()) + new ConsentEvaluator().requestConsent(container, httpResp, oaParam); + else + new ConsentEvaluator().generateSTORKResponse(httpResp, container); + + + //return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + } + + + return null; // } @@ -25,4 +117,7 @@ public class MandateRetrievalRequest implements IAction { public String getDefaultActionName() { return STORKProtocol.MANDATERETRIEVALREQUEST; } + + + } diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java index 2354d0eb1..ea7c0e475 100644 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java @@ -112,7 +112,7 @@ public final class STORKAuthnRequest implements Serializable, Cloneable { * @param nAlias The SP's Certificate Alias. */ public void setAlias(final String nAlias) { - this.alias = nAlias; + this.alias = nAlias; } /** -- cgit v1.2.3 From b98fe61752f4614de8dbef5a4892b9cd87854cda Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Fri, 25 Apr 2014 17:43:29 +0200 Subject: extract attr --- .../id/protocols/stork2/AttributeCollector.java | 44 ++++++++++++++++++++-- .../moa/id/protocols/stork2/STORKProtocol.java | 2 +- 2 files changed, 41 insertions(+), 5 deletions(-) (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 47a631ce3..56b87bfa9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -15,10 +15,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.*; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.apache.velocity.Template; @@ -49,6 +46,45 @@ public class AttributeCollector implements IAction { */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + // TODO extract attribute response and check if it corresponds to the container + + if (httpReq.getParameter("SAMLResponse") != null) { + MOASTORKResponse STORK2Response = new MOASTORKResponse(); + + //extract STORK Response from HTTP Request + byte[] decSamlToken; + try { + decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); + } catch (NullPointerException e) { + if (httpReq.getRemoteHost().contains("129.27.142")) { + Logger.warn("Availability check by " + httpReq.getRemoteHost() + " on URI: " + httpReq.getRequestURI()); + } else { + Logger.error("Unable to retrieve STORK Request for host: " + httpReq.getRemoteHost() + " and URI: " + httpReq.getRequestURI(), e); + } + throw new MOAIDException("stork.04", null); + } + + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + + STORKAuthnResponse authnResponse = null; + + + // check if valid authn request is contained + try { + authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, httpReq.getRemoteAddr()); + } catch (STORKSAMLEngineException ex) { + Logger.error("Unable to validate Stork AuthenticationResponse: " + ex.getMessage()); + } + + STORK2Response.setSTORKAuthnResponseToken(decSamlToken); + + + } + + // end addition + + // - fetch the container String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); DataContainer container; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 689aed8aa..e93a7ec87 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -71,7 +71,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { return STORK2Request; - if (request.getParameter("SAMLResponse") != null) { + if (request.getParameter("SAMLResponse") != null) { // TODO check attribute collector //extract STORK Response from HTTP Request byte[] decSamlToken; try { -- cgit v1.2.3 From 3b5f36230231561f18cce48a04585d58bef5efb7 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 29 Apr 2014 18:22:25 +0200 Subject: refactoring and improving mandate --- .../id/protocols/stork2/AttributeCollector.java | 27 +-- .../stork2/CorporateBodyMandateContainer.java | 187 +++++++++++++++++++++ .../protocols/stork2/MandateRetrievalRequest.java | 65 ++++++- .../moa/id/protocols/stork2/S2Constants.java | 34 ++++ 4 files changed, 298 insertions(+), 15 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 56b87bfa9..fe5a96c18 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -46,9 +46,22 @@ public class AttributeCollector implements IAction { */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + // - fetch the container + String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); + DataContainer container; + try { + container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); + throw new MOAIDException("stork.11", null); + } + + // TODO extract attribute response and check if it corresponds to the container if (httpReq.getParameter("SAMLResponse") != null) { + Logger.info("Got SAML response from external attribute provider."); + MOASTORKResponse STORK2Response = new MOASTORKResponse(); //extract STORK Response from HTTP Request @@ -79,22 +92,16 @@ public class AttributeCollector implements IAction { STORK2Response.setSTORKAuthnResponseToken(decSamlToken); + if (authnResponse.getPersonalAttributeList().size() > 0) { + Logger.info("Response from external attribute provider contains " + authnResponse.getPersonalAttributeList().size() + " attributes."); + addOrUpdateAll(container.getResponse().getPersonalAttributeList(), authnResponse.getPersonalAttributeList()); + } } // end addition - // - fetch the container - String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); - DataContainer container; - try { - container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); - } catch (MOADatabaseException e) { - Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); - throw new MOAIDException("stork.11", null); - } - // read configuration parameters of OA OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL()); if (oaParam == null) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java new file mode 100644 index 000000000..e141aa37b --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java @@ -0,0 +1,187 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import javanet.staxutils.SimpleNamespaceContext; +import org.xml.sax.InputSource; + +import javax.xml.xpath.XPath; +import javax.xml.xpath.XPathExpressionException; +import javax.xml.xpath.XPathFactory; +import java.io.StringReader; +import java.util.HashMap; + +/** + * @author bsuzic + * Date: 4/29/14, Time: 3:40 PM + */ +public class CorporateBodyMandateContainer { + + private String corpMandatorIdentificationValue = null; + private String corpMandatorIdentificationType = null; + private String corpMandatorFullName = null; + private String mandateIssuePlace = null; + private String mandateIssueDate = null; + private String mandateIssueTime = null; + private String simpleMandateContent = null; + private String mandateValidFrom = null; + private String mandateValidTo = null; + private String annotation = null; + private String physicalRepresentativeIdentificationValue = null; + private String physicalRepresentativeIdentificationType = null; + private String physicalRepresentativeGivenName = null; + private String physicalRepresentativeFamilyName = null; + private String physicalRepresentativeBirthDate = null; + + + public CorporateBodyMandateContainer(String mandate) throws XPathExpressionException { + XPath xPath = XPathFactory.newInstance().newXPath(); + HashMap prefMap = new HashMap() {{ + put(S2Constants.MANDATE_PREFIX, S2Constants.MANDATE_NS); + put(S2Constants.PERSONDATA_PREFIX, S2Constants.PERSONDATA_NS); + put(S2Constants.XMLDSIG_PREFIX, S2Constants.XMLDSIG_NS); + }}; + + SimpleNamespaceContext namespace = new SimpleNamespaceContext(prefMap); + xPath.setNamespaceContext(namespace); + + setAnnotation(xPath.evaluate(S2Constants.MANDATE_ANNOTATION_QUERY, new InputSource(new StringReader(mandate)))); + setCorpMandatorFullName(xPath.evaluate(S2Constants.MANDATE_MANDATOR_CORPBODY_FULLNAME_QUERY, new InputSource(new StringReader(mandate)))); + setCorpMandatorIdentificationType(xPath.evaluate(S2Constants.MANDATE_MANDATOR_CORPBODY_IDTYPE_QUERY, new InputSource(new StringReader(mandate)))); + setCorpMandatorIdentificationValue(xPath.evaluate(S2Constants.MANDATE_MANDATOR_CORPBODY_IDVALUE_QUERY, new InputSource(new StringReader(mandate)))); + setMandateIssueDate(xPath.evaluate(S2Constants.MANDATE_ISSUEDDATE_QUERY, new InputSource(new StringReader(mandate)))); + setMandateIssuePlace(xPath.evaluate(S2Constants.MANDATE_ISSUEDPLACE_QUERY, new InputSource(new StringReader(mandate)))); + setMandateIssueTime(xPath.evaluate(S2Constants.MANDATE_ISSUEDTIME_QUERY, new InputSource(new StringReader(mandate)))); + setMandateValidFrom(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_VALIDFROM_QUERY, new InputSource(new StringReader(mandate)))); + setMandateValidTo(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_VALIDTO_QUERY, new InputSource(new StringReader(mandate)))); + setPhysicalRepresentativeBirthDate(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_DATEOFBIRTH_QUERY, new InputSource(new StringReader(mandate)))); + setPhysicalRepresentativeFamilyName(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_FAMILYNAME_QUERY, new InputSource(new StringReader(mandate)))); + setPhysicalRepresentativeGivenName(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_GIVENNAME_QUERY, new InputSource(new StringReader(mandate)))); + setPhysicalRepresentativeIdentificationType(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_IDTYPE_QUERY, new InputSource(new StringReader(mandate)))); + setPhysicalRepresentativeIdentificationValue(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_IDVALUE_QUERY, new InputSource(new StringReader(mandate)))); + setSimpleMandateContent(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_TXTDESC_QUERY, new