From ce0962d20a720e6c16adfd89ee8d71639d65dd52 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 27 Feb 2014 14:32:30 +0100 Subject: build stork euid --- .../moa/id/auth/builder/BPKBuilder.java | 196 +++++++++++++-------- .../id/protocols/stork2/AuthenticationRequest.java | 13 +- 2 files changed, 136 insertions(+), 73 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index bd87737ed..fd8f3f875 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -2,19 +2,19 @@ * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * + * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works @@ -46,91 +46,143 @@ package at.gv.egovernment.moa.id.auth.builder; -import java.security.MessageDigest; - import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; +import java.security.MessageDigest; + /** * Builder for the bPK, as defined in * "Ableitung f¨r die bereichsspezifische Personenkennzeichnung" * version 1.0.1 from "reference.e-government.gv.at". - * + * * @author Paul Schamberger * @version $Id$ */ public class BPKBuilder { - /** - * Builds the bPK from the given parameters. - * @param identificationValue Base64 encoded "Stammzahl" - * @param target "Bereich lt. Verordnung des BKA" - * @return bPK in a BASE64 encoding - * @throws BuildException if an error occurs on building the bPK - */ - public String buildBPK(String identificationValue, String target) - throws BuildException { - - if ((identificationValue == null || - identificationValue.length() == 0 || - target == null || - target.length() == 0)) - { - throw new BuildException("builder.00", - new Object[] {"BPK", "Unvollständige Parameterangaben: identificationValue=" + - identificationValue + ",target=" + target}); + /** + * Builds the bPK from the given parameters. + * + * @param identificationValue Base64 encoded "Stammzahl" + * @param target "Bereich lt. Verordnung des BKA" + * @return bPK in a BASE64 encoding + * @throws BuildException if an error occurs on building the bPK + */ + public String buildBPK(String identificationValue, String target) + throws BuildException { + + if ((identificationValue == null || + identificationValue.length() == 0 || + target == null || + target.length() == 0)) { + throw new BuildException("builder.00", + new Object[]{"BPK", "Unvollständige Parameterangaben: identificationValue=" + + identificationValue + ",target=" + target}); + } + String basisbegriff; + if (target.startsWith(Constants.URN_PREFIX_CDID + "+")) + basisbegriff = identificationValue + "+" + target; + else + basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_CDID + "+" + target; + + try { + MessageDigest md = MessageDigest.getInstance("SHA-1"); + byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); + String hashBase64 = Base64Utils.encode(hash); + return hashBase64; + } catch (Exception ex) { + throw new BuildException("builder.00", new Object[]{"bPK", ex.toString()}, ex); + } } - String basisbegriff; - if (target.startsWith(Constants.URN_PREFIX_CDID + "+")) - basisbegriff = identificationValue + "+" + target; - else - basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_CDID + "+" + target; - - try { - MessageDigest md = MessageDigest.getInstance("SHA-1"); - byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); - String hashBase64 = Base64Utils.encode(hash); - return hashBase64; - } catch (Exception ex) { - throw new BuildException("builder.00", new Object[] {"bPK", ex.toString()}, ex); + + /** + * Builds the wbPK from the given parameters. + * + * @param identificationValue Base64 encoded "Stammzahl" + * @param registerAndOrdNr type of register + "+" + number in register. + * @return wbPK in a BASE64 encoding + * @throws BuildException if an error occurs on building the wbPK + */ + public String buildWBPK(String identificationValue, String registerAndOrdNr) + throws BuildException { + + if ((identificationValue == null || + identificationValue.length() == 0 || + registerAndOrdNr == null || + registerAndOrdNr.length() == 0)) { + throw new BuildException("builder.00", + new Object[]{"wbPK", "Unvollständige Parameterangaben: identificationValue=" + + identificationValue + ",Register+Registernummer=" + registerAndOrdNr}); + } + + String basisbegriff; + if (registerAndOrdNr.startsWith(Constants.URN_PREFIX_WBPK + "+")) + basisbegriff = identificationValue + "+" + registerAndOrdNr; + else + basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr; + + try { + MessageDigest md = MessageDigest.getInstance("SHA-1"); + byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); + String hashBase64 = Base64Utils.encode(hash); + return hashBase64; + } catch (Exception ex) { + throw new BuildException("builder.00", new Object[]{"wbPK", ex.toString()}, ex); + } } - } - - /** - * Builds the wbPK from the given parameters. - * @param identificationValue Base64 encoded "Stammzahl" - * @param registerAndOrdNr type of register + "+" + number in register. - * @return wbPK in a BASE64 encoding - * @throws BuildException if an error occurs on building the wbPK - */ - public String buildWBPK(String identificationValue, String registerAndOrdNr) - throws BuildException { - - if ((identificationValue == null || - identificationValue.length() == 0 || - registerAndOrdNr == null || - registerAndOrdNr.length() == 0)) - { - throw new BuildException("builder.00", - new Object[] {"wbPK", "Unvollständige Parameterangaben: identificationValue=" + - identificationValue + ",Register+Registernummer=" + registerAndOrdNr}); + + /** + * Builds the wbPK from the given parameters. + * + * @param identificationValue Base64 encoded "Stammzahl" + * @param destinationCountry destination country code (2 chars) + * @return storkid in a BASE64 encoding + * @throws BuildException if an error occurs on building the wbPK + */ + public String buildStorkPK(String identificationValue, String destinationCountry) + throws BuildException { + return buildStorkPK(identificationValue, "AT", destinationCountry); } - - String basisbegriff; - if (registerAndOrdNr.startsWith(Constants.URN_PREFIX_WBPK + "+" )) - basisbegriff = identificationValue + "+" + registerAndOrdNr; - else - basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr; - - try { - MessageDigest md = MessageDigest.getInstance("SHA-1"); - byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); - String hashBase64 = Base64Utils.encode(hash); - return hashBase64; - } catch (Exception ex) { - throw new BuildException("builder.00", new Object[] {"wbPK", ex.toString()}, ex); + + + /** + * Builds the wbPK from the given parameters. + * + * @param identificationValue Base64 encoded "Stammzahl" + * @param sourceCountry source country code (2 chars) + * @param destinationCountry destination country code (2 chars) + * @return storkid in a BASE64 encoding + * @throws BuildException if an error occurs on building the wbPK + */ + public String buildStorkPK(String identificationValue, String sourceCountry, String destinationCountry) + throws BuildException { + + if ((identificationValue == null || + identificationValue.length() == 0 || + destinationCountry == null || + destinationCountry.length() == 0 || + destinationCountry.length() != 2 || + sourceCountry == null || + sourceCountry.length() == 0 || + sourceCountry.length() != 2)) { + throw new BuildException("builder.00", + new Object[]{"storkid", "Unvollständige Parameterangaben: identificationValue=" + + identificationValue + ", Zielland=" + destinationCountry + ", Ursprungsland=" + sourceCountry}); + } + + String basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_STORK + "+" + sourceCountry + "+" + destinationCountry; + + try { + MessageDigest md = MessageDigest.getInstance("SHA-1"); + byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1")); + String hashBase64 = Base64Utils.encode(hash); + return hashBase64; + } catch (Exception ex) { + throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex); + } } - } + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index d4996c26a..3288e064f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -10,6 +10,7 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; +import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; import edu.emory.mathcs.backport.java.util.Collections; import eu.stork.peps.auth.commons.*; @@ -29,6 +30,7 @@ import javax.servlet.http.HttpSession; import java.io.*; import java.util.HashMap; import eu.stork.peps.auth.engine.SAMLEngine; +import org.w3c.dom.Element; /** @@ -52,6 +54,15 @@ public class AuthenticationRequest implements IAction { this.moaSession = moasession; this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req; + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); + + + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); Logger.debug("Starting AuthenticationRequest"); //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); @@ -61,7 +72,7 @@ public class AuthenticationRequest implements IAction { httpResp.reset(); STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry("AT"); + authnResponse.setCountry("EU"); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); if (oaParam == null) -- cgit v1.2.3 From 433e76b8b63b20a1d28f876f32a04f14342a9092 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 27 Feb 2014 15:14:32 +0100 Subject: integrating stork eidattribute --- .../at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java | 10 ++++------ .../moa/id/protocols/stork2/AuthenticationRequest.java | 8 ++++++-- .../moa/id/protocols/stork2/MOAAttributeProvider.java | 15 +++++++++++++-- 3 files changed, 23 insertions(+), 10 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index fd8f3f875..fc43d25e5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -141,9 +141,9 @@ public class BPKBuilder { * @return storkid in a BASE64 encoding * @throws BuildException if an error occurs on building the wbPK */ - public String buildStorkPK(String identificationValue, String destinationCountry) + public String buildStorkbPK(String identificationValue, String destinationCountry) throws BuildException { - return buildStorkPK(identificationValue, "AT", destinationCountry); + return buildStorkbPK(identificationValue, "AT", destinationCountry); } @@ -156,17 +156,15 @@ public class BPKBuilder { * @return storkid in a BASE64 encoding * @throws BuildException if an error occurs on building the wbPK */ - public String buildStorkPK(String identificationValue, String sourceCountry, String destinationCountry) + public String buildStorkbPK(String identificationValue, String sourceCountry, String destinationCountry) throws BuildException { if ((identificationValue == null || identificationValue.length() == 0 || destinationCountry == null || destinationCountry.length() == 0 || - destinationCountry.length() != 2 || sourceCountry == null || - sourceCountry.length() == 0 || - sourceCountry.length() != 2)) { + sourceCountry.length() == 0)) { throw new BuildException("builder.00", new Object[]{"storkid", "Unvollständige Parameterangaben: identificationValue=" + identificationValue + ", Zielland=" + destinationCountry + ", Ursprungsland=" + sourceCountry}); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 3288e064f..6a2fe3bfc 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -54,6 +54,7 @@ public class AuthenticationRequest implements IAction { this.moaSession = moasession; this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req; + try{ MISMandate mandate = moasession.getMISMandate(); String owbpk = mandate.getOWbPK(); byte[] mand = mandate.getMandate(); @@ -63,6 +64,7 @@ public class AuthenticationRequest implements IAction { Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); +} catch (Exception x) {} Logger.debug("Starting AuthenticationRequest"); //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); @@ -72,7 +74,9 @@ public class AuthenticationRequest implements IAction { httpResp.reset(); STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry("EU"); + authnResponse.setCountry(((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getSpCountry()); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); if (oaParam == null) @@ -137,7 +141,7 @@ public class AuthenticationRequest implements IAction { // Define attribute list to be populated PersonalAttributeList attributeList = new PersonalAttributeList(); - MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink()); + MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink(), moaStorkAuthnRequest); try { for (PersonalAttribute personalAttribute : attrLst) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 414e383fa..190a0d27c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -1,6 +1,8 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; @@ -20,6 +22,7 @@ public class MOAAttributeProvider { private final IdentityLink identityLink; private static final Map storkAttributeSimpleMapping; private static final Map storkAttributeFunctionMapping; + private final MOASTORKAuthnRequest moastorkAuthnRequest; static { Map tempSimpleMap = new HashMap(); @@ -32,8 +35,9 @@ public class MOAAttributeProvider { storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); } - public MOAAttributeProvider(IdentityLink identityLink) { + public MOAAttributeProvider(IdentityLink identityLink, MOASTORKAuthnRequest moastorkAuthnRequest) { this.identityLink = identityLink; + this.moastorkAuthnRequest = moastorkAuthnRequest; Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue()); } @@ -66,9 +70,16 @@ public class MOAAttributeProvider { } private String geteIdentifier() { - return "askdlaskdlaskdsds"; + Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry()); + try { + return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry()); + } catch (BuildException be) { + Logger.error("Stork eid could not be constructed; " + be.getMessage()); + return null; // TODO error + } } + private void populateAttributeWithMethod(Method method, Object object, PersonalAttributeList attributeList, String storkAttribute, Boolean isRequired) { try { String attributeValue = method.invoke(object, new Class[]{}).toString(); -- cgit v1.2.3 From a949aceb20f55adad0dc797eba42c00f8d026fe1 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Thu, 27 Feb 2014 18:53:42 +0100 Subject: auth --- .../moa/id/auth/builder/BPKBuilder.java | 4 ++-- .../id/protocols/stork2/AuthenticationRequest.java | 28 +++++++++++++++------- 2 files changed, 21 insertions(+), 11 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java index fc43d25e5..226d05520 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java @@ -134,7 +134,7 @@ public class BPKBuilder { } /** - * Builds the wbPK from the given parameters. + * Builds the storkeid from the given parameters. * * @param identificationValue Base64 encoded "Stammzahl" * @param destinationCountry destination country code (2 chars) @@ -148,7 +148,7 @@ public class BPKBuilder { /** - * Builds the wbPK from the given parameters. + * Builds the storkeid from the given parameters. * * @param identificationValue Base64 encoded "Stammzahl" * @param sourceCountry source country code (2 chars) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 6a2fe3bfc..e10c4d9d9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -31,6 +31,7 @@ import java.io.*; import java.util.HashMap; import eu.stork.peps.auth.engine.SAMLEngine; import org.w3c.dom.Element; +import org.w3c.dom.NamedNodeMap; /** @@ -54,17 +55,18 @@ public class AuthenticationRequest implements IAction { this.moaSession = moasession; this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req; - try{ - MISMandate mandate = moasession.getMISMandate(); - String owbpk = mandate.getOWbPK(); - byte[] mand = mandate.getMandate(); - String profprep = mandate.getProfRep(); - //String textdesc = mandate.getTextualDescriptionOfOID(); - Element mndt = moasession.getMandate(); + try { + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); - Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); -} catch (Exception x) {} + iterate(mndt.getAttributes()); + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); + } catch (Exception x) {} Logger.debug("Starting AuthenticationRequest"); //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); @@ -134,6 +136,14 @@ public class AuthenticationRequest implements IAction { } + private void iterate(NamedNodeMap attributesList) { + for (int j = 0; j < attributesList.getLength(); j++) { + Logger.debug("--Attribute: " + + attributesList.item(j).getNodeName() + " = " + + attributesList.item(j).getNodeValue()); + } } + + public PersonalAttributeList populateAttributes() { IPersonalAttributeList attrLst = moaStorkAuthnRequest.getStorkAuthnRequest().getPersonalAttributeList(); -- cgit v1.2.3 From 2517b992ab38c09bc2979ed5010aee113e569834 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Fri, 28 Feb 2014 17:07:38 +0100 Subject: protocol change --- .../java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 502925a2a..9b46ee9c6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -62,7 +62,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } public STORKProtocol() { - super(); // + super(); } /* @@ -152,7 +152,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.error("spid " + authnRequest.getSPID()); Logger.error("spi " + authnRequest.getSpInstitution()); - + authnRequest.setCountry(""); STORK2Request.setSTORKAuthnRequest(authnRequest); -- cgit v1.2.3 From 7767c1c7fe237ec729d98d66577f8a247c622d85 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 09:36:31 +0100 Subject: clean --- .../moa/id/protocols/stork2/STORKProtocol.java | 39 ++-------------------- 1 file changed, 3 insertions(+), 36 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 9b46ee9c6..042d61080 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -25,7 +25,6 @@ import java.util.HashMap; /** * Stork 2 Protocol Support - * Date: 11/29/13, Time: 12:32 PM * @author bsuzic */ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { @@ -71,22 +70,9 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { */ public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { Logger.debug("Starting preprocessing"); - Logger.debug("Got request: " + request.toString()); Logger.debug("Request method: " + request.getMethod()); - for (Object o : Collections.list(request.getHeaderNames())) { - Logger.debug("Request header: " + o.toString() + ":::" + request.getHeader(o.toString())); - } - for (Object o : Collections.list(request.getParameterNames())) { - Logger.debug("Request parameter: " + o.toString() + "::::" + request.getParameter(o.toString())); - } - Logger.debug("Request content length: " + request.getContentLength()); - Logger.debug("Request query: " + request.getQueryString()); - Logger.debug("Response: " + response.toString()); - Logger.debug("Action: " + action); - - Logger.debug("Processing saml request"); - String SAMLRequest = request.getParameter("SAMLRequest"); + Logger.debug("Initiating action: " + action); HTTPInTransport profileReq = new HttpServletRequestAdapter(request); HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure()); @@ -104,28 +90,11 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } catch (Exception e) { Logger.error("Error decoding STORKAuthnRequest", e); } - /* - - STORKAuthnRequestImpl ST2Req = (STORKAuthnRequestImpl)samlMessageContext.getInboundSAMLMessage(); - //MOASTORKAuthnRequest STORK2Request = (MOASTORKAuthnRequest)samlMessageContext.getInboundSAMLMessage(); - MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest(); - STORK2Request.setSTORKAuthnRequest(ST2Req); - - Logger.debug("STORK2 Citizen code: " + ST2Req.getCitizenCountryCode()); - Logger.debug("STORK2 QAA: " + ST2Req.getQAALevel()); - Logger.debug("STORK2 ISSUER: " + ST2Req.getIssuer().toString()); - - */ - //STORKAuthnReq storkAuthnReq = new STORKAuthnReq(); - MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest(); //extract STORK Response from HTTP Request - //Decodes SAML Response - - byte[] decSamlToken; try { decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest")); @@ -138,12 +107,11 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); STORKAuthnRequest authnRequest = null; - Logger.error("decsamltoken" +decSamlToken.toString()); try { - authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); + authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate storkrkauthnreqeust" + ex.getMessage() ); + Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() ); } Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL()); @@ -152,7 +120,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.error("spid " + authnRequest.getSPID()); Logger.error("spi " + authnRequest.getSpInstitution()); - authnRequest.setCountry(""); STORK2Request.setSTORKAuthnRequest(authnRequest); -- cgit v1.2.3 From 85da46b80e3b1c3d3565d044c1fba9c07182482b Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 09:26:02 +0100 Subject: refactoring --- .../id/protocols/stork2/AttributeCollector.java | 37 ++++++++++++---------- .../moa/id/protocols/stork2/DataContainer.java | 21 ++++++++++++ 2 files changed, 41 insertions(+), 17 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 7801f9a54..93b2b0495 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -1,11 +1,14 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.io.IOException; +import java.io.StringWriter; import java.util.ArrayList; import java.util.List; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -17,10 +20,18 @@ import at.gv.egovernment.moa.logging.Logger; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; /** * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins. @@ -92,8 +103,6 @@ public class AttributeCollector implements IAction { */ public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException { // check if there are attributes we need to fetch - this.httpResp = response; - this.container = container; IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); @@ -126,11 +135,10 @@ public class AttributeCollector implements IAction { } // build response - generateSTORKResponse(); + generateSTORKResponse(container); // set new http response - generateRedirectResponse(); - response = httpResp; + generateRedirectResponse(response, container); return "12345"; // AssertionId @@ -161,7 +169,7 @@ public class AttributeCollector implements IAction { } - private void generateSTORKResponse() throws MOAIDException { + private void generateSTORKResponse(DataContainer container) throws MOAIDException { STORKAuthnResponse authnResponse = container.getResponse(); STORKAuthnRequest authnRequest = container.getRequest(); @@ -181,21 +189,16 @@ public class AttributeCollector implements IAction { Logger.info("STORK SAML Response message succesfully generated "); String statusCodeValue = authnResponse.getStatusCode(); - try { - Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); - Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works - Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); - - } catch (IOException e) { - e.printStackTrace(); - } + Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); + Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); + Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml())); container.setResponse(authnResponse); } - private void generateRedirectResponse() { + private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) { STORKAuthnResponse authnResponse = container.getResponse(); STORKAuthnRequest authnRequest = container.getRequest(); @@ -207,8 +210,8 @@ public class AttributeCollector implements IAction { Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); VelocityContext context = new VelocityContext(); - context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); - Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()).getBytes()); + Logger.debug("SAMLResponse original: " + new String(authnResponse.getTokenSaml()).getBytes()); Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); context.put("action", authnRequest.getAssertionConsumerServiceURL()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java index 40c827ef8..a1c40526d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java @@ -23,6 +23,9 @@ public class DataContainer implements Serializable { /** The target. */ private String target; + /** The remote address. */ + private String remoteAddress; + /** * Gets the request. * @@ -76,4 +79,22 @@ public class DataContainer implements Serializable { public void setTarget(String target) { this.target = target; } + + /** + * Gets the remote address. + * + * @return the remote address + */ + public String getRemoteAddress() { + return remoteAddress; + } + + /** + * Sets the remote address. + * + * @param remoteAddress the new remote address + */ + public void setRemoteAddress(String remoteAddress) { + this.remoteAddress = remoteAddress; + } } -- cgit v1.2.3 From bf784b6222784758eb846b0aaf2080b009549be0 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 09:30:41 +0100 Subject: cleanup --- .../id/protocols/stork2/AttributeCollector.java | 29 +++++++++------------- .../ExternalAttributeRequestRequiredException.java | 15 +++++++++++ 2 files changed, 27 insertions(+), 17 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 93b2b0495..c711d9400 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import java.io.IOException; import java.io.StringWriter; import java.util.ArrayList; import java.util.List; @@ -164,11 +163,14 @@ public class AttributeCollector implements IAction { return "12345"; // TODO what to do here? } - - } - + /** + * generates binary response from given response class. + * + * @param container the container + * @throws MOAIDException the mOAID exception + */ private void generateSTORKResponse(DataContainer container) throws MOAIDException { STORKAuthnResponse authnResponse = container.getResponse(); STORKAuthnRequest authnRequest = container.getRequest(); @@ -187,24 +189,24 @@ public class AttributeCollector implements IAction { } Logger.info("STORK SAML Response message succesfully generated "); - String statusCodeValue = authnResponse.getStatusCode(); - Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml())); container.setResponse(authnResponse); - } - + /** + * writes the storkresponse to the httpresponse using the velocity engine. + * + * @param httpResp the http resp + * @param container the container + */ private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) { STORKAuthnResponse authnResponse = container.getResponse(); STORKAuthnRequest authnRequest = container.getRequest(); - // preparing redirection for the client - try { VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); @@ -225,18 +227,11 @@ public class AttributeCollector implements IAction { Logger.debug("Sending html content: " + writer.getBuffer().toString()); Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); - httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); } catch (Exception e) { Logger.error("Velocity error: " + e.getMessage()); } - - //HttpSession httpSession = this.httpResp.getSession(); - //httpSession.setAttribute("STORKSessionID", "12345"); - //Logger.info("Status code again: " + authnResponse.getStatusCode()); - - //return "12345"; // AssertionId } /* (non-Javadoc) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java index 29b09487b..56f31723c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ExternalAttributeRequestRequiredException.java @@ -1,12 +1,27 @@ package at.gv.egovernment.moa.id.protocols.stork2; public class ExternalAttributeRequestRequiredException extends Exception { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 5207631348933518908L; + + /** The ap. */ private AttributeProvider ap; + /** + * Instantiates a new external attribute request required exception. + * + * @param provider the provider + */ public ExternalAttributeRequestRequiredException(AttributeProvider provider) { ap = provider; } + /** + * Gets the ap. + * + * @return the ap + */ public AttributeProvider getAp() { return ap; } -- cgit v1.2.3 From 0236a88fb454682608c28f7c21716d9288b56bec Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 09:38:27 +0100 Subject: added tweaked stork2-commons source --- id/server/stork2-commons/.svn/all-wcprops | 17 + id/server/stork2-commons/.svn/dir-prop-base | 10 + id/server/stork2-commons/.svn/entries | 99 ++ .../.svn/text-base/Releases.svn-base | 62 ++ .../stork2-commons/.svn/text-base/pom.xml.svn-base | 213 ++++ id/server/stork2-commons/Releases | 62 ++ id/server/stork2-commons/pom.xml | 213 ++++ id/server/stork2-commons/src/.svn/all-wcprops | 5 + id/server/stork2-commons/src/.svn/entries | 34 + id/server/stork2-commons/src/main/.svn/all-wcprops | 5 + id/server/stork2-commons/src/main/.svn/entries | 37 + .../src/main/config/.svn/all-wcprops | 5 + .../stork2-commons/src/main/config/.svn/entries | 31 + .../src/main/config/embedded/.svn/all-wcprops | 11 + .../src/main/config/embedded/.svn/entries | 62 ++ .../.svn/text-base/pepsUtil.properties.svn-base | 267 +++++ .../src/main/config/embedded/pepsUtil.properties | 267 +++++ .../stork2-commons/src/main/java/.svn/all-wcprops | 5 + .../stork2-commons/src/main/java/.svn/entries | 31 + .../src/main/java/eu/.svn/all-wcprops | 5 + .../stork2-commons/src/main/java/eu/.svn/entries | 31 + .../src/main/java/eu/stork/.svn/all-wcprops | 5 + .../src/main/java/eu/stork/.svn/entries | 31 + .../src/main/java/eu/stork/peps/.svn/all-wcprops | 5 + .../src/main/java/eu/stork/peps/.svn/entries | 31 + .../main/java/eu/stork/peps/auth/.svn/all-wcprops | 5 + .../src/main/java/eu/stork/peps/auth/.svn/entries | 34 + .../eu/stork/peps/auth/commons/.svn/all-wcprops | 191 ++++ .../java/eu/stork/peps/auth/commons/.svn/entries | 1085 ++++++++++++++++++++ .../text-base/AttributeConstants.java.svn-base | 72 ++ .../.svn/text-base/AttributeName.java.svn-base | 74 ++ .../.svn/text-base/AttributeProvider.java.svn-base | 80 ++ .../text-base/AttributeProvidersMap.java.svn-base | 96 ++ .../.svn/text-base/AttributeSource.java.svn-base | 188 ++++ .../.svn/text-base/AttributeUtil.java.svn-base | 231 +++++ .../.svn/text-base/CitizenConsent.java.svn-base | 123 +++ .../commons/.svn/text-base/Country.java.svn-base | 95 ++ .../.svn/text-base/CountryCodes.java.svn-base | 79 ++ .../commons/.svn/text-base/DateUtil.java.svn-base | 169 +++ .../IAttributeListProcessor.java.svn-base | 148 +++ .../text-base/IAttributeProvidersMap.java.svn-base | 82 ++ .../text-base/IPersonalAttributeList.java.svn-base | 194 ++++ .../.svn/text-base/IStorkLogger.java.svn-base | 239 +++++ .../.svn/text-base/IStorkSession.java.svn-base | 85 ++ .../commons/.svn/text-base/Linker.java.svn-base | 316 ++++++ .../.svn/text-base/PEPSErrors.java.svn-base | 392 +++++++ .../.svn/text-base/PEPSParameters.java.svn-base | 619 +++++++++++ .../commons/.svn/text-base/PEPSUtil.java.svn-base | 353 +++++++ .../.svn/text-base/PEPSValues.java.svn-base | 329 ++++++ .../.svn/text-base/PersonalAttribute.java.svn-base | 348 +++++++ .../text-base/PersonalAttributeList.java.svn-base | 396 +++++++ .../text-base/STORKAttrQueryRequest.java.svn-base | 447 ++++++++ .../text-base/STORKAttrQueryResponse.java.svn-base | 388 +++++++ .../.svn/text-base/STORKAuthnRequest.java.svn-base | 495 +++++++++ .../text-base/STORKAuthnResponse.java.svn-base | 383 +++++++ .../text-base/STORKLogoutRequest.java.svn-base | 197 ++++ .../text-base/STORKLogoutResponse.java.svn-base | 250 +++++ .../.svn/text-base/STORKStatusCode.java.svn-base | 68 ++ .../text-base/STORKSubStatusCode.java.svn-base | 71 ++ .../.svn/text-base/package-info.java.svn-base | 9 + .../peps/auth/commons/AttributeConstants.java | 72 ++ .../eu/stork/peps/auth/commons/AttributeName.java | 74 ++ .../stork/peps/auth/commons/AttributeProvider.java | 80 ++ .../peps/auth/commons/AttributeProvidersMap.java | 96 ++ .../stork/peps/auth/commons/AttributeSource.java | 188 ++++ .../eu/stork/peps/auth/commons/AttributeUtil.java | 231 +++++ .../eu/stork/peps/auth/commons/CitizenConsent.java | 123 +++ .../java/eu/stork/peps/auth/commons/Country.java | 95 ++ .../eu/stork/peps/auth/commons/CountryCodes.java | 79 ++ .../java/eu/stork/peps/auth/commons/DateUtil.java | 169 +++ .../peps/auth/commons/IAttributeListProcessor.java | 148 +++ .../peps/auth/commons/IAttributeProvidersMap.java | 82 ++ .../peps/auth/commons/IPersonalAttributeList.java | 194 ++++ .../eu/stork/peps/auth/commons/IStorkLogger.java | 239 +++++ .../eu/stork/peps/auth/commons/IStorkSession.java | 85 ++ .../java/eu/stork/peps/auth/commons/Linker.java | 316 ++++++ .../eu/stork/peps/auth/commons/PEPSErrors.java | 392 +++++++ .../eu/stork/peps/auth/commons/PEPSParameters.java | 619 +++++++++++ .../java/eu/stork/peps/auth/commons/PEPSUtil.java | 353 +++++++ .../eu/stork/peps/auth/commons/PEPSValues.java | 329 ++++++ .../stork/peps/auth/commons/PersonalAttribute.java | 348 +++++++ .../peps/auth/commons/PersonalAttributeList.java | 396 +++++++ .../peps/auth/commons/STORKAttrQueryRequest.java | 447 ++++++++ .../peps/auth/commons/STORKAttrQueryResponse.java | 392 +++++++ .../stork/peps/auth/commons/STORKAuthnRequest.java | 495 +++++++++ .../peps/auth/commons/STORKAuthnResponse.java | 395 +++++++ .../peps/auth/commons/STORKLogoutRequest.java | 197 ++++ .../peps/auth/commons/STORKLogoutResponse.java | 250 +++++ .../stork/peps/auth/commons/STORKStatusCode.java | 68 ++ .../peps/auth/commons/STORKSubStatusCode.java | 71 ++ .../peps/auth/commons/exceptions/.svn/all-wcprops | 53 + .../peps/auth/commons/exceptions/.svn/entries | 300 ++++++ .../text-base/AbstractPEPSException.java.svn-base | 173 ++++ .../.svn/text-base/CPEPSException.java.svn-base | 143 +++ .../InternalErrorPEPSException.java.svn-base | 74 ++ .../InvalidParameterPEPSException.java.svn-base | 54 + .../InvalidSessionPEPSException.java.svn-base | 46 + .../text-base/SecurityPEPSException.java.svn-base | 67 ++ .../text-base/StorkPEPSException.java.svn-base | 53 + .../.svn/text-base/package-info.java.svn-base | 7 + .../commons/exceptions/AbstractPEPSException.java | 173 ++++ .../auth/commons/exceptions/CPEPSException.java | 143 +++ .../exceptions/InternalErrorPEPSException.java | 74 ++ .../exceptions/InvalidParameterPEPSException.java | 54 + .../exceptions/InvalidSessionPEPSException.java | 46 + .../commons/exceptions/SecurityPEPSException.java | 67 ++ .../commons/exceptions/StorkPEPSException.java | 53 + .../peps/auth/commons/exceptions/package-info.java | 7 + .../eu/stork/peps/auth/commons/package-info.java | 9 + .../eu/stork/peps/auth/specific/.svn/all-wcprops | 41 + .../java/eu/stork/peps/auth/specific/.svn/entries | 232 +++++ .../.svn/text-base/IAUService.java.svn-base | 215 ++++ .../text-base/ICheckAttributeValue.java.svn-base | 37 + .../.svn/text-base/IDeriveAttribute.java.svn-base | 40 + .../.svn/text-base/INormaliseValue.java.svn-base | 35 + .../text-base/ITranslatorService.java.svn-base | 100 ++ .../.svn/text-base/package-info.java.svn-base | 8 + .../eu/stork/peps/auth/specific/IAUService.java | 215 ++++ .../peps/auth/specific/ICheckAttributeValue.java | 37 + .../stork/peps/auth/specific/IDeriveAttribute.java | 40 + .../stork/peps/auth/specific/INormaliseValue.java | 35 + .../peps/auth/specific/ITranslatorService.java | 100 ++ .../eu/stork/peps/auth/specific/package-info.java | 8 + .../src/main/resources/.svn/all-wcprops | 11 + .../stork2-commons/src/main/resources/.svn/entries | 62 ++ .../resources/.svn/text-base/log4j.xml.svn-base | 19 + .../stork2-commons/src/main/resources/log4j.xml | 19 + id/server/stork2-commons/src/test/.svn/all-wcprops | 5 + id/server/stork2-commons/src/test/.svn/entries | 34 + .../stork2-commons/src/test/java/.svn/all-wcprops | 5 + .../stork2-commons/src/test/java/.svn/entries | 31 + .../src/test/java/eu/.svn/all-wcprops | 5 + .../stork2-commons/src/test/java/eu/.svn/entries | 31 + .../src/test/java/eu/stork/.svn/all-wcprops | 5 + .../src/test/java/eu/stork/.svn/entries | 31 + .../src/test/java/eu/stork/peps/.svn/all-wcprops | 5 + .../src/test/java/eu/stork/peps/.svn/entries | 31 + .../test/java/eu/stork/peps/tests/.svn/all-wcprops | 53 + .../src/test/java/eu/stork/peps/tests/.svn/entries | 300 ++++++ .../AttributeProvidersMapTestCase.java.svn-base | 134 +++ .../AttributeSourceTestCase.java.svn-base | 88 ++ .../text-base/AttributeUtilTestCase.java.svn-base | 537 ++++++++++ .../.svn/text-base/DateUtilTestCase.java.svn-base | 294 ++++++ .../.svn/text-base/PEPSUtilTestCase.java.svn-base | 553 ++++++++++ .../PersonalAttributeListTestCase.java.svn-base | 747 ++++++++++++++ .../PersonalAttributeTestCase.java.svn-base | 182 ++++ .../.svn/text-base/package-info.java.svn-base | 5 + .../peps/tests/AttributeProvidersMapTestCase.java | 134 +++ .../stork/peps/tests/AttributeSourceTestCase.java | 88 ++ .../eu/stork/peps/tests/AttributeUtilTestCase.java | 537 ++++++++++ .../java/eu/stork/peps/tests/DateUtilTestCase.java | 294 ++++++ .../java/eu/stork/peps/tests/PEPSUtilTestCase.java | 553 ++++++++++ .../peps/tests/PersonalAttributeListTestCase.java | 747 ++++++++++++++ .../peps/tests/PersonalAttributeTestCase.java | 182 ++++ .../java/eu/stork/peps/tests/package-info.java | 5 + .../src/test/resources/.svn/all-wcprops | 11 + .../stork2-commons/src/test/resources/.svn/entries | 62 ++ .../resources/.svn/text-base/log4j.xml.svn-base | 19 + .../stork2-commons/src/test/resources/log4j.xml | 19 + 159 files changed, 25475 insertions(+) create mode 100644 id/server/stork2-commons/.svn/all-wcprops create mode 100644 id/server/stork2-commons/.svn/dir-prop-base create mode 100644 id/server/stork2-commons/.svn/entries create mode 100644 id/server/stork2-commons/.svn/text-base/Releases.svn-base create mode 100644 id/server/stork2-commons/.svn/text-base/pom.xml.svn-base create mode 100644 id/server/stork2-commons/Releases create mode 100644 id/server/stork2-commons/pom.xml create mode 100644 id/server/stork2-commons/src/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/.svn/entries create mode 100644 id/server/stork2-commons/src/main/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/.svn/entries create mode 100644 id/server/stork2-commons/src/main/config/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/config/.svn/entries create mode 100644 id/server/stork2-commons/src/main/config/embedded/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/config/embedded/.svn/entries create mode 100644 id/server/stork2-commons/src/main/config/embedded/.svn/text-base/pepsUtil.properties.svn-base create mode 100644 id/server/stork2-commons/src/main/config/embedded/pepsUtil.properties create mode 100644 id/server/stork2-commons/src/main/java/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/java/.svn/entries create mode 100644 id/server/stork2-commons/src/main/java/eu/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/java/eu/.svn/entries create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/.svn/entries create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/.svn/entries create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/.svn/entries create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/entries create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeConstants.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeName.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeProvider.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeProvidersMap.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeSource.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeUtil.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/CitizenConsent.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/Country.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/CountryCodes.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/DateUtil.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IAttributeListProcessor.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IAttributeProvidersMap.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IPersonalAttributeList.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IStorkLogger.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IStorkSession.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/Linker.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSErrors.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSParameters.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSUtil.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSValues.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PersonalAttribute.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PersonalAttributeList.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAttrQueryRequest.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAttrQueryResponse.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAuthnRequest.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAuthnResponse.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKLogoutRequest.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKLogoutResponse.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKStatusCode.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKSubStatusCode.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/entries create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/AbstractPEPSException.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/CPEPSException.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InternalErrorPEPSException.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InvalidParameterPEPSException.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InvalidSessionPEPSException.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/SecurityPEPSException.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/StorkPEPSException.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/entries create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/IAUService.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/ICheckAttributeValue.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/IDeriveAttribute.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/INormaliseValue.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/ITranslatorService.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java create mode 100644 id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java create mode 100644 id/server/stork2-commons/src/main/resources/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/main/resources/.svn/entries create mode 100644 id/server/stork2-commons/src/main/resources/.svn/text-base/log4j.xml.svn-base create mode 100644 id/server/stork2-commons/src/main/resources/log4j.xml create mode 100644 id/server/stork2-commons/src/test/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/test/.svn/entries create mode 100644 id/server/stork2-commons/src/test/java/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/test/java/.svn/entries create mode 100644 id/server/stork2-commons/src/test/java/eu/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/test/java/eu/.svn/entries create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/.svn/entries create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/.svn/entries create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/entries create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeProvidersMapTestCase.java.svn-base create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeSourceTestCase.java.svn-base create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeUtilTestCase.java.svn-base create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/DateUtilTestCase.java.svn-base create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PEPSUtilTestCase.java.svn-base create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PersonalAttributeListTestCase.java.svn-base create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PersonalAttributeTestCase.java.svn-base create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/package-info.java.svn-base create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java create mode 100644 id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java create mode 100644 id/server/stork2-commons/src/test/resources/.svn/all-wcprops create mode 100644 id/server/stork2-commons/src/test/resources/.svn/entries create mode 100644 id/server/stork2-commons/src/test/resources/.svn/text-base/log4j.xml.svn-base create mode 100644 id/server/stork2-commons/src/test/resources/log4j.xml (limited to 'id') diff --git a/id/server/stork2-commons/.svn/all-wcprops b/id/server/stork2-commons/.svn/all-wcprops new file mode 100644 index 000000000..256ae0266 --- /dev/null +++ b/id/server/stork2-commons/.svn/all-wcprops @@ -0,0 +1,17 @@ +K 25 +svn:wc:ra_dav:version-url +V 45 +/CITnet/svn/STORK2/!svn/ver/493/trunk/Commons +END +Releases +K 25 +svn:wc:ra_dav:version-url +V 54 +/CITnet/svn/STORK2/!svn/ver/493/trunk/Commons/Releases +END +pom.xml +K 25 +svn:wc:ra_dav:version-url +V 53 +/CITnet/svn/STORK2/!svn/ver/493/trunk/Commons/pom.xml +END diff --git a/id/server/stork2-commons/.svn/dir-prop-base b/id/server/stork2-commons/.svn/dir-prop-base new file mode 100644 index 000000000..9dc541cfd --- /dev/null +++ b/id/server/stork2-commons/.svn/dir-prop-base @@ -0,0 +1,10 @@ +K 10 +svn:ignore +V 44 +.classpath +.project +.settings +report +target + +END diff --git a/id/server/stork2-commons/.svn/entries b/id/server/stork2-commons/.svn/entries new file mode 100644 index 000000000..148e40ca3 --- /dev/null +++ b/id/server/stork2-commons/.svn/entries @@ -0,0 +1,99 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T19:49:15.801345Z +493 +emferreri +has-props + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +Releases +file + + + + +2014-01-21T08:38:55.424702Z +5baf63f5379c354181f211dc4da29a64 +2014-01-15T19:49:15.801345Z +493 +emferreri + + + + + + + + + + + + + + + + + + + + + +2402 + +src +dir + +pom.xml +file + + + + +2014-01-21T08:38:55.428702Z +dc8551a0a1e6a9a3a63052bd0dd3de55 +2014-01-15T19:49:15.801345Z +493 +emferreri + + + + + + + + + + + + + + + + + + + + + +5777 + diff --git a/id/server/stork2-commons/.svn/text-base/Releases.svn-base b/id/server/stork2-commons/.svn/text-base/Releases.svn-base new file mode 100644 index 000000000..54aeb9313 --- /dev/null +++ b/id/server/stork2-commons/.svn/text-base/Releases.svn-base @@ -0,0 +1,62 @@ +Created 06-04-2011 + +Branch : STORKCommons_0_5_UPDATE_06042011 +Date : 06-04-2011 +Changes: No changes. + +Branch : STORKCommons_0_5_UPDATE_07072011 +Date : 07-07-2011 +Changes: Inserted constants to HttpOnly HTTP Header. + +Branch : STORKCommons_0_6 +Date : 07-11-2011 +Changes: Improved error exception handling (few changes on the exception classes). + Improved Constansts (unused removed, others added). + Unit Tests include (almost all the code is cover). + Fix some minor bugs found on unit tests. + New Copyright License added. + PEPUtils refactored. + Improved error code message (three kind of messages: to citizen, admin and saml token). + +Branch : STORKCommons_0_6_1 +Date : 28-11-2011 +Changes: Removed unnecessary javadoc package file. + Updated pepsUtils.properties file (check attribute value had old error message) + +Branch : STORKCommons_0_9 +Date : 02-12-2011 +Changes: Updated Version to 0.9 + +Branch : STORKCommons_1_0 +Date : 02-12-2011 +Changes: Updated Version to 1.0 + +Branch : STORKCommons_1_1_0 +Date : 01-11-2013 +Changes: Updated Version to 1.1.0 + Dependencies updated + Business Logic Part I changes + SAML Engine Changes merged (from SamlEngine/1.1.0/Commons branch to be easier to merge this branch with trunk) + Fixed some errors on Test Case + +Branch : STORKCommons_1_1_1 +Date : 02-12-2013 +Changes: Updated Version to 1.1.1 + Added mandate error code + PMD quality code changes (some final identifier missing) + Added new methods to personal attribute list to get Mandatory/Optional and/or Simple/Complex attributes + Added new unit tests + +Branch : Commons (Trunk) +Date : 15-01-2014 +Version: 1.2.0 +Release: 2 +Changes: Updated Version to 1.2.0 + dded request flow of PV (incomplete) + Added AP mandatory attribute to get data for business attributes + *) based on configuration file it adds the missing attributes (eIdentifier, givenName, surname and dateOfBirth) or change isRequired to true. + changes original isRequired state in response + Added new Interface (IAttributeListProcessor) to make some operations on attribute lists + Power Validation is complete now + Business Logic I and II integration (Request Complete!) + Added new method to Personal attribute List to check if there is at least one attribute with no value. diff --git a/id/server/stork2-commons/.svn/text-base/pom.xml.svn-base b/id/server/stork2-commons/.svn/text-base/pom.xml.svn-base new file mode 100644 index 000000000..a71ee1628 --- /dev/null +++ b/id/server/stork2-commons/.svn/text-base/pom.xml.svn-base @@ -0,0 +1,213 @@ + + 4.0.0 + eu.stork + Commons + jar + Stork Commons + + UTF-8 + 1.2.0 + 2.6.0 + + ${stork.version} + + The STORKCommons library provides beans, Java Interfaces and utility classes to integrate PEPS and SAML Engine. + + + + + + + joda-time + joda-time + 2.3 + + + + + log4j + log4j + 1.2.17 + + + javax.jms + jms + + + com.sun.jdmk + jmxtools + + + com.sun.jmx + jmxri + + + mail + javax.mail + + + + + + org.opensaml + opensaml + ${opensaml.version} + + + org.slf4j + slf4j-api + + + org.slf4j + slf4j-simple + + + org.slf4j + jcl-over-slf4j + + + org.slf4j + log4j-over-slf4j + + + org.slf4j + jul-to-slf4j + + + + + + + org.bouncycastle + bcprov-jdk16 + 1.46 + + + + + + javax.servlet + servlet-api + 2.5 + provided + + + + commons-lang + commons-lang + 2.6 + jar + compile + + + junit + junit + 4.11 + test + + + + + commons + + + + org.apache.maven.plugins + maven-compiler-plugin + 3.1 + + 1.6 + 1.6 + + + + org.apache.maven.plugins + maven-surefire-plugin + + reversealphabetical + false + + reversealphabetical + **/PEPSUtilTest.java + **/PersonalAttributeTestCase.java + **/PersonalAttributeListTestCase.java + **/DateUtilTestCase.java + **/AttributeUtilTest.java + + + + + + + + org.apache.maven.plugins + maven-javadoc-plugin + 2.9.1 + + + http://commons.apache.org/lang/api/ + http://java.sun.com/j2se/1.6.0/docs/api/ + http://www.bouncycastle.org/docs/docs1.6/ + http://docs.oracle.com/javase/6/docs/api/ + + + + + org.apache.maven.plugins + maven-source-plugin + 2.2.1 + + + attach-sources + verify + + jar-no-fork + + + + + + + + src/test/resources + + log4j.xml + + + + + + + embedded + + + + ${project.basedir}/src/main/resources + + + ${project.basedir}/src/main/config/embedded + + + + + + metrics + + + + org.codehaus.mojo + cobertura-maven-plugin + 2.5.1 + + + html + xml + + + + + + + + diff --git a/id/server/stork2-commons/Releases b/id/server/stork2-commons/Releases new file mode 100644 index 000000000..54aeb9313 --- /dev/null +++ b/id/server/stork2-commons/Releases @@ -0,0 +1,62 @@ +Created 06-04-2011 + +Branch : STORKCommons_0_5_UPDATE_06042011 +Date : 06-04-2011 +Changes: No changes. + +Branch : STORKCommons_0_5_UPDATE_07072011 +Date : 07-07-2011 +Changes: Inserted constants to HttpOnly HTTP Header. + +Branch : STORKCommons_0_6 +Date : 07-11-2011 +Changes: Improved error exception handling (few changes on the exception classes). + Improved Constansts (unused removed, others added). + Unit Tests include (almost all the code is cover). + Fix some minor bugs found on unit tests. + New Copyright License added. + PEPUtils refactored. + Improved error code message (three kind of messages: to citizen, admin and saml token). + +Branch : STORKCommons_0_6_1 +Date : 28-11-2011 +Changes: Removed unnecessary javadoc package file. + Updated pepsUtils.properties file (check attribute value had old error message) + +Branch : STORKCommons_0_9 +Date : 02-12-2011 +Changes: Updated Version to 0.9 + +Branch : STORKCommons_1_0 +Date : 02-12-2011 +Changes: Updated Version to 1.0 + +Branch : STORKCommons_1_1_0 +Date : 01-11-2013 +Changes: Updated Version to 1.1.0 + Dependencies updated + Business Logic Part I changes + SAML Engine Changes merged (from SamlEngine/1.1.0/Commons branch to be easier to merge this branch with trunk) + Fixed some errors on Test Case + +Branch : STORKCommons_1_1_1 +Date : 02-12-2013 +Changes: Updated Version to 1.1.1 + Added mandate error code + PMD quality code changes (some final identifier missing) + Added new methods to personal attribute list to get Mandatory/Optional and/or Simple/Complex attributes + Added new unit tests + +Branch : Commons (Trunk) +Date : 15-01-2014 +Version: 1.2.0 +Release: 2 +Changes: Updated Version to 1.2.0 + dded request flow of PV (incomplete) + Added AP mandatory attribute to get data for business attributes + *) based on configuration file it adds the missing attributes (eIdentifier, givenName, surname and dateOfBirth) or change isRequired to true. + changes original isRequired state in response + Added new Interface (IAttributeListProcessor) to make some operations on attribute lists + Power Validation is complete now + Business Logic I and II integration (Request Complete!) + Added new method to Personal attribute List to check if there is at least one attribute with no value. diff --git a/id/server/stork2-commons/pom.xml b/id/server/stork2-commons/pom.xml new file mode 100644 index 000000000..a71ee1628 --- /dev/null +++ b/id/server/stork2-commons/pom.xml @@ -0,0 +1,213 @@ + + 4.0.0 + eu.stork + Commons + jar + Stork Commons + + UTF-8 + 1.2.0 + 2.6.0 + + ${stork.version} + + The STORKCommons library provides beans, Java Interfaces and utility classes to integrate PEPS and SAML Engine. + + + + + + + joda-time + joda-time + 2.3 + + + + + log4j + log4j + 1.2.17 + + + javax.jms + jms + + + com.sun.jdmk + jmxtools + + + com.sun.jmx + jmxri + + + mail + javax.mail + + + + + + org.opensaml + opensaml + ${opensaml.version} + + + org.slf4j + slf4j-api + + + org.slf4j + slf4j-simple + + + org.slf4j + jcl-over-slf4j + + + org.slf4j + log4j-over-slf4j + + + org.slf4j + jul-to-slf4j + + + + + + + org.bouncycastle + bcprov-jdk16 + 1.46 + + + + + + javax.servlet + servlet-api + 2.5 + provided + + + + commons-lang + commons-lang + 2.6 + jar + compile + + + junit + junit + 4.11 + test + + + + + commons + + + + org.apache.maven.plugins + maven-compiler-plugin + 3.1 + + 1.6 + 1.6 + + + + org.apache.maven.plugins + maven-surefire-plugin + + reversealphabetical + false + + reversealphabetical + **/PEPSUtilTest.java + **/PersonalAttributeTestCase.java + **/PersonalAttributeListTestCase.java + **/DateUtilTestCase.java + **/AttributeUtilTest.java + + + + + + + + org.apache.maven.plugins + maven-javadoc-plugin + 2.9.1 + + + http://commons.apache.org/lang/api/ + http://java.sun.com/j2se/1.6.0/docs/api/ + http://www.bouncycastle.org/docs/docs1.6/ + http://docs.oracle.com/javase/6/docs/api/ + + + + + org.apache.maven.plugins + maven-source-plugin + 2.2.1 + + + attach-sources + verify + + jar-no-fork + + + + + + + + src/test/resources + + log4j.xml + + + + + + + embedded + + + + ${project.basedir}/src/main/resources + + + ${project.basedir}/src/main/config/embedded + + + + + + metrics + + + + org.codehaus.mojo + cobertura-maven-plugin + 2.5.1 + + + html + xml + + + + + + + + diff --git a/id/server/stork2-commons/src/.svn/all-wcprops b/id/server/stork2-commons/src/.svn/all-wcprops new file mode 100644 index 000000000..1be1e9546 --- /dev/null +++ b/id/server/stork2-commons/src/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 49 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src +END diff --git a/id/server/stork2-commons/src/.svn/entries b/id/server/stork2-commons/src/.svn/entries new file mode 100644 index 000000000..b55ef35ad --- /dev/null +++ b/id/server/stork2-commons/src/.svn/entries @@ -0,0 +1,34 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +main +dir + +test +dir + diff --git a/id/server/stork2-commons/src/main/.svn/all-wcprops b/id/server/stork2-commons/src/main/.svn/all-wcprops new file mode 100644 index 000000000..2d001ac89 --- /dev/null +++ b/id/server/stork2-commons/src/main/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 54 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main +END diff --git a/id/server/stork2-commons/src/main/.svn/entries b/id/server/stork2-commons/src/main/.svn/entries new file mode 100644 index 000000000..ca600a0d3 --- /dev/null +++ b/id/server/stork2-commons/src/main/.svn/entries @@ -0,0 +1,37 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +java +dir + +config +dir + +resources +dir + diff --git a/id/server/stork2-commons/src/main/config/.svn/all-wcprops b/id/server/stork2-commons/src/main/config/.svn/all-wcprops new file mode 100644 index 000000000..73665ee91 --- /dev/null +++ b/id/server/stork2-commons/src/main/config/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 61 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/config +END diff --git a/id/server/stork2-commons/src/main/config/.svn/entries b/id/server/stork2-commons/src/main/config/.svn/entries new file mode 100644 index 000000000..74e41e9ee --- /dev/null +++ b/id/server/stork2-commons/src/main/config/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/config +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +embedded +dir + diff --git a/id/server/stork2-commons/src/main/config/embedded/.svn/all-wcprops b/id/server/stork2-commons/src/main/config/embedded/.svn/all-wcprops new file mode 100644 index 000000000..e1cf2515e --- /dev/null +++ b/id/server/stork2-commons/src/main/config/embedded/.svn/all-wcprops @@ -0,0 +1,11 @@ +K 25 +svn:wc:ra_dav:version-url +V 70 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/config/embedded +END +pepsUtil.properties +K 25 +svn:wc:ra_dav:version-url +V 90 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/config/embedded/pepsUtil.properties +END diff --git a/id/server/stork2-commons/src/main/config/embedded/.svn/entries b/id/server/stork2-commons/src/main/config/embedded/.svn/entries new file mode 100644 index 000000000..b574aab75 --- /dev/null +++ b/id/server/stork2-commons/src/main/config/embedded/.svn/entries @@ -0,0 +1,62 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/config/embedded +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +pepsUtil.properties +file + + + + +2014-01-21T08:38:55.392702Z +b61bbaa8e966441dba56ad954124ee38 +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +7822 + diff --git a/id/server/stork2-commons/src/main/config/embedded/.svn/text-base/pepsUtil.properties.svn-base b/id/server/stork2-commons/src/main/config/embedded/.svn/text-base/pepsUtil.properties.svn-base new file mode 100644 index 000000000..1e92f390d --- /dev/null +++ b/id/server/stork2-commons/src/main/config/embedded/.svn/text-base/pepsUtil.properties.svn-base @@ -0,0 +1,267 @@ +#Max allowed params size +validation.active=true +max.spUrl.size=150 +max.attrList.size=20000 +max.invalidAttributeList.size=20000 +max.attrName.size=100 +max.callback.size=300 +max.idp.url.size=300 +max.atp.url.size=300 +max.cpepsURL.size=300 +max.attrValue.size=20000 +max.attrType.size=25 +max.spId.size=40 +max.providerName.size=128 +max.spName.size=25 +max.country.size=150 +max.qaaLevel.size=1 +max.spQaaLevel.size=1 +max.errorCode.size=5 +max.errorMessage.size=300 +max.username.size=30 +max.spepsRedirectUrl.size=300 +max.speps.redirectUrl.size=300 +max.cpeps.redirectUrl.size=300 +max.cpepsRedirectUrl.size=300 +max.spepsAssertionUrl.size=300 +max.SAMLRequest.size=131072 +max.SAMLResponse.size=131072 +max.RelayState.size=80 +max.remoteAddr.size=300 +max.remoteHost.size=300 +max.localAddr.size=300 +max.localName.size=300 +max.apepsUrl.size=300 +max.apeps.callbackUrl.size=300 + +#ERROR codes/messages (accordingly to specification) + +#CountrySelector Interface errors +spCountrySelector.invalidSPQAA.code=0000001 +spCountrySelector.invalidSPQAA.message=invalid.spQAA.parameter + +spCountrySelector.invalidQaaSPid.code=0000001 +spCountrySelector.invalidQaaSPid.message=invalid.spQAAId.parameter + +spCountrySelector.invalidSpId.code=000002 +spCountrySelector.invalidSpId.message=invalid.spId.parameter + +spCountrySelector.invalidSpURL.code=000003 +spCountrySelector.invalidSpURL.message=invalid.spUrl.parameter + +domain.CountrySelectorAction.code=000003 +domain.CountrySelectorAction.message=invalid.cs.domain + +requests.CountrySelectorAction.code=000004 +requests.CountrySelectorAction.message=reached.max.requests.cs + +spCountrySelector.spNotAllowed.code=000006 +spCountrySelector.spNotAllowed.message=attr.access.deny + +spCountrySelector.invalidAttr.code=000007 +spCountrySelector.invalidAttr.message=invalid.spAttr.parameter + +spCountrySelector.invalidProviderName.code=000008 +spCountrySelector.invalidProviderName.message=invalid.spProvidername.parameter + +spCountrySelector.errorCreatingSAML.code=203001 +spCountrySelector.errorCreatingSAML.message=error.create.sp.saml + +spepsSAMLRequest.code=203001 +spepsSAMLRequest.message=error.create.saml.speps + +#ServiceProvider Interface errors +sProviderAction.invalidSPQAA.code=200001 +sProviderAction.invalidSPQAA.message=invalid.sp.qaa + +sProviderAction.invalidSPQAAId.code=200001 +sProviderAction.invalidSPQAAId.message=invalid.sp.qaaid + +sProviderAction.invalidSPId.code=200002 +sProviderAction.invalidSPId.message=invalid.sp.id + +domain.ServiceProviderAction.code=200003 +domain.ServiceProviderAction.message=invalid.sp.domain + +sProviderAction.invalidSPDomain.code=200003 +sProviderAction.invalidSPDomain.message=invalid.sp.domain + +sProviderAction.invalidCountry.code=200004 +sProviderAction.invalidCountry.message=invalid.sp.country + +sProviderAction.spNotAllowed.code=200005 +sProviderAction.spNotAllowed.message=sp.not.allowed + +sProviderAction.invalidSaml.code=200006 +sProviderAction.invalidSaml.message=invalid.sp.samlrequest + +sProviderAction.invalidSPProviderName.code=200007 +sProviderAction.invalidSPProviderName.message=sp.not.identified + +sProviderAction.invalidSPRedirect.code=200008 +sProviderAction.invalidSPRedirect.message=invalid.sp.redirectUrl + +sProviderAction.invalidRelayState.code=200009 +sProviderAction.invalidRelayState.message=invalid.sp.relaystate + +sProviderAction.invalidAttr.code=200011 +sProviderAction.invalidAttr.message=invalid.sp.attr + +requests.ServiceProviderAction.code=200012 +requests.ServiceProviderAction.message=reached.max.requests.sp + +sPPowerValidationAction.invalidSPPVAttrList.code=200013 +sPPowerValidationAction.invalidSPPVAttrList.message=invalid.sp.pv.attrlist + +invalid.sp.pv.attrlist.code=200013 +invalid.sp.pv.attrlist.message=invalid.sp.pv.attrlist + +sProviderAction.invalidSPAlias.code=203003 +sProviderAction.invalidSPAlias.message=invalid.sp.alias + +sProviderAction.errorCreatingSAML.code=203001 +sProviderAction.errorCreatingSAML.message=error.create.saml.speps + +#Internal Error +internalError.code=203001 +internalError.message=internalError + +attrList.code=202005 +attrList.message=invalid.attrList.parameter + +missing.sessionId.code=203010 +missing.sessionId.message=missing.session.id + +sessionError.code=203011 +sessionError.message=invalid.session.id + +invalid.sessionId.code=203011 +invalid.sessionId.message=invalid.session.id + +missing.mandate.code=203013 +missing.mandate.message=missing.mandate + +invalid.session.code=203012 +invalid.session.message=invalid.session + +callback.code=203006 +callback.message=invalid.callback.url + +idp.url.code=203006 +idp.url.message=invalid.idp.url + +IdPSAMLResponse.code=002001 +IdPSAMLResponse.message=invalid.idp.response + +authenticationFailed.code=003002 +authenticationFailed.message=authentication.failed + +username.code=003002 +username.message=authentication.failed + +invalidAttributeList.code=203001 +invalidAttributeList.message=invalid.attrlist + +invalidAttributeValue.code=203001 +invalidAttributeValue.message=invalid.attr.value + +attVerification.mandatory.code=202010 +attVerification.mandatory.message=missing.mandatory.attr + +attrValue.verification.code=203008 +attrValue.verification.message=invalid.stork.attrValue + +cpepsSAMLResponse.code=202012 +cpepsSAMLResponse.message=error.gen.cpeps.saml + +AtPSAMLResponse.code=202009 +AtPSAMLResponse.message=error.gen.atp.saml + +atp.url.code=203006 +atp.url.message=invalid.atp.url + +hash.error.code=203001 +hash.error.message=error.hash + +qaaLevel.code=203006 +qaaLevel.message=invalid.cpeps.qaalevel + +SAMLRequest.code=203001 +SAMLRequest.message=invalid.SAMLRequest + +atp.response.error.code=202011 +atp.response.error.message=atp.response.error + +#Colleague Request Interface errors + +colleagueRequest.invalidSAML.code=201002 +colleagueRequest.invalidSAML.message=invalid.speps.samlrequest + +colleagueRequest.invalidCountryCode.code=002001 +colleagueRequest.invalidCountryCode.message=country.cpeps.nomatch + +colleagueRequest.errorCreatingSAML.code=203001 +colleagueRequest.errorCreatingSAML.message=error.create.saml.cpeps + +colleagueRequest.invalidQaa.code=202004 +colleagueRequest.invalidQaa.message=invalid.requested.cpeps.qaalevel + +colleagueRequest.attrNull.code=202005 +colleagueRequest.attrNull.message=invalid.requested.attrlist.cpeps + +colleaguePVRequest.invalidPVAttrList.code=202013 +colleaguePVRequest.invalidPVAttrList.message=invalid.speps.pv.attrlist + +colleagueRequest.invalidRedirect.code=202001 +colleagueRequest.invalidRedirect.message=invalid.redirecturl.cpeps + +colleagueRequest.invalidDestUrl.code=203006 +colleagueRequest.invalidDestUrl.message=invalid.cpeps.destUrl + +cpepsRedirectUrl.code=203006 +cpepsRedirectUrl.message=invalid.cpeps.redirectUrl + +#Citizen Consent Interfaces errors + +citizenResponse.mandatory.code=202007 +citizenResponse.mandatory.message=no.consent.mand.attr + +cPeps.attrNull.code=202005 +cPeps.attrNull.message=invalid.attrList.cpeps + +citizenNoConsent.mandatory.code=202012 +citizenNoConsent.mandatory.message=no.consent.val.mand.attr + +#Colleague Response Interface errors + +colleagueResponse.invalidSAML.code=202002 +colleagueResponse.invalidSAML.message=invalid.cpeps.samlresp + +auRequestIdError.code=201005 +auRequestIdError.message=invalid.speps.saml.id + +audienceRestrictionError.code=201004 +audienceRestrictionError.message=speps.saml.condition.notmet + +spepsSAMLResponse.code=200010 +spepsSAMLResponse.message=error.gen.speps.saml + + +invalid.apepsRedirectUrl.code=001001 +invalid.apepsRedirectUrl.message=invalid.apeps.redirectUrl + +apepsSAMLRequest.code=001002 +apepsSAMLRequest.message=invalid.apeps.saml.request + +apepsSAMLResponse.code=001003 +apepsSAMLResponse.message=invalid.apeps.saml.response + +invalid.apepsCallbackUrl.code=001004 +invalid.apepsCallbackUrl.message=invalid.apeps.callback.url + +colleagueAttributeRequest.invalidSAML.code=001005 +colleagueAttributeRequest.invalidSAML.message=invalid.attr.request.saml + + +#Hash Digests +hashDigest.className=org.bouncycastle.crypto.digests.SHA512Digest diff --git a/id/server/stork2-commons/src/main/config/embedded/pepsUtil.properties b/id/server/stork2-commons/src/main/config/embedded/pepsUtil.properties new file mode 100644 index 000000000..1e92f390d --- /dev/null +++ b/id/server/stork2-commons/src/main/config/embedded/pepsUtil.properties @@ -0,0 +1,267 @@ +#Max allowed params size +validation.active=true +max.spUrl.size=150 +max.attrList.size=20000 +max.invalidAttributeList.size=20000 +max.attrName.size=100 +max.callback.size=300 +max.idp.url.size=300 +max.atp.url.size=300 +max.cpepsURL.size=300 +max.attrValue.size=20000 +max.attrType.size=25 +max.spId.size=40 +max.providerName.size=128 +max.spName.size=25 +max.country.size=150 +max.qaaLevel.size=1 +max.spQaaLevel.size=1 +max.errorCode.size=5 +max.errorMessage.size=300 +max.username.size=30 +max.spepsRedirectUrl.size=300 +max.speps.redirectUrl.size=300 +max.cpeps.redirectUrl.size=300 +max.cpepsRedirectUrl.size=300 +max.spepsAssertionUrl.size=300 +max.SAMLRequest.size=131072 +max.SAMLResponse.size=131072 +max.RelayState.size=80 +max.remoteAddr.size=300 +max.remoteHost.size=300 +max.localAddr.size=300 +max.localName.size=300 +max.apepsUrl.size=300 +max.apeps.callbackUrl.size=300 + +#ERROR codes/messages (accordingly to specification) + +#CountrySelector Interface errors +spCountrySelector.invalidSPQAA.code=0000001 +spCountrySelector.invalidSPQAA.message=invalid.spQAA.parameter + +spCountrySelector.invalidQaaSPid.code=0000001 +spCountrySelector.invalidQaaSPid.message=invalid.spQAAId.parameter + +spCountrySelector.invalidSpId.code=000002 +spCountrySelector.invalidSpId.message=invalid.spId.parameter + +spCountrySelector.invalidSpURL.code=000003 +spCountrySelector.invalidSpURL.message=invalid.spUrl.parameter + +domain.CountrySelectorAction.code=000003 +domain.CountrySelectorAction.message=invalid.cs.domain + +requests.CountrySelectorAction.code=000004 +requests.CountrySelectorAction.message=reached.max.requests.cs + +spCountrySelector.spNotAllowed.code=000006 +spCountrySelector.spNotAllowed.message=attr.access.deny + +spCountrySelector.invalidAttr.code=000007 +spCountrySelector.invalidAttr.message=invalid.spAttr.parameter + +spCountrySelector.invalidProviderName.code=000008 +spCountrySelector.invalidProviderName.message=invalid.spProvidername.parameter + +spCountrySelector.errorCreatingSAML.code=203001 +spCountrySelector.errorCreatingSAML.message=error.create.sp.saml + +spepsSAMLRequest.code=203001 +spepsSAMLRequest.message=error.create.saml.speps + +#ServiceProvider Interface errors +sProviderAction.invalidSPQAA.code=200001 +sProviderAction.invalidSPQAA.message=invalid.sp.qaa + +sProviderAction.invalidSPQAAId.code=200001 +sProviderAction.invalidSPQAAId.message=invalid.sp.qaaid + +sProviderAction.invalidSPId.code=200002 +sProviderAction.invalidSPId.message=invalid.sp.id + +domain.ServiceProviderAction.code=200003 +domain.ServiceProviderAction.message=invalid.sp.domain + +sProviderAction.invalidSPDomain.code=200003 +sProviderAction.invalidSPDomain.message=invalid.sp.domain + +sProviderAction.invalidCountry.code=200004 +sProviderAction.invalidCountry.message=invalid.sp.country + +sProviderAction.spNotAllowed.code=200005 +sProviderAction.spNotAllowed.message=sp.not.allowed + +sProviderAction.invalidSaml.code=200006 +sProviderAction.invalidSaml.message=invalid.sp.samlrequest + +sProviderAction.invalidSPProviderName.code=200007 +sProviderAction.invalidSPProviderName.message=sp.not.identified + +sProviderAction.invalidSPRedirect.code=200008 +sProviderAction.invalidSPRedirect.message=invalid.sp.redirectUrl + +sProviderAction.invalidRelayState.code=200009 +sProviderAction.invalidRelayState.message=invalid.sp.relaystate + +sProviderAction.invalidAttr.code=200011 +sProviderAction.invalidAttr.message=invalid.sp.attr + +requests.ServiceProviderAction.code=200012 +requests.ServiceProviderAction.message=reached.max.requests.sp + +sPPowerValidationAction.invalidSPPVAttrList.code=200013 +sPPowerValidationAction.invalidSPPVAttrList.message=invalid.sp.pv.attrlist + +invalid.sp.pv.attrlist.code=200013 +invalid.sp.pv.attrlist.message=invalid.sp.pv.attrlist + +sProviderAction.invalidSPAlias.code=203003 +sProviderAction.invalidSPAlias.message=invalid.sp.alias + +sProviderAction.errorCreatingSAML.code=203001 +sProviderAction.errorCreatingSAML.message=error.create.saml.speps + +#Internal Error +internalError.code=203001 +internalError.message=internalError + +attrList.code=202005 +attrList.message=invalid.attrList.parameter + +missing.sessionId.code=203010 +missing.sessionId.message=missing.session.id + +sessionError.code=203011 +sessionError.message=invalid.session.id + +invalid.sessionId.code=203011 +invalid.sessionId.message=invalid.session.id + +missing.mandate.code=203013 +missing.mandate.message=missing.mandate + +invalid.session.code=203012 +invalid.session.message=invalid.session + +callback.code=203006 +callback.message=invalid.callback.url + +idp.url.code=203006 +idp.url.message=invalid.idp.url + +IdPSAMLResponse.code=002001 +IdPSAMLResponse.message=invalid.idp.response + +authenticationFailed.code=003002 +authenticationFailed.message=authentication.failed + +username.code=003002 +username.message=authentication.failed + +invalidAttributeList.code=203001 +invalidAttributeList.message=invalid.attrlist + +invalidAttributeValue.code=203001 +invalidAttributeValue.message=invalid.attr.value + +attVerification.mandatory.code=202010 +attVerification.mandatory.message=missing.mandatory.attr + +attrValue.verification.code=203008 +attrValue.verification.message=invalid.stork.attrValue + +cpepsSAMLResponse.code=202012 +cpepsSAMLResponse.message=error.gen.cpeps.saml + +AtPSAMLResponse.code=202009 +AtPSAMLResponse.message=error.gen.atp.saml + +atp.url.code=203006 +atp.url.message=invalid.atp.url + +hash.error.code=203001 +hash.error.message=error.hash + +qaaLevel.code=203006 +qaaLevel.message=invalid.cpeps.qaalevel + +SAMLRequest.code=203001 +SAMLRequest.message=invalid.SAMLRequest + +atp.response.error.code=202011 +atp.response.error.message=atp.response.error + +#Colleague Request Interface errors + +colleagueRequest.invalidSAML.code=201002 +colleagueRequest.invalidSAML.message=invalid.speps.samlrequest + +colleagueRequest.invalidCountryCode.code=002001 +colleagueRequest.invalidCountryCode.message=country.cpeps.nomatch + +colleagueRequest.errorCreatingSAML.code=203001 +colleagueRequest.errorCreatingSAML.message=error.create.saml.cpeps + +colleagueRequest.invalidQaa.code=202004 +colleagueRequest.invalidQaa.message=invalid.requested.cpeps.qaalevel + +colleagueRequest.attrNull.code=202005 +colleagueRequest.attrNull.message=invalid.requested.attrlist.cpeps + +colleaguePVRequest.invalidPVAttrList.code=202013 +colleaguePVRequest.invalidPVAttrList.message=invalid.speps.pv.attrlist + +colleagueRequest.invalidRedirect.code=202001 +colleagueRequest.invalidRedirect.message=invalid.redirecturl.cpeps + +colleagueRequest.invalidDestUrl.code=203006 +colleagueRequest.invalidDestUrl.message=invalid.cpeps.destUrl + +cpepsRedirectUrl.code=203006 +cpepsRedirectUrl.message=invalid.cpeps.redirectUrl + +#Citizen Consent Interfaces errors + +citizenResponse.mandatory.code=202007 +citizenResponse.mandatory.message=no.consent.mand.attr + +cPeps.attrNull.code=202005 +cPeps.attrNull.message=invalid.attrList.cpeps + +citizenNoConsent.mandatory.code=202012 +citizenNoConsent.mandatory.message=no.consent.val.mand.attr + +#Colleague Response Interface errors + +colleagueResponse.invalidSAML.code=202002 +colleagueResponse.invalidSAML.message=invalid.cpeps.samlresp + +auRequestIdError.code=201005 +auRequestIdError.message=invalid.speps.saml.id + +audienceRestrictionError.code=201004 +audienceRestrictionError.message=speps.saml.condition.notmet + +spepsSAMLResponse.code=200010 +spepsSAMLResponse.message=error.gen.speps.saml + + +invalid.apepsRedirectUrl.code=001001 +invalid.apepsRedirectUrl.message=invalid.apeps.redirectUrl + +apepsSAMLRequest.code=001002 +apepsSAMLRequest.message=invalid.apeps.saml.request + +apepsSAMLResponse.code=001003 +apepsSAMLResponse.message=invalid.apeps.saml.response + +invalid.apepsCallbackUrl.code=001004 +invalid.apepsCallbackUrl.message=invalid.apeps.callback.url + +colleagueAttributeRequest.invalidSAML.code=001005 +colleagueAttributeRequest.invalidSAML.message=invalid.attr.request.saml + + +#Hash Digests +hashDigest.className=org.bouncycastle.crypto.digests.SHA512Digest diff --git a/id/server/stork2-commons/src/main/java/.svn/all-wcprops b/id/server/stork2-commons/src/main/java/.svn/all-wcprops new file mode 100644 index 000000000..a1df0322e --- /dev/null +++ b/id/server/stork2-commons/src/main/java/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 59 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java +END diff --git a/id/server/stork2-commons/src/main/java/.svn/entries b/id/server/stork2-commons/src/main/java/.svn/entries new file mode 100644 index 000000000..9ee5924fb --- /dev/null +++ b/id/server/stork2-commons/src/main/java/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/java +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +eu +dir + diff --git a/id/server/stork2-commons/src/main/java/eu/.svn/all-wcprops b/id/server/stork2-commons/src/main/java/eu/.svn/all-wcprops new file mode 100644 index 000000000..8ee25102a --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 62 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu +END diff --git a/id/server/stork2-commons/src/main/java/eu/.svn/entries b/id/server/stork2-commons/src/main/java/eu/.svn/entries new file mode 100644 index 000000000..df52d249b --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/java/eu +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +stork +dir + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/.svn/all-wcprops b/id/server/stork2-commons/src/main/java/eu/stork/.svn/all-wcprops new file mode 100644 index 000000000..5a83dbd10 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 68 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork +END diff --git a/id/server/stork2-commons/src/main/java/eu/stork/.svn/entries b/id/server/stork2-commons/src/main/java/eu/stork/.svn/entries new file mode 100644 index 000000000..7af1f8357 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/java/eu/stork +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +peps +dir + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/.svn/all-wcprops b/id/server/stork2-commons/src/main/java/eu/stork/peps/.svn/all-wcprops new file mode 100644 index 000000000..fd64eea7b --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 73 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps +END diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/.svn/entries b/id/server/stork2-commons/src/main/java/eu/stork/peps/.svn/entries new file mode 100644 index 000000000..39e7255f2 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/java/eu/stork/peps +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +auth +dir + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/.svn/all-wcprops b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/.svn/all-wcprops new file mode 100644 index 000000000..3bab81b06 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 78 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth +END diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/.svn/entries b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/.svn/entries new file mode 100644 index 000000000..30659cbb6 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/.svn/entries @@ -0,0 +1,34 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/java/eu/stork/peps/auth +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +specific +dir + +commons +dir + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/all-wcprops b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/all-wcprops new file mode 100644 index 000000000..3c42375b6 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/all-wcprops @@ -0,0 +1,191 @@ +K 25 +svn:wc:ra_dav:version-url +V 86 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons +END +AttributeSource.java +K 25 +svn:wc:ra_dav:version-url +V 107 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 103 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/package-info.java +END +PEPSValues.java +K 25 +svn:wc:ra_dav:version-url +V 102 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java +END +STORKAttrQueryRequest.java +K 25 +svn:wc:ra_dav:version-url +V 113 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java +END +CitizenConsent.java +K 25 +svn:wc:ra_dav:version-url +V 106 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java +END +AttributeProvidersMap.java +K 25 +svn:wc:ra_dav:version-url +V 113 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java +END +STORKAttrQueryResponse.java +K 25 +svn:wc:ra_dav:version-url +V 114 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java +END +PersonalAttributeList.java +K 25 +svn:wc:ra_dav:version-url +V 113 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java +END +AttributeName.java +K 25 +svn:wc:ra_dav:version-url +V 105 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java +END +PEPSUtil.java +K 25 +svn:wc:ra_dav:version-url +V 100 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java +END +PersonalAttribute.java +K 25 +svn:wc:ra_dav:version-url +V 109 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java +END +IAttributeListProcessor.java +K 25 +svn:wc:ra_dav:version-url +V 115 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java +END +STORKLogoutResponse.java +K 25 +svn:wc:ra_dav:version-url +V 111 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java +END +IStorkLogger.java +K 25 +svn:wc:ra_dav:version-url +V 103 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java +END +DateUtil.java +K 25 +svn:wc:ra_dav:version-url +V 99 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java +END +STORKAuthnRequest.java +K 25 +svn:wc:ra_dav:version-url +V 108 +/CITnet/svn/STORK2/!svn/ver/56/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java +END +AttributeProvider.java +K 25 +svn:wc:ra_dav:version-url +V 109 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java +END +IStorkSession.java +K 25 +svn:wc:ra_dav:version-url +V 104 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java +END +Linker.java +K 25 +svn:wc:ra_dav:version-url +V 98 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/Linker.java +END +PEPSParameters.java +K 25 +svn:wc:ra_dav:version-url +V 106 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java +END +AttributeConstants.java +K 25 +svn:wc:ra_dav:version-url +V 109 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java +END +AttributeUtil.java +K 25 +svn:wc:ra_dav:version-url +V 105 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java +END +STORKStatusCode.java +K 25 +svn:wc:ra_dav:version-url +V 106 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java +END +Country.java +K 25 +svn:wc:ra_dav:version-url +V 98 +/CITnet/svn/STORK2/!svn/ver/96/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/Country.java +END +PEPSErrors.java +K 25 +svn:wc:ra_dav:version-url +V 102 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java +END +STORKLogoutRequest.java +K 25 +svn:wc:ra_dav:version-url +V 110 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java +END +IAttributeProvidersMap.java +K 25 +svn:wc:ra_dav:version-url +V 113 +/CITnet/svn/STORK2/!svn/ver/31/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java +END +STORKSubStatusCode.java +K 25 +svn:wc:ra_dav:version-url +V 109 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java +END +IPersonalAttributeList.java +K 25 +svn:wc:ra_dav:version-url +V 114 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java +END +STORKAuthnResponse.java +K 25 +svn:wc:ra_dav:version-url +V 110 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java +END +CountryCodes.java +K 25 +svn:wc:ra_dav:version-url +V 103 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java +END diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/entries b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/entries new file mode 100644 index 000000000..b18b22565 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/entries @@ -0,0 +1,1085 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/java/eu/stork/peps/auth/commons +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +PersonalAttributeList.java +file + + + + +2014-01-21T08:38:55.336702Z +0036d26679cc31fe7d1bdea1b8b3555a +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +12041 + +AttributeName.java +file + + + + +2014-01-21T08:38:55.336702Z +164e63d1f4e5aeb47d371caff534eaab +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1504 + +PEPSErrors.java +file + + + + +2014-01-21T08:38:55.336702Z +bfe69afce772675187fdd637453ed12f +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +12165 + +STORKLogoutRequest.java +file + + + + +2014-01-21T08:38:55.336702Z +af445a2013f21ffecd3db7773ae3236e +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +4343 + +PersonalAttribute.java +file + + + + +2014-01-21T08:38:55.336702Z +ce98ef39a754869644b5516cdcfcb40d +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +8914 + +IAttributeListProcessor.java +file + + + + +2014-01-21T08:38:55.336702Z +07efc5b742cc9e4b80a2f8b17fe4b946 +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +4713 + +IAttributeProvidersMap.java +file + + + + +2013-12-20T12:27:56.634475Z +225257e8d6d7b9e6bcc4bea2463c33be +2013-10-10T17:38:31.956327Z +31 +emlelisst + + + + + + + + + + + + + + + + + + + + + +2534 + +STORKLogoutResponse.java +file + + + + +2014-01-21T08:38:55.336702Z +880a05076cf8412311766aa40cf6a63f +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +5474 + +STORKSubStatusCode.java +file + + + + +2013-12-20T12:27:56.634475Z +65e615e0119d4125d5f4f58af8bcd18b +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2181 + +STORKAuthnRequest.java +file + + + + +2013-12-20T12:27:56.634475Z +3f36e65f0c4f1c7df753784b2e64f00b +2013-10-24T15:44:04.704923Z +56 +emgrtargr + + + + + + + + + + + + + + + + + + + + + +11269 + +IPersonalAttributeList.java +file + + + + +2014-01-21T08:38:55.336702Z +b441a2c6c3eddcf1043c55e55f48faa6 +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +6598 + +AttributeProvider.java +file + + + + +2014-01-21T08:38:55.336702Z +39c770ebd2082723b9eeb68bf17ee698 +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1687 + +IStorkSession.java +file + + + + +2013-12-20T12:27:56.634475Z +5a8701b1fd27998d5cf3280a5c99bcb0 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2745 + +CountryCodes.java +file + + + + +2013-12-20T12:27:56.638475Z +f91b0f8df0b2a68fe1b900d425257c23 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +3527 + +STORKAuthnResponse.java +file + + + + +2014-01-21T08:38:55.336702Z +f2247f9a89e8ad01f9a24ad716f993ca +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +8724 + +package-info.java +file + + + + +2013-12-20T12:27:56.638475Z +8d8068e217f10425f76a8d37192ccd80 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +277 + +PEPSValues.java +file + + + + +2014-01-21T08:38:55.336702Z +ee08f149082a8e4888fb25ca70ae931f +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +7592 + +CitizenConsent.java +file + + + + +2014-01-21T08:38:55.336702Z +39e236d6888f266d9b4967f19726126c +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +3445 + +STORKStatusCode.java +file + + + + +2013-12-20T12:27:56.638475Z +771689c75a8263c7e3966e820d59025e +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1906 + +AttributeUtil.java +file + + + + +2014-01-21T08:38:55.336702Z +2859d3335dfe719ca04258fae54e69a3 +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +7927 + +exceptions +dir + +STORKAttrQueryResponse.java +file + + + + +2014-01-21T08:38:55.336702Z +93fc508be2bc0fd29ae453b0868e1d2b +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +9080 + +Country.java +file + + + + +2013-12-20T12:27:56.638475Z +9cbde5f25b646d02dae7ccf424906b4a +2013-11-01T20:35:30.927048Z +96 +emferreri + + + + + + + + + + + + + + + + + + + + + +2208 + +PEPSUtil.java +file + + + + +2014-01-21T08:38:55.336702Z +1fef4b668542bb572c856053b61aa6af +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +11505 + +DateUtil.java +file + + + + +2013-12-20T12:27:56.634475Z +59f9cd2a3d1169a0f1a797b28719921a +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +5702 + +IStorkLogger.java +file + + + + +2013-12-20T12:27:56.634475Z +f15979b29f52d1674103528aed914ae7 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +4766 + +AttributeSource.java +file + + + + +2014-01-21T08:38:55.336702Z +a0555599193656bc17e02c3ce23043be +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +4501 + +Linker.java +file + + + + +2014-01-21T08:38:55.336702Z +98f46baee16310e3dc59ef224ba5b5ab +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +8950 + +PEPSParameters.java +file + + + + +2014-01-21T08:38:55.332702Z +95e7dfcbff9c4ca76c2f4aea047f0bfd +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +15289 + +STORKAttrQueryRequest.java +file + + + + +2014-01-21T08:38:55.336702Z +2d4ac505f71020c482ebbefa10484552 +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +10617 + +AttributeProvidersMap.java +file + + + + +2014-01-21T08:38:55.336702Z +b487da35df5353c8b2aba47ab3cdb68d +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2608 + +AttributeConstants.java +file + + + + +2013-12-20T12:27:56.638475Z +940dcb9e93ede62e221f4b25abd6576b +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1831 + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeConstants.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeConstants.java.svn-base new file mode 100644 index 000000000..09769641c --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeConstants.java.svn-base @@ -0,0 +1,72 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains all the STORK PEPS, Commons and Specific errors + * constant identifiers. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.2 $, $Date: 2010-11-17 05:15:28 $ + */ +public enum AttributeConstants { + + /** + * Represents the attribute's name index. + */ + ATTR_NAME_INDEX(0), + /** + * Represents the attribute's type index. + */ + ATTR_TYPE_INDEX(1), + /** + * Represents the attribute's value index. + */ + ATTR_VALUE_INDEX(2), + /** + * Represents the attribute's status index. + */ + ATTR_STATUS_INDEX(3), + /** + * Represents the number of allowed tuples. + */ + NUMBER_TUPLES(4); + + /** + * Represents the constant's value. + */ + private int attribute; + + /** + * Solo Constructor. + * + * @param attr The Attribute Constant value. + */ + AttributeConstants(final int attr) { + + this.attribute = attr; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public int intValue() { + + return attribute; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeName.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeName.java.svn-base new file mode 100644 index 000000000..a44768c7e --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeName.java.svn-base @@ -0,0 +1,74 @@ +package eu.stork.peps.auth.commons; + +/** + * This class is a bean used to store information relative to Attribute Names. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.00 $, $Date: 2013-11-26 $ + */ +public final class AttributeName { + + /** + * Attribute Id. + */ + private String attributeId; + + /** + * Attribute Name. + */ + private String attributeName; + + /** + * Attribute Name Constructor. + * + * @param aId Id of the Attribute Name. + * @param aName Name of the Attribute Name. + */ + public AttributeName(final String aId, final String aName) { + + this.attributeId = aId; + this.attributeName = aName; + } + + /** + * Getter for the attributeId value. + * + * @return The attributeId value. + */ + public String getAttributeId() { + + return attributeId; + } + + /** + * Setter for the attributeId value. + * + * @param aId Id of the Attribute Name. + */ + public void setAttributeId(final String aId) { + + this.attributeId = aId; + } + + /** + * Getter for the attributeName value. + * + * @return The attributeName value. + */ + public String getAttributeName() { + + return attributeName; + } + + /** + * Setter for the attributeName value. + * + * @param name Name of the Attribute Name. + */ + public void setAttributeName(final String name) { + + this.attributeName = name; + } + +} \ No newline at end of file diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeProvider.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeProvider.java.svn-base new file mode 100644 index 000000000..fc776db81 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeProvider.java.svn-base @@ -0,0 +1,80 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +/** + * This class is a bean used to store the information relative to the Attribute Provider. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.01 $, $Date: 2013-11-28 $ + */ +public final class AttributeProvider implements Serializable { + /** + * Unique identifier. + */ + private static final long serialVersionUID = 7210186241917444559L; + + /** + * Provider Id. + */ + private String providerId; + + /** + * Provider Name. + */ + private String providerName; + + /** + * Attribute Provider Constructor. + * + * @param pId Id of the Attribute Provider. + * @param pName Name of the Attribute Provider. + */ + public AttributeProvider(final String pId, final String pName) { + + this.providerId = pId; + this.providerName = pName; + } + + /** + * Getter for the providerId value. + * + * @return The providerId value. + */ + public String getProviderId() { + + return providerId; + } + + /** + * Setter for the providerId value. + * + * @param pId Id of the Attribute Provider. + */ + public void setProviderId(final String pId) { + + this.providerId = pId; + } + + /** + * Getter for the providerName value. + * + * @return The providerName value. + */ + public String getProviderName() { + + return providerName; + } + + /** + * Setter for the providerName value. + * + * @param name Name of the Attribute Provider. + */ + public void setProviderName(final String name) { + + this.providerName = name; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeProvidersMap.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeProvidersMap.java.svn-base new file mode 100644 index 000000000..85aec2625 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeProvidersMap.java.svn-base @@ -0,0 +1,96 @@ +package eu.stork.peps.auth.commons; + +import java.util.Iterator; +import java.util.LinkedHashMap; + +import org.apache.log4j.Logger; + +/** + * Implementation of the AttributeProviderMap using a LinkedHashMap. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.01 $, $Date: 2013-09-20 $ + * + * @see LinkedHashMap + */ +public class AttributeProvidersMap extends LinkedHashMap + implements IAttributeProvidersMap { + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(AttributeProvidersMap.class.getName()); + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 8949081185106296122L; + + /** + * {@inheritDoc} + */ + @Override + public IPersonalAttributeList get(final AttributeSource key) { + return this.get((Object) key); + } + + /** + * {@inheritDoc} + */ + @Override + public IPersonalAttributeList remove(final AttributeSource key) { + return this.remove((Object) key); + } + + /** + * {@inheritDoc} + */ + @Override + public boolean containsKey(final AttributeSource key) { + return this.containsKey((Object) key); + } + + /** + * {@inheritDoc} + */ + @Override + public Iterator keyIterator() { + return this.keySet().iterator(); + } + + public void trace() { + Iterator iterator; + Iterator iterator2; + AttributeSource source; + IPersonalAttributeList pal; + PersonalAttribute pa; + + iterator = this.keyIterator(); + LOG.trace("Start dumping of AttributeProvidersMap\n======================="); + while (iterator.hasNext()) { + source = iterator.next(); + + LOG.trace("Source details: type [" + source.getSourceType() + "], URL [" + source.getProviderURL() + "]"); + + if(source.getSourceType() == AttributeSource.SOURCE_LOCAL_APROVIDER) { + LOG.trace("-> Attribute Provider: ID [" + source.getProvider().getProviderId() + "], name [" + source.getProvider().getProviderName() + "]"); + } + else { + LOG.trace("-> Country: ID [" + source.getCountry().getCountryId() + "], name [" + source.getCountry().getCountryName() + "]"); + } + + pal = this.get(source); + LOG.trace("++++++++=>"); + iterator2 = pal.iterator(); + while (iterator2.hasNext()) { + pa = iterator2.next(); + + LOG.trace("-> Citizen Attribute: name [" + pa.getName() + "], required [" + pa.isRequired() + "]"); + } + LOG.trace("<=++++++++"); + + LOG.trace("-----------------------"); + } + LOG.trace("END\n======================="); + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeSource.