From a9e03893056cf1b349148b0f1048c37c9073e557 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 24 Oct 2014 13:44:54 +0200 Subject: update dynamic OA generation --- .../builder/DynamicOAAuthParameterBuilder.java | 37 ++++++++++++++- .../gv/egovernment/moa/id/config/OAParameter.java | 18 +++---- .../moa/id/config/auth/IOAAuthParameters.java | 12 +++++ .../moa/id/config/auth/OAAuthParameter.java | 29 +++++++++++- .../config/auth/data/DynamicOAAuthParameters.java | 55 +++++++++------------- 5 files changed, 106 insertions(+), 45 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java index 132b6af01..49f87122d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DynamicOAAuthParameterBuilder.java @@ -33,7 +33,9 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.config.auth.data.DynamicOAAuthParameters; +import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; +import at.gv.egovernment.moa.id.protocols.stork2.MOASTORKRequest; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; @@ -62,7 +64,7 @@ public class DynamicOAAuthParameterBuilder { attrValue.startsWith(Constants.URN_PREFIX_STORK) ) { dynamicOA.setBusinessService(true); dynamicOA.setTarget(attrValue); - + } else { Logger.error("Sector identification " + attrValue + " is not a valid Target or BusinessServiceArea"); throw new DynamicOABuildException("Sector identification " + attrValue + " is not a valid Target or BusinessServiceArea", null); @@ -106,4 +108,37 @@ public class DynamicOAAuthParameterBuilder { } + + /** + * @param oaParam + * @param protocolRequest + * @return + */ + public static IOAAuthParameters buildFromAuthnRequest( + IOAAuthParameters oaParam, IRequest protocolRequest) { + + DynamicOAAuthParameters dynOAParams = new DynamicOAAuthParameters(); + dynOAParams.setApplicationID(oaParam.getPublicURLPrefix()); + dynOAParams.setBusinessService(oaParam.getBusinessService()); + + if (protocolRequest instanceof MOASTORKRequest) + return buildFromSTORKRequest(dynOAParams, (MOASTORKRequest) protocolRequest); + + Logger.warn("Dynamic OA generation failed. RequestType is not implemented."); + return null; + } + + /** + * @param oaParam + * @param protocolRequest + * @return + */ + private static IOAAuthParameters buildFromSTORKRequest( + DynamicOAAuthParameters oaParam, MOASTORKRequest protocolRequest) { + + oaParam.setBusinessTarget(Constants.URN_PREFIX_STORK + "+" + "AT" + "+" + protocolRequest.getSpCountry()); + oaParam.setBusinessService(true); + + return oaParam; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java index d87dfd3b5..a2e8bab9b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java @@ -47,6 +47,8 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; */ public class OAParameter { + public OAParameter() { } + public OAParameter(OnlineApplication oa) { this.oaType = oa.getType(); @@ -83,33 +85,33 @@ public class OAParameter { * specifies whether the online application is a business application or not (true * if value of {@link #oaType} is "businessService" */ - private boolean businessService; + protected boolean businessService; /** * public URL prefix of the online application */ - private String publicURLPrefix; + protected String publicURLPrefix; /** * specifies a human readable name of the Online Application */ - private String friendlyName; + protected String friendlyName; /** * specified a specific target for the Online Application (overwrites the target in der request) */ - private String target; + protected String target; /** * specifies a friendly name for the target */ - private String targetFriendlyName; + protected String targetFriendlyName; - private boolean removePBKFromAuthblock; + protected boolean removePBKFromAuthblock; - private Boolean isInderfederationIDP; + protected Boolean isInderfederationIDP; - private Boolean isSTORKPVPGateway; + protected Boolean isSTORKPVPGateway; /** * Contains the oAuth 2.0 configuration (client id, secret and redirect uri) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java index 4c6519b57..c336eb316 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/IOAAuthParameters.java @@ -54,6 +54,8 @@ public interface IOAAuthParameters { public boolean isInderfederationIDP(); + public boolean isSTORKPVPGateway(); + /** * @return the identityLinkDomainIdentifier */ @@ -152,5 +154,15 @@ public interface IOAAuthParameters { List getTestCredentialOIDs(); PrivateKey getBPKDecBpkDecryptionKey(); + + /** + * @return + */ + boolean isPassivRequestUsedForInterfederation(); + + /** + * @return + */ + boolean isPerformLocalAuthenticationOnInterfederationError(); } \ No newline at end of file diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java index d235f54fd..90b72b72b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java @@ -443,6 +443,9 @@ public List getRequestedAttributes() { @Override public boolean isRequireConsentForStorkAttributes() { try{ + if (isSTORKPVPGateway()) + return false; + return oa_auth.getOASTORK().isRequireConsent(); }catch(Exception e) { @@ -457,7 +460,13 @@ public boolean isRequireConsentForStorkAttributes() { */ @Override public List getStorkAPs() { - return oa_auth.getOASTORK().getAttributeProviders(); + if (oa_auth.getOASTORK() != null && + oa_auth.getOASTORK().getAttributeProviders() != null) + return oa_auth.getOASTORK().getAttributeProviders(); + + else + return new ArrayList(); + } /* (non-Javadoc) @@ -527,10 +536,26 @@ public boolean isOutboundSSOInterfederationAllowed() { return false; } +@Override +public boolean isPassivRequestUsedForInterfederation() { + if (inderfederatedIDP != null) + return inderfederatedIDP.isPerformPassivRequest().booleanValue(); + else + return false; +} + +@Override +public boolean isPerformLocalAuthenticationOnInterfederationError() { + if (inderfederatedIDP != null) + return inderfederatedIDP.isPerformLocalAuthenticationOnError().booleanValue(); + else + return false; +} + @Override public boolean isInterfederationSSOStorageAllowed() { if (inderfederatedIDP != null) - return inderfederatedIDP.isStoreSSOSession(); + return inderfederatedIDP.isStoreSSOSession().booleanValue(); else return false; } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java index 7dbdcfa52..e576522bf 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java @@ -32,31 +32,19 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; +import at.gv.egovernment.moa.id.config.OAParameter; import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; /** * @author tlenz * */ -public class DynamicOAAuthParameters implements IOAAuthParameters { - - private String applicationID = null; +public class DynamicOAAuthParameters extends OAParameter implements IOAAuthParameters { - private boolean isBusinessService; - private String target; private String businessTarget; - private boolean inderfederatedIDP; private String IDPQueryURL; - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getBusinessService() - */ - @Override - public boolean getBusinessService() { - return this.isBusinessService; - } - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getTarget() */ @@ -73,14 +61,6 @@ public class DynamicOAAuthParameters implements IOAAuthParameters { return this.businessTarget; } - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isInderfederationIDP() - */ - @Override - public boolean isInderfederationIDP() { - return this.inderfederatedIDP; - } - /* (non-Javadoc) * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getIDPAttributQueryServiceURL() */ @@ -309,7 +289,7 @@ public class DynamicOAAuthParameters implements IOAAuthParameters { * @param isBusinessService the isBusinessService to set */ public void setBusinessService(boolean isBusinessService) { - this.isBusinessService = isBusinessService; + businessService = isBusinessService; } /** @@ -330,7 +310,7 @@ public class DynamicOAAuthParameters implements IOAAuthParameters { * @param inderfederatedIDP the inderfederatedIDP to set */ public void setInderfederatedIDP(boolean inderfederatedIDP) { - this.inderfederatedIDP = inderfederatedIDP; + isInderfederationIDP = inderfederatedIDP; } /** @@ -340,19 +320,11 @@ public class DynamicOAAuthParameters implements IOAAuthParameters { IDPQueryURL = iDPQueryURL; } - /* (non-Javadoc) - * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#getPublicURLPrefix() - */ - @Override - public String getPublicURLPrefix() { - return this.applicationID; - } - /** * @param applicationID the applicationID to set */ public void setApplicationID(String applicationID) { - this.applicationID = applicationID; + publicURLPrefix = applicationID; } /* (non-Javadoc) @@ -409,6 +381,21 @@ public class DynamicOAAuthParameters implements IOAAuthParameters { return null; } - + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isPassivRequestUsedForInterfederation() + */ + @Override + public boolean isPassivRequestUsedForInterfederation() { + // TODO Auto-generated method stub + return false; + } + /* (non-Javadoc) + * @see at.gv.egovernment.moa.id.config.auth.IOAAuthParameters#isPerformLocalAuthenticationOnInterfederationError() + */ + @Override + public boolean isPerformLocalAuthenticationOnInterfederationError() { + // TODO Auto-generated method stub + return false; + } } -- cgit v1.2.3