InputSource(new StringReader(mandate)))); + + } + + public String getCorpMandatorIdentificationValue() { + return corpMandatorIdentificationValue; + } + + public void setCorpMandatorIdentificationValue(String corpMandatorIdentificationValue) { + this.corpMandatorIdentificationValue = corpMandatorIdentificationValue; + } + + public String getCorpMandatorIdentificationType() { + return corpMandatorIdentificationType; + } + + public void setCorpMandatorIdentificationType(String corpMandatorIdentificationType) { + this.corpMandatorIdentificationType = corpMandatorIdentificationType; + } + + public String getCorpMandatorFullName() { + return corpMandatorFullName; + } + + public void setCorpMandatorFullName(String corpMandatorFullName) { + this.corpMandatorFullName = corpMandatorFullName; + } + + public String getMandateIssuePlace() { + return mandateIssuePlace; + } + + public void setMandateIssuePlace(String mandateIssuePlace) { + this.mandateIssuePlace = mandateIssuePlace; + } + + public String getMandateIssueDate() { + return mandateIssueDate; + } + + public void setMandateIssueDate(String mandateIssueDate) { + this.mandateIssueDate = mandateIssueDate; + } + + public String getMandateIssueTime() { + return mandateIssueTime; + } + + public void setMandateIssueTime(String mandateIssueTime) { + this.mandateIssueTime = mandateIssueTime; + } + + public String getSimpleMandateContent() { + return simpleMandateContent; + } + + public void setSimpleMandateContent(String simpleMandateContent) { + this.simpleMandateContent = simpleMandateContent; + } + + public String getMandateValidFrom() { + return mandateValidFrom; + } + + public void setMandateValidFrom(String mandateValidFrom) { + this.mandateValidFrom = mandateValidFrom; + } + + public String getMandateValidTo() { + return mandateValidTo; + } + + public void setMandateValidTo(String mandateValidTo) { + this.mandateValidTo = mandateValidTo; + } + + public String getPhysicalRepresentativeIdentificationValue() { + return physicalRepresentativeIdentificationValue; + } + + public void setPhysicalRepresentativeIdentificationValue(String physicalRepresentativeIdentificationValue) { + this.physicalRepresentativeIdentificationValue = physicalRepresentativeIdentificationValue; + } + + public String getPhysicalRepresentativeIdentificationType() { + return physicalRepresentativeIdentificationType; + } + + public void setPhysicalRepresentativeIdentificationType(String physicalRepresentativeIdentificationType) { + this.physicalRepresentativeIdentificationType = physicalRepresentativeIdentificationType; + } + + public String getPhysicalRepresentativeGivenName() { + return physicalRepresentativeGivenName; + } + + public void setPhysicalRepresentativeGivenName(String physicalRepresentativeGivenName) { + this.physicalRepresentativeGivenName = physicalRepresentativeGivenName; + } + + public String getPhysicalRepresentativeFamilyName() { + return physicalRepresentativeFamilyName; + } + + public void setPhysicalRepresentativeFamilyName(String physicalRepresentativeFamilyName) { + this.physicalRepresentativeFamilyName = physicalRepresentativeFamilyName; + } + + public String getPhysicalRepresentativeBirthDate() { + return physicalRepresentativeBirthDate; + } + + public void setPhysicalRepresentativeBirthDate(String physicalRepresentativeBirthDate) { + this.physicalRepresentativeBirthDate = physicalRepresentativeBirthDate; + } + + + + public String getAnnotation() { + return annotation; + } + + public void setAnnotation(String annotation) { + this.annotation = annotation; + } + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index c473e6f82..52309a365 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -8,10 +8,18 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.*; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.complex.attributes.MandateContentType; +import eu.stork.peps.complex.attributes.MandateType; +import eu.stork.peps.complex.attributes.RepresentationPersonType; +import org.w3c.dom.Node; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.io.UnsupportedEncodingException; import java.util.ArrayList; import java.util.List; @@ -29,7 +37,7 @@ public class MandateRetrievalRequest implements IAction { this.moaSession = moasession; if ((req instanceof MOASTORKRequest)) { - this.moaStorkRequest = (MOASTORKRequest)req; + this.moaStorkRequest = (MOASTORKRequest) req; } else { return null; // TODO @@ -37,6 +45,7 @@ public class MandateRetrievalRequest implements IAction { if (moaStorkRequest.isAttrRequest() && moaStorkRequest.getStorkAttrQueryRequest() != null) { + populateRepresented(moasession); Logger.debug("Entering AttributeRequest for MandateProvider"); @@ -96,7 +105,7 @@ public class MandateRetrievalRequest implements IAction { Logger.debug("Data container prepared"); // ask for consent if necessary - if(oaParam.isRequireConsentForStorkAttributes()) + if (oaParam.isRequireConsentForStorkAttributes()) new ConsentEvaluator().requestConsent(container, httpResp, oaParam); else new ConsentEvaluator().generateSTORKResponse(httpResp, container); @@ -106,10 +115,57 @@ public class MandateRetrievalRequest implements IAction { } - return null; // } + private void populateMandatingData(AuthenticationSession moasession) { + MandateType mandateType = new MandateType(); + RepresentationPersonType representationPersonType = new RepresentationPersonType(); + MandateContentType mandateContentType = new MandateContentType(); + } + + + private void populateRepresented(AuthenticationSession moasession) { + + try { + CorporateBodyMandateContainer corporateBodyMandateContainer = new CorporateBodyMandateContainer(new String(moaSession.getMISMandate().getMandate(), "UTF-8")); + + + } catch (Exception ex) { + + } + } + + + private Node extractChildNode(Node node, String childName) throws MOAIDException { + if (!node.hasChildNodes()) { + throw new MOAIDException("stork.11", null); // TODO description + } + for (int n = 0; n < node.getChildNodes().getLength(); n++) { + if (node.getChildNodes().item(n).getNodeName().equals(childName)) { + return node.getChildNodes().item(n); + } + } + throw new MOAIDException("stork.11", null); // TODO description + + } + + private String extractNodeTextContent(Node node, String childName) throws MOAIDException { + if (!node.hasChildNodes()) { + throw new MOAIDException("stork.11", null); // TODO description + } + for (int n = 0; n < node.getChildNodes().getLength(); n++) { + if (node.getChildNodes().item(n).getNodeName().equals(childName)) { + return node.getTextContent(); + } + } + throw new MOAIDException("stork.11", null); // TODO description + } + + private void populateMandateType(AuthenticationSession moasession) { + + } + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { return true; // } @@ -119,5 +175,4 @@ public class MandateRetrievalRequest implements IAction { } - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java new file mode 100644 index 000000000..296bb4396 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java @@ -0,0 +1,34 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +/** + * @author bsuzic + * Date: 4/29/14, Time: 5:34 PM + */ +public interface S2Constants { + public static final String MANDATE_PREFIX = "mandate"; + public static final String PERSONDATA_PREFIX = "persondata"; + public static final String XMLDSIG_PREFIX = "xmldsig"; + + public static final String MANDATE_NS = "http://reference.e-government.gv.at/namespace/mandates/20040701#"; + public static final String PERSONDATA_NS = "http://reference.e-government.gv.at/namespace/persondata/20020228#"; + public static final String XMLDSIG_NS = "http://www.w3.org/2000/09/xmldsig#"; + + public static final String MANDATE_ANNOTATION_QUERY = "/mandate:Mandate/mandate:Annotation/text()"; + public static final String MANDATE_REPRESENTATIVE_PHYPERS_IDVALUE_QUERY = "/mandate:Mandate/mandate:Representative/persondata:PhysicalPerson/persondata:Identification/persondata:Value/text()"; + public static final String MANDATE_REPRESENTATIVE_PHYPERS_IDTYPE_QUERY = "/mandate:Mandate/mandate:Representative/persondata:PhysicalPerson/persondata:Identification/persondata:Type/text()"; + public static final String MANDATE_REPRESENTATIVE_PHYPERS_GIVENNAME_QUERY = "/mandate:Mandate/mandate:Representative/persondata:PhysicalPerson/persondata:Name/persondata:GivenName/text()"; + public static final String MANDATE_REPRESENTATIVE_PHYPERS_FAMILYNAME_QUERY = "/mandate:Mandate/mandate:Representative/persondata:PhysicalPerson/persondata:Name/persondata:FamilyName/text()"; + public static final String MANDATE_REPRESENTATIVE_PHYPERS_DATEOFBIRTH_QUERY = "/mandate:Mandate/mandate:Representative/persondata:PhysicalPerson/persondata:DateOfBirth/text()"; + public static final String MANDATE_MANDATOR_CORPBODY_IDVALUE_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:CorporateBody/persondata:Identification/persondata:Value/text()"; + public static final String MANDATE_MANDATOR_CORPBODY_IDTYPE_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:CorporateBody/persondata:Identification/persondata:Type/text()"; + public static final String MANDATE_MANDATOR_CORPBODY_FULLNAME_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:CorporateBody/persondata:FullName/text()"; + public static final String MANDATE_ISSUEDPLACE_QUERY = "/mandate:Mandate/mandate:Issued/mandate:Place/text()"; + public static final String MANDATE_ISSUEDDATE_QUERY = "/mandate:Mandate/mandate:Issued/mandate:Date/text()"; + public static final String MANDATE_ISSUEDTIME_QUERY = "/mandate:Mandate/mandate:Issued/mandate:Time/text()"; + public static final String MANDATE_SIMPLEMANDATECONTENT_TXTDESC_QUERY = "/mandate:Mandate/mandate:SimpleMandateContent/mandate:TextualDescription/text()"; + public static final String MANDATE_SIMPLEMANDATECONTENT_VALIDFROM_QUERY = "/mandate:Mandate/mandate:SimpleMandateContent/mandate:TimeConstraint/mandate:ValidFrom/text()"; + public static final String MANDATE_SIMPLEMANDATECONTENT_VALIDTO_QUERY = "/mandate:Mandate/mandate:SimpleMandateContent/mandate:TimeConstraint/mandate:ValidTo/text()"; + + + +} -- cgit v1.2.3 From 778fbf55413b8e9aa1e289430cb75e5e8d8a7615 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 30 Apr 2014 12:03:39 +0200 Subject: refactoring --- .../stork2/CorporateBodyMandateContainer.java | 10 + .../protocols/stork2/MandateRetrievalRequest.java | 8 +- .../stork2/PhyPersonMandateContainer.java | 217 +++++++++++++++++++++ .../moa/id/protocols/stork2/S2Constants.java | 6 + 4 files changed, 240 insertions(+), 1 deletion(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java index e141aa37b..a75cdfb80 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java @@ -10,6 +10,7 @@ import java.io.StringReader; import java.util.HashMap; /** + * Physical person representing corporate body * @author bsuzic * Date: 4/29/14, Time: 3:40 PM */ @@ -59,8 +60,17 @@ public class CorporateBodyMandateContainer { setPhysicalRepresentativeIdentificationValue(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_IDVALUE_QUERY, new InputSource(new StringReader(mandate)))); setSimpleMandateContent(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_TXTDESC_QUERY, new InputSource(new StringReader(mandate)))); + // check if all necessary fields are present + validateMandateStructure(); // TODO + + } + + + public void validateMandateStructure() { + } + public String getCorpMandatorIdentificationValue() { return corpMandatorIdentificationValue; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index 52309a365..d216f716c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -129,11 +129,17 @@ public class MandateRetrievalRequest implements IAction { try { CorporateBodyMandateContainer corporateBodyMandateContainer = new CorporateBodyMandateContainer(new String(moaSession.getMISMandate().getMandate(), "UTF-8")); + } catch (Exception ex) { + Logger.error("CORPORATE ERROR"); + } + try { + PhyPersonMandateContainer phyPersonMandateContainer = new PhyPersonMandateContainer(new String(moaSession.getMISMandate().getMandate(), "UTF-8")); } catch (Exception ex) { - + Logger.error("PERSON ERROR"); } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java new file mode 100644 index 000000000..6143d69b4 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java @@ -0,0 +1,217 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import javanet.staxutils.SimpleNamespaceContext; +import org.xml.sax.InputSource; + +import javax.xml.xpath.XPath; +import javax.xml.xpath.XPathExpressionException; +import javax.xml.xpath.XPathFactory; +import java.io.StringReader; +import java.util.HashMap; + +/** + * Physical person representing physical person + * @author bsuzic + * Date: 4/30/14, Time: 11:29 AM + */ +public class PhyPersonMandateContainer { + + private String phyPersMandatorIdentificationValue = null; + private String phyPersMandatorIdentificationType = null; + private String phyPersMandatorGivenName = null; + private String phyPersMandatorFamilyName = null; + private String phyPersMandatorBirthDate = null; + private String mandateIssuePlace = null; + private String mandateIssueDate = null; + private String mandateIssueTime = null; + private String simpleMandateContent = null; + private String mandateValidFrom = null; + private String mandateValidTo = null; + private String annotation = null; + private String physicalRepresentativeIdentificationValue = null; + private String physicalRepresentativeIdentificationType = null; + private String physicalRepresentativeGivenName = null; + private String physicalRepresentativeFamilyName = null; + private String physicalRepresentativeBirthDate = null; + + + public PhyPersonMandateContainer(String mandate) throws XPathExpressionException { + XPath xPath = XPathFactory.newInstance().newXPath(); + HashMap prefMap = new HashMap() {{ + put(S2Constants.MANDATE_PREFIX, S2Constants.MANDATE_NS); + put(S2Constants.PERSONDATA_PREFIX, S2Constants.PERSONDATA_NS); + put(S2Constants.XMLDSIG_PREFIX, S2Constants.XMLDSIG_NS); + }}; + + SimpleNamespaceContext namespace = new SimpleNamespaceContext(prefMap); + xPath.setNamespaceContext(namespace); + + setAnnotation(xPath.evaluate(S2Constants.MANDATE_ANNOTATION_QUERY, new InputSource(new StringReader(mandate)))); + setPhyPersMandatorIdentificationType(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_IDTYPE_QUERY, new InputSource(new StringReader(mandate)))); + setPhyPersMandatorIdentificationValue(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_IDVALUE_QUERY, new InputSource(new StringReader(mandate)))); + setPhyPersMandatorGivenName(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_GIVENNAME_QUERY, new InputSource(new StringReader(mandate)))); + setPhyPersMandatorFamilyName(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_FAMILYNAME_QUERY, new InputSource(new StringReader(mandate)))); + setPhyPersMandatorBirthDate(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_DATEOFBIRTH_QUERY, new InputSource(new StringReader(mandate)))); + setMandateIssueDate(xPath.evaluate(S2Constants.MANDATE_ISSUEDDATE_QUERY, new InputSource(new StringReader(mandate)))); + setMandateIssuePlace(xPath.evaluate(S2Constants.MANDATE_ISSUEDPLACE_QUERY, new InputSource(new StringReader(mandate)))); + setMandateIssueTime(xPath.evaluate(S2Constants.MANDATE_ISSUEDTIME_QUERY, new InputSource(new StringReader(mandate)))); + setMandateValidFrom(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_VALIDFROM_QUERY, new InputSource(new StringReader(mandate)))); + setMandateValidTo(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_VALIDTO_QUERY, new InputSource(new StringReader(mandate)))); + setPhysicalRepresentativeBirthDate(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_DATEOFBIRTH_QUERY, new InputSource(new StringReader(mandate)))); + setPhysicalRepresentativeFamilyName(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_FAMILYNAME_QUERY, new InputSource(new StringReader(mandate)))); + setPhysicalRepresentativeGivenName(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_GIVENNAME_QUERY, new InputSource(new StringReader(mandate)))); + setPhysicalRepresentativeIdentificationType(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_IDTYPE_QUERY, new InputSource(new StringReader(mandate)))); + setPhysicalRepresentativeIdentificationValue(xPath.evaluate(S2Constants.MANDATE_REPRESENTATIVE_PHYPERS_IDVALUE_QUERY, new InputSource(new StringReader(mandate)))); + setSimpleMandateContent(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_TXTDESC_QUERY, new InputSource(new StringReader(mandate)))); + + // check if all necessary fields are present + validateMandateStructure(); // TODO + + } + + + public void validateMandateStructure() { + + } + + public String getPhyPersMandatorGivenName() { + return phyPersMandatorGivenName; + } + + public void setPhyPersMandatorGivenName(String phyPersMandatorGivenName) { + this.phyPersMandatorGivenName = phyPersMandatorGivenName; + } + + public String getPhyPersMandatorFamilyName() { + return phyPersMandatorFamilyName; + } + + public void setPhyPersMandatorFamilyName(String phyPersMandatorFamilyName) { + this.phyPersMandatorFamilyName = phyPersMandatorFamilyName; + } + + public String getPhyPersMandatorBirthDate() { + return phyPersMandatorBirthDate; + } + + public void setPhyPersMandatorBirthDate(String phyPersMandatorBirthDate) { + this.phyPersMandatorBirthDate = phyPersMandatorBirthDate; + } + + public String getPhyPersMandatorIdentificationValue() { + return phyPersMandatorIdentificationValue; + } + + public void setPhyPersMandatorIdentificationValue(String phyPersMandatorIdentificationValue) { + this.phyPersMandatorIdentificationValue = phyPersMandatorIdentificationValue; + } + + public String getPhyPersMandatorIdentificationType() { + return phyPersMandatorIdentificationType; + } + + public void setPhyPersMandatorIdentificationType(String phyPersMandatorIdentificationType) { + this.phyPersMandatorIdentificationType = phyPersMandatorIdentificationType; + } + + public String getMandateIssuePlace() { + return mandateIssuePlace; + } + + public void setMandateIssuePlace(String mandateIssuePlace) { + this.mandateIssuePlace = mandateIssuePlace; + } + + public String getMandateIssueDate() { + return mandateIssueDate; + } + + public void setMandateIssueDate(String mandateIssueDate) { + this.mandateIssueDate = mandateIssueDate; + } + + public String getMandateIssueTime() { + return mandateIssueTime; + } + + public void setMandateIssueTime(String mandateIssueTime) { + this.mandateIssueTime = mandateIssueTime; + } + + public String getSimpleMandateContent() { + return simpleMandateContent; + } + + public void setSimpleMandateContent(String simpleMandateContent) { + this.simpleMandateContent = simpleMandateContent; + } + + public String getMandateValidFrom() { + return mandateValidFrom; + } + + public void setMandateValidFrom(String mandateValidFrom) { + this.mandateValidFrom = mandateValidFrom; + } + + public String getMandateValidTo() { + return mandateValidTo; + } + + public void setMandateValidTo(String mandateValidTo) { + this.mandateValidTo = mandateValidTo; + } + + public String getAnnotation() { + return annotation; + } + + public void setAnnotation(String annotation) { + this.annotation = annotation; + } + + public String getPhysicalRepresentativeIdentificationValue() { + return physicalRepresentativeIdentificationValue; + } + + public void setPhysicalRepresentativeIdentificationValue(String physicalRepresentativeIdentificationValue) { + this.physicalRepresentativeIdentificationValue = physicalRepresentativeIdentificationValue; + } + + public String getPhysicalRepresentativeIdentificationType() { + return physicalRepresentativeIdentificationType; + } + + public void setPhysicalRepresentativeIdentificationType(String physicalRepresentativeIdentificationType) { + this.physicalRepresentativeIdentificationType = physicalRepresentativeIdentificationType; + } + + public String getPhysicalRepresentativeGivenName() { + return physicalRepresentativeGivenName; + } + + public void setPhysicalRepresentativeGivenName(String physicalRepresentativeGivenName) { + this.physicalRepresentativeGivenName = physicalRepresentativeGivenName; + } + + public String getPhysicalRepresentativeFamilyName() { + return physicalRepresentativeFamilyName; + } + + public void setPhysicalRepresentativeFamilyName(String physicalRepresentativeFamilyName) { + this.physicalRepresentativeFamilyName = physicalRepresentativeFamilyName; + } + + public String getPhysicalRepresentativeBirthDate() { + return physicalRepresentativeBirthDate; + } + + public void setPhysicalRepresentativeBirthDate(String physicalRepresentativeBirthDate) { + this.physicalRepresentativeBirthDate = physicalRepresentativeBirthDate; + } + + + + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java index 296bb4396..e332fbc6a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/S2Constants.java @@ -29,6 +29,12 @@ public interface S2Constants { public static final String MANDATE_SIMPLEMANDATECONTENT_VALIDFROM_QUERY = "/mandate:Mandate/mandate:SimpleMandateContent/mandate:TimeConstraint/mandate:ValidFrom/text()"; public static final String MANDATE_SIMPLEMANDATECONTENT_VALIDTO_QUERY = "/mandate:Mandate/mandate:SimpleMandateContent/mandate:TimeConstraint/mandate:ValidTo/text()"; + public static final String MANDATE_MANDATOR_PHYPERS_IDVALUE_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:PhysicalPerson/persondata:Identification/persondata:Value/text()"; + public static final String MANDATE_MANDATOR_PHYPERS_IDTYPE_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:PhysicalPerson/persondata:Identification/persondata:Type/text()"; + public static final String MANDATE_MANDATOR_PHYPERS_GIVENNAME_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:PhysicalPerson/persondata:Name/persondata:GivenName/text()"; + public static final String MANDATE_MANDATOR_PHYPERS_FAMILYNAME_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:PhysicalPerson/persondata:Name/persondata:FamilyName/text()"; + public static final String MANDATE_MANDATOR_PHYPERS_DATEOFBIRTH_QUERY = "/mandate:Mandate/mandate:Mandator/persondata:PhysicalPerson/persondata:DateOfBirth/text()"; + } -- cgit v1.2.3 From 8b87b650b80065dd60acebca2698b76685971759 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 5 May 2014 15:50:47 +0200 Subject: redefining corp body and phys person --- .../stork2/CorporateBodyMandateContainer.java | 164 +++++---------------- .../moa/id/protocols/stork2/MandateContainer.java | 157 ++++++++++++++++++++ .../stork2/PhyPersonMandateContainer.java | 154 ++++--------------- 3 files changed, 215 insertions(+), 260 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java index a75cdfb80..4bea124cb 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/CorporateBodyMandateContainer.java @@ -1,5 +1,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; import javanet.staxutils.SimpleNamespaceContext; import org.xml.sax.InputSource; @@ -7,42 +9,32 @@ import javax.xml.xpath.XPath; import javax.xml.xpath.XPathExpressionException; import javax.xml.xpath.XPathFactory; import java.io.StringReader; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; import java.util.HashMap; /** * Physical person representing corporate body + * * @author bsuzic * Date: 4/29/14, Time: 3:40 PM */ -public class CorporateBodyMandateContainer { - - private String corpMandatorIdentificationValue = null; - private String corpMandatorIdentificationType = null; - private String corpMandatorFullName = null; - private String mandateIssuePlace = null; - private String mandateIssueDate = null; - private String mandateIssueTime = null; - private String simpleMandateContent = null; - private String mandateValidFrom = null; - private String mandateValidTo = null; - private String annotation = null; - private String physicalRepresentativeIdentificationValue = null; - private String physicalRepresentativeIdentificationType = null; - private String physicalRepresentativeGivenName = null; - private String physicalRepresentativeFamilyName = null; - private String physicalRepresentativeBirthDate = null; - - - public CorporateBodyMandateContainer(String mandate) throws XPathExpressionException { - XPath xPath = XPathFactory.newInstance().newXPath(); - HashMap prefMap = new HashMap() {{ - put(S2Constants.MANDATE_PREFIX, S2Constants.MANDATE_NS); - put(S2Constants.PERSONDATA_PREFIX, S2Constants.PERSONDATA_NS); - put(S2Constants.XMLDSIG_PREFIX, S2Constants.XMLDSIG_NS); - }}; - - SimpleNamespaceContext namespace = new SimpleNamespaceContext(prefMap); - xPath.setNamespaceContext(namespace); +public class CorporateBodyMandateContainer extends MandateContainer { + + protected String corpMandatorIdentificationValue = null; + protected String corpMandatorIdentificationType = null; + protected String corpMandatorFullName = null; + + + String localMethods[] = new String[]{"getCorpMandatorIdentificationValue", "getCorpMandatorIdentificationType", "getCorpMandatorFullName", + "getMandateIssuePlace", "getMandateIssueDate", "getMandateIssueTime", "getSimpleMandateContent", "getMandateValidFrom", + "getMandateValidTo", "getPhysicalRepresentativeIdentificationValue", "getPhysicalRepresentativeIdentificationType", "getAnnotation", + "getPhysicalRepresentativeGivenName", "getPhysicalRepresentativeFamilyName", "getPhysicalRepresentativeBirthDate" + }; + + public CorporateBodyMandateContainer(String mandate) throws XPathExpressionException, MOAIDException { + super(mandate); + Logger.debug("Initializing corporate body mandate container."); setAnnotation(xPath.evaluate(S2Constants.MANDATE_ANNOTATION_QUERY, new InputSource(new StringReader(mandate)))); setCorpMandatorFullName(xPath.evaluate(S2Constants.MANDATE_MANDATOR_CORPBODY_FULLNAME_QUERY, new InputSource(new StringReader(mandate)))); @@ -61,16 +53,23 @@ public class CorporateBodyMandateContainer { setSimpleMandateContent(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_TXTDESC_QUERY, new InputSource(new StringReader(mandate)))); // check if all necessary fields are present - validateMandateStructure(); // TODO - - } + Logger.debug("Starting mandate structure validation"); + try { + validateMandateStructure(localMethods); // TODO + } catch (Exception e) { + if (e instanceof MOAIDException) { + Logger.error("Could not validate mandate structure."); + throw new MOAIDException("stork.16", new Object[] {e.getMessage()}); // TODO + } else { + Logger.error("Error during mandate structure validation."); + throw new MOAIDException("stork.16", new Object[] {e.getMessage()}); // TODO + } - public void validateMandateStructure() { + } } - public String getCorpMandatorIdentificationValue() { return corpMandatorIdentificationValue; } @@ -95,103 +94,6 @@ public class CorporateBodyMandateContainer { this.corpMandatorFullName = corpMandatorFullName; } - public String getMandateIssuePlace() { - return mandateIssuePlace; - } - - public void setMandateIssuePlace(String mandateIssuePlace) { - this.mandateIssuePlace = mandateIssuePlace; - } - - public String getMandateIssueDate() { - return mandateIssueDate; - } - - public void setMandateIssueDate(String mandateIssueDate) { - this.mandateIssueDate = mandateIssueDate; - } - - public String getMandateIssueTime() { - return mandateIssueTime; - } - - public void setMandateIssueTime(String mandateIssueTime) { - this.mandateIssueTime = mandateIssueTime; - } - - public String getSimpleMandateContent() { - return simpleMandateContent; - } - - public void setSimpleMandateContent(String simpleMandateContent) { - this.simpleMandateContent = simpleMandateContent; - } - - public String getMandateValidFrom() { - return mandateValidFrom; - } - - public void setMandateValidFrom(String mandateValidFrom) { - this.mandateValidFrom = mandateValidFrom; - } - - public String getMandateValidTo() { - return mandateValidTo; - } - - public void setMandateValidTo(String mandateValidTo) { - this.mandateValidTo = mandateValidTo; - } - - public String getPhysicalRepresentativeIdentificationValue() { - return physicalRepresentativeIdentificationValue; - } - - public void setPhysicalRepresentativeIdentificationValue(String physicalRepresentativeIdentificationValue) { - this.physicalRepresentativeIdentificationValue = physicalRepresentativeIdentificationValue; - } - - public String getPhysicalRepresentativeIdentificationType() { - return physicalRepresentativeIdentificationType; - } - - public void setPhysicalRepresentativeIdentificationType(String physicalRepresentativeIdentificationType) { - this.physicalRepresentativeIdentificationType = physicalRepresentativeIdentificationType; - } - - public String getPhysicalRepresentativeGivenName() { - return physicalRepresentativeGivenName; - } - - public void setPhysicalRepresentativeGivenName(String physicalRepresentativeGivenName) { - this.physicalRepresentativeGivenName = physicalRepresentativeGivenName; - } - - public String getPhysicalRepresentativeFamilyName() { - return physicalRepresentativeFamilyName; - } - - public void setPhysicalRepresentativeFamilyName(String physicalRepresentativeFamilyName) { - this.physicalRepresentativeFamilyName = physicalRepresentativeFamilyName; - } - - public String getPhysicalRepresentativeBirthDate() { - return physicalRepresentativeBirthDate; - } - - public void setPhysicalRepresentativeBirthDate(String physicalRepresentativeBirthDate) { - this.physicalRepresentativeBirthDate = physicalRepresentativeBirthDate; - } - - - - public String getAnnotation() { - return annotation; - } - - public void setAnnotation(String annotation) { - this.annotation = annotation; - } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java new file mode 100644 index 000000000..542776f52 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateContainer.java @@ -0,0 +1,157 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; +import javanet.staxutils.SimpleNamespaceContext; + +import javax.xml.xpath.XPath; +import javax.xml.xpath.XPathExpressionException; +import javax.xml.xpath.XPathFactory; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.util.HashMap; + +/** + * @author bsuzic + * Date: 5/5/14, Time: 2:35 PM + */ +public abstract class MandateContainer { + protected String mandateIssuePlace = null; + protected String mandateIssueDate = null; + protected String mandateIssueTime = null; + protected String simpleMandateContent = null; + protected String mandateValidFrom = null; + protected String mandateValidTo = null; + protected String annotation = null; + protected String physicalRepresentativeIdentificationValue = null; + protected String physicalRepresentativeIdentificationType = null; + protected String physicalRepresentativeGivenName = null; + protected String physicalRepresentativeFamilyName = null; + protected String physicalRepresentativeBirthDate = null; + protected XPath xPath = null; + + + public MandateContainer(String mandate) throws XPathExpressionException, MOAIDException { + xPath = XPathFactory.newInstance().newXPath(); + HashMap prefMap = new HashMap() {{ + put(S2Constants.MANDATE_PREFIX, S2Constants.MANDATE_NS); + put(S2Constants.PERSONDATA_PREFIX, S2Constants.PERSONDATA_NS); + put(S2Constants.XMLDSIG_PREFIX, S2Constants.XMLDSIG_NS); + }}; + + SimpleNamespaceContext namespace = new SimpleNamespaceContext(prefMap); + xPath.setNamespaceContext(namespace); + } + + + public void validateMandateStructure(String localMethods[]) throws NoSuchMethodException, InvocationTargetException, IllegalAccessException, MOAIDException { + for (String localMethod : localMethods) { + Method method = this.getClass().getMethod(localMethod); + Object x = method.invoke(this); + if ((x == null) || x.toString().length() == 0) { + throw new MOAIDException("stork.16", new Object[] {localMethod}); // TODO + } + } + Logger.debug("Mandate structure validated"); + } + + + public String getMandateIssuePlace() { + return mandateIssuePlace; + } + + public void setMandateIssuePlace(String mandateIssuePlace) { + this.mandateIssuePlace = mandateIssuePlace; + } + + public String getMandateIssueDate() { + return mandateIssueDate; + } + + public void setMandateIssueDate(String mandateIssueDate) { + this.mandateIssueDate = mandateIssueDate; + } + + public String getMandateIssueTime() { + return mandateIssueTime; + } + + public void setMandateIssueTime(String mandateIssueTime) { + this.mandateIssueTime = mandateIssueTime; + } + + public String getSimpleMandateContent() { + return simpleMandateContent; + } + + public void setSimpleMandateContent(String simpleMandateContent) { + this.simpleMandateContent = simpleMandateContent; + } + + public String getMandateValidFrom() { + return mandateValidFrom; + } + + public void setMandateValidFrom(String mandateValidFrom) { + this.mandateValidFrom = mandateValidFrom; + } + + public String getMandateValidTo() { + return mandateValidTo; + } + + public void setMandateValidTo(String mandateValidTo) { + this.mandateValidTo = mandateValidTo; + } + + public String getPhysicalRepresentativeIdentificationValue() { + return physicalRepresentativeIdentificationValue; + } + + public void setPhysicalRepresentativeIdentificationValue(String physicalRepresentativeIdentificationValue) { + this.physicalRepresentativeIdentificationValue = physicalRepresentativeIdentificationValue; + } + + public String getPhysicalRepresentativeIdentificationType() { + return physicalRepresentativeIdentificationType; + } + + public void setPhysicalRepresentativeIdentificationType(String physicalRepresentativeIdentificationType) { + this.physicalRepresentativeIdentificationType = physicalRepresentativeIdentificationType; + } + + public String getPhysicalRepresentativeGivenName() { + return physicalRepresentativeGivenName; + } + + public void setPhysicalRepresentativeGivenName(String physicalRepresentativeGivenName) { + this.physicalRepresentativeGivenName = physicalRepresentativeGivenName; + } + + public String getPhysicalRepresentativeFamilyName() { + return physicalRepresentativeFamilyName; + } + + public void setPhysicalRepresentativeFamilyName(String physicalRepresentativeFamilyName) { + this.physicalRepresentativeFamilyName = physicalRepresentativeFamilyName; + } + + public String getPhysicalRepresentativeBirthDate() { + return physicalRepresentativeBirthDate; + } + + public void setPhysicalRepresentativeBirthDate(String physicalRepresentativeBirthDate) { + this.physicalRepresentativeBirthDate = physicalRepresentativeBirthDate; + } + + public String getAnnotation() { + return annotation; + } + + public void setAnnotation(String annotation) { + this.annotation = annotation; + } + + + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java index 6143d69b4..c4be57bd3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/PhyPersonMandateContainer.java @@ -1,5 +1,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.logging.Logger; import javanet.staxutils.SimpleNamespaceContext; import org.xml.sax.InputSource; @@ -14,37 +16,23 @@ import java.util.HashMap; * @author bsuzic * Date: 4/30/14, Time: 11:29 AM */ -public class PhyPersonMandateContainer { +public class PhyPersonMandateContainer extends MandateContainer { private String phyPersMandatorIdentificationValue = null; private String phyPersMandatorIdentificationType = null; private String phyPersMandatorGivenName = null; private String phyPersMandatorFamilyName = null; private String phyPersMandatorBirthDate = null; - private String mandateIssuePlace = null; - private String mandateIssueDate = null; - private String mandateIssueTime = null; - private String simpleMandateContent = null; - private String mandateValidFrom = null; - private String mandateValidTo = null; - private String annotation = null; - private String physicalRepresentativeIdentificationValue = null; - private String physicalRepresentativeIdentificationType = null; - private String physicalRepresentativeGivenName = null; - private String physicalRepresentativeFamilyName = null; - private String physicalRepresentativeBirthDate = null; - - - public PhyPersonMandateContainer(String mandate) throws XPathExpressionException { - XPath xPath = XPathFactory.newInstance().newXPath(); - HashMap prefMap = new HashMap() {{ - put(S2Constants.MANDATE_PREFIX, S2Constants.MANDATE_NS); - put(S2Constants.PERSONDATA_PREFIX, S2Constants.PERSONDATA_NS); - put(S2Constants.XMLDSIG_PREFIX, S2Constants.XMLDSIG_NS); - }}; - - SimpleNamespaceContext namespace = new SimpleNamespaceContext(prefMap); - xPath.setNamespaceContext(namespace); + + String localMethods[] = new String[]{"getPhyPersMandatorGivenName", "getPhyPersMandatorFamilyName", "getPhyPersMandatorBirthDate", "getPhyPersMandatorIdentificationValue", + "getPhyPersMandatorIdentificationType", "getMandateIssuePlace", "getMandateIssueDate", "getMandateIssueTime", "getSimpleMandateContent", "getMandateValidFrom", + "getMandateValidTo", "getPhysicalRepresentativeIdentificationValue", "getPhysicalRepresentativeIdentificationType", "getAnnotation", + "getPhysicalRepresentativeGivenName", "getPhysicalRepresentativeFamilyName", "getPhysicalRepresentativeBirthDate" + }; + + + public PhyPersonMandateContainer(String mandate) throws XPathExpressionException, MOAIDException { + super(mandate); setAnnotation(xPath.evaluate(S2Constants.MANDATE_ANNOTATION_QUERY, new InputSource(new StringReader(mandate)))); setPhyPersMandatorIdentificationType(xPath.evaluate(S2Constants.MANDATE_MANDATOR_PHYPERS_IDTYPE_QUERY, new InputSource(new StringReader(mandate)))); @@ -65,14 +53,22 @@ public class PhyPersonMandateContainer { setSimpleMandateContent(xPath.evaluate(S2Constants.MANDATE_SIMPLEMANDATECONTENT_TXTDESC_QUERY, new InputSource(new StringReader(mandate)))); // check if all necessary fields are present - validateMandateStructure(); // TODO + Logger.debug("Starting mandate structure validation"); + try { + validateMandateStructure(localMethods); // TODO + } catch (Exception e) { + if (e instanceof MOAIDException) { + Logger.error("Could not validate mandate structure."); + throw new MOAIDException("stork.16", new Object[] {e.getMessage()}); // TODO + } else { + Logger.error("Error during mandate structure validation."); + throw new MOAIDException("stork.16", new Object[] {e.getMessage()}); // TODO + } + } } - public void validateMandateStructure() { - - } public String getPhyPersMandatorGivenName() { return phyPersMandatorGivenName; @@ -114,104 +110,4 @@ public class PhyPersonMandateContainer { this.phyPersMandatorIdentificationType = phyPersMandatorIdentificationType; } - public String getMandateIssuePlace() { - return mandateIssuePlace; - } - - public void setMandateIssuePlace(String mandateIssuePlace) { - this.mandateIssuePlace = mandateIssuePlace; - } - - public String getMandateIssueDate() { - return mandateIssueDate; - } - - public void setMandateIssueDate(String mandateIssueDate) { - this.mandateIssueDate = mandateIssueDate; - } - - public String getMandateIssueTime() { - return mandateIssueTime; - } - - public void setMandateIssueTime(String mandateIssueTime) { - this.mandateIssueTime = mandateIssueTime; - } - - public String getSimpleMandateContent() { - return simpleMandateContent; - } - - public void setSimpleMandateContent(String simpleMandateContent) { - this.simpleMandateContent = simpleMandateContent; - } - - public String getMandateValidFrom() { - return mandateValidFrom; - } - - public void setMandateValidFrom(String mandateValidFrom) { - this.mandateValidFrom = mandateValidFrom; - } - - public String getMandateValidTo() { - return mandateValidTo; - } - - public void setMandateValidTo(String mandateValidTo) { - this.mandateValidTo = mandateValidTo; - } - - public String getAnnotation() { - return annotation; - } - - public void setAnnotation(String annotation) { - this.annotation = annotation; - } - - public String getPhysicalRepresentativeIdentificationValue() { - return physicalRepresentativeIdentificationValue; - } - - public void setPhysicalRepresentativeIdentificationValue(String physicalRepresentativeIdentificationValue) { - this.physicalRepresentativeIdentificationValue = physicalRepresentativeIdentificationValue; - } - - public String getPhysicalRepresentativeIdentificationType() { - return physicalRepresentativeIdentificationType; - } - - public void setPhysicalRepresentativeIdentificationType(String physicalRepresentativeIdentificationType) { - this.physicalRepresentativeIdentificationType = physicalRepresentativeIdentificationType; - } - - public String getPhysicalRepresentativeGivenName() { - return physicalRepresentativeGivenName; - } - - public void setPhysicalRepresentativeGivenName(String physicalRepresentativeGivenName) { - this.physicalRepresentativeGivenName = physicalRepresentativeGivenName; - } - - public String getPhysicalRepresentativeFamilyName() { - return physicalRepresentativeFamilyName; - } - - public void setPhysicalRepresentativeFamilyName(String physicalRepresentativeFamilyName) { - this.physicalRepresentativeFamilyName = physicalRepresentativeFamilyName; - } - - public String getPhysicalRepresentativeBirthDate() { - return physicalRepresentativeBirthDate; - } - - public void setPhysicalRepresentativeBirthDate(String physicalRepresentativeBirthDate) { - this.physicalRepresentativeBirthDate = physicalRepresentativeBirthDate; - } - - - - - } -- cgit v1.2.3 From 3eece09e3a24b383a7dcdb1737e4eb97990c67df Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 5 May 2014 18:11:54 +0200 Subject: puting attributes in main section --- .../protocols/stork2/MandateRetrievalRequest.java | 179 ++++++++++++++++++--- 1 file changed, 154 insertions(+), 25 deletions(-) (limited to 'id/server') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index d216f716c..6e8262eef 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -19,8 +19,8 @@ import org.w3c.dom.Node; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import java.io.UnsupportedEncodingException; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; /** @@ -32,7 +32,14 @@ public class MandateRetrievalRequest implements IAction { private MOASTORKRequest moaStorkRequest; public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { - Logger.error("Entering mandateretrievalrequest"); + Logger.debug("Entering AttributeRequest for MandateProvider"); + httpResp.reset(); + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + + MOASTORKResponse moaStorkResponse = new MOASTORKResponse(); + STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse(); this.moaSession = moasession; @@ -45,18 +52,29 @@ public class MandateRetrievalRequest implements IAction { if (moaStorkRequest.isAttrRequest() && moaStorkRequest.getStorkAttrQueryRequest() != null) { - populateRepresented(moasession); + MandateContainer mandateContainer = null; + + try { + mandateContainer = new CorporateBodyMandateContainer(new String(moaSession.getMISMandate().getMandate(), "UTF-8")); + } catch (Exception ex) { + try { + mandateContainer = new PhyPersonMandateContainer(new String(moaSession.getMISMandate().getMandate(), "UTF-8")); + } catch (Exception ex2) { + Logger.error("Could not extract data and create mandate container."); + throw new MOAIDException("stork.16", new Object[] {}); // TODO + } + } + + if (mandateContainer instanceof CorporateBodyMandateContainer) { + + } else if (mandateContainer instanceof PhyPersonMandateContainer) { + + } + - Logger.debug("Entering AttributeRequest for MandateProvider"); - httpResp.reset(); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - MOASTORKResponse moaStorkResponse = new MOASTORKResponse(); - STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse(); // moaStorkResponse.setPersonalAttributeList(populateAttributes()); @@ -69,15 +87,38 @@ public class MandateRetrievalRequest implements IAction { for (PersonalAttribute currentAttribute : sourceAttributeList) { Logger.debug("Evaluationg currentattribute " + currentAttribute.getName()); if (currentAttribute.getName().equals("mandateContent")) { - PersonalAttribute mandateContent = new PersonalAttribute(); + attributeList.add(getMandateContent(mandateContainer, currentAttribute)); + } + if (currentAttribute.getName().equals("representative")) { + attributeList.add(getRepresentative(mandateContainer, currentAttribute)); + } + if (currentAttribute.getName().equals("represented")) { + attributeList.add(getRepresented(mandateContainer, currentAttribute)); + } + + + if (currentAttribute.getName().equals("representative")) { + PersonalAttribute personalAttribute = new PersonalAttribute(); List x = new ArrayList(); x.add("12345234k32jekqwjeqwe"); - mandateContent.setName(currentAttribute.getName()); - mandateContent.setFriendlyName(currentAttribute.getFriendlyName()); - mandateContent.setIsRequired(currentAttribute.isRequired()); - mandateContent.setValue(x); - mandateContent.setStatus("Available"); - attributeList.add(mandateContent); + HashMap complexValue = new HashMap(); + + if (mandateContainer instanceof CorporateBodyMandateContainer) { + + } else if (mandateContainer instanceof PhyPersonMandateContainer) { + } + + complexValue.put("eIdentifier","12345"); + complexValue.put("givenName", "Name"); + complexValue.put("surname", "surname"); + complexValue.put("dateOfBirth", "1.1.1."); + + personalAttribute.setName(currentAttribute.getName()); + personalAttribute.setFriendlyName(currentAttribute.getFriendlyName()); + personalAttribute.setIsRequired(currentAttribute.isRequired()); + personalAttribute.setComplexValue(complexValue); + personalAttribute.setStatus("Available"); + attributeList.add(personalAttribute); Logger.debug("Setting currentattribute " + currentAttribute.getName()); } @@ -127,19 +168,26 @@ public class MandateRetrievalRequest implements IAction { private void populateRepresented(AuthenticationSession moasession) { + MandateContainer mc = null; + try { - CorporateBodyMandateContainer corporateBodyMandateContainer = new CorporateBodyMandateContainer(new String(moaSession.getMISMandate().getMandate(), "UTF-8")); + mc = new CorporateBodyMandateContainer(new String(moaSession.getMISMandate().getMandate(), "UTF-8")); } catch (Exception ex) { - Logger.error("CORPORATE ERROR"); + Logger.error("CORPORATE ERROR"); + try { + mc = new PhyPersonMandateContainer(new String(moaSession.getMISMandate().getMandate(), "UTF-8")); + } catch (Exception ex2) { + Logger.error("PERSON ERROR"); + } } - - try { - PhyPersonMandateContainer phyPersonMandateContainer = new PhyPersonMandateContainer(new String(moaSession.getMISMandate().getMandate(), "UTF-8")); - } catch (Exception ex) { - Logger.error("PERSON ERROR"); + if (mc instanceof CorporateBodyMandateContainer) { + Logger.error("Instance of Corp"); + } else if (mc instanceof PhyPersonMandateContainer) { + Logger.error("Instance of Phy"); } + } @@ -168,8 +216,89 @@ public class MandateRetrievalRequest implements IAction { throw new MOAIDException("stork.11", null); // TODO description } - private void populateMandateType(AuthenticationSession moasession) { + private String mapPowersType(MandateContainer mandateContainer) { // TODO + return ""; + } + + private String mapCompanyType(MandateContainer mandateContainer) { // TODO + return ""; + } + + private PersonalAttribute getRepresentative(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) { + PersonalAttribute personalAttribute = new PersonalAttribute(); + HashMap complexValue = new HashMap(); + + if (mandateContainer instanceof CorporateBodyMandateContainer) { + Logger.error("Company as representative not supported"); // TODO + + } else if (mandateContainer instanceof PhyPersonMandateContainer) { + PhyPersonMandateContainer phyPersonMandateContainer = (PhyPersonMandateContainer)mandateContainer; + complexValue.put("eIdentifier", ""); // TODO CALCULATE + complexValue.put("givenName", phyPersonMandateContainer.getPhysicalRepresentativeGivenName()); + complexValue.put("surname", phyPersonMandateContainer.getPhysicalRepresentativeFamilyName()); + complexValue.put("dateOfBirth", phyPersonMandateContainer.getPhysicalRepresentativeBirthDate()); + } + + personalAttribute.setName(sourceAttribute.getName()); + personalAttribute.setFriendlyName(sourceAttribute.getFriendlyName()); + personalAttribute.setIsRequired(sourceAttribute.isRequired()); + personalAttribute.setComplexValue(complexValue); + personalAttribute.setStatus("Available"); + Logger.debug("Complex attribute extracted: " + personalAttribute.getName()); + + return personalAttribute; + } + + private PersonalAttribute getRepresented(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) { + PersonalAttribute personalAttribute = new PersonalAttribute(); + HashMap complexValue = new HashMap(); + + if (mandateContainer instanceof CorporateBodyMandateContainer) { + CorporateBodyMandateContainer corporateBodyMandateContainer = (CorporateBodyMandateContainer)mandateContainer; + complexValue.put("eLPIdentifier", corporateBodyMandateContainer.getCorpMandatorIdentificationValue()); + complexValue.put("name", corporateBodyMandateContainer.getCorpMandatorFullName()); + complexValue.put("address", ""); + complexValue.put("canonicalAddress", ""); + complexValue.put("type", mapCompanyType(mandateContainer)); + } else if (mandateContainer instanceof PhyPersonMandateContainer) { + PhyPersonMandateContainer phyPersonMandateContainer = (PhyPersonMandateContainer)mandateContainer; + complexValue.put("eIdentifier", ""); // TODO CALCULATE + complexValue.put("givenName", phyPersonMandateContainer.getPhyPersMandatorGivenName()); + complexValue.put("surname", phyPersonMandateContainer.getPhyPersMandatorFamilyName()); + complexValue.put("dateOfBirth", phyPersonMandateContainer.getPhyPersMandatorBirthDate()); + } + + personalAttribute.setName(sourceAttribute.getName()); + personalAttribute.setFriendlyName(sourceAttribute.getFriendlyName()); + personalAttribute.setIsRequired(sourceAttribute.isRequired()); + personalAttribute.setComplexValue(complexValue); + personalAttribute.setStatus("Available"); + Logger.debug("Complex attribute extracted: " + personalAttribute.getName()); + + return personalAttribute; + } + + + private PersonalAttribute getMandateContent(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) { + PersonalAttribute personalAttribute = new PersonalAttribute(); + HashMap complexValue = new HashMap(); + + complexValue.put("validFrom", mandateContainer.getMandateValidFrom()); + complexValue.put("validTo", mandateContainer.getMandateValidTo()); + complexValue.put("transactionLimit", "0"); // TODO + complexValue.put("transactionLimitCurrency", ""); // TODO + complexValue.put("isJoint", ""); + complexValue.put("isChained", "false"); + complexValue.put("typePower", mapPowersType(mandateContainer)); + + personalAttribute.setName(sourceAttribute.getName()); + personalAttribute.setFriendlyName(sourceAttribute.getFriendlyName()); + personalAttribute.setIsRequired(sourceAttribute.isRequired()); + personalAttribute.setComplexValue(complexValue); + personalAttribute.setStatus("Available"); + Logger.debug("Complex attribute extracted: " + personalAttribute.getName()); + return personalAttribute; } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { -- cgit v1.2.3 From a6d06a04fdd2caaebb387be3d85107658c08f345 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 6 May 2014 19:34:59 +0200 Subject: change --- .../conf/moa-id/stork/StorkSamlEngine_VIDP.xml | 1 + .../protocols/stork2/MandateRetrievalRequest.java | 206 +++++++++++++-------- 2 files changed, 125 insertions(+), 82 deletions(-) (limited to 'id/server') diff --git a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml index 83e69ac23..5aff0d1fa 100644 --- a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml +++ b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_VIDP.xml @@ -90,5 +90,6 @@ http://www.stork.gov.eu/1.0/mandateContent http://www.stork.gov.eu/1.0/representative http://www.stork.gov.eu/1.0/represented + http://www.stork.gov.eu/1.0/mandateType diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java index 6e8262eef..662baa3c9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -12,13 +12,21 @@ import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; import eu.stork.peps.auth.commons.STORKAttrQueryResponse; -import eu.stork.peps.complex.attributes.MandateContentType; -import eu.stork.peps.complex.attributes.MandateType; -import eu.stork.peps.complex.attributes.RepresentationPersonType; +import eu.stork.peps.complex.attributes.*; +import org.apache.xerces.impl.dv.DatatypeException; import org.w3c.dom.Node; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBElement; +import javax.xml.bind.Marshaller; +import javax.xml.datatype.DatatypeConfigurationException; +import javax.xml.datatype.DatatypeFactory; +import javax.xml.datatype.XMLGregorianCalendar; +import javax.xml.namespace.QName; +import java.io.StringWriter; +import java.math.BigInteger; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -85,43 +93,44 @@ public class MandateRetrievalRequest implements IAction { IPersonalAttributeList attributeList = new PersonalAttributeList(); for (PersonalAttribute currentAttribute : sourceAttributeList) { - Logger.debug("Evaluationg currentattribute " + currentAttribute.getName()); + Logger.debug("Evaluating currentattribute " + currentAttribute.getName()); if (currentAttribute.getName().equals("mandateContent")) { - attributeList.add(getMandateContent(mandateContainer, currentAttribute)); - } - if (currentAttribute.getName().equals("representative")) { - attributeList.add(getRepresentative(mandateContainer, currentAttribute)); - } - if (currentAttribute.getName().equals("represented")) { - attributeList.add(getRepresented(mandateContainer, currentAttribute)); - } + MandateContentType mandateContent = getMandateContent(mandateContainer, currentAttribute); + attributeList.add(marshallComplexAttribute(currentAttribute, mandateContent)); + // final Marshaller marshaller = JAXBContext.newInstance(MandateContentType.class).createMarshaller(); + // marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); - if (currentAttribute.getName().equals("representative")) { - PersonalAttribute personalAttribute = new PersonalAttribute(); - List x = new ArrayList(); - x.add("12345234k32jekqwjeqwe"); - HashMap complexValue = new HashMap(); + // StringWriter stringWriter = new StringWriter(); - if (mandateContainer instanceof CorporateBodyMandateContainer) { + // marshaller.marshal(new JAXBElement(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", "mandateContent"), MandateContentType.class, null, mandateContent), stringWriter); - } else if (mandateContainer instanceof PhyPersonMandateContainer) { - } + // ArrayList value = new ArrayList(); + // value.add(stringWriter.toString()); - complexValue.put("eIdentifier","12345"); - complexValue.put("givenName", "Name"); - complexValue.put("surname", "surname"); - complexValue.put("dateOfBirth", "1.1.1."); + // PersonalAttribute mandateContentAttribute = new PersonalAttribute("mandateContent", false, value, "Available"); - personalAttribute.setName(currentAttribute.getName()); - personalAttribute.setFriendlyName(currentAttribute.getFriendlyName()); - personalAttribute.setIsRequired(currentAttribute.isRequired()); - personalAttribute.setComplexValue(complexValue); - personalAttribute.setStatus("Available"); - attributeList.add(personalAttribute); - Logger.debug("Setting currentattribute " + currentAttribute.getName()); + // attributeList.add(mandateContentAttribute); + } else + if (currentAttribute.getName().equals("representative")) { // TODO CHECK + RepresentationPersonType representative = getRepresentative(mandateContainer, currentAttribute); + attributeList.add(marshallComplexAttribute(currentAttribute, representative)); + + //attributeList.add(getRepresentative(mandateContainer, currentAttribute)); + } else + if (currentAttribute.getName().equals("represented")) { + //attributeList.add(getRepresented(mandateContainer, currentAttribute)); + RepresentationPersonType represented = getRepresented(mandateContainer, currentAttribute); + attributeList.add(marshallComplexAttribute(currentAttribute, represented)); + + } else + if (currentAttribute.getName().equals("mandateType")) { + //attributeList.add(getMandateType(mandateContainer, currentAttribute)); + MandateType mandateType = getMandateType(mandateContainer, currentAttribute); + attributeList.add(marshallComplexAttribute(currentAttribute, mandateType)); } + } attrResponse.setPersonalAttributeList(attributeList); @@ -159,6 +168,38 @@ public class MandateRetrievalRequest implements IAction { return null; // } + private PersonalAttribute marshallComplexAttribute(PersonalAttribute currentAttribute, Object obj) { // TODO refactor + + + StringWriter stringWriter = new StringWriter(); + try { + if (obj instanceof MandateContentType) { + final Marshaller marshaller = JAXBContext.newInstance(MandateContentType.class).createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); + marshaller.marshal(new JAXBElement(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), MandateContentType.class, null, (MandateContentType)obj), stringWriter); + } else if (obj instanceof MandateType) { + final Marshaller marshaller = JAXBContext.newInstance(MandateType.class).createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); + marshaller.marshal(new JAXBElement(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), MandateType.class, null, (MandateType)obj), stringWriter); + } else if (obj instanceof RepresentationPersonType) { + final Marshaller marshaller = JAXBContext.newInstance(RepresentationPersonType.class).createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE); + marshaller.marshal(new JAXBElement(new QName("urn:eu:stork:names:tc:STORK:1.0:assertion", currentAttribute.getName()), RepresentationPersonType.class, null, (RepresentationPersonType)obj), stringWriter); + } + + } catch (Exception ex) { + Logger.error("Could not marshall atrribute: " + currentAttribute.getName() + ", " + ex.getMessage()); + return new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), new ArrayList(), "NotAvailable"); + } + ArrayList value = new ArrayList(); + value.add(stringWriter.toString()); + + PersonalAttribute personalAttribute = new PersonalAttribute(currentAttribute.getName(), currentAttribute.isRequired(), value, "Available"); + + return personalAttribute; + } + + private void populateMandatingData(AuthenticationSession moasession) { MandateType mandateType = new MandateType(); RepresentationPersonType representationPersonType = new RepresentationPersonType(); @@ -224,81 +265,82 @@ public class MandateRetrievalRequest implements IAction { return ""; } - private PersonalAttribute getRepresentative(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) { - PersonalAttribute personalAttribute = new PersonalAttribute(); - HashMap complexValue = new HashMap(); + private MandateType getMandateType(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { + MandateType mandateType = new MandateType(); + RepresentationPersonType representative = getRepresentative(mandateContainer, sourceAttribute); + RepresentationPersonType represented = getRepresented(mandateContainer, sourceAttribute); + MandateContentType mandateContent = getMandateContent(mandateContainer, sourceAttribute); + mandateType.setRepresenting(representative); + mandateType.setRepresented(represented); + mandateType.setMandateContent(mandateContent); + Logger.debug("Complex attribute extracted: " + sourceAttribute.getName()); + return mandateType; + } + + + private RepresentationPersonType getRepresentative(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) { + RepresentationPersonType representative = new RepresentationPersonType(); if (mandateContainer instanceof CorporateBodyMandateContainer) { Logger.error("Company as representative not supported"); // TODO } else if (mandateContainer instanceof PhyPersonMandateContainer) { PhyPersonMandateContainer phyPersonMandateContainer = (PhyPersonMandateContainer)mandateContainer; - complexValue.put("eIdentifier", ""); // TODO CALCULATE - complexValue.put("givenName", phyPersonMandateContainer.getPhysicalRepresentativeGivenName()); - complexValue.put("surname", phyPersonMandateContainer.getPhysicalRepresentativeFamilyName()); - complexValue.put("dateOfBirth", phyPersonMandateContainer.getPhysicalRepresentativeBirthDate()); + representative.setEIdentifier(""); // TODO CALCULATE + representative.setGivenName(phyPersonMandateContainer.getPhysicalRepresentativeGivenName()); + representative.setSurname(phyPersonMandateContainer.getPhysicalRepresentativeFamilyName()); + representative.setDateOfBirth(phyPersonMandateContainer.getPhysicalRepresentativeBirthDate()); } - personalAttribute.setName(sourceAttribute.getName()); - personalAttribute.setFriendlyName(sourceAttribute.getFriendlyName()); - personalAttribute.setIsRequired(sourceAttribute.isRequired()); - personalAttribute.setComplexValue(complexValue); - personalAttribute.setStatus("Available"); - Logger.debug("Complex attribute extracted: " + personalAttribute.getName()); - - return personalAttribute; + Logger.debug("Complex attribute extracted: " + sourceAttribute.getName()); + return representative; } - private PersonalAttribute getRepresented(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) { - PersonalAttribute personalAttribute = new PersonalAttribute(); - HashMap complexValue = new HashMap(); + private RepresentationPersonType getRepresented(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) { + RepresentationPersonType represented = new RepresentationPersonType(); if (mandateContainer instanceof CorporateBodyMandateContainer) { CorporateBodyMandateContainer corporateBodyMandateContainer = (CorporateBodyMandateContainer)mandateContainer; - complexValue.put("eLPIdentifier", corporateBodyMandateContainer.getCorpMandatorIdentificationValue()); - complexValue.put("name", corporateBodyMandateContainer.getCorpMandatorFullName()); - complexValue.put("address", ""); - complexValue.put("canonicalAddress", ""); - complexValue.put("type", mapCompanyType(mandateContainer)); + represented.setELPIdentifier(corporateBodyMandateContainer.getCorpMandatorIdentificationValue()); + represented.setName(corporateBodyMandateContainer.getCorpMandatorFullName()); + represented.setAddress(""); + represented.setCanonicalAddress(new CanonicalAddressType()); + represented.setType(mapCompanyType(mandateContainer)); // TODO } else if (mandateContainer instanceof PhyPersonMandateContainer) { PhyPersonMandateContainer phyPersonMandateContainer = (PhyPersonMandateContainer)mandateContainer; - complexValue.put("eIdentifier", ""); // TODO CALCULATE - complexValue.put("givenName", phyPersonMandateContainer.getPhyPersMandatorGivenName()); - complexValue.put("surname", phyPersonMandateContainer.getPhyPersMandatorFamilyName()); - complexValue.put("dateOfBirth", phyPersonMandateContainer.getPhyPersMandatorBirthDate()); + represented.setEIdentifier(""); // TODO CALCULATE + represented.setGivenName(phyPersonMandateContainer.getPhyPersMandatorGivenName()); + represented.setSurname(phyPersonMandateContainer.getPhyPersMandatorFamilyName()); + represented.setDateOfBirth(phyPersonMandateContainer.getPhyPersMandatorBirthDate()); } - personalAttribute.setName(sourceAttribute.getName()); - personalAttribute.setFriendlyName(sourceAttribute.getFriendlyName()); - personalAttribute.setIsRequired(sourceAttribute.isRequired()); - personalAttribute.setComplexValue(complexValue); - personalAttribute.setStatus("Available"); - Logger.debug("Complex attribute extracted: " + personalAttribute.getName()); + Logger.debug("Complex attribute extracted: " + sourceAttribute.getName()); - return personalAttribute; + return represented; } - private PersonalAttribute getMandateContent(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) { - PersonalAttribute personalAttribute = new PersonalAttribute(); - HashMap complexValue = new HashMap(); + private MandateContentType getMandateContent(MandateContainer mandateContainer, PersonalAttribute sourceAttribute) throws MOAIDException { + MandateContentType mandateContent = new MandateContentType(); + try { + XMLGregorianCalendar validFrom = DatatypeFactory.newInstance().newXMLGregorianCalendar(mandateContainer.getMandateValidFrom()); - complexValue.put("validFrom", mandateContainer.getMandateValidFrom()); - complexValue.put("validTo", mandateContainer.getMandateValidTo()); - complexValue.put("transactionLimit", "0"); // TODO - complexValue.put("transactionLimitCurrency", ""); // TODO - complexValue.put("isJoint", ""); - complexValue.put("isChained", "false"); - complexValue.put("typePower", mapPowersType(mandateContainer)); + XMLGregorianCalendar validTo = DatatypeFactory.newInstance().newXMLGregorianCalendar(mandateContainer.getMandateValidTo()); + mandateContent.setValidFrom(validFrom); + mandateContent.setValidTo(validTo); + } catch (DatatypeConfigurationException dte) { + Logger.error("Error converting data from mandate"); + throw new MOAIDException("stork.16", new Object[] {}); // TODO - personalAttribute.setName(sourceAttribute.getName()); - personalAttribute.setFriendlyName(sourceAttribute.getFriendlyName()); - personalAttribute.setIsRequired(sourceAttribute.isRequired()); - personalAttribute.setComplexValue(complexValue); - personalAttribute.setStatus("Available"); - Logger.debug("Complex attribute extracted: " + personalAttribute.getName()); + } - return personalAttribute; + mandateContent.setTransactionLimit(BigInteger.valueOf(0)); // TODO + mandateContent.setTransactionLimitCurrency("");// TODO + mandateContent.setIsJoint(""); + mandateContent.setIschained(false); + mandateContent.setTypePower(mapPowersType(mandateContainer)); + Logger.debug("Complex attribute extracted: " + sourceAttribute.getName()); + return mandateContent; } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { -- cgit v1.2.3