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeSource.java.svn-base new file mode 100644 index 000000000..846f54f67 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeSource.java.svn-base @@ -0,0 +1,188 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +import org.apache.log4j.Logger; + +/** + * This class is a bean used to store the information relative to the Attribute Source (either AttributeProvider or Country). + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.10 $, $Date: 2013-11-29 $ + */ +public final class AttributeSource implements Serializable { + /** + * Unique identifier. + */ + private static final long serialVersionUID = 432243595968469014L; + + public static final int SOURCE_LOCAL_APROVIDER = 1; + public static final int SOURCE_REMOTE_COUNTRY = 2; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(AttributeSource.class.getName()); + + /** + * Provider source. + */ + private int sourceType; + + /** + * Provider URL. + */ + private String providerURL; + + /** + * The local Attribute Provider. + */ + private AttributeProvider provider; + + /** + * The remote Country. + */ + private Country country; + + /** + * Attribute Source Constructor. + * + * @param provider The local Attribute Provider. + * @param pURL URL of the Attribute Provider. + */ + public AttributeSource(final AttributeProvider provider, final String pURL) { + this.setSourceType(SOURCE_LOCAL_APROVIDER); + + this.setProvider(provider); + this.setProviderURL(pURL); + } + + /** + * Attribute Source Constructor. + * + * @param country The remote Country. + * @param pURL URL of the Country. + */ + public AttributeSource(final Country country, final String pURL) { + this.setSourceType(SOURCE_REMOTE_COUNTRY); + + this.setCountry(country); + this.setProviderURL(pURL); + } + + /** + * @param sourceType the sourceType to set + */ + public void setSourceType(final int sourceType) { + this.sourceType = sourceType; + } + + /** + * @return the sourceType + */ + public int getSourceType() { + return sourceType; + } + + /** + * @param providerURL the providerURL to set + */ + public void setProviderURL(final String providerURL) { + this.providerURL = providerURL; + } + + /** + * @return the providerURL + */ + public String getProviderURL() { + return providerURL; + } + + /** + * @param provider the provider to set + */ + public void setProvider(final AttributeProvider provider) { + this.setSourceType(SOURCE_LOCAL_APROVIDER); + + this.provider = provider; + } + + /** + * @return the provider + */ + public AttributeProvider getProvider() { + return provider; + } + + /** + * @param country the country to set + */ + public void setCountry(final Country country) { + this.setSourceType(SOURCE_REMOTE_COUNTRY); + + this.country = country; + } + + /** + * @return the country + */ + public Country getCountry() { + return country; + } + + /** + * {@inheritDoc} + */ + public boolean equals(Object obj) { + boolean outcome = false; + + LOG.debug("Calling equals with Object."); + if ( obj instanceof AttributeSource ) { + LOG.debug("Calling equals with AttributeSource."); + outcome = this.equals((AttributeSource)obj); + } + + LOG.debug("Object equals outcome: " + outcome); + return outcome; + } + + /** + * Compare the given AttributeSource with the current object in order to determinine + * if they are equal. + * + * @param obj The AttributeSource to compare to + * + * @return true if the two objects are equal + */ + public boolean equals(AttributeSource obj) { + boolean outcome = false; + + if ( this.sourceType==obj.getSourceType() ) { + if ( this.sourceType==AttributeSource.SOURCE_LOCAL_APROVIDER ) { + if ( this.provider.getProviderId().equals(obj.getProvider().getProviderId()) ) + outcome = true; + } + else if ( this.sourceType==AttributeSource.SOURCE_REMOTE_COUNTRY ) { + if ( this.country.getCountryId().equals(obj.getCountry().getCountryId()) ) + outcome = true; + } + } + + LOG.debug("AttributeSource equals outcome: " + outcome); + return outcome; + } + + /** + * {@inheritDoc} + */ + public int hashCode() { + int hash = 1; + hash = hash * 17 + this.sourceType; + if ( this.sourceType==AttributeSource.SOURCE_LOCAL_APROVIDER ) + hash = hash * 31 + this.provider.getProviderName().hashCode(); + else + hash = hash * 31 + this.country.getCountryName().hashCode(); + return hash; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeUtil.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeUtil.java.svn-base new file mode 100644 index 000000000..af7ab6cf3 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/AttributeUtil.java.svn-base @@ -0,0 +1,231 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import org.apache.commons.lang.StringUtils; + +/** + * This class holds static helper methods. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.5 $, $Date: 2010-12-15 23:19:59 $ + */ +public final class AttributeUtil { + + /** + * Private constructor. Prevents the class from being instantiated. + */ + private AttributeUtil() { + // empty constructor + } + + /** + * Safe escape any given string. + * + * @param value The HTTP Value to escaped. + * + * @return The value escaped value. + */ + public static String escape(final String value) { + + final String attrSep = PEPSValues.ATTRIBUTE_SEP.toString(); + final String attrTupleSep = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(); + final String attrValueSep = PEPSValues.ATTRIBUTE_VALUE_SEP.toString(); + + final String escAttrSep = "%" + (int) attrSep.charAt(0); + final String escAttrTupleSep = "%" + (int) attrTupleSep.charAt(0); + final String escAttrValueSep = "%" + (int) attrValueSep.charAt(0); + + return value.replace(attrSep, escAttrSep) + .replace(attrTupleSep, escAttrTupleSep) + .replace(attrValueSep, escAttrValueSep); + } + + /** + * Unescape any given string. + * + * @param value The HTTP Value to be unescaped. + * + * @return The value unescaped value. + */ + public static String unescape(final String value) { + final String attrSep = PEPSValues.ATTRIBUTE_SEP.toString(); + final String attrTupleSep = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(); + final String attrValueSep = PEPSValues.ATTRIBUTE_VALUE_SEP.toString(); + + final String escAttrSep = "%" + (int) attrSep.charAt(0); + final String escAttrTupleSep = "%" + (int) attrTupleSep.charAt(0); + final String escAttrValueSep = "%" + (int) attrValueSep.charAt(0); + + return value.replace(escAttrSep, attrSep) + .replace(escAttrTupleSep, attrTupleSep) + .replace(escAttrValueSep, attrValueSep); + } + + /** + * Appends the string representation of an object to a StringBuilder. + * + * @param strBuilder The StringBuilder to append to. + * @param val The string representation of an object. + */ + public static void appendIfNotNull(final StringBuilder strBuilder, + final Object val) { + + if (val != null) { + strBuilder.append(val); + } + } + + /** + * Given a separator and a list of strings, joins the list, as a string, + * separated by the separator string. + * + * @param list The list of strings to join. + * @param separator The separator string. + * @return the list, as a string, separated by the separator string. + */ + public static String listToString(final List list, + final String separator) { + + final StringBuilder strBuilder = new StringBuilder(); + for (final String s : list) { + if (!StringUtils.isEmpty(s)) { + strBuilder.append(AttributeUtil.escape(s) + separator); + } + } + return strBuilder.toString(); + } + + /** + * Given a separator and a map of strings to strings, joins the map, as a + * string, separated by the separator string with the pair key/value + * concatenated with a '='. + * + * @param map The map of strings to join. + * @param separator The separator string. + * + * @return the map of strings, as a string, separated by the separator string + * with the pair key/value concatenated with a '='. + */ + public static String mapToString(final Map map, + final String separator) { + + final StringBuilder strBuilder = new StringBuilder(); + final Iterator> valuesIt = map.entrySet().iterator(); + while (valuesIt.hasNext()) { + final Entry entry = valuesIt.next(); + strBuilder.append(entry.getKey()); + strBuilder.append('='); + strBuilder.append(AttributeUtil.escape(entry.getValue())); + strBuilder.append(separator); + } + return strBuilder.toString(); + } + + /** + * Validates the attribute value format. + * + * @param value The attribute value to validate. + * + * @return true if value has a valid format. + */ + public static boolean isValidValue(final String value) { + boolean retVal = false; + if (value != null && value.charAt(0) == '[' && value.endsWith("]")) { + final String tmpAttrValue = value.substring(1, value.length() - 1); + final String[] vals = + tmpAttrValue.split(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + + if (tmpAttrValue.length() >= 0 + || (vals.length > 0 && vals[0].length() > 0)) { + retVal = true; + } + } + return retVal; + } + + /** + * Validates the attribute type value. It's case insensitive. E.g. return true + * value to: a) "true", "TRUE", "True", ... b) "false", "FALSE", "False", ... + * + * @param type The attribute type value. + * + * @return true if type has a true or false (case insensitive) value. + */ + public static boolean isValidType(final String type) { + return StringUtils.isNotEmpty(type) && (PEPSValues.TRUE.toString().equalsIgnoreCase(type) || PEPSValues.FALSE.toString().equalsIgnoreCase(type)) ; + } + + /** + * Validates the Personal attribute tuple. E.g. name:type:[value]:status + * + * @param tuples The Personal attribute's tuple. + * + * @return true if the tuples' format is valid. + * + * @see PEPSUtil#validateParameter(String, String, String) + * @see String#equalsIgnoreCase(String) + */ + public static boolean hasValidTuples(final String[] tuples) { + boolean retVal = false; + + final int numberTuples = AttributeConstants.NUMBER_TUPLES.intValue(); + if (tuples != null && tuples.length == numberTuples) { + // validate attrName + final int attrNameIndex = AttributeConstants.ATTR_NAME_INDEX.intValue(); + final int attrTypeIndex = AttributeConstants.ATTR_TYPE_INDEX.intValue(); + final int attrValueIndex = AttributeConstants.ATTR_VALUE_INDEX.intValue(); + + retVal = + StringUtils.isNotEmpty(tuples[attrNameIndex]) + && StringUtils.isNotEmpty(tuples[attrTypeIndex]) + && StringUtils.isNotEmpty(tuples[attrValueIndex]) + && AttributeUtil.isValidType(tuples[attrTypeIndex]) + && AttributeUtil.isValidValue(tuples[attrValueIndex]); + } + return retVal; + } + + /** + * Check if all mandatory attributes have values. + * + * @param personalAttrList The Personal Attributes List. + * + * @return true if all mandatory attributes have values, false if at least one + * attribute doesn't have value. + */ + public static boolean checkMandatoryAttributes( + final IPersonalAttributeList personalAttrList) { + + final Iterator itAttributes = + personalAttrList.values().iterator(); + boolean retVal = true; + while (itAttributes.hasNext() && retVal) { + final PersonalAttribute attr = itAttributes.next(); + if (attr.isRequired() + && !STORKStatusCode.STATUS_AVAILABLE.toString() + .equals(attr.getStatus())) { + retVal = false; + } + } + return retVal; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/CitizenConsent.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/CitizenConsent.java.svn-base new file mode 100644 index 000000000..9ebcfbd5a --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/CitizenConsent.java.svn-base @@ -0,0 +1,123 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.ArrayList; +import java.util.List; + +/** + * This class is a bean used to store the information relative to the Citizen + * Consent. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class CitizenConsent { + + /** + * Mandatory attributes list. + */ + private List mandatoryList; + + /** + * Optional attributes list. + */ + private List optionalList; + + /** + * Citizen Consent default Constructor. + */ + public CitizenConsent() { + this.mandatoryList = new ArrayList(); + this.optionalList = new ArrayList(); + } + + /** + * Getter for the mandatoryList value. + * + * @return The mandatoryList value. + */ + public List getMandatoryList() { + return this.mandatoryList; + } + + /** + * Setter for the mandatoryList value. + * + * @param mandatoryAttrList Mandatory parameters list. + */ + public void setMandatoryList(final List mandatoryAttrList) { + this.mandatoryList = mandatoryAttrList; + } + + /** + * Setter for some mandatoryAttribute. Adds the input parameter to the + * mandatoryList. + * + * @param mandatoryAttr Attribute to add to the mandatoryList. + */ + public void setMandatoryAttribute(final String mandatoryAttr) { + this.mandatoryList.add(mandatoryAttr); + } + + /** + * Getter for the optionalList value. + * + * @return The optionalList value. + */ + public List getOptionalList() { + return optionalList; + } + + /** + * Setter for the optionalList value. + * + * @param optAttrList Optional parameters list. + */ + public void setOptionalList(final List optAttrList) { + this.optionalList = optAttrList; + } + + /** + * Setter for some optionalAttr. Adds the input parameter to the optionalList. + * + * @param optionalAttr Attribute to add to the optionalList. + */ + public void setOptionalAttribute(final String optionalAttr) { + this.optionalList.add(optionalAttr); + } + + /** + * Returns a string in the following format. "Mandatory attributes: + * mandatoryAttr1;mandatoryAttr2;mandatoryAttrN Optional attributes: + * optionalAttr1;optionalAttr2;optionalAttrN" + * + * @return {@inheritDoc} + */ + public String toString() { + final StringBuilder strbldr = new StringBuilder(46); + strbldr.append("Mandatory attributes: "); + for (final String str : mandatoryList) { + strbldr.append(str).append(';'); + } + strbldr.append(" Optional attributes: "); + for (final String str : optionalList) { + strbldr.append(str).append(';'); + } + return strbldr.toString(); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/Country.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/Country.java.svn-base new file mode 100644 index 000000000..001f9317a --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/Country.java.svn-base @@ -0,0 +1,95 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +/** + * This class is a bean used to store the information relative to the Country. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.10 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class Country implements Serializable { + + /** + * + */ + private static final long serialVersionUID = 1135994036496370993L; + +/** + * Country Id. + */ + private String countryId; + + /** + * Country Name. + */ + private String countryName; + + /** + * Country Constructor. + * + * @param cId Id of the Country. + * @param cName Name of the Country. + */ + public Country(final String cId, final String cName) { + + this.countryId = cId; + this.countryName = cName; + } + + /** + * Getter for the countryId value. + * + * @return The countryId value. + */ + public String getCountryId() { + + return countryId; + } + + /** + * Setter for the countryId value. + * + * @param cId Id of the Country. + */ + public void setCountryId(final String cId) { + + this.countryId = cId; + } + + /** + * Getter for the countryName value. + * + * @return The countryName value. + */ + public String getCountryName() { + + return countryName; + } + + /** + * Setter for the countryName value. + * + * @param name Name of the Country. + */ + public void setCountryName(final String name) { + + this.countryName = name; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/CountryCodes.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/CountryCodes.java.svn-base new file mode 100644 index 000000000..54345f3ea --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/CountryCodes.java.svn-base @@ -0,0 +1,79 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.Arrays; +import java.util.List; + +/** + * This class contains all the ISO 3166-1 Alpha 3 Country Codes. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.2 $, $Date: 2011-04-14 00:24:56 $ + */ +public final class CountryCodes { + + /** + * Private Constructor. + */ + private CountryCodes() { + + } + + /** + * ISO 3166-1 Alpha 3 Country Codes. + */ + private static List countrysAlpha3 = Arrays.asList("ABW", "AFG", + "AGO", "AIA", "ALA", "ALB", "AND", "ANT", "ARE", "ARG", "ARM", "ASM", + "ATA", "ATF", "ATG", "AUS", "AUT", "AZE", "BDI", "BEL", "BEN", "BES", + "BFA", "BGD", "BGR", "BHR", "BHS", "BIH", "BLM", "BLR", "BLZ", "BMU", + "BOL", "BRA", "BRB", "BRN", "BTN", "BUR", "BVT", "BWA", "BYS", "CAF", + "CAN", "CCK", "CHE", "CHL", "CHN", "CIV", "CMR", "COD", "COG", "COK", + "COL", "COM", "CPV", "CRI", "CSK", "CUB", "CUW", "CXR", "CYM", "CYP", + "CZE", "DEU", "DJI", "DMA", "DNK", "DOM", "DZA", "ECU", "EGY", "ERI", + "ESH", "ESP", "EST", "ETH", "FIN", "FJI", "FLK", "FRA", "FRO", "FSM", + "GAB", "GBR", "GEO", "GGY", "GHA", "GIB", "GIN", "GLP", "GMB", "GNB", + "GNQ", "GRC", "GRD", "GRL", "GTM", "GUF", "GUM", "GUY", "HKG", "HMD", + "HND", "HRV", "HTI", "HUN", "IDN", "IMN", "IND", "IOT", "IRL", "IRN", + "IRQ", "ISL", "ISR", "ITA", "JAM", "JEY", "JOR", "JPN", "KAZ", "KEN", + "KGZ", "KHM", "KIR", "KNA", "KOR", "KWT", "LAO", "LBN", "LBR", "LBY", + "LCA", "LIE", "LKA", "LSO", "LTU", "LUX", "LVA", "MAC", "MAF", "MAR", + "MCO", "MDA", "MDG", "MDV", "MEX", "MHL", "MKD", "MLI", "MLT", "MMR", + "MNE", "MNG", "MNP", "MOZ", "MRT", "MSR", "MTQ", "MUS", "MWI", "MYS", + "MYT", "NAM", "NCL", "NER", "NFK", "NGA", "NIC", "NIU", "NLD", "NOR", + "NPL", "NRU", "NZL", "OMN", "PAK", "PAN", "PCN", "PER", "PHL", "PLW", + "PNG", "POL", "PRI", "PRK", "PRT", "PRY", "PSE", "PYF", "QAT", "REU", + "ROM", "ROU", "RUS", "RWA", "SAU", "SCG", "SDN", "SEN", "SGP", "SGS", + "SHN", "SJM", "SLB", "SLE", "SLV", "SMR", "SOM", "SPM", "SRB", "STP", + "SUR", "SVK", "SVN", "SXW", "SWE", "SWZ", "SYC", "SYR", "TCA", "TCD", + "TGO", "THA", "TJK", "TKL", "TKM", "TLS", "TMP", "TON", "TTO", "TUN", + "TUR", "TUV", "TWN", "TZA", "UGA", "UKR", "UMI", "URY", "USA", "UZB", + "VAT", "VCT", "VEN", "VGB", "VIR", "VNM", "VUT", "WLF", "WSM", "YEM", + "YUG", "ZAF", "ZAR", "ZMB", "ZWE"); + + /** + * Searches the CountryCode (3166-1 alpha3 format) an return true if it + * exists. + * + * @param countryCode The Country code to search. + * + * @return true if the CountryCode exists, false otherwise. + */ + public static boolean hasCountryCodeAlpha3(final String countryCode) { + + return CountryCodes.countrysAlpha3.contains(countryCode); + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/DateUtil.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/DateUtil.java.svn-base new file mode 100644 index 000000000..9c0bd6775 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/DateUtil.java.svn-base @@ -0,0 +1,169 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.sql.Timestamp; +import java.util.GregorianCalendar; + +import org.apache.log4j.Logger; +import org.joda.time.DateTime; +import org.joda.time.Years; +import org.joda.time.format.DateTimeFormat; +import org.joda.time.format.DateTimeFormatter; + +import eu.stork.peps.auth.commons.exceptions.SecurityPEPSException; + +/** + * This class holds static helper methods for Date Operations. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.4 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class DateUtil { + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(DateUtil.class.getName()); + + /** + * yyyy Date format size. + */ + private static final int YEAR_DATE_SIZE = 4; + + /** + * yyyyMM Date format size. + */ + private static final int MONTH_DATE_SIZE = 6; + + /** + * Private constructor. Prevents the class from being instantiated. + */ + private DateUtil() { + // empty constructor + } + + /** + * Fulfils dateValue with a valid date. The following roles are applied: a) If + * the dateValue only contains the year then fulfils with last year's day. + * e.g. this method returns 19951231 to the 1995 dateValue. b) If the + * dateValue contains the year and the month then fulfils with last month's + * day. e.g. this method returns 19950630 to the 199505 dateValue. + * + * @param dateValue The date to be fulfilled. + * + * @return The dateValue fulfilled. + */ + private static String fulfilDate(final String dateValue) { + + final StringBuffer strBuf = new StringBuffer(); + strBuf.append(dateValue); + // if the IdP just provides the year then we must fullfil the date. + if (dateValue.length() == YEAR_DATE_SIZE) { + strBuf.append(PEPSValues.LAST_MONTH.toString()); + } + // if the IdP provides the year and the month then we must fullfil the + // date. + if (dateValue.length() == MONTH_DATE_SIZE + || strBuf.length() == MONTH_DATE_SIZE) { + // IdP doesn't provide the day, so we will use DateTime to + // calculate it. + final String noDayCons = PEPSValues.NO_DAY_DATE_FORMAT.toString(); + final DateTimeFormatter fmt = DateTimeFormat.forPattern(noDayCons); + final DateTime dateTime = fmt.parseDateTime(strBuf.toString()); + // Append the last month's day. + strBuf.append(dateTime.dayOfMonth().withMaximumValue().getDayOfMonth()); + } + + return strBuf.toString(); + } + + /** + * Validates the dateValue format: a) if has a valid size; b) if has a numeric + * value; Note: dateValue must have the format yyyyMMdd. + * + * @param dateValueTmp The date to be validated. + * @param pattern The accepted date format. + * + * @return true if the date has a valid format. + */ + public static boolean isValidFormatDate(final String dateValueTmp, + final String pattern) { + + boolean retVal = true; + try { + final String dateValue = DateUtil.fulfilDate(dateValueTmp); + + final DateTimeFormatter fmt = DateTimeFormat.forPattern(pattern); + fmt.parseDateTime(dateValue); + } catch (final Exception e) { + // We catch Exception because we only have to return false + // value! + retVal = false; + } + return retVal; + } + + /** + * Calculates the age for a given date string. + * + * @param dateVal The date to be validated. + * @param now The current date. + * @param pattern The date pattern. + * + * @return The age value. + */ + public static int calculateAge(final String dateVal, final DateTime now, + final String pattern) { + + if (DateUtil.isValidFormatDate(dateVal, pattern)) { + try { + final String dateValueTemp = DateUtil.fulfilDate(dateVal); + final DateTimeFormatter fmt = DateTimeFormat.forPattern(pattern); + final DateTime dateTime = fmt.parseDateTime(dateValueTemp); + // Calculating age + final Years age = Years.yearsBetween(dateTime, now); + + return age.getYears(); + } catch (final IllegalArgumentException e) { + LOG.warn("Invalid date format (" + pattern + + ") or an invalid dateValue."); + throw new SecurityPEPSException( + PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorCode()), + PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorMessage()), + e); + } + } else { + LOG.warn("Couldn't calculate Age, invalid date!"); + throw new SecurityPEPSException( + PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorCode()), + PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorMessage())); + } + + } + + /** + * Generates the current timestamp. + * + * @return timestamp The current timestamp + */ + public static Timestamp currentTimeStamp() { + final GregorianCalendar cal = new GregorianCalendar(); + final long millis = cal.getTimeInMillis(); + return new Timestamp(millis); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IAttributeListProcessor.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IAttributeListProcessor.java.svn-base new file mode 100644 index 000000000..b13c70f04 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IAttributeListProcessor.java.svn-base @@ -0,0 +1,148 @@ +package eu.stork.peps.auth.commons; + +import java.util.List; +import java.util.Map; + +/** + * Interface for {@link AttributeListProcessor}. + * + * @author ricardo.ferreira@multicert.com + * + * @version $Revision: $, $Date: $ + * + * @see IPersonalAttributeList + */ +public interface IAttributeListProcessor { + + /** + * Checks if attribute list only contains allowed attributes. + * + * @param attrList the requested attribute list + * @param attributes the allowed attributes + * + * @return true is all the attributes are allowed. + * + * @see IPersonalAttributeList + */ + boolean hasAllowedAttributes(final IPersonalAttributeList attrList, final List attributes); + + /** + * Lookup for business attribute. + * + * @param attrList the requested attribute list + * @param normalAttributes the normal attributes + * + * @return true is at least one business attribute was requested. + * + * @see IPersonalAttributeList + */ + boolean hasBusinessAttributes(final IPersonalAttributeList attrList, final List normalAttributes); + + /** + * Lookup for business attribute in normal attribute list (loaded by + * implementation). + * + * @param attrList the requested attribute list + * + * @return true is at least one business attribute was requested. + * + * @see IPersonalAttributeList + */ + boolean hasBusinessAttributes(final IPersonalAttributeList attrList); + + /** + * Adds eIdentifier, name, surname, and DateOfBirth attributes to get business + * attributes from some AP. + * + * @param attrList the requested attribute list + * @param attributes the list of attributes to add (eIdentifier, name, + * surname, and DateOfBirth). + * + * @return the requested attribute list and the new attributes added + * (eIdentifier, name, surname, and DateOfBirth). + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList addAPMandatoryAttributes(final IPersonalAttributeList attrList, final List attributes); + + /** + * Adds eIdentifier, name, surname, and DateOfBirth attributes, loaded by + * implementation, to get business attributes from some AP. + * + * @param attrList the requested attribute list + * + * @return the requested attribute list and the new attributes added + * (eIdentifier, name, surname, and DateOfBirth). + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList addAPMandatoryAttributes(final IPersonalAttributeList attrList); + + /** + * Removes from attribute list the given list of attributes. + * + * @param attrList the requested attribute list + * @param attributes the list of attributes to remove. + * + * @return the requested attribute list and the attributes removed. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList removeAPMandatoryAttributes(final IPersonalAttributeList attrList, final List attributes); + + /** + * Removes from attribute list the given list of attributes and change + * attributes status if attribute was optional in the request. + * + * @param attrList the requested attribute list + * @param attributes the map of attributes (attribute name, mandatory/optional) to remove. + * + * @return the requested attribute list and the attributes removed + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList removeAPMandatoryAttributes(IPersonalAttributeList attrList, Map attributes); + + /** + * Checks if mandate attribute exist in the requested Attribute List. Power + * attribute name to lookup is loaded by implementation. + * + * @param attrList the requested attribute list. + * + * @return true if mandate attribute exists or false otherwise. + * + * @see IPersonalAttributeList + */ + boolean hasPowerAttribute(final IPersonalAttributeList attrList); + + /** + * Checks if attribute name was requested and has value. + * + * @param attrList the requested attribute list. + * @param attrName the attribute name to lookup for . + * + * @return true if attribute was requested and has value or false otherwise. + * + * @see IPersonalAttributeList + */ + boolean hasAttributeValue(final IPersonalAttributeList attrList, final String attrName); + + /** + * Checks if attribute has value. + * + * @param attr the attribute to check. + * + * @return true if has value; + * + * @see PersonalAttribute + */ + boolean hasAttributeValue(final PersonalAttribute attr); + + /** + * Gets a map (attribute name, attribute isRequired) of attributes added to attribute list. + * + * @return the Map of attributes added and if is required to attribute list. + */ + Map getNormalAttributesAdded(); + +} \ No newline at end of file diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IAttributeProvidersMap.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IAttributeProvidersMap.java.svn-base new file mode 100644 index 000000000..733399ca3 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IAttributeProvidersMap.java.svn-base @@ -0,0 +1,82 @@ +package eu.stork.peps.auth.commons; + +import java.util.Iterator; + +/** + * Interface for Attributes Providers map. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.00 $, $Date: 2013-09-20 $ + */ +public interface IAttributeProvidersMap { + + /** + * Returns the object associated the the given key. + * + * @param key with which the specified value is to be associated. + * + * @return The object associated the the given key. + */ + IPersonalAttributeList get(AttributeSource key); + + /** + * Associates a key to a value, and inserts them in the session object. + * + * @param key with which the specified value is to be associated. + * @param value to be associated with the specified key. + * + * @return previous value associated with specified key, or null if there was + * no mapping for key. A null return can also indicate that the map + * previously associated null with the specified key. + */ + Object put(AttributeSource key, IPersonalAttributeList value); + + /** + * Removes the mapping for this key. + * + * @param key with which the specified value is to be associated. + * + * @return previous value associated with specified key, or null if there was + * no mapping for key. A null return can also indicate that the map + * previously associated null with the specified key. + */ + IPersonalAttributeList remove(AttributeSource key); + + /** + * Returns the number of key-value mappings in this map. + * + * @return the number of key-value mappings in this map. + */ + int size(); + + /** + * Returns true if this map contains a mapping for the specified key. + * + * @param key with which the specified value is to be associated. + * + * @return true if this map contains a mapping for the specified key. + */ + boolean containsKey(AttributeSource key); + + /** + * Removes all mappings from this map. + */ + void clear(); + + /** + * Returns true if this map contains no key-value mappings. + * + * @return true if this map contains no key-value mappings. + */ + boolean isEmpty(); + + /** + * Returns an Iterator of the keys contained in this map. The implementation must + * take care in order for the Iterator to have predictable order of the returned + * keys. + * + * @return an iterator of the keys contained in this map + */ + Iterator keyIterator(); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IPersonalAttributeList.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IPersonalAttributeList.java.svn-base new file mode 100644 index 000000000..b24c915c0 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IPersonalAttributeList.java.svn-base @@ -0,0 +1,194 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.Collection; +import java.util.Iterator; +import java.util.Set; + +/** + * Interface for {@link PersonalAttributeList}. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.16 $, $Date: 2010-11-17 05:15:28 $ + * + * @see PersonalAttribute + */ +@SuppressWarnings("PMD.CloneMethodMustImplementCloneable") +public interface IPersonalAttributeList extends Iterable, + Cloneable { + + /** + * Associates the specified value with the specified key in this Personal + * Attribute List. + * + * @param key with which the specified value is to be associated. + * @param value to be associated with the specified key. + * + * @return the previous value associated with key, or null if there was no + * mapping for key. + * + * @see PersonalAttribute + */ + PersonalAttribute put(String key, PersonalAttribute value); + + /** + * Returns the value to which the specified key is mapped, or null if this map + * contains no mapping for the key. + * + * @param key whose associated value is to be returned. + * + * @return The value to which the specified key is mapped, or null if this map + * contains no mapping for the key. + * + * @see PersonalAttribute + */ + PersonalAttribute get(Object key); + + /** + * Adds to the PersonalAttributeList the given PersonalAttribute. It sets the + * attribute name as the key to the attribute value. + * + * @param value PersonalAttribute to add to the PersonalAttributeList + */ + void add(PersonalAttribute value); + + /** + * Get the size of the Personal Attribute List. + * + * @return size of the Personal Attribute List. + */ + int size(); + + /** + * Checks if the Personal Attribute List contains the given key. + * + * @param key with which the specified value is to be associated. + * + * @return true if the Personal Attribute List contains the given key, false + * otherwise. + */ + boolean containsKey(Object key); + + /** + * Getter for the iterator of the Personal Attribute List values. + * + * @return The iterator for the Personal Attribute List values. + * + * @see PersonalAttribute + */ + Iterator iterator(); + + /** + * Creates a Personal Attribute List from a String representing an Attribute + * List. + * + * @param attrList String Object representing the attribute list. + */ + void populate(String attrList); + + /** + * Removes the mapping for this key from this map if present. + * + * @param key key whose mapping is to be removed from the map. + * @return previous value associated with specified key, or null if + * there was no mapping for key. A null return can also + * indicate that the map previously associated null with the + * specified key. + */ + PersonalAttribute remove(Object key); + + /** + * Returns a collection view of the values contained in this map. The + * collection is backed by the map, so changes to the map are reflected in the + * collection, and vice-versa. The collection supports element removal, which + * removes the corresponding mapping from this map, via the + * Iterator.remove, Collection.remove, removeAll, + * retainAll, and clear operations. It does not support the + * add or addAll operations. + * + * @return a collection view of the values contained in this map. + */ + Collection values(); + + /** + * Returns a {@link Set} view of the keys contained in this map. + * The set is backed by the map, so changes to the map are + * reflected in the set, and vice-versa. If the map is modified + * while an iteration over the set is in progress (except through + * the iterator's own remove operation), the results of + * the iteration are undefined. The set supports element removal, + * which removes the corresponding mapping from the map, via the + * Iterator.remove, Set.remove, + * removeAll, retainAll, and clear + * operations. It does not support the add or addAll + * operations. + * + * @return a set view of the keys contained in this map + */ + Set keySet(); + + + /** + * Returns a IPersonalAttributeList of the complex attributes. + * + * @return an IPersonalAttributeList of the complex attributes. + */ + IPersonalAttributeList getComplexAttributes(); + + /** + * Returns a IPersonalAttributeList of the simple value attributes. + * + * @return an IPersonalAttributeList of the simple value attributes. + */ + IPersonalAttributeList getSimpleValueAttributes(); + + /** + * Returns a IPersonalAttributeList of the mandatory attributes in this map. + * + * @return an IPersonalAttributeList of the mandatory attributes contained in this map. + */ + IPersonalAttributeList getMandatoryAttributes(); + + /** + * Returns a IPersonalAttributeList of the optional attributes in this map. + * + * @return an IPersonalAttributeList of the optional attributes contained in this map. + */ + IPersonalAttributeList getOptionalAttributes(); + + /** + * Returns true if this map contains no key-value mappings. + * + * @return true if this map contains no key-value mappings. + */ + boolean isEmpty(); + + /** + * Returns true if this map contains at least one element that doesn't have value. + * + * @return true if this map contains at least one element that doesn't have value. + */ + boolean hasMissingValues(); + + /** + * Returns a copy of this IPersonalAttributeList instance. + * + * @return The copy of this IPersonalAttributeList. + */ + Object clone() throws CloneNotSupportedException; + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IStorkLogger.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IStorkLogger.java.svn-base new file mode 100644 index 000000000..33eb618f0 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IStorkLogger.java.svn-base @@ -0,0 +1,239 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * Interface for stork logging. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.10 $, $Date: 2011-02-17 22:44:34 $ + */ +public interface IStorkLogger { + + /** + * Getter for SpApplication. + * + * @return The SpApplication value. + */ + String getSpApplication(); + + /** + * Setter for SpApplication. + * + * @param spApplication The SP Application. + */ + void setSpApplication(String spApplication); + + /** + * Getter for ProviderName. + * + * @return The ProviderName value. + */ + String getProviderName(); + + /** + * Setter for ProviderName. + * + * @param providerName The provider name. + */ + void setProviderName(String providerName); + + /** + * + * Getter for Origin. + * + * @return The Origin value. + * + */ + String getOrigin(); + + /** + * Setter for Origin. + * + * @param origin The origin. + */ + void setOrigin(String origin); + + /** + * + * Getter for QAA Level. + * + * @return The QAA Level value. + * + */ + int getQaaLevel(); + + /** + * Setter for QAA Level. + * + * @param qaaLevel The qaa level. + */ + void setQaaLevel(int qaaLevel); + + /** + * + * Getter for timestamp. + * + * @return The timestamp value. + * + */ + String getTimestamp(); + + /** + * Setter for timestamp. + * + * @param timestamp The request's timestamp. + */ + void setTimestamp(String timestamp); + + /** + * Getter for InResponseTo. + * + * @return The InResponseTo value. + */ + String getInResponseTo(); + + /** + * Setter for InResponseTo. + * + * @param inResponseTo The Saml's response id. + */ + void setInResponseTo(String inResponseTo); + + /** + * Getter for InResponseToSPReq. + * + * @return The InResponseToSPReq value. + */ + String getInResponseToSPReq(); + + /** + * Setter for InResponseToSPRequ. + * + * @param inResponseToSPReq The Saml's response id. + */ + void setInResponseToSPReq(String inResponseToSPReq); + + /** + * Getter for opType. + * + * @return The opType value. + */ + String getOpType(); + + /** + * Setter for opType. + * + * @param opType The operation type. + */ + void setOpType(String opType); + + /** + * Getter for destination. + * + * @return The destination value. + */ + String getDestination(); + + /** + * Setter for destinationIp. + * + * @param destination The remote IP. + */ + void setDestination(String destination); + + /** + * Getter for message or assertion consumer. + * + * @return The message or assertion consumer. + */ + String getMessage(); + + /** + * Setter for message or assertion consumer. + * + * @param message or assertion consumer. + */ + void setMessage(String message); + + /** + * Getter for country. + * + * @return The country value. + */ + String getCountry(); + + /** + * Setter for country. + * + * @param country The country. + */ + void setCountry(String country); + + /** + * Getter for samlHash. + * + * @return The samlHash value. + */ + byte[] getSamlHash(); + + /** + * Setter for samlHash. + * + * @param samlHash the encrypted SAML token + */ + void setSamlHash(byte[] samlHash); + + /** + * Getter for msgId. + * + * @return the msgId + */ + String getMsgId(); + + /** + * Setter for msgId. + * + * @param msgId the ID of the originator of this message + */ + void setMsgId(String msgId); + + /** + * Getter for sPMsgId. + * + * @return the sPMsgId + */ + String getSPMsgId(); + + /** + * Setter for sPMsgId. + * + * @param sPMsgId the ID of the originator of this message + */ + void setSPMsgId(String sPMsgId); + + /** + * The format of the returned String must be the following: + * "requestCounter#ddMMMyyyykk:mm:ss#opType#originIp#originName + * #destinationIp#destinationName#samlHash#[originatorName#msgId#]" + * + * The values enclosed in '[]' only apply when logging responses. + * + * @return {@inheritDoc} + */ + @Override + String toString(); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IStorkSession.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IStorkSession.java.svn-base new file mode 100644 index 000000000..f38b41838 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/IStorkSession.java.svn-base @@ -0,0 +1,85 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * Interface for stork session. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.9 $, $Date: 2010-11-17 05:15:28 $ + */ +public interface IStorkSession { + + /** + * Returns the object associated the the given key. + * + * @param key with which the specified value is to be associated. + * + * @return The object associated the the given key. + */ + Object get(Object key); + + /** + * Associates a key to a value, and inserts them in the session object. + * + * @param key with which the specified value is to be associated. + * @param value to be associated with the specified key. + * + * @return previous value associated with specified key, or null if there was + * no mapping for key. A null return can also indicate that the map + * previously associated null with the specified key. + */ + Object put(String key, Object value); + + /** + * Removes the mapping for this key. + * + * @param key with which the specified value is to be associated. + * + * @return previous value associated with specified key, or null if there was + * no mapping for key. A null return can also indicate that the map + * previously associated null with the specified key. + */ + Object remove(Object key); + + /** + * Returns the number of key-value mappings in this map. + * + * @return the number of key-value mappings in this map. + */ + int size(); + + /** + * Returns true if this map contains a mapping for the specified key. + * + * @param key with which the specified value is to be associated. + * + * @return true if this map contains a mapping for the specified key. + */ + boolean containsKey(Object key); + + /** + * Removes all mappings from this map. + */ + void clear(); + + /** + * Returns true if this map contains no key-value mappings. + * + * @return true if this map contains no key-value mappings. + */ + boolean isEmpty(); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/Linker.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/Linker.java.svn-base new file mode 100644 index 000000000..6e7c891da --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/Linker.java.svn-base @@ -0,0 +1,316 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; + +import org.apache.log4j.Logger; + +/** + * This class is a bean used to store the information of Attribute Providers, the Attribute + * List to be requested, the Assertions returned by the Attribute Providers and the values + * that each Attribute has. This information along with the current status of the Linker (the + * attribute providers that were queried and the remaining providers) is used by the PEPS + * actions in order to complete the Attribute gathering. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.50 $, $Date: 2013-11-28 $ + */ +public final class Linker implements Serializable { + /** + * Unique identifier. + */ + private static final long serialVersionUID = -3268006381745987237L; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(Linker.class.getName()); + + /** + * Attributes Providers map. + */ + private IAttributeProvidersMap attributeProvidersMap; + + /** + * Assertion map. + */ + private LinkedHashMap assertions; + + /** + * The current index of local (domestic) Attribute Providers. + */ + private int localIndex; + + /** + * The current index of remote (foreign) Attribute Providers - countries. + */ + private int remoteIndex; + + /** + * Constructs an empty Linker object. + */ + public Linker() { + localIndex = 0; + remoteIndex = 0; + + assertions = new LinkedHashMap(); + } + + /** + * Based on the internal state of the Linker it returns the next local Attribute Source + * + * @return The next Attribute Source or null if not found + * + * @see AttributeSource + */ + public AttributeSource getNextLocalProvider() { + Iterator iterator; + AttributeSource source, found; + int curIndex = 0; + + found = null; + + if ( attributeProvidersMap!=null && !attributeProvidersMap.isEmpty() ) { + iterator = attributeProvidersMap.keyIterator(); + while (iterator.hasNext()) { + source = iterator.next(); + + if ( source.getSourceType()==AttributeSource.SOURCE_LOCAL_APROVIDER ) { + if ( curIndex>=localIndex ) { + found = source; + + break; + } + + curIndex++; + } + } + } + + return found; + } + + /** + * Based on the internal state of the Linker it returns the next remote Attribute Source + * + * @return The next Attribute Source or null if not found + * + * @see AttributeSource + */ + public AttributeSource getNextRemoteProvider() { + Iterator iterator; + AttributeSource source, found; + int curIndex = 0; + + found = null; + + if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) { + iterator = attributeProvidersMap.keyIterator(); + while (iterator.hasNext()) { + source = iterator.next(); + + if ( source.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY ) { + if ( curIndex>=remoteIndex ) { + found = source; + + break; + } + + curIndex++; + } + } + } + + return found; + } + + /** + * It updates the Linker with the values returned by the Attribute Source. It also advances + * to the next index in order to mark this attribute source as completed. + * + * @param source The Attribute Source that was queried for attribute values. + * @param attrResponse The attrResponse returned by the Attribute Source that contains the attribute values. + * + * @see AttributeSource, STORKAttrQueryResponse + */ + public void setProviderReponse(AttributeSource source, STORKAttrQueryResponse attrResponse) { + if ( source.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY ) + remoteIndex++; + else + localIndex++; + + //Assertion storage + this.assertions.put(source, attrResponse); + + this.attributeProvidersMap.put(source, attrResponse.getPersonalAttributeList()); + //this.attributeProvidersMap.put(source, attrResponse.getTotalPersonalAttributeList()); + } + + /** + * Reset the internal state of the local Attribute Source in order to start over. + */ + public void resetLocalIndex() { + localIndex = 0; + } + + /** + * Reset the internal state of the remote Attribute Source in order to start over. + */ + public void resetRemoteIndex() { + remoteIndex = 0; + } + + /** + * Setter for attributeProvidersMap. + * + * @param attributeProvidersMap The attributeProvidersMap to set. + */ + public void setAttributeProvidersMap(IAttributeProvidersMap attributeProvidersMap) { + this.attributeProvidersMap = attributeProvidersMap; + } + + /** + * Getter for attributeProvidersMap. + * + * @return attributeProvidersMap + */ + public IAttributeProvidersMap getAttributeProvidersMap() { + return attributeProvidersMap; + } + + /** + * Returns the Personal Attribute list of the provided Attribute Source. + * + * @param source The attributeSource in reference + * + * @return The IPersonalAttributeList assosiated with this source or null if empty + * + * @see IPersonalAttributeList + */ + public IPersonalAttributeList getProviderAttributes(AttributeSource source) { + if ( attributeProvidersMap.containsKey(source) ) + return attributeProvidersMap.get(source); + else + return null; + } + + /** + * Returns the merged Personal Attribute list from all the Attribute Sources. + * + * @return The IPersonalAttributeList merged Personal Attribute list or null if empty + * + * @see IPersonalAttributeList + */ + public IPersonalAttributeList getAllAttributes() { + Iterator iterator; + AttributeSource source; + IPersonalAttributeList list, merged; + + merged = null; + + if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) { + iterator = attributeProvidersMap.keyIterator(); + + merged = new PersonalAttributeList(); + while (iterator.hasNext()) { + source = iterator.next(); + list = this.getProviderAttributes(source); + + for (final PersonalAttribute pa : list) { + merged.add(pa); + } + } + } + + return merged; + } + + /** + * Returns a List with all the assertions gathered by the AAS-PEPS module + * returned both by local APs or remote A-PEPS. + * + * @return The assertions returned from the APs and A-PEPS + */ + public List getAttrQueryResponseList() { + List originalAssertions; + + originalAssertions = new ArrayList(); + + //Gather all assertions + for (STORKAttrQueryResponse element : this.assertions.values()) { + originalAssertions.add(element); + } + + return originalAssertions; + } + + /** + * Checks the internal state of the Linker and if all Attribute Sources where visited + * returns true, otherwise it returns false. So if you go directly from AtPLinkerAction + * to MoreAttributesAction the call will have, since the method setProviderReponse + * was not executed from every Attribute Source. + * + * @return true if everything is OK, false otherwise + */ + public boolean isComplete() { + boolean outcome = false; + + LOG.debug("Check if linkder is complete: R[" + remoteIndex + "], L[" + localIndex + "], S[" + attributeProvidersMap.size() + "]"); + if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) { + if ( (remoteIndex + localIndex)==attributeProvidersMap.size() ) + outcome = true; + } + else { + outcome = true; + } + + return outcome; + } + + /** + * Merge the two Linker objects. + * + * @param previous The other Linker object to merge with this one. + */ + public void mergeWith(Linker previous) { + //BEFORE + if ( LOG.isDebugEnabled() ) { + LOG.debug("The attributeProvidersMap from the current object."); + ((AttributeProvidersMap)this.attributeProvidersMap).trace(); + LOG.debug("The attributeProvidersMap from the provided object."); + ((AttributeProvidersMap)previous.getAttributeProvidersMap()).trace(); + } + + IAttributeProvidersMap map = previous.getAttributeProvidersMap(); + Iterator items = map.keyIterator(); + while( items.hasNext() ) { + AttributeSource item = items.next(); + IPersonalAttributeList pal = map.get(item); + + if ( this.attributeProvidersMap.containsKey(item) ) { + IPersonalAttributeList new_pal = this.attributeProvidersMap.get(item); + + for(PersonalAttribute pa : pal) + new_pal.add(pa); + } + else { + if ( item.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY ) + remoteIndex++; + else + localIndex++; + + this.attributeProvidersMap.put(item, pal); + } + } + + //AFTER + if ( LOG.isDebugEnabled() ) { + LOG.debug("The attributeProvidersMap after the merge."); + ((AttributeProvidersMap)this.attributeProvidersMap).trace(); + } + } +} \ No newline at end of file diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSErrors.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSErrors.java.svn-base new file mode 100644 index 000000000..5da9ba494 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSErrors.java.svn-base @@ -0,0 +1,392 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains all the STORK PEPS, Commons and Specific errors + * constant identifiers. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.10 $, $Date: 2011-02-17 22:44:34 $ + */ +public enum PEPSErrors { + + /** + * Represents the 'authenticationFailed' constant error identifier. + */ + AUTHENTICATION_FAILED_ERROR("authenticationFailed"), + /** + * Represents the 'spCountrySelector.errorCreatingSAML' constant error + * identifier. + */ + SP_COUNTRY_SELECTOR_ERROR_CREATE_SAML("spCountrySelector.errorCreatingSAML"), + /** + * Represents the 'spCountrySelector.destNull' constant error identifier. + */ + SP_COUNTRY_SELECTOR_DESTNULL("spCountrySelector.destNull"), + /** + * Represents the 'spCountrySelector.invalidAttr' constant error identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_ATTR("spCountrySelector.invalidAttr"), + /** + * Represents the 'spCountrySelector.invalidProviderName' constant error + * identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_PROVIDER_NAME( + "spCountrySelector.invalidProviderName"), + /** + * Represents the 'spCountrySelector.invalidQaaSPid' constant error + * identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_QAASPID("spCountrySelector.invalidQaaSPid"), + /** + * Represents the 'spCountrySelector.invalidSpId' constant error identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_SPID("spCountrySelector.invalidSpId"), + /** + * Represents the 'spCountrySelector.invalidSPQAA' constant error identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_SPQAA("spCountrySelector.invalidSPQAA"), + /** + * Represents the 'spCountrySelector.invalidSpURL' constant error identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_SPURL("spCountrySelector.invalidSpURL"), + /** + * Represents the 'spCountrySelector.spNotAllowed' constant error identifier. + */ + SP_COUNTRY_SELECTOR_SPNOTALLOWED("spCountrySelector.spNotAllowed"), + + /** + * Represents the 'sProviderAction.errorCreatingSAML' constant error + * identifier. + */ + SPROVIDER_SELECTOR_ERROR_CREATE_SAML("sProviderAction.errorCreatingSAML"), + /** + * Represents the 'sProviderAction.attr' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_ATTR("sProviderAction.invalidAttr"), + /** + * Represents the 'sProviderAction.country' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_COUNTRY("sProviderAction.invalidCountry"), + /** + * Represents the 'sProviderAction.relayState' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_RELAY_STATE("sProviderAction.invalidRelayState"), + /** + * Represents the 'sProviderAction.saml' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SAML("sProviderAction.invalidSaml"), + /** + * Represents the 'sProviderAction.spAlias' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPALIAS("sProviderAction.invalidSPAlias"), + /** + * Represents the 'sProviderAction.spDomain' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPDOMAIN("sProviderAction.invalidSPDomain"), + /** + * Represents the 'sProviderAction.spId' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPID("sProviderAction.invalidSPId"), + /** + * Represents the 'sProviderAction.spQAA' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPQAA("sProviderAction.invalidSPQAA"), + /** + * Represents the 'sProviderAction.spQAAId' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPQAAID("sProviderAction.invalidSPQAAId"), + /** + * Represents the 'sProviderAction.spRedirect' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPREDIRECT("sProviderAction.invalidSPRedirect"), + /** + * Represents the 'sPPowerValidationAction.invalidSPPVAttrList' constant error identifier. + */ + SPPOWERVALIDATION_SELECTOR_INVALID_SP_PV_ATTR_LIST("sPPowerValidationAction.invalidSPPVAttrList"), + + /** + * Represents the 'sProviderAction.invalidSPProviderName' constant error + * identifier. + */ + SPROVIDER_SELECTOR_INVALID_SP_PROVIDERNAME( + "sProviderAction.invalidSPProviderName"), + /** + * Represents the 'sProviderAction.spNotAllowed' constant error identifier. + */ + SPROVIDER_SELECTOR_SPNOTALLOWED("sProviderAction.spNotAllowed"), + + + /** + * Represents the 'internalError' constant error identifier. + */ + INTERNAL_ERROR("internalError"), + + /** + * Represents the 'colleagueRequest.attrNull' constant error identifier. + */ + COLLEAGUE_REQ_ATTR_NULL("colleagueRequest.attrNull"), + /** + * Represents the 'colleagueRequest.errorCreatingSAML' constant error + * identifier. + */ + COLLEAGUE_REQ_ERROR_CREATE_SAML("colleagueRequest.errorCreatingSAML"), + /** + * Represents the 'colleagueRequest.invalidCountryCode' constant error + * identifier. + */ + COLLEAGUE_REQ_INVALID_COUNTRYCODE("colleagueRequest.invalidCountryCode"), + /** + * Represents the 'colleagueRequest.invalidDestUrl' constant error identifier. + */ + COLLEAGUE_REQ_INVALID_DEST_URL("colleagueRequest.invalidDestUrl"), + /** + * Represents the 'colleagueRequest.invalidQaa' constant error identifier. + */ + COLLEAGUE_REQ_INVALID_QAA("colleagueRequest.invalidQaa"), + /** + * Represents the 'colleagueRequest.invalidRedirect' constant error + * identifier. + */ + COLLEAGUE_REQ_INVALID_REDIRECT("colleagueRequest.invalidRedirect"), + /** + * Represents the 'colleagueRequest.invalidSAML' constant error identifier. + */ + COLLEAGUE_REQ_INVALID_SAML("colleagueRequest.invalidSAML"), + + /** + * Represents the 'colleaguePVRequest.invalidPVAttrList' constant error identifier. + */ + COLLEAGUE_PV_REQ_INVALID_PV_ATTR_LIST("colleaguePVRequest.invalidPVAttrList"), + + + /** + * Represents the 'cpepsRedirectUrl' constant error identifier. + */ + CPEPS_REDIRECT_URL("cpepsRedirectUrl"), + /** + * Represents the 'spepsRedirectUrl' constant error identifier. + */ + SPEPS_REDIRECT_URL("spepsRedirectUrl"), + /** + * Represents the 'sProviderAction.invCountry' constant error identifier. + */ + SP_ACTION_INV_COUNTRY("sProviderAction.invCountry"), + + /** + * Represents the 'providernameAlias.invalid' constant error identifier. + */ + PROVIDER_ALIAS_INVALID("providernameAlias.invalid"), + + + /** + * Represents the 'cPeps.attrNull' constant error identifier. + */ + CPEPS_ATTR_NULL("cPeps.attrNull"), + + /** + * Represents the 'colleagueResponse.invalidSAML' constant error identifier. + */ + COLLEAGUE_RESP_INVALID_SAML("colleagueResponse.invalidSAML"), + + /** + * Represents the 'citizenNoConsent.mandatory' constant error identifier. + */ + CITIZEN_NO_CONSENT_MANDATORY("citizenNoConsent.mandatory"), + /** + * Represents the 'citizenResponse.mandatory' constant error identifier. + */ + CITIZEN_RESPONSE_MANDATORY("citizenResponse.mandatory"), + /** + * Represents the 'attVerification.mandatory' constant error identifier. + */ + ATT_VERIFICATION_MANDATORY("attVerification.mandatory"), + /** + * Represents the 'attrValue.verification' constant error identifier. + */ + ATTR_VALUE_VERIFICATION("attrValue.verification"), + + /** + * Represents the 'audienceRestrictionError' constant error identifier. + */ + AUDIENCE_RESTRICTION("audienceRestrictionError"), + /** + * Represents the 'auRequestIdError' constant error identifier. + */ + AU_REQUEST_ID("auRequestIdError"), + /** + * Represents the 'domain' constant error identifier. + */ + DOMAIN("domain"), + /** + * Represents the 'hash.error' constant error identifier. + */ + HASH_ERROR("hash.error"), + /** + * Represents the 'invalidAttributeList' constant error identifier. + */ + INVALID_ATTRIBUTE_LIST("invalidAttributeList"), + /** + * Represents the 'invalidAttributeValue' constant error identifier. + */ + INVALID_ATTRIBUTE_VALUE("invalidAttributeValue"), + /** + * Represents the 'qaaLevel' constant error identifier. + */ + QAALEVEL("qaaLevel"), + /** + * Represents the 'requests' constant error identifier. + */ + REQUESTS("requests"), + /** + * Represents the 'SPSAMLRequest' constant error identifier. + */ + SP_SAML_REQUEST("SPSAMLRequest"), + /** + * Represents the 'spepsSAMLRequest' constant error identifier. + */ + SPEPS_SAML_REQUEST("spepsSAMLRequest"), + /** + * Represents the 'IdPSAMLResponse' constant error identifier. + */ + IDP_SAML_RESPONSE("IdPSAMLResponse"), + /** + * Represents the 'cpepsSAMLResponse' constant error identifier. + */ + CPEPS_SAML_RESPONSE("cpepsSAMLResponse"), + /** + * Represents the 'cpepsSAMLResponse' constant error identifier. + */ + SPEPS_SAML_RESPONSE("spepsSAMLResponse"), + /** + * Represents the 'session' constant error identifier. + */ + SESSION("session"), + /** + * Represents the 'invalid.session' constant error identifier. + */ + INVALID_SESSION("invalid.session"), + /** + * Represents the 'invalid.sessionId' constant error identifier. + */ + INVALID_SESSION_ID("invalid.sessionId"), + /** + * Represents the 'missing.sessionId' constant error identifier. + */ + MISSING_SESSION_ID("sessionError"), + /** + * Represents the 'missing.mandate' constant error identifier. + */ + MISSING_MANDATE("missing.mandate"), + /** + * Represents the 'AtPSAMLResponse' constant error identifier. + */ + ATP_SAML_RESPONSE("AtPSAMLResponse"), + + /** + * Represents the 'AtPSAMLResponse' constant error identifier. + */ + ATP_RESPONSE_ERROR("atp.response.error"), + + /** + * Represents the 'apepsSAMLRequest' constant error identifier. + */ + APEPS_SAML_REQUEST("apepsSAMLRequest"), + + /** + * Represents the 'apepsSAMLResponse' constant error identifier. + */ + APEPS_SAML_RESPONSE("apepsSAMLResponse"), + + /** + * Represents the 'invalid.apepsRedirectUrl' constant error identifier. + */ + INVALID_APEPS_REDIRECT_URL("invalid.apepsRedirectUrl"), + + /** + * Represents the 'invalid.apepsCallbackUrl' constant error identifier. + */ + INVALID_APEPS_CALLBACK_URL("invalid.apepsCallbackUrl"), + + /** + * Represents the 'colleagueAttributeRequest.invalidSAML' constant error identifier. + */ + COLLEAGUE_ATTR_REQ_INVALID_SAML("colleagueAttributeRequest.invalidSAML"); + + /** + * Represents the constant's value. + */ + private String error; + + /** + * Solo Constructor. + * + * @param nError The Constant error value. + */ + PEPSErrors(final String nError) { + this.error = nError; + } + + /** + * Construct the errorCode Constant value. + * + * @return The errorCode Constant. + */ + public String errorCode() { + return error + ".code"; + } + + /** + * Construct the errorCode Constant value with the given code text. + * + * @param text the code text to append to the constant. + * + * @return The errorCode Constant for the given code text. + */ + public String errorCode(final String text) { + return error + "." + text + ".code"; + } + + /** + * Construct the errorMessage constant value. + * + * @return The errorMessage constant. + */ + public String errorMessage() { + return error + ".message"; + } + + /** + * Construct the errorMessage Constant value with the given message text. + * + * @param text the message text to append to the constant. + * + * @return The errorMessage Constant for the given text. + */ + public String errorMessage(final String text) { + return error + "." + text + ".message"; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public String toString() { + return error; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSParameters.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSParameters.java.svn-base new file mode 100644 index 000000000..146e4c39d --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSParameters.java.svn-base @@ -0,0 +1,619 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains all the STORK PEPS, Commons and Specific Parameters. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.13 $, $Date: 2011-07-07 20:48:45 $ + */ +public enum PEPSParameters { + + /** + * Represents the 'apId' parameter constant. + */ + AP_ID("apId"), + /** + * Represents the 'apUrl' parameter constant. + */ + AP_URL("apUrl"), + /** + * Represents the 'ap.number' parameter constant. + */ + AP_NUMBER("ap.number"), + + /** + * Represents the 'assertionConsumerServiceURL' parameter constant. + */ + ASSERTION_CONSUMER_S_URL("assertionConsumerServiceURL"), + + /** + * Represents the 'auth' parameter constant. + */ + AUTHENTICATION("auth"), + + /** + * Represents the 'auth-on-behalf-of' parameter constant. + */ + AUTHENTICATION_ON_BEHALF_OF("auth-on-behalf-of"), + + /** + * Represents the 'attr' parameter constant. + */ + ATTRIBUTE("attr"), + /** + * Represents the 'attrName' parameter constant. + */ + ATTRIBUTE_NAME("attrName"), + /** + * Represents the 'attrStatus' parameter constant. + */ + ATTRIBUTE_STATUS("attrStatus"), + /** + * Represents the 'attrType' parameter constant. + */ + ATTRIBUTE_TYPE("attrType"), + /** + * Represents the 'attrValue' parameter constant. + */ + ATTRIBUTE_VALUE("attrValue"), + /** + * Represents the 'attrList' parameter constant. + */ + ATTRIBUTE_LIST("attrList"), + /** + * Represents the 'apMandAttrList' parameter constant. + */ + AP_MANDATORY_ATTRIBUTE_LIST("apMandAttrList"), + /** + * Represents the 'attrTuple' parameter constant. + */ + ATTRIBUTE_TUPLE("attrTuple"), + /** + * Represents the 'attribute-missing' parameter constant. + */ + ATTRIBUTE_MISSING("attribute-missing"), + /** + * Represents the 'attributesNotAllowed' parameter constant. + */ + ATTRIBUTES_NOT_ALLOWED("attributesNotAllowed"), + /** + * Represents the 'authnRequest' parameter constant. + */ + AUTH_REQUEST("authnRequest"), + + /** + * Represents the 'attrValue.number' parameter constant. + */ + ATTR_VALUE_NUMBER("attrValue.number"), + + /** + * Represents the 'derivation.date.format' parameter constant. + */ + DERIVATION_DATE_FORMAT("derivation.date.format"), + /** + * Represents the 'deriveAttr.number' parameter constant. + */ + DERIVE_ATTRIBUTE_NUMBER("deriveAttr.number"), + + /** + * Represents the complex attributes parameter constant. + */ + COMPLEX_ADDRESS_VALUE("canonicalResidenceAddress"), + COMPLEX_NEWATTRIBUTE_VALUE("newAttribute2"), + COMPLEX_HASDEGREE_VALUE("hasDegree"), + COMPLEX_MANDATECONTENT_VALUE("mandateContent"), + /** + * Represents the 'consent-type' parameter constant. + */ + CONSENT_TYPE("consent-type"), + /** + * Represents the 'consent-value' parameter constant. + */ + CONSENT_VALUE("consent-value"), + /** + * Represents the 'country' parameter constant. + */ + COUNTRY("country"), + /** + * Represents the 'countryOrigin' parameter constant. + */ + COUNTRY_ORIGIN("countryOrigin"), + + /** + * Represents the 'cpepsURL' parameter constant. + */ + CPEPS_URL("cpepsURL"), + /** + * Represents the 'callback' parameter constant. + */ + CPEPS_CALLBACK("callback"), + /** + * Represents the 'peps.specificidpredirect.url' parameter constant. + */ + CPEPS_IDP_CALLBACK_VALUE("peps.specificidpredirect.url"), + /** + * Represents the 'peps.specificapredirect.url' parameter constant. + */ + CPEPS_AP_CALLBACK_VALUE("peps.specificapredirect.url"), + + /** + * Represents the 'errorCode' parameter constant. + */ + ERROR_CODE("errorCode"), + /** + * Represents the 'subCode' parameter constant. + */ + ERROR_SUBCODE("subCode"), + /** + * Represents the 'errorMessage' parameter constant. + */ + ERROR_MESSAGE("errorMessage"), + /** + * Represents the 'errorRedirectUrl' parameter constant. + */ + ERROR_REDIRECT_URL("errorRedirectUrl"), + + /** + * errorRedirectUrl Represents the 'external-authentication' parameter + * constant. + */ + EXTERNAL_AUTH("external-authentication"), + /** + * Represents the 'external-ap' parameter constant. + */ + EXTERNAL_AP("external-ap"), + /** + * Represents the 'external-pv' parameter constant. + */ + EXTERNAL_PV("external-pv"), + /** + * Represents the 'external-sig-module' parameter constant. + */ + EXT_SIG_CREATOR_MOD("external-sig-module"), + + /** + * Represents the 'http-x-forwarded-for' parameter constant. + */ + HTTP_X_FORWARDED_FOR("http-x-forwarded-for"), + + /** + * Represents the 'idp.url' parameter constant. + */ + IDP_URL("idp.url"), + /** + * Represents the 'idpAUB.url' parameter constant. + */ + IDPAUB_URL("idpAUB.url"), + /** + * Represents the 'internal-authentication' parameter constant. + */ + INTERNAL_AUTH("internal-authentication"), + /** + * Represents the 'internal-ap' parameter constant. + */ + INTERNAL_AP("internal-ap"), + /** + * Represents the 'internal-pv' parameter constant. + */ + INTERNAL_PV("internal-pv"), + + /** + * Represents the 'samlIssuer' parameter constant. + */ + ISSUER("samlIssuer"), + /** + * Represents the 'samlIssuer.idp' parameter constant. + */ + ISSUER_IDP("samlIssuer.idp"), + /** + * Represents the 'samlIssuer.atp' parameter constant. + */ + ISSUER_ATP("samlIssuer.atp"), + + /** + * Represents the 'mandatory' parameter constant. + */ + MANDATORY("mandatory"), + /** + * Represents the 'mandatoryAttributeMissing' parameter constant. + */ + MANDATORY_ATTR_MISSING("mandatoryAttributeMissing"), + /** + * Represents the 'mandatoryConsentAttrMissing' parameter constant. + */ + MANDATORY_CONSENT_MISSING("mandatoryConsentAttrMissing"), + /** + * Represents the 'missing-attrs' parameter constant. + */ + MISSING_ATTRS("missing-attrs"), + /** + * Represents the 'no-more-attrs' parameter constant. + */ + NO_MORE_ATTRS("no-more-attrs"), + + /** + * Represents the 'optional' parameter constant. + */ + OPTIONAL("optional"), + + /** + * Represents the 'no-consent-type' parameter constant. + */ + NO_CONSENT_TYPE("no-consent-type"), + /** + * Represents the 'no-consent-value' parameter constant. + */ + NO_CONSENT_VALUE("no-consent-value"), + + /** + * Represents the 'provider.name' parameter constant. + */ + PROVIDER_NAME_VALUE("providerName"), + /** + * Represents the 'cpeps.askconsent' parameter constant. + */ + PEPS_ASK_CONSENT("cpeps.askconsent"), + /** + * Represents the 'cpeps.askconsentvalue' parameter constant. + */ + PEPS_ASK_CONSENT_VALUE("cpeps.askconsentvalue"), + /** + * Represents the 'pepsAuth' parameter constant. + */ + PEPS_AUTH_CONSENT("pepsAuth"), + /** + * Represents the 'validation.bypass' parameter constant. + */ + PEPS_BYPASS("validation.bypass"), + /** + * Represents the 'cpeps.number' parameter constant. + */ + PEPS_NUMBER("cpeps.number"), + /** + * Represents the 'cpeps.specificapredirect.url' parameter constant. + */ + PEPS_SPECIFIC_URL("cpeps.specificapredirect.url"), + /** + * Represents the 'pv.url' parameter constant. + */ + PV_URL("pv.url"), + + /** + * Represents the 'qaaLevel' parameter constant. + */ + QAALEVEL("qaaLevel"), + + /** + * Represents the 'speps.redirectUrl' parameter constant. + */ + SPEPS_REDIRECT_URL("speps.redirectUrl"), + + /** + * Represents the 'sp.redirectUrl' parameter constant. + */ + SP_REDIRECT_URL("sp.redirectUrl"), + /** + * Represents the 'cpeps.redirectUrl' parameter constant. + */ + CPEPS_REDIRECT_URL("cpeps.redirectUrl"), + /** + * Represents the 'RelayState' parameter constant. + */ + RELAY_STATE("RelayState"), + /** + * Represents the 'remoteAddr' parameter constant. + */ + REMOTE_ADDR("remoteAddr"), + /** + * Represents the 'remoteUser' parameter constant. + */ + REMOTE_USER("remoteUser"), + + /** + * Represents the 'SAMLRequest' parameter constant. + */ + SAML_REQUEST("SAMLRequest"), + /** + * Represents the 'SAMLResponse' parameter constant. + */ + SAML_RESPONSE("SAMLResponse"), + /** + * Represents the 'SAMLFail' parameter constant. + */ + SAML_TOKEN_FAIL("SAMLFail"), + /** + * Represents the 'TokenId' parameter constant. + */ + SAML_TOKEN_ID("TokenId"), + /** + * Represents the 'inResponseTo' parameter constant. + */ + SAML_IN_RESPONSE_TO("inResponseTo"), + /** + * Represents the 'inResponseTo.idp' parameter constant. + */ + SAML_IN_RESPONSE_TO_IDP("inResponseTo.idp"), + /** + * Represents the 'inResponseTo.atp' parameter constant. + */ + SAML_IN_RESPONSE_TO_ATP("inResponseTo.atp"), + /** + * Represents the 'SignatureResponse' parameter constant. + */ + SIGNATURE_RESPONSE("SignatureResponse"), + + /** + * Represents the 'cPepsSession' parameter constant. + */ + SESSION_ID_URL("cPepsSession"), + /** + * Represents the 'spId' parameter constant. + */ + SP_ID("spId"), + /** + * Represents the 'spQaaLevel' parameter constant. + */ + SP_QAALEVEL("spQaaLevel"), + /** + * Represents the 'spUrl' parameter constant. + */ + SP_URL("spUrl"), + + /** + * Represents the 'allow.derivation.all' parameter constant. + */ + SPECIFIC_ALLOW_DERIVATION_ALL("allow.derivation.all"), + /** + * Represents the ''allow.unknowns parameter constant. + */ + SPECIFIC_ALLOW_UNKNOWNS("allow.unknowns"), + /** + * Represents the 'derivation.date.separator' parameter constant. + */ + SPECIFIC_DERIVATION_DATE_SEP("derivation.date.separator"), + /** + * Represents the 'derivation.month.position' parameter constant. + */ + SPECIFIC_DERIVATION_MONTH_POS("derivation.month.position"), + /** + * Represents the 'derivation.day.position' parameter constant. + */ + SPECIFIC_DERIVATION_DAY_POS("derivation.day.position"), + /** + * Represents the 'derivation.year.position' parameter constant. + */ + SPECIFIC_DERIVATION_YEAR_POS("derivation.year.position"), + + /** + * sp.authorized.parameters Represents the '' parameter constant. + */ + SPEPS_AUTHORIZED("sp.authorized.parameters"), + + /** + * Represents the 'spSector' constant value. + */ + SPSECTOR("spSector"), + /** + * Represents the 'spApplication' constant value. + */ + SPAPPLICATION("spApplication"), + /** + * Represents the 'spCountry' constant value. + */ + SPCOUNTRY("spCountry"), + /** + * Represents the 'spInstitution' constant value. + */ + SPINSTITUTION("spInstitution"), + /** + * Represents the 'storkAttribute.number' parameter constant. + */ + STORK_ATTRIBUTE_NUMBER("storkAttribute.number"), + /** + * Represents the 'storkAttributeValue.number' parameter constant. + */ + STORK_ATTRIBUTE_VALUE_NUMBER("storkAttributeValue.number"), + + /** + * Represents the 'username' parameter constant. + */ + USERNAME("username"), + + /** + * Represents the 'tooManyParameters' parameter constant. + */ + TOO_MANY_PARAMETERS("tooManyParameters"), + /** + * Represents the 'validation.active' parameter constant. + */ + VALIDATION_ACTIVE("validation.active"), + + /** + * Represents the 'x-forwarded-for' parameter constant. + */ + X_FORWARDED_FOR("x-forwarded-for"), + /** + * Represents the 'x-forwarded-host' parameter constant. + */ + X_FORWARDED_HOST("x-forwarded-host"), + /** + * Represents the 'XMLResponse' parameter constant. + */ + XML_RESPONSE("XMLResponse"), + + /** + * Represents the 'ap-cpeps.number' parameter constant. + */ + AP_PEPS_NUMBER("ap-cpeps.number"), + + /** + * Represents the 'atp.number' parameter constant. + */ + ATTRIBUTE_PROVIDER_NUMBER("atp.number"), + + /** + * Represents the 'atn.number' parameter constant. + */ + ATTRIBUTE_NAME_NUMBER("atn.number"), + + /** + * Represents the 'apLinker' parameter constant. + */ + AP_LINKER("apLinker"), + + /** + * Represents the 'prevApLinker' parameter constant. + */ + PREV_AP_LINKER("prevApLinker"), + + /** + * Represents the 'NOSEL' parameter constant (no attribute provider selected). + */ + AP_NO_SELECTION("NOSEL"), + + /** + * Represents the 'OCSEL' parameter constant (attribute provider in another country). + */ + AP_OTHER_COUNTRY("OCSEL"), + + /** + * Represents the '_provider' suffix parameter constant. + */ + AP_PROVIDER_SELECT_SUFFIX("_provider"), + + /** + * Represents the '_country' suffix parameter constant. + */ + AP_COUNTRY_SELECT_SUFFIX("_country"), + + /** + * Represents the '_name' suffix parameter constant. + */ + AP_NAME_SELECT_SUFFIX("_name"), + + /** + * Represents the 'next-ap' parameter constant. + */ + NEXT_AP("next-ap"), + + /** + * Represents the 'next-apeps' parameter constant. + */ + NEXT_APEPS("next-apeps"), + + /** + * Represents the 'back-to-apeps' parameter constant. + */ + BACK_TO_APEPS("back-to-apeps"), + + /** + * Represents the 'is-remote-apeps' parameter constant. + */ + IS_REMOTE_APEPS("is-remote-apeps"), + + /** + * Represents the 'more-attributes' parameter constant. + */ + MORE_ATTRIBUTES("more-attributes"), + + /** + * Represents the 'attr-filter.number' parameter constant. + */ + ATTRIBUTES_FILTER_NUMBER("attr-filter.number"), + + /** + * Represents the 'atp.url' parameter constant. + */ + ATP_URL("atp.url"), + /** + * Represents the 'apepsURL' parameter constant. + */ + APEPS_URL("apepsUrl"), + + /** + * Represents the 'apepsCountry' parameter constant. + */ + APEPS_COUNTRY("apepsCountry"), + + /** + * Represents the 'apepsAuthRequest' parameter constant. + */ + APEPS_ATTR_REQUEST("apepsAttrRequest"), + + /** + * Represents the 'isApepsRequest' parameter constant. + */ + APEPS_REQUEST_COMPLETE("apeps-request-complete"), + + /** + * Represents the 'apeps.callbackUrl' parameter constant. + */ + APEPS_CALLBACK_URL("apeps.callbackUrl"), + /** + * Represents the 'attrListMand' parameter constant. + */ + ATTR_LIST_MAND("attrListMand"), + + /** + * Represents the 'attrListOpt' parameter constant. + */ + ATTR_LIST_OPT("attrListOpt"), + + /** + * Represents the 'simpleAttrListMand' parameter constant. + */ + SIMPLE_ATTR_LIST_MAND("simpleAttrListMand"), + + /** + * Represents the 'simpleAttrListOpt' parameter constant. + */ + SIMPLE_ATTR_LIST_OPT("simpleAttrListOpt"), + + /** + * Represents the 'complexAttrListMand' parameter constant. + */ + COMPLEX_ATTR_LIST_MAND("complexAttrListMand"), + + /** + * Represents the 'complexAttrListOpt' parameter constant. + */ + COMPLEX_ATTR_LIST_OPT("complexAttrListOpt"); + + /** + * Represents the constant's value. + */ + private String value; + + /** + * Solo Constructor. + * + * @param nValue The Constant value. + */ + PEPSParameters(final String nValue) { + this.value = nValue; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public String toString() { + return value; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSUtil.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSUtil.java.svn-base new file mode 100644 index 000000000..a16b03edb --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSUtil.java.svn-base @@ -0,0 +1,353 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.io.UnsupportedEncodingException; +import java.util.Properties; + +import org.apache.commons.lang.StringUtils; +import org.apache.log4j.Logger; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.util.encoders.Base64; + +import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; +import eu.stork.peps.auth.commons.exceptions.InvalidParameterPEPSException; + +/** + * This class holds static helper methods. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.75 $, $Date: 2010-11-23 00:05:35 $ + */ +public final class PEPSUtil { + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(PEPSUtil.class.getName()); + + /** + * Configurations object. + */ + private static Properties configs; + + /** + * Max prefix. + */ + private static final String MAX_PARAM_PREFIX = "max."; + + /** + * Code prefix to get error code. + */ + private static final String CODE_PARAM_SUFFIX = ".code"; + + /** + * param's size prefix to get max param size. + */ + private static final String MAX_PARAM_SUFFIX = ".size"; + + /** + * Message prefix to get error message. + */ + private static final String MSG_PARAM_SUFFIX = ".message"; + + /** + * Private constructor. Prevents the class from being instantiated. + */ + private PEPSUtil() { + // empty constructor + } + + /** + * Creates a single instance of this class and sets the properties. + * + * @param nConfigs The set of available configurations. + * + * @return The created PEPSUtil's class. + */ + public static PEPSUtil createInstance(final Properties nConfigs) { + if (nConfigs != null) { + PEPSUtil.configs = nConfigs; + } + return new PEPSUtil(); + } + + /** + * Getter for the Properties. + * + * @return configs The properties value. + */ + public Properties getConfigs() { + return configs; + } + + /** + * Setter for the Properties. + * + * @param nConfigs The new properties value. + */ + public static void setConfigs(final Properties nConfigs) { + if (nConfigs != null) { + PEPSUtil.configs = nConfigs; + } + } + + /** + * Returns the identifier of some configuration given a set of configurations + * and the corresponding configuration key. + * + * @param configKey The key that IDs some configuration. + * + * @return The configuration String value. + */ + public static String getConfig(final String configKey) { + return configs.getProperty(configKey); + } + + /** + * Validates the input paramValue identified by the paramName. + * + * @param paramName The name of the parameter to validate. + * @param paramValue The value of the parameter to validate. + * + * @return true if the parameter is valid. + */ + public static boolean isValidParameter(final String paramName, + final String paramValue) { + + final String validationParam = + PEPSUtil.getConfig(PEPSParameters.VALIDATION_ACTIVE.toString()); + boolean retVal = true; + + final String paramConf = MAX_PARAM_PREFIX + paramName + MAX_PARAM_SUFFIX; + + if (PEPSValues.TRUE.toString().equals(validationParam)) { + final String paramSizeStr = PEPSUtil.getConfig(paramConf); + // Checking if the parameter size exists and if it's numeric + if (StringUtils.isNumeric(paramSizeStr)) { + final int maxParamSize = Integer.valueOf(paramSizeStr); + if (StringUtils.isEmpty(paramValue) + || paramValue.length() > maxParamSize) { + retVal = false; + LOG.warn("Invalid parameter [" + paramName + "] value " + paramValue); + } + } else { + retVal = false; + LOG.error("Missing " + paramConf + + " configuration in the pepsUtils.properties configuration file"); + } + } + return retVal; + } + + /** + * Validates the Parameter and throws an exception if an error occurs. Throws + * an InvalidParameterPEPSException runtime exception if the parameter is + * invalid. + * + * @param className The Class Name that invoked the method. + * @param paramName The name of the parameter to validate. + * @param paramValue The value of the parameter to validate. + */ + public static void validateParameter(final String className, + final String paramName, final Object paramValue) { + + if (paramValue == null) { + PEPSUtil.validateParameter(className, paramName, ""); + } else { + PEPSUtil.validateParameter(className, paramName, paramValue.toString()); + } + } + + /** + * Validates the Parameters and throws an exception if an error occurs. + * + * @param className The Class Name that invoked the method. + * @param paramName The name of the parameter to validate. + * @param paramValue The value of the parameter to validate. + */ + public static void validateParameter(final String className, + final String paramName, final String paramValue) { + + PEPSUtil.validateParameter(className, paramName, paramValue, + PEPSUtil.getErrorCode(paramName), PEPSUtil.getErrorMessage(paramName)); + } + + /** + * Validates the Parameters and throws an exception if an error occurs. + * + * @param className The Class Name that invoked the method. + * @param paramName The name of the parameter to validate. + * @param paramValue The value of the parameter to validate. + * @param error The PEPSError to get error code and messages from configs. + */ + public static void validateParameter(final String className, + final String paramName, final String paramValue, final PEPSErrors error) { + + PEPSUtil.validateParameter(className, paramName, paramValue, + PEPSUtil.getConfig(error.errorCode()), + PEPSUtil.getConfig(error.errorMessage())); + } + + /** + * Validates the HTTP Parameter and throws an exception if an error occurs. + * Throws an InvalidParameterPEPSException runtime exception if the parameter + * is invalid. + * + * @param className The Class Name that invoked the method. + * @param paramName The name of the parameter to validate. + * @param paramValue The value of the parameter to validate. + * @param errorCode The error code to include on the exception. + * @param errorMessage The error message to include on the exception. + */ + public static void validateParameter(final String className, + final String paramName, final String paramValue, final String errorCode, + final String errorMessage) { + + if (!isValidParameter(paramName, paramValue)) { + LOG.warn("Invalid parameter [" + paramName + "] value found at " + + className); + throw new InvalidParameterPEPSException(errorCode, errorMessage); + } + } + + /** + * Getter for the error code of some given error related to the input param. + * + * @param paramName The name of the parameter associated with the error. + * + * @return The code of the error. + */ + private static String getErrorCode(final String paramName) { + return getConfig(paramName + CODE_PARAM_SUFFIX); + } + + /** + * Getter for the error message of some given error related to the input + * parameter. + * + * @param paramName The name of the parameter associated with the message. + * + * @return The message for the error. + */ + private static String getErrorMessage(final String paramName) { + return getConfig(paramName + MSG_PARAM_SUFFIX); + } + + /** + * {@link Base64} encodes the input samlToken parameter. + * + * @param samlToken the SAML Token to be encoded. + * + * @return The Base64 String representing the samlToken. + * + * @see Base64#encode + */ + public static String encodeSAMLToken(final byte[] samlToken) { + try { + return new String(Base64.encode(samlToken), "UTF8"); + } catch (UnsupportedEncodingException e) { + LOG.error(PEPSErrors.INTERNAL_ERROR.errorMessage(), e); + return null; + } + } + + /** + * Decodes the {@link Base64} String input parameter representing a samlToken. + * + * @param samlToken the SAML Token to be decoded. + * + * @return The samlToken decoded bytes. + * + * @see Base64#decode + */ + public static byte[] decodeSAMLToken(final String samlToken) { + return Base64.decode(samlToken); + } + + /** + * Hashes a SAML token. Throws an InternalErrorPEPSException runtime exception + * if the Cryptographic Engine fails. + * + * @param samlToken the SAML Token to be hashed. + * + * @return byte[] with the hashed SAML Token. + */ + public static byte[] hashPersonalToken(final byte[] samlToken) { + try { + final String className = + PEPSUtil.getConfig(PEPSValues.HASH_DIGEST_CLASS.toString()); + + final Digest digest = + (Digest) Class.forName(className).getConstructor() + .newInstance((Object[]) null); + digest.update(samlToken, 0, samlToken.length); + + final int retLength = digest.getDigestSize(); + final byte[] ret = new byte[retLength]; + + digest.doFinal(ret, 0); + return ret; + + } catch (final Exception e) { + // For all those exceptions that could be thrown, we always log it and + // thrown an InternalErrorPEPSException. + LOG.error(PEPSErrors.HASH_ERROR.errorMessage(), e); + throw new InternalErrorPEPSException( + PEPSUtil.getConfig(PEPSErrors.HASH_ERROR.errorCode()), + PEPSUtil.getConfig(PEPSErrors.HASH_ERROR.errorMessage()), e); + } + } + + /** + * Gets the Stork error code in the error message if exists! + * + * @param errorMessage The message to get the error code if exists; + * + * @return the error code if exists. Returns null otherwise. + */ + public static String getStorkErrorCode(final String errorMessage) { + if (StringUtils.isNotBlank(errorMessage) + && errorMessage.indexOf(PEPSValues.ERROR_MESSAGE_SEP.toString()) >= 0) { + final String[] msgSplitted = + errorMessage.split(PEPSValues.ERROR_MESSAGE_SEP.toString()); + if (msgSplitted.length == 2 && StringUtils.isNumeric(msgSplitted[0])) { + return msgSplitted[0]; + } + } + return null; + } + + /** + * Gets the Stork error message in the saml message if exists! + * + * @param errorMessage The message to get in the saml message if exists; + * + * @return the error message if exists. Returns the original message + * otherwise. + */ + public static String getStorkErrorMessage(final String errorMessage) { + if (StringUtils.isNotBlank(errorMessage) + && errorMessage.indexOf(PEPSValues.ERROR_MESSAGE_SEP.toString()) >= 0) { + final String[] msgSplitted = + errorMessage.split(PEPSValues.ERROR_MESSAGE_SEP.toString()); + if (msgSplitted.length == 2 && StringUtils.isNumeric(msgSplitted[0])) { + return msgSplitted[1]; + } + } + return errorMessage; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSValues.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSValues.java.svn-base new file mode 100644 index 000000000..e14c21cb5 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PEPSValues.java.svn-base @@ -0,0 +1,329 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains all the value constants. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.17 $, $Date: 2011-07-07 20:48:45 $ + */ +public enum PEPSValues { + + /** + * Represents the 'all' constant value. + */ + ALL("all"), + /** + * Represents the 'none' constant value. + */ + NONE("none"), + /** + * Represents the 'true' constant value. + */ + TRUE("true"), + /** + * Represents the 'false' constant value. + */ + FALSE("false"), + /** + * Represents the empty string constant value. + */ + EMPTY_STRING(""), + + /** + * Represents the ',' separator constant value. + */ + ATTRIBUTE_VALUE_SEP(","), + /** + * Represents the ';' separator constant value. + */ + ATTRIBUTE_SEP(";"), + /** + * Represents the ':' separator constant value. + */ + ATTRIBUTE_TUPLE_SEP(":"), + /** + * Represents the '/' separator constant value. + */ + EID_SEPARATOR("/"), + /** + * Represents the ' - ' separator constant value. + */ + ERROR_MESSAGE_SEP(" - "), + /** + * Represents the '#' parameter constant value. + */ + LOGGER_SEP("#"), + /** + * Represents the 'NOT_AVAILABLE' parameter constant value. + */ + NOT_AVAILABLE("NotAvailable"), + /** + * Represents the ';' parameter constant value. + */ + SPEPS_AUTHORIZED_SEP(";"), + + /** + * Represents the 'ap' constant value. + */ + AP("ap"), + /** + * Represents the 'C-PEPS' constant value. + */ + CPEPS("C-PEPS"), + /** + * Represents the 'cpeps' constant value. + */ + CPEPS_PREFIX("cpeps"), + /** + * Represents the 'peps' constant value. + */ + PEPS("peps"), + /** + * Represents the '-PEPS' constant value. + */ + PEPS_SUFFIX("-PEPS"), + /** + * Represents the 'SP' constant value. + */ + SP("SP"), + /** + * Represents the 'S-PEPS' constant value. + */ + SPEPS("S-PEPS"), + /** + * Represents the 'speps' constant value. + */ + SPEPS_PREFIX("speps"), + /** + * Represents the 'sp.default.parameters' constant value. + */ + DEFAULT("sp.default.parameters"), + /** + * Represents the default saml id constant value. + */ + DEFAULT_SAML_ID("1"), + /** + * Represents the 'hashDigest.className' constant value. + */ + HASH_DIGEST_CLASS("hashDigest.className"), + + /** + * Represents the 'eu.stork.communication.requests' constant value. + */ + STORK_PACKAGE_REQUEST_LOGGER_VALUE("eu.stork.communication.requests"), + /** + * Represents the 'eu.stork.communication.responses' constant value. + */ + STORK_PACKAGE_RESPONSE_LOGGER_VALUE("eu.stork.communication.responses"), + + /** + * Represents the 'S-PEPS receives request from SP' constant value. + */ + SP_REQUEST("S-PEPS receives request from SP"), + /** + * Represents the 'Get Citizen Consent' constant value. + */ + CITIZEN_CONSENT_LOG("Get Citizen Consent"), + /** + * Represents the 'C-PEPS receives request from S-PEPS' constant value. + */ + CPEPS_REQUEST("C-PEPS receives request from S-PEPS"), + /** + * Represents the 'C-PEPS generates response to S-PEPS' constant value. + */ + CPEPS_RESPONSE("C-PEPS generates response to S-PEPS"), + /** + * Represents the 'S-PEPS generates request to C-PEPS' constant value. + */ + SPEPS_REQUEST("S-PEPS generates request to C-PEPS"), + /** + * Represents the 'S-PEPS receives response from C-PEPS' constant value. + */ + SPEPS_RESPONSE("S-PEPS receives response from C-PEPS"), + /** + * Represents the 'S-PEPS generates response to SP' constant value. + */ + SP_RESPONSE("S-PEPS generates response to SP"), + /** + * Represents the 'Success' constant value. + */ + SUCCESS("Success"), + /** + * Represents the December's month number constant value. + */ + LAST_MONTH("12"), + /** + * Represents the yyyyMM constant value. + */ + NO_DAY_DATE_FORMAT("yyyyMM"), + + /** + * Represents the 'attrValue' constant value. + */ + ATTRIBUTE("attrValue"), + /** + * Represents the 'derivedAttr' constant value. + */ + DERIVE_ATTRIBUTE("deriveAttr"), + /** + * Represents the 'storkAttribute' constant value. + */ + STORK_ATTRIBUTE("storkAttribute"), + + /** + * Represents the 'properties' constant value. + */ + PROPERTIES("properties"), + /** + * Represents the 'referer' constant value. + */ + REFERER("referer"), + /** + * Represents the 'host' constant value. + */ + HOST("host"), + /** + * Represents the 'spid' constant value. + */ + SPID("spid"), + /** + * Represents the 'domain' constant value. + */ + DOMAIN("domain"), + /** + * Represents the '.validation' constant value. + */ + VALIDATION_SUFFIX(".validation"), + /** + * Represents the 'jsessionid' constant value. + */ + EQUAL("="), + /** + * Represents the 'HttpOnly' constant value. + */ + HTTP_ONLY("HttpOnly"), + /** + * Represents the 'SET-COOKIE' constant value. + */ + JSSESSION("JSESSIONID"), + /** + * Represents the '=' constant value. + */ + SETCOOKIE("SET-COOKIE"), + /** + * Represents the ';' constant value. + */ + SEMICOLON(";"), + /** + * Represents the ' ' constant value. + */ + SPACE(" "), + /** + * Represents the 'atp' constant value. + */ + APROVIDER_PREFIX("atp"), + /** + * Represents the 'atn' constant value. + */ + ANAME_PREFIX("atn"), + /** + * Represents the 'ap-cpeps' constant value. + */ + AP_CPEPS_PREFIX("ap-cpeps"), + /** + * Represents the 'attr-filter' constant value. + */ + AP_ATTRFILTER_PREFIX("attr-filter"); + + /** + * Represents the constant's value. + */ + private String value; + + /** + * Solo Constructor. + * + * @param val The Constant value. + */ + PEPSValues(final String val) { + + this.value = val; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public String toString() { + + return value; + } + + /** + * Construct the return value with the following structure + * CONSTANT_VALUE+index+".id". + * + * @param index the number. + * + * @return The concatenated String value. + */ + public String index(final int index) { + + return value + index + ".id"; + } + + /** + * Construct the return value with the following structure + * CONSTANT_VALUE+index+".value". + * + * @param index the number. + * + * @return The concatenated string value. + */ + public String value(final int index) { + + return value + index + ".value"; + } + + /** + * Construct the return value with the following structure + * CONSTANT_VALUE+index+".name". + * + * @param index the number. + * + * @return The concatenated String value. + */ + public String name(final int index) { + + return value + index + ".name"; + } + + /** + * Construct the return value with the following structure + * CONSTANT_VALUE+index+".url". + * + * @param index the number. + * + * @return The concatenated String value. + */ + public String url(final int index) { + + return value + index + ".url"; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PersonalAttribute.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PersonalAttribute.java.svn-base new file mode 100644 index 000000000..5d8281445 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PersonalAttribute.java.svn-base @@ -0,0 +1,348 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; + +import org.apache.log4j.Logger; + +import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; + +/** + * This class is a bean used to store the information relative to the + * PersonalAttribute. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.22 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class PersonalAttribute implements Serializable, Cloneable { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 2612951678412632174L; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(PersonalAttribute.class + .getName()); + + /** + * Name of the personal attribute. + */ + private String name; + + /** + * Values of the personal attribute. + */ + private List value = new ArrayList(); + + /** + * Type of the personal attribute. + */ + private String type; + + /** + * Complex values of the personal attribute. + */ + private Map complexValue = new ConcurrentHashMap(); + + /** + * Is the personal attribute mandatory? + */ + private transient boolean required; + + /** + * Returned status of the attribute from the IdP. + */ + private String status; + + /** + * Name of the personal attribute. + */ + private String friendlyName; + + /** + * Empty Constructor. + */ + public PersonalAttribute() { + super(); + } + + /** + * PersonalAttribute Constructor for complex values. + * + * @param attrName The attribute name. + * @param attrIsRequired The attribute type value. + * @param attrComplexValue The attribute's value. + * @param attrStatus The attribute's status value. + */ + public PersonalAttribute(final String attrName, final boolean attrIsRequired, + final List attrComplexValue, final String attrStatus) { + this.setName(attrName); + this.setIsRequired(attrIsRequired); + this.setValue(attrComplexValue); + this.setStatus(attrStatus); + } + + /** + * PersonalAttribute Constructor for complex values. + * + * @param attrName The attribute name. + * @param attrIsRequired The attribute type value. + * @param attrComplexValue The attribute's complex value. + * @param attrStatus The attribute's status value. + */ + public PersonalAttribute(final String attrName, final boolean attrIsRequired, + final Map attrComplexValue, final String attrStatus) { + this.setName(attrName); + this.setIsRequired(attrIsRequired); + this.setComplexValue(attrComplexValue); + this.setStatus(attrStatus); + } + + /** + * {@inheritDoc} + */ + @SuppressWarnings("unchecked") + public Object clone() { + + try { + final PersonalAttribute personalAttr = (PersonalAttribute) super.clone(); + personalAttr.setIsRequired(this.isRequired()); + personalAttr.setName(this.getName()); + personalAttr.setStatus(this.getStatus()); + if (!isEmptyValue()) { + final List val = + (List) ((ArrayList) this.getValue()).clone(); + personalAttr.setValue(val); + } + if (!isEmptyComplexValue()) { + final Map complexVal = + (Map) ((HashMap) this + .getComplexValue()).clone(); + personalAttr.setComplexValue(complexVal); + } + return personalAttr; + } catch (final CloneNotSupportedException e) { + // assert false; + LOG.trace("Nothing to do."); + throw new InternalErrorPEPSException( + PEPSUtil.getConfig(PEPSErrors.INTERNAL_ERROR.errorCode()), + PEPSUtil.getConfig(PEPSErrors.INTERNAL_ERROR.errorMessage()), e); + } + } + + /** + * Getter for the required value. + * + * @return The required value. + */ + public boolean isRequired() { + return required; + } + + /** + * Setter for the required value. + * + * @param attrIsRequired this attribute? + */ + public void setIsRequired(final boolean attrIsRequired) { + this.required = attrIsRequired; + } + + /** + * Getter for the name value. + * + * @return The name value. + */ + public String getName() { + return name; + } + + /** + * Setter for the name value. + * + * @param attrName The personal attribute name. + */ + public void setName(final String attrName) { + this.name = attrName; + } + + /** + * Getter for the value. + * + * @return The list of values. + */ + public List getValue() { + return value; + } + + /** + * Setter for the list of values. + * + * @param attrValue The personal attribute value. + */ + public void setValue(final List attrValue) { + if (attrValue != null) { + this.value = attrValue; + } + } + + + /** + * Getter for the type value. + * + * @return The name value. + */ + public String getType() { + return type; + } + + /** + * Setter for the type value. + * + * @param attrName The personal attribute type. + */ + public void setType(final String attrType) { + this.type = attrType; + } + + /** + * Getter for the status. + * + * @return The status value. + */ + public String getStatus() { + return status; + } + + /** + * Setter for the status value. + * + * @param attrStatus The personal attribute status. + */ + public void setStatus(final String attrStatus) { + this.status = attrStatus; + } + + /** + * Getter for the complex value. + * + * @return The complex value. + */ + public Map getComplexValue() { + return complexValue; + } + + /** + * Setter for the complex value. + * + * @param complexVal The personal attribute Complex value. + */ + public void setComplexValue(final Map complexVal) { + if (complexVal != null) { + this.complexValue = complexVal; + } + } + + /** + * Getter for the personal's friendly name. + * + * @return The personal's friendly name value. + */ + public String getFriendlyName() { + return friendlyName; + } + + /** + * Setter for the personal's friendly name. + * + * @param fName The personal's friendly name. + */ + public void setFriendlyName(final String fName) { + this.friendlyName = fName; + } + + /** + * Return true the value is empty. + * + * @return True if the value is empty "[]"; + */ + public boolean isEmptyValue() { + return value.isEmpty() || (value.size() == 1 && value.get(0).length() == 0); + } + + /** + * Returns true if the Complex Value is empty. + * + * @return True if the Complex Value is empty; + */ + public boolean isEmptyComplexValue() { + return complexValue.isEmpty(); + } + + /** + * Returns true if the Status is empty. + * + * @return True if the Status is empty; + */ + public boolean isEmptyStatus() { + return (status == null || status.length() == 0); + } + + /** + * Prints the PersonalAttribute in the following format. + * name:required:[v,a,l,u,e,s]|[v=a,l=u,e=s]:status; + * + * @return The PersonalAttribute as a string. + */ + public String toString() { + final StringBuilder strBuild = new StringBuilder(); + + AttributeUtil.appendIfNotNull(strBuild, getName()); + strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); + AttributeUtil.appendIfNotNull(strBuild, String.valueOf(isRequired())); + strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); + strBuild.append('['); + + if (isEmptyValue()) { + if (!isEmptyComplexValue()) { + AttributeUtil.appendIfNotNull(strBuild, AttributeUtil.mapToString( + getComplexValue(), PEPSValues.ATTRIBUTE_VALUE_SEP.toString())); + } + } else { + AttributeUtil.appendIfNotNull( + strBuild, + AttributeUtil.listToString(getValue(), + PEPSValues.ATTRIBUTE_VALUE_SEP.toString())); + } + + strBuild.append(']'); + strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); + AttributeUtil.appendIfNotNull(strBuild, getStatus()); + strBuild.append(PEPSValues.ATTRIBUTE_SEP.toString()); + + return strBuild.toString(); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PersonalAttributeList.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PersonalAttributeList.java.svn-base new file mode 100644 index 000000000..642b249d4 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/PersonalAttributeList.java.svn-base @@ -0,0 +1,396 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; +import java.util.StringTokenizer; + +import org.apache.commons.lang.StringUtils; +import org.apache.log4j.Logger; + +/** + * This class is a bean used to store the information relative to the + * PersonalAttributeList. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.27 $, $Date: 2010-11-18 22:54:56 $ + * + * @see PersonalAttribute + */ +@SuppressWarnings("PMD") +public final class PersonalAttributeList extends + ConcurrentHashMap implements IPersonalAttributeList{ + + /** + * Logger object. + */ + private static final Logger LOG = Logger + .getLogger(PersonalAttributeList.class.getName()); + + /** + * Serial id. + */ + private static final long serialVersionUID = 7375127363889975062L; + + /** + * Hash with the latest fetched attribute name alias. + */ + private final transient Map latestAttrAlias = + new HashMap(); + + /** + * Hash with mapping number of alias or the attribute name. + */ + private final transient Map attrAliasNumber = + new HashMap(); + + /** + * Default constructor. + */ + public PersonalAttributeList() { + // The best practices recommend to call the super constructor. + super(); + } + + /** + * Constructor with initial capacity for the PersonalAttributeList size. + * + * @param capacity The initial capacity for the PersonalAttributeList. + */ + public PersonalAttributeList(final int capacity) { + super(capacity); + } + + /** + * {@inheritDoc} + */ + public Iterator iterator() { + return this.values().iterator(); + } + + /** + * {@inheritDoc} + */ + public PersonalAttribute get(final Object key) { + String attrName = (String) key; + + if (this.latestAttrAlias.containsKey(key)) { + attrName = attrName + this.latestAttrAlias.get(key); + } else { + if (this.attrAliasNumber.containsKey(key)) { + this.latestAttrAlias.put(attrName, this.attrAliasNumber.get(key)); + } + } + return super.get(attrName); + } + + /** + * {@inheritDoc} + */ + public void add(final PersonalAttribute value) { + if (value != null) { + this.put(value.getName(), value); + } + } + + /** + * {@inheritDoc} + */ + public PersonalAttribute put(final String key, final PersonalAttribute val) { + if (StringUtils.isNotEmpty(key) && val != null) { + // Validate if attribute name already exists! + String attrAlias = key; + if (this.containsKey(attrAlias)) { + //TODO isAgeOver should not be hardcoded, a better way of handling multipe isAgeOver requests should be implemented. + if (!val.isEmptyValue() && StringUtils.isNumeric(val.getValue().get(0)) && "isAgeOver".equals( val.getName() ) ) { + final String attrValue = val.getValue().get(0); + attrAlias = key + attrValue; + this.attrAliasNumber.put(key, Integer.valueOf(attrValue)); + } else { + final PersonalAttribute attr = super.get(key); + if (!attr.isEmptyValue() + && StringUtils.isNumeric(attr.getValue().get(0))) { + attrAlias = key + attr.getValue().get(0); + super.put(key, (PersonalAttribute) attr); + this.attrAliasNumber.put(key, null); + } + } + } + return super.put(attrAlias, val); + } else { + return null; + } + } + + /** + * {@inheritDoc} + */ + public void populate(final String attrList) { + final StringTokenizer strToken = + new StringTokenizer(attrList, PEPSValues.ATTRIBUTE_SEP.toString()); + + while (strToken.hasMoreTokens()) { + final PersonalAttribute persAttr = new PersonalAttribute(); + String[] tuples = + strToken.nextToken().split(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(), + AttributeConstants.NUMBER_TUPLES.intValue()); + + // Convert to the new format if needed! + tuples = convertFormat(tuples); + + if (AttributeUtil.hasValidTuples(tuples)) { + final int attrValueIndex = + AttributeConstants.ATTR_VALUE_INDEX.intValue(); + final String tmpAttrValue = + tuples[attrValueIndex].substring(1, + tuples[attrValueIndex].length() - 1); + final String[] vals = + tmpAttrValue.split(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + + persAttr.setName(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()]); + persAttr.setIsRequired(Boolean + .valueOf(tuples[AttributeConstants.ATTR_TYPE_INDEX.intValue()])); + + // check if it is a complex value + if (isComplexValue(vals)) { + persAttr.setComplexValue(createComplexValue(vals)); + } + else + { + persAttr.setValue(createValues(vals)); + } + + if (tuples.length == AttributeConstants.NUMBER_TUPLES.intValue()) { + persAttr.setStatus(tuples[AttributeConstants.ATTR_STATUS_INDEX + .intValue()]); + } + this.put(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()], + persAttr); + + } else { + LOG.warn("Invalid personal attribute list tuples"); + } + + } + } + + /** + * Returns a copy of this IPersonalAttributeList instance. + * + * @return The copy of this IPersonalAttributeList. + */ + public Object clone() { + try { + return (PersonalAttributeList) super.clone(); + } catch (CloneNotSupportedException e) { + return null; + } + } + + /** + * Creates a string in the following format. + * + * attrName:attrType:[attrValue1,attrValue2=attrComplexValue]:attrStatus; + * + * @return {@inheritDoc} + */ + @Override + public String toString() { + final Iterator> itAttrs = + this.entrySet().iterator(); + final StringBuilder strBuilder = new StringBuilder(); + + while (itAttrs.hasNext()) { + final Entry attrEntry = itAttrs.next(); + final PersonalAttribute attr = attrEntry.getValue(); + //strBuilder.append(attr.toString()); + strBuilder.insert(0, attr.toString()); + } + + return strBuilder.toString(); + } + + /** + * Validates and creates the attribute's complex values. + * + * @param values The complex values. + * + * @return The {@link Map} with the complex values. + * + * @see Map + */ + private Map createComplexValue(final String[] values) { + final Map complexValue = new HashMap(); + for (final String val : values) { + final String[] tVal = val.split("="); + if (StringUtils.isNotEmpty(val) && tVal.length == 2) { + complexValue.put(tVal[0], AttributeUtil.unescape(tVal[1])); + } + } + return complexValue; + } + + /** + * Checks if value is complex or not + * @param values The values to check + * @return True if succesful + */ + private boolean isComplexValue(final String[] values) { + boolean isComplex = false; + if (values.length > 0) { + final String[] tVal = values[0].split("="); + if (StringUtils.isNotEmpty(values[0]) && tVal.length == 2) { + isComplex = true; + } + } + return isComplex; + } + + /** + * Validates and creates the attribute values. + * + * @param vals The attribute values. + * + * @return The {@link List} with the attribute values. + * + * @see List + */ + private List createValues(final String[] vals) { + final List values = new ArrayList(); + for (final String val : vals) { + if (StringUtils.isNotEmpty(val)) { + values.add(AttributeUtil.unescape(val)); + } + } + return values; + } + + /** + * Converts the attribute tuple (attrName:attrType...) to the new format. + * + * @param tuples The attribute tuples to convert. + * + * @return The attribute tuples in the new format. + */ + private String[] convertFormat(final String[] tuples) { + final String[] newFormatTuples = + new String[AttributeConstants.NUMBER_TUPLES.intValue()]; + if (tuples != null) { + System.arraycopy(tuples, 0, newFormatTuples, 0, tuples.length); + + for (int i = tuples.length; i < newFormatTuples.length; i++) { + if (i == AttributeConstants.ATTR_VALUE_INDEX.intValue()) { + newFormatTuples[i] = "[]"; + } else { + newFormatTuples[i] = ""; + } + } + } + return newFormatTuples; + } + + /** + * Returns a IPersonalAttributeList of the complex attributes in this map. + * + * @return an IPersonalAttributeList of the complex attributes contained in this map. + */ + public IPersonalAttributeList getComplexAttributes() { + LOG.info("get complex attributes"); + IPersonalAttributeList attrList = new PersonalAttributeList(); + for(PersonalAttribute attr: this) { + if(!attr.getComplexValue().isEmpty()) { + attrList.put(attr.getName(), attr); + LOG.info("adding complex attribute:"+attr.getName()); + } + } + return attrList; + } + + /** + * Returns a IPersonalAttributeList of the mandatory attributes in this map. + * + * @return an IPersonalAttributeList of the mandatory attributes contained in this map. + */ + public IPersonalAttributeList getSimpleValueAttributes() { + LOG.info("get simple attributes"); + IPersonalAttributeList attrList = new PersonalAttributeList(); + for(PersonalAttribute attr: this) { + if(attr.getComplexValue().isEmpty()) { + attrList.put(attr.getName(), attr); + LOG.info("adding simple attribute:"+attr.getName()); + } + } + return attrList; + } + + + + /** + * Returns a IPersonalAttributeList of the mandatory attributes in this map. + * + * @return an IPersonalAttributeList of the mandatory attributes contained in this map. + */ + public IPersonalAttributeList getMandatoryAttributes() { + return getAttributesByParam(true); + } + + + /** + * Returns a IPersonalAttributeList of the attributes in this map by parameter value. + * + * @param compareValue The boolean to get mandatory (true) or optional (false) attributes. + * + * @return an IPersonalAttributeList of the mandatory attributes contained in this map if compareValue is true or optional otherwise. + */ + private IPersonalAttributeList getAttributesByParam(final boolean compareValue) { + LOG.info("get attributes by param :"+compareValue); + IPersonalAttributeList attrList = new PersonalAttributeList(); + for(PersonalAttribute attr: this) { + if(attr.isRequired() == compareValue) { + attrList.put(attr.getName(), attr); + LOG.info("adding attribute:"+attr.getName()); + } + } + return attrList; + } + + + /** + * Returns a IPersonalAttributeList of the optional attributes in this map. + * + * @return an IPersonalAttributeList of the optional attributes contained in this map. + */ + public IPersonalAttributeList getOptionalAttributes() { + return getAttributesByParam(false); + } + + /** + * {@inheritDoc} + */ + public boolean hasMissingValues() { + for(PersonalAttribute attr: this) { + if(attr.isEmptyValue() && attr.isEmptyComplexValue()) { + return true; + } + } + return false; + } +} \ No newline at end of file diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAttrQueryRequest.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAttrQueryRequest.java.svn-base new file mode 100644 index 000000000..65936f1a8 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAttrQueryRequest.java.svn-base @@ -0,0 +1,447 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +import org.apache.log4j.Logger; + +public class STORKAttrQueryRequest implements Serializable, Cloneable { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 4778480781609392750L; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(STORKAttrQueryRequest.class + .getName()); + + /** The samlId. */ + private String samlId; + + /** The destination. */ + private String destination; + + /** The assertion consumer service url. */ + private String serviceURL; + + /** The distinguished name. */ + private String distinguishedName; + + /** The e id sector share. */ + private boolean eIDSectorShare; + + /** The e id cross sector share. */ + private boolean eIDCrossSectorShare; + + /** The e id cross border share. */ + private boolean eIDCrossBorderShare; + + /** The personal attribute list. */ + private IPersonalAttributeList attributeList = new PersonalAttributeList(); + + /** The qaa. */ + private int qaa; + + /** The token saml. */ + private byte[] tokenSaml = new byte[0]; + + /** The issuer. */ + private String issuer; + + /** The service provider sector. */ + private String spSector; + + /** The service provider institution. */ + private String spInstitution; + + /** The service provider application. */ + private String spApplication; + + /** The service provider country. */ + private String spCountry; + + /** The country. */ + private String country; + + /** The citizen country code. */ + private String citizenCountry; + + /** The Service Provider ID. */ + private String sPID; + + /** The Alias used at the keystore for saving this certificate. */ + private String alias; + + /** + * Gets the SP's Certificate Alias. + * + * @return alias The SP's Certificate Alias. + */ + public String getAlias() { + return alias; + } + + /** + * Sets the SP's Certificate Alias. + * + * @param nAlias The SP's Certificate Alias. + */ + public void setAlias(final String nAlias) { + this.alias = nAlias; + } + + /** + * Gets the SP ID. + * + * @return sPID The SP ID. + */ + public String getSPID() { + return sPID; + } + + /** + * Sets the SP ID. + * + * @param sPId The new sp samlId. + */ + public void setSPID(final String sPId) { + this.sPID = sPId; + } + + /** + * Gets the citizen country code. + * + * @return The citizen country code value. + */ + public String getCitizenCountryCode() { + return citizenCountry; + } + + /** + * Sets the citizen country code. + * + * @param countryCode the new citizen country code value. + */ + public void setCitizenCountryCode(final String countryCode) { + this.citizenCountry = countryCode; + } + + /** + * Gets the sp country. + * + * @return The sp country value. + */ + public String getSpCountry() { + return spCountry; + } + + /** + * Sets the sp country. + * + * @param sPCountry the new sp country value. + */ + public void setSpCountry(final String sPCountry) { + this.spCountry = sPCountry; + } + + /** + * Gets the issuer. + * + * @return The issuer value. + */ + public String getIssuer() { + return issuer; + } + + /** + * Sets the issuer. + * + * @param samlIssuer the new issuer value. + */ + public void setIssuer(final String samlIssuer) { + this.issuer = samlIssuer; + } + + /** + * Gets the SAML Token. + * + * @return The SAML Token value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Sets the SAML Token. + * + * @param samlToken The new SAML Token value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Gets the country. + * + * @return The country value. + */ + public String getCountry() { + return country; + } + + /** + * Sets the country. + * + * @param nCountry the new country value. + */ + public void setCountry(final String nCountry) { + this.country = nCountry; + } + + /** + * Getter for the qaa value. + * + * @return The qaa value value. + */ + public int getQaa() { + return qaa; + } + + /** + * Setter for the qaa value. + * + * @param qaaLevel The new qaa value. + */ + public void setQaa(final int qaaLevel) { + this.qaa = qaaLevel; + } + + /** + * Getter for the serviceURL value. + * + * @return The serviceURL value. + */ + public String getAssertionConsumerServiceURL() { + return serviceURL; + } + + /** + * Setter for the serviceURL value. + * + * @param newServiceURL the assertion consumer service URL. + */ + public void setAssertionConsumerServiceURL(final String newServiceURL) { + this.serviceURL = newServiceURL; + } + + /** + * Getter for the destination value. + * + * @return The destination value. + */ + public String getDestination() { + return destination; + } + + /** + * Setter for the destination value. + * + * @param detination the new destination value. + */ + public void setDestination(final String detination) { + this.destination = detination; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param newSamlId the new samlId value. + */ + public void setSamlId(final String newSamlId) { + this.samlId = newSamlId; + } + + + /** + * Getter for the attributeList value. + * + * @return The attributeList value. + * + * @see IPersonalAttributeList + */ + public IPersonalAttributeList getPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the attributeList value. + * + * @param attrList the personal attribute list value. + * + * @see IPersonalAttributeList + */ + public void setPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.attributeList = attrList; + } + } + + /** + * Getter for the distinguishedName value. + * + * @return The distinguishedName value. + */ + public String getDistinguishedName() { + return distinguishedName; + } + + /** + * Setter for the distinguishedName value. + * + * @param certDN the distinguished name value. + */ + public void setDistinguishedName(final String certDN) { + this.distinguishedName = certDN; + } + + /** + * Gets the service provider sector. + * + * @return The service provider sector value. + */ + public String getSpSector() { + return spSector; + } + + /** + * Sets the service provider sector. + * + * @param samlSPSector the new service provider sector value. + */ + public void setSpSector(final String samlSPSector) { + this.spSector = samlSPSector; + } + + /** + * Gets the service provider institution. + * + * @return The service provider institution value. + */ + public String getSpInstitution() { + return spInstitution; + } + + /** + * Sets the service provider institution. + * + * @param samlSPInst the new service provider institution value. + */ + public void setSpInstitution(final String samlSPInst) { + this.spInstitution = samlSPInst; + } + + /** + * Gets the service provider application. + * + * @return The service provider application value. + */ + public String getSpApplication() { + return spApplication; + } + + /** + * Sets the service provider application. + * + * @param samlSPApp the new service provider application value. + */ + public void setSpApplication(final String samlSPApp) { + this.spApplication = samlSPApp; + } + + /** + * Checks if is eId sector share. + * + * @return true, if is eId sector share. + */ + public boolean isEIDSectorShare() { + return eIDSectorShare; + } + + /** + * Sets the eId sector share. + * + * @param eIdSectorShare the new eId sector share value. + */ + public void setEIDSectorShare(final boolean eIdSectorShare) { + this.eIDSectorShare = eIdSectorShare; + } + + /** + * Checks if is eId cross sector share. + * + * @return true, if is eId cross sector share. + */ + public boolean isEIDCrossSectorShare() { + return eIDCrossSectorShare; + } + + /** + * Sets the eId cross sector share. + * + * @param eIdCrossSectorShare the new eId cross sector share value. + */ + public void setEIDCrossSectorShare(final boolean eIdCrossSectorShare) { + this.eIDCrossSectorShare = eIdCrossSectorShare; + } + + /** + * Checks if is eId cross border share. + * + * @return true, if is eId cross border share. + */ + public boolean isEIDCrossBorderShare() { + return eIDCrossBorderShare; + } + + /** + * Sets the eId cross border share. + * + * @param eIdCrossBorderShare the new eId cross border share value. + */ + public void setEIDCrossBorderShare(final boolean eIdCrossBorderShare) { + this.eIDCrossBorderShare = eIdCrossBorderShare; + } + + /** + * Returns a copy of this STORKAttrQueryRequest instance. + * + * @return The copy of this STORKAttrQueryRequest. + * @throws CloneNotSupportedException on clone exception + */ + @Override + public Object clone() throws CloneNotSupportedException{ + STORKAttrQueryRequest storkAttrQueryReq = null; + storkAttrQueryReq = (STORKAttrQueryRequest) super.clone(); + storkAttrQueryReq.setPersonalAttributeList(getPersonalAttributeList()); + storkAttrQueryReq.setTokenSaml(getTokenSaml()); + return storkAttrQueryReq; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAttrQueryResponse.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAttrQueryResponse.java.svn-base new file mode 100644 index 000000000..4e40d6d01 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAttrQueryResponse.java.svn-base @@ -0,0 +1,388 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.List; + +import org.apache.log4j.Logger; +import org.joda.time.DateTime; +import org.opensaml.saml2.core.Assertion; + +public class STORKAttrQueryResponse { + + /** Response Id. */ + private String samlId; + + /** Request failed? */ + private boolean fail; + + /** Status code. */ + private String statusCode; + + /** Secondary status code. */ + private String subStatusCode; + + /** Audience restriction. */ + private transient String audienceRest; + + /** Error message. */ + private String message; + + /** Id of the request that originated this response. */ + private String inResponseTo; + + /** Expiration date. */ + private DateTime notOnOrAfter; + + /** Creation date. */ + private DateTime notBefore; + + /** The SAML token. */ + private byte[] tokenSaml = new byte[0]; + + /** Country. */ + private String country; + + /** The complete assertion **/ + private Assertion assertion; + + /** List of all assertions in response **/ + private List assertions; + + /** The complete list from all assertions **/ + private transient IPersonalAttributeList totalAttributeList = new PersonalAttributeList(); + + /** All personal attribute lists **/ + private List attributeLists; + + /** Citizen's personal attribute list. */ + private transient IPersonalAttributeList attributeList = new PersonalAttributeList(); + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(STORKAttrQueryResponse.class.getName()); + + /** + * Getter for the subStatusCode. + * + * @return The subStatusCode value. + */ + public String getSubStatusCode() { + return subStatusCode; + } + + /** + * Setter for the subStatusCode. + * + * @param samlSubStatusCode the new subStatusCode value. + */ + public void setSubStatusCode(final String samlSubStatusCode) { + this.subStatusCode = samlSubStatusCode; + } + + /** + * Getter for audienceRest. + * + * @return The audienceRest value. + */ + public String getAudienceRestriction() { + return audienceRest; + } + + /** + * Setter for audienceRest. + * + * @param audRest the new audienceRest value. + */ + public void setAudienceRestriction(final String audRest) { + this.audienceRest = audRest; + } + + /** + * Getter for the samlToken. + * + * @return The samlToken value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Setter for samlToken. + * + * @param samlToken the new tokenSaml value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Getter for the country name. + * + * @return The country name value. + */ + public String getCountry() { + return country; + } + + /** + * Setter for the country name. + * + * @param cCountry the new country name value. + */ + public void setCountry(final String cCountry) { + this.country = cCountry; + } + + /** + * Getter for pal value. + * + * @return The pal value. + * + * @see PersonalAttributeList + */ + public IPersonalAttributeList getPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.attributeList = attrList; + } + } + + /** + * Getter for the inResponseTo value. + * + * @return The inResponseTo value. + */ + public String getInResponseTo() { + return inResponseTo; + } + + /** + * Setter for the inResponseTo value. + * + * @param samlInResponseTo the new inResponseTo value. + */ + public void setInResponseTo(final String samlInResponseTo) { + this.inResponseTo = samlInResponseTo; + } + + /** + * Getter for the fail value. + * + * @return The fail value. + */ + public boolean isFail() { + return fail; + } + + /** + * Setter for the fail value. + * + * @param failVal the new fail value. + */ + public void setFail(final boolean failVal) { + this.fail = failVal; + } + + /** + * Getter for the message value. + * + * @return The message value. + */ + public String getMessage() { + return message; + } + + /** + * Setter for the message value. + * + * @param msg the new message value. + */ + public void setMessage(final String msg) { + this.message = msg; + } + + /** + * Getter for the statusCode value. + * + * @return The statusCode value. + */ + public String getStatusCode() { + return statusCode; + } + + /** + * Setter for the statusCode value. + * + * @param status the new statusCode value. + */ + public void setStatusCode(final String status) { + this.statusCode = status; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param nSamlId the new samlId value. + */ + public void setSamlId(final String nSamlId) { + this.samlId = nSamlId; + } + + /** + * Getter for the notOnOrAfter value. + * + * @return The notOnOrAfter value. + * + * @see DateTime + */ + public DateTime getNotOnOrAfter() { + return this.notOnOrAfter; + } + + /** + * Setter for the notOnOrAfter value. + * + * @param nOnOrAfter the new notOnOrAfter value. + * + * @see DateTime + */ + public void setNotOnOrAfter(final DateTime nOnOrAfter) { + this.notOnOrAfter = nOnOrAfter; + } + + /** + * Getter for the notBefore value. + * + * @return The notBefore value. + * + * @see DateTime + */ + public DateTime getNotBefore() { + return notBefore; + } + + /** + * Setter for the notBefore value. + * + * @param nBefore the new notBefore value. + * + * @see DateTime + */ + public void setNotBefore(final DateTime nBefore) { + this.notBefore = nBefore; + } + + /** Get the assertion from the response **/ + public Assertion getAssertion() { + return assertion; + } + + /** Set the assertion in the response **/ + public void setAssertion(final Assertion nAssertion) { + this.assertion = nAssertion; + } + + public void setAssertions(List newAssert) { + this.assertions = newAssert; + } + + public List getAssertions() { + return assertions; + } + + /** + * Getter for the toal pal value. + * + * @return The total pal value. + * + * @see PersonalAttributeList + */ + public IPersonalAttributeList getTotalPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) totalAttributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the total Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setTotalPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.totalAttributeList = attrList; + } + } + + /** + * Getter for personal attribute lists + * + * @return The lists + * + * @see PersonalAttributeList + */ + public List getPersonalAttributeLists() { + return attributeLists; + } + + /** + * Setter for the Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setPersonalAttributeLists(final List attrLists) { + if (attrLists != null) { + this.attributeLists = attrLists; + } + } + +} + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAuthnRequest.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAuthnRequest.java.svn-base new file mode 100644 index 000000000..2354d0eb1 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAuthnRequest.java.svn-base @@ -0,0 +1,495 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +import org.apache.log4j.Logger; + +/** + * This class is a bean used to store the information relative to the + * STORKAuthnRequest (SAML Token Request). + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.21 $, $Date: 2011-02-17 22:44:34 $ + */ +public final class STORKAuthnRequest implements Serializable, Cloneable { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 4778480781609392750L; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(STORKAuthnRequest.class + .getName()); + + /** The samlId. */ + private String samlId; + + /** The assertion consumer service url. */ + private String serviceURL; + + /** The destination. */ + private String destination; + + /** The provider name. */ + private String providerName; + + /** The distinguished name. */ + private String distinguishedName; + + /** The e id sector share. */ + private boolean eIDSectorShare; + + /** The e id cross sector share. */ + private boolean eIDCrossSectorShare; + + /** The e id cross border share. */ + private boolean eIDCrossBorderShare; + + /** The personal attribute list. */ + private IPersonalAttributeList attributeList = new PersonalAttributeList(); + + /** The qaa. */ + private int qaa; + + /** The token saml. */ + private byte[] tokenSaml = new byte[0]; + + /** The issuer. */ + private String issuer; + + /** The service provider sector. */ + private String spSector; + + /** The service provider institution. */ + private String spInstitution; + + /** The service provider application. */ + private String spApplication; + + /** The service provider country. */ + private String spCountry; + + /** The country. */ + private String country; + + /** The citizen country code. */ + private String citizenCountry; + + /** The Service Provider ID. */ + private String sPID; + + /** The Alias used at the keystore for saving this certificate. */ + private String alias; + + /** + * Gets the SP's Certificate Alias. + * + * @return alias The SP's Certificate Alias. + */ + public String getAlias() { + return alias; + } + + /** + * Sets the SP's Certificate Alias. + * + * @param nAlias The SP's Certificate Alias. + */ + public void setAlias(final String nAlias) { + this.alias = nAlias; + } + + /** + * Gets the SP ID. + * + * @return sPID The SP ID. + */ + public String getSPID() { + return sPID; + } + + /** + * Sets the SP ID. + * + * @param sPId The new sp samlId. + */ + public void setSPID(final String sPId) { + this.sPID = sPId; + } + + /** + * Gets the citizen country code. + * + * @return The citizen country code value. + */ + public String getCitizenCountryCode() { + return citizenCountry; + } + + /** + * Sets the citizen country code. + * + * @param countryCode the new citizen country code value. + */ + public void setCitizenCountryCode(final String countryCode) { + this.citizenCountry = countryCode; + } + + /** + * Gets the sp country. + * + * @return The sp country value. + */ + public String getSpCountry() { + return spCountry; + } + + /** + * Sets the sp country. + * + * @param sPCountry the new sp country value. + */ + public void setSpCountry(final String sPCountry) { + this.spCountry = sPCountry; + } + + /** + * Gets the issuer. + * + * @return The issuer value. + */ + public String getIssuer() { + return issuer; + } + + /** + * Sets the issuer. + * + * @param samlIssuer the new issuer value. + */ + public void setIssuer(final String samlIssuer) { + this.issuer = samlIssuer; + } + + /** + * Gets the SAML Token. + * + * @return The SAML Token value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Sets the SAML Token. + * + * @param samlToken The new SAML Token value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Gets the country. + * + * @return The country value. + */ + public String getCountry() { + return country; + } + + /** + * Sets the country. + * + * @param nCountry the new country value. + */ + public void setCountry(final String nCountry) { + this.country = nCountry; + } + + /** + * Getter for the qaa value. + * + * @return The qaa value value. + */ + public int getQaa() { + return qaa; + } + + /** + * Setter for the qaa value. + * + * @param qaaLevel The new qaa value. + */ + public void setQaa(final int qaaLevel) { + this.qaa = qaaLevel; + } + + /** + * Getter for the serviceURL value. + * + * @return The serviceURL value. + */ + public String getAssertionConsumerServiceURL() { + return serviceURL; + } + + /** + * Setter for the serviceURL value. + * + * @param newServiceURL the assertion consumer service URL. + */ + public void setAssertionConsumerServiceURL(final String newServiceURL) { + this.serviceURL = newServiceURL; + } + + /** + * Getter for the destination value. + * + * @return The destination value. + */ + public String getDestination() { + return destination; + } + + /** + * Setter for the destination value. + * + * @param detination the new destination value. + */ + public void setDestination(final String detination) { + this.destination = detination; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param newSamlId the new samlId value. + */ + public void setSamlId(final String newSamlId) { + this.samlId = newSamlId; + } + + /** + * Getter for the providerName value. + * + * @return The provider name value. + */ + public String getProviderName() { + return providerName; + } + + /** + * Setter for the providerName value. + * + * @param samlProvider the provider name value. + */ + public void setProviderName(final String samlProvider) { + this.providerName = samlProvider; + } + + /** + * Getter for the attributeList value. + * + * @return The attributeList value. + * + * @see IPersonalAttributeList + */ + public IPersonalAttributeList getPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the attributeList value. + * + * @param attrList the personal attribute list value. + * + * @see IPersonalAttributeList + */ + public void setPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.attributeList = attrList; + } + } + + /** + * Getter for the distinguishedName value. + * + * @return The distinguishedName value. + */ + public String getDistinguishedName() { + return distinguishedName; + } + + /** + * Setter for the distinguishedName value. + * + * @param certDN the distinguished name value. + */ + public void setDistinguishedName(final String certDN) { + this.distinguishedName = certDN; + } + + /** + * Gets the service provider sector. + * + * @return The service provider sector value. + */ + public String getSpSector() { + return spSector; + } + + /** + * Sets the service provider sector. + * + * @param samlSPSector the new service provider sector value. + */ + public void setSpSector(final String samlSPSector) { + this.spSector = samlSPSector; + } + + /** + * Gets the service provider institution. + * + * @return The service provider institution value. + */ + public String getSpInstitution() { + return spInstitution; + } + + /** + * Sets the service provider institution. + * + * @param samlSPInst the new service provider institution value. + */ + public void setSpInstitution(final String samlSPInst) { + this.spInstitution = samlSPInst; + } + + /** + * Gets the service provider application. + * + * @return The service provider application value. + */ + public String getSpApplication() { + return spApplication; + } + + /** + * Sets the service provider application. + * + * @param samlSPApp the new service provider application value. + */ + public void setSpApplication(final String samlSPApp) { + this.spApplication = samlSPApp; + } + + /** + * Checks if is eId sector share. + * + * @return true, if is eId sector share. + */ + public boolean isEIDSectorShare() { + return eIDSectorShare; + } + + /** + * Sets the eId sector share. + * + * @param eIdSectorShare the new eId sector share value. + */ + public void setEIDSectorShare(final boolean eIdSectorShare) { + this.eIDSectorShare = eIdSectorShare; + } + + /** + * Checks if is eId cross sector share. + * + * @return true, if is eId cross sector share. + */ + public boolean isEIDCrossSectorShare() { + return eIDCrossSectorShare; + } + + /** + * Sets the eId cross sector share. + * + * @param eIdCrossSectorShare the new eId cross sector share value. + */ + public void setEIDCrossSectorShare(final boolean eIdCrossSectorShare) { + this.eIDCrossSectorShare = eIdCrossSectorShare; + } + + /** + * Checks if is eId cross border share. + * + * @return true, if is eId cross border share. + */ + public boolean isEIDCrossBorderShare() { + return eIDCrossBorderShare; + } + + /** + * Sets the eId cross border share. + * + * @param eIdCrossBorderShare the new eId cross border share value. + */ + public void setEIDCrossBorderShare(final boolean eIdCrossBorderShare) { + this.eIDCrossBorderShare = eIdCrossBorderShare; + } + + /** + * Returns a copy of this STORKAuthnRequest instance. + * + * @return The copy of this STORKAuthnRequest. + * @throws CloneNotSupportedException on clone exception + */ + @Override + public Object clone() throws CloneNotSupportedException{ + STORKAuthnRequest storkAuthnReq = null; + try { + storkAuthnReq = (STORKAuthnRequest) super.clone(); + storkAuthnReq.setPersonalAttributeList(getPersonalAttributeList()); + storkAuthnReq.setTokenSaml(getTokenSaml()); + } catch (final CloneNotSupportedException e) { + // assert false; + LOG.trace("[PersonalAttribute] Nothing to do."); + } + + return storkAuthnReq; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAuthnResponse.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAuthnResponse.java.svn-base new file mode 100644 index 000000000..84fadd023 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKAuthnResponse.java.svn-base @@ -0,0 +1,383 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.List; + +import org.apache.log4j.Logger; +import org.joda.time.DateTime; +import org.opensaml.saml2.core.Assertion; + +/** + * This class is a bean used to store the information relative to the + * STORKAuthnResponse. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class STORKAuthnResponse { + + /** Response Id. */ + private String samlId; + + /** Authentication failed? */ + private boolean fail; + + /** Status code. */ + private String statusCode; + + /** Secondary status code. */ + private String subStatusCode; + + /** Audience restriction. */ + private transient String audienceRest; + + /** Error message. */ + private String message; + + /** Id of the request that originated this response. */ + private String inResponseTo; + + /** Expiration date. */ + private DateTime notOnOrAfter; + + /** Creation date. */ + private DateTime notBefore; + + /** The SAML token. */ + private byte[] tokenSaml = new byte[0]; + + /** Country. */ + private String country; + + /** Citizen's personal attribute list. */ + private transient IPersonalAttributeList attributeList = new PersonalAttributeList(); + + /** List of all assertions in response **/ + private List assertions; + + /** The complete list from all assertions **/ + private transient IPersonalAttributeList totalAttributeList = new PersonalAttributeList(); + + /** All personal attribute lists **/ + private List attributeLists; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(STORKAuthnResponse.class.getName()); + + /** + * Getter for the subStatusCode. + * + * @return The subStatusCode value. + */ + public String getSubStatusCode() { + return subStatusCode; + } + + /** + * Setter for the subStatusCode. + * + * @param samlSubStatusCode the new subStatusCode value. + */ + public void setSubStatusCode(final String samlSubStatusCode) { + this.subStatusCode = samlSubStatusCode; + } + + /** + * Getter for audienceRest. + * + * @return The audienceRest value. + */ + public String getAudienceRestriction() { + return audienceRest; + } + + /** + * Setter for audienceRest. + * + * @param audRest the new audienceRest value. + */ + public void setAudienceRestriction(final String audRest) { + this.audienceRest = audRest; + } + + /** + * Getter for the samlToken. + * + * @return The samlToken value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Setter for samlToken. + * + * @param samlToken the new tokenSaml value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Getter for the country name. + * + * @return The country name value. + */ + public String getCountry() { + return country; + } + + /** + * Setter for the country name. + * + * @param cCountry the new country name value. + */ + public void setCountry(final String cCountry) { + this.country = cCountry; + } + + /** + * Getter for pal value. + * + * @return The pal value. + * + * @see PersonalAttributeList + */ + public IPersonalAttributeList getPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.attributeList = attrList; + } + } + + /** + * Getter for the inResponseTo value. + * + * @return The inResponseTo value. + */ + public String getInResponseTo() { + return inResponseTo; + } + + /** + * Setter for the inResponseTo value. + * + * @param samlInResponseTo the new inResponseTo value. + */ + public void setInResponseTo(final String samlInResponseTo) { + this.inResponseTo = samlInResponseTo; + } + + /** + * Getter for the fail value. + * + * @return The fail value. + */ + public boolean isFail() { + return fail; + } + + /** + * Setter for the fail value. + * + * @param failVal the new fail value. + */ + public void setFail(final boolean failVal) { + this.fail = failVal; + } + + /** + * Getter for the message value. + * + * @return The message value. + */ + public String getMessage() { + return message; + } + + /** + * Setter for the message value. + * + * @param msg the new message value. + */ + public void setMessage(final String msg) { + this.message = msg; + } + + /** + * Getter for the statusCode value. + * + * @return The statusCode value. + */ + public String getStatusCode() { + return statusCode; + } + + /** + * Setter for the statusCode value. + * + * @param status the new statusCode value. + */ + public void setStatusCode(final String status) { + this.statusCode = status; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param nSamlId the new samlId value. + */ + public void setSamlId(final String nSamlId) { + this.samlId = nSamlId; + } + + /** + * Getter for the notOnOrAfter value. + * + * @return The notOnOrAfter value. + * + * @see DateTime + */ + public DateTime getNotOnOrAfter() { + return this.notOnOrAfter; + } + + /** + * Setter for the notOnOrAfter value. + * + * @param nOnOrAfter the new notOnOrAfter value. + * + * @see DateTime + */ + public void setNotOnOrAfter(final DateTime nOnOrAfter) { + this.notOnOrAfter = nOnOrAfter; + } + + /** + * Getter for the notBefore value. + * + * @return The notBefore value. + * + * @see DateTime + */ + public DateTime getNotBefore() { + return notBefore; + } + + /** + * Setter for the notBefore value. + * + * @param nBefore the new notBefore value. + * + * @see DateTime + */ + public void setNotBefore(final DateTime nBefore) { + this.notBefore = nBefore; + } + + public void setAssertions(List newAssert) { + this.assertions = newAssert; + } + + public List getAssertions() { + return assertions; + } + + /** + * Getter for the toal pal value. + * + * @return The total pal value. + * + * @see PersonalAttributeList + */ + public IPersonalAttributeList getTotalPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) totalAttributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the total Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setTotalPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.totalAttributeList = attrList; + } + } + + /** + * Getter for personal attribute lists + * + * @return The lists + * + * @see PersonalAttributeList + */ + public List getPersonalAttributeLists() { + return attributeLists; + } + + /** + * Setter for the Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setPersonalAttributeLists(final List attrLists) { + if (attrLists != null) { + this.attributeLists = attrLists; + } + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKLogoutRequest.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKLogoutRequest.java.svn-base new file mode 100644 index 000000000..44811aee2 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKLogoutRequest.java.svn-base @@ -0,0 +1,197 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +public class STORKLogoutRequest implements Serializable, Cloneable { + private static final long serialVersionUID = 4778480781609392750L; + + /** The samlId. */ + private String samlId; + + /** The destination. */ + private String destination; + + /** The distinguished name. */ + private String distinguishedName; + + /** The qaa. */ + private int qaa; + + /** The token saml. */ + private byte[] tokenSaml = new byte[0]; + + /** The issuer. */ + private String issuer; + + /** The country. */ + private String country; + + /** The Alias used at the keystore for saving this certificate. */ + private String alias; + + /** The ID of principal as known to SP **/ + private String spProvidedId; + + /** + * Gets the SP's Certificate Alias. + * + * @return alias The SP's Certificate Alias. + */ + public String getAlias() { + return alias; + } + + /** + * Sets the SP's Certificate Alias. + * + * @param nAlias The SP's Certificate Alias. + */ + public void setAlias(final String nAlias) { + this.alias = nAlias; + } + + /** + * Gets the issuer. + * + * @return The issuer value. + */ + public String getIssuer() { + return issuer; + } + + /** + * Sets the issuer. + * + * @param samlIssuer the new issuer value. + */ + public void setIssuer(final String samlIssuer) { + this.issuer = samlIssuer; + } + + /** + * Gets the SAML Token. + * + * @return The SAML Token value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Sets the SAML Token. + * + * @param samlToken The new SAML Token value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Gets the country. + * + * @return The country value. + */ + public String getCountry() { + return country; + } + + /** + * Sets the country. + * + * @param nCountry the new country value. + */ + public void setCountry(final String nCountry) { + this.country = nCountry; + } + + /** + * Getter for the qaa value. + * + * @return The qaa value value. + */ + public int getQaa() { + return qaa; + } + + /** + * Setter for the qaa value. + * + * @param qaaLevel The new qaa value. + */ + public void setQaa(final int qaaLevel) { + this.qaa = qaaLevel; + } + + /** + * Getter for the destination value. + * + * @return The destination value. + */ + public String getDestination() { + return destination; + } + + /** + * Setter for the destination value. + * + * @param detination the new destination value. + */ + public void setDestination(final String detination) { + this.destination = detination; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param newSamlId the new samlId value. + */ + public void setSamlId(final String newSamlId) { + this.samlId = newSamlId; + } + + /** + * Getter for the distinguishedName value. + * + * @return The distinguishedName value. + */ + public String getDistinguishedName() { + return distinguishedName; + } + + /** + * Setter for the distinguishedName value. + * + * @param certDN the distinguished name value. + */ + public void setDistinguishedName(final String certDN) { + this.distinguishedName = certDN; + } + + /** Getter for spProvidedId **/ + public String getSpProvidedId() { + return spProvidedId; + } + + public void setSpProvidedId(final String nSpProvidedId) { + this.spProvidedId = nSpProvidedId; + } + + @Override + public Object clone() throws CloneNotSupportedException{ + STORKLogoutRequest storkLogoutRequest = null; + storkLogoutRequest = (STORKLogoutRequest) super.clone(); + storkLogoutRequest.setTokenSaml(getTokenSaml()); + return storkLogoutRequest; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKLogoutResponse.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKLogoutResponse.java.svn-base new file mode 100644 index 000000000..21b53a652 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKLogoutResponse.java.svn-base @@ -0,0 +1,250 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +public class STORKLogoutResponse implements Serializable, Cloneable { + private static final long serialVersionUID = 4778480781609392750L; + + /** The samlId. */ + private String samlId; + + /** The destination. */ + private String destination; + + /** The distinguished name. */ + private String distinguishedName; + + /** The token saml. */ + private byte[] tokenSaml = new byte[0]; + + /** The issuer. */ + private String issuer; + + /** The country. */ + private String country; + + /** The Alias used at the keystore for saving this certificate. */ + private String alias; + + /** Status code. */ + private String statusCode; + + /** Secondary status code. */ + private String subStatusCode; + + /** Status message. */ + private String statusMessage; + + /** Logout failed? */ + private boolean fail; + + /** + * Gets the SP's Certificate Alias. + * + * @return alias The SP's Certificate Alias. + */ + public String getAlias() { + return alias; + } + + /** + * Sets the SP's Certificate Alias. + * + * @param nAlias The SP's Certificate Alias. + */ + public void setAlias(final String nAlias) { + this.alias = nAlias; + } + + /** + * Gets the issuer. + * + * @return The issuer value. + */ + public String getIssuer() { + return issuer; + } + + /** + * Sets the issuer. + * + * @param samlIssuer the new issuer value. + */ + public void setIssuer(final String samlIssuer) { + this.issuer = samlIssuer; + } + + /** + * Gets the SAML Token. + * + * @return The SAML Token value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Sets the SAML Token. + * + * @param samlToken The new SAML Token value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Gets the country. + * + * @return The country value. + */ + public String getCountry() { + return country; + } + + /** + * Sets the country. + * + * @param nCountry the new country value. + */ + public void setCountry(final String nCountry) { + this.country = nCountry; + } + + /** + * Getter for the destination value. + * + * @return The destination value. + */ + public String getDestination() { + return destination; + } + + /** + * Setter for the destination value. + * + * @param detination the new destination value. + */ + public void setDestination(final String detination) { + this.destination = detination; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param newSamlId the new samlId value. + */ + public void setSamlId(final String newSamlId) { + this.samlId = newSamlId; + } + + /** + * Getter for the distinguishedName value. + * + * @return The distinguishedName value. + */ + public String getDistinguishedName() { + return distinguishedName; + } + + /** + * Setter for the distinguishedName value. + * + * @param certDN the distinguished name value. + */ + public void setDistinguishedName(final String certDN) { + this.distinguishedName = certDN; + } + + + /** + * Getter for the fail value. + * + * @return The fail value. + */ + public boolean isFail() { + return fail; + } + + /** + * Setter for the fail value. + * + * @param failVal the new fail value. + */ + public void setFail(final boolean failVal) { + this.fail = failVal; + } + + /** + * Getter for the statusCode value. + * + * @return The statusCode value. + */ + public String getStatusCode() { + return statusCode; + } + + /** + * Getter for the subStatusCode. + * + * @return The subStatusCode value. + */ + public String getSubStatusCode() { + return subStatusCode; + } + + /** + * Setter for the subStatusCode. + * + * @param samlSubStatusCode the new subStatusCode value. + */ + public void setSubStatusCode(final String samlSubStatusCode) { + this.subStatusCode = samlSubStatusCode; + } + + /** + * Setter for the statusMessage value. + * + * @param status the new statusMessage value. + */ + public void setStatusMessage(final String status) { + this.statusMessage = status; + } + + /** + * Getter for the statusMessage value. + * + * @return The statusMessage value. + */ + public String getStatusMessage() { + return statusMessage; + } + + /** + * Setter for the statusCode value. + * + * @param status the new statusCode value. + */ + public void setStatusCode(final String status) { + this.statusCode = status; + } + + @Override + public Object clone() throws CloneNotSupportedException{ + STORKLogoutResponse storkLogoutResponse = null; + storkLogoutResponse = (STORKLogoutResponse) super.clone(); + storkLogoutResponse.setTokenSaml(getTokenSaml()); + return storkLogoutResponse; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKStatusCode.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKStatusCode.java.svn-base new file mode 100644 index 000000000..a9c4a156b --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKStatusCode.java.svn-base @@ -0,0 +1,68 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains the SAML Token Status Code. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ + */ +public enum STORKStatusCode { + + /** URI for Requester status code. */ + REQUESTER_URI("urn:oasis:names:tc:SAML:2.0:status:Requester"), + + /** URI for Responder status code. */ + RESPONDER_URI("urn:oasis:names:tc:SAML:2.0:status:Responder"), + + /** URI for Success status code. */ + SUCCESS_URI("urn:oasis:names:tc:SAML:2.0:status:Success"), + + /** Attribute is Available. */ + STATUS_AVAILABLE("Available"), + + /** Attribute is NotAvailable. */ + STATUS_NOT_AVAILABLE("NotAvailable"), + + /** Attribute is Withheld. */ + STATUS_WITHHELD("Withheld"); + + /** + * Represents the constant's value. + */ + private String value; + + /** + * Solo Constructor. + * + * @param val The Constant value. + */ + private STORKStatusCode(final String val) { + + this.value = val; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public String toString() { + + return value; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKSubStatusCode.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKSubStatusCode.java.svn-base new file mode 100644 index 000000000..0a711c9b7 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/STORKSubStatusCode.java.svn-base @@ -0,0 +1,71 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains the SAML Token Sub Status Code. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.7 $, $Date: 2010-11-17 05:15:28 $ + */ +public enum STORKSubStatusCode { + + /** URI for AuthnFailed status code. */ + AUTHN_FAILED_URI("urn:oasis:names:tc:SAML:2.0:status:AuthnFailed"), + + /** URI for InvalidAttrNameOrValue status code. */ + INVALID_ATTR_NAME_VALUE_URI( + "urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue"), + + /** URI for InvalidNameIDPolicy status code. */ + INVALID_NAMEID_POLICY_URI( + "urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy"), + + /** URI for VersionMismatch status code. */ + VERSION_MISMATCH_URI("urn:oasis:names:tc:SAML:2.0:status:VersionMismatch"), + + /** URI for RequestDenied status code. */ + REQUEST_DENIED_URI("urn:oasis:names:tc:SAML:2.0:status:RequestDenied"), + + /** URI for QaaNotSupported status code. */ + QAA_NOT_SUPPORTED( + "http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported"); + + /** + * Represents the constant's value. + */ + private String value; + + /** + * Solo Constructor. + * + * @param val The Constant value. + */ + private STORKSubStatusCode(final String val) { + + this.value = val; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public String toString() { + + return value; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/package-info.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..19d45aaa2 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,9 @@ +/** + * Common Authentication Service functionalities to be deployed in every PEPS + * is contained in this package. + * In particular, it contains the SAML Engine that implements the SAML messages + * management + * + * @since 1.0 + */ +package eu.stork.peps.auth.commons; diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java new file mode 100644 index 000000000..09769641c --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeConstants.java @@ -0,0 +1,72 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains all the STORK PEPS, Commons and Specific errors + * constant identifiers. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.2 $, $Date: 2010-11-17 05:15:28 $ + */ +public enum AttributeConstants { + + /** + * Represents the attribute's name index. + */ + ATTR_NAME_INDEX(0), + /** + * Represents the attribute's type index. + */ + ATTR_TYPE_INDEX(1), + /** + * Represents the attribute's value index. + */ + ATTR_VALUE_INDEX(2), + /** + * Represents the attribute's status index. + */ + ATTR_STATUS_INDEX(3), + /** + * Represents the number of allowed tuples. + */ + NUMBER_TUPLES(4); + + /** + * Represents the constant's value. + */ + private int attribute; + + /** + * Solo Constructor. + * + * @param attr The Attribute Constant value. + */ + AttributeConstants(final int attr) { + + this.attribute = attr; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public int intValue() { + + return attribute; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java new file mode 100644 index 000000000..a44768c7e --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeName.java @@ -0,0 +1,74 @@ +package eu.stork.peps.auth.commons; + +/** + * This class is a bean used to store information relative to Attribute Names. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.00 $, $Date: 2013-11-26 $ + */ +public final class AttributeName { + + /** + * Attribute Id. + */ + private String attributeId; + + /** + * Attribute Name. + */ + private String attributeName; + + /** + * Attribute Name Constructor. + * + * @param aId Id of the Attribute Name. + * @param aName Name of the Attribute Name. + */ + public AttributeName(final String aId, final String aName) { + + this.attributeId = aId; + this.attributeName = aName; + } + + /** + * Getter for the attributeId value. + * + * @return The attributeId value. + */ + public String getAttributeId() { + + return attributeId; + } + + /** + * Setter for the attributeId value. + * + * @param aId Id of the Attribute Name. + */ + public void setAttributeId(final String aId) { + + this.attributeId = aId; + } + + /** + * Getter for the attributeName value. + * + * @return The attributeName value. + */ + public String getAttributeName() { + + return attributeName; + } + + /** + * Setter for the attributeName value. + * + * @param name Name of the Attribute Name. + */ + public void setAttributeName(final String name) { + + this.attributeName = name; + } + +} \ No newline at end of file diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java new file mode 100644 index 000000000..fc776db81 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvider.java @@ -0,0 +1,80 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +/** + * This class is a bean used to store the information relative to the Attribute Provider. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.01 $, $Date: 2013-11-28 $ + */ +public final class AttributeProvider implements Serializable { + /** + * Unique identifier. + */ + private static final long serialVersionUID = 7210186241917444559L; + + /** + * Provider Id. + */ + private String providerId; + + /** + * Provider Name. + */ + private String providerName; + + /** + * Attribute Provider Constructor. + * + * @param pId Id of the Attribute Provider. + * @param pName Name of the Attribute Provider. + */ + public AttributeProvider(final String pId, final String pName) { + + this.providerId = pId; + this.providerName = pName; + } + + /** + * Getter for the providerId value. + * + * @return The providerId value. + */ + public String getProviderId() { + + return providerId; + } + + /** + * Setter for the providerId value. + * + * @param pId Id of the Attribute Provider. + */ + public void setProviderId(final String pId) { + + this.providerId = pId; + } + + /** + * Getter for the providerName value. + * + * @return The providerName value. + */ + public String getProviderName() { + + return providerName; + } + + /** + * Setter for the providerName value. + * + * @param name Name of the Attribute Provider. + */ + public void setProviderName(final String name) { + + this.providerName = name; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java new file mode 100644 index 000000000..85aec2625 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeProvidersMap.java @@ -0,0 +1,96 @@ +package eu.stork.peps.auth.commons; + +import java.util.Iterator; +import java.util.LinkedHashMap; + +import org.apache.log4j.Logger; + +/** + * Implementation of the AttributeProviderMap using a LinkedHashMap. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.01 $, $Date: 2013-09-20 $ + * + * @see LinkedHashMap + */ +public class AttributeProvidersMap extends LinkedHashMap + implements IAttributeProvidersMap { + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(AttributeProvidersMap.class.getName()); + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 8949081185106296122L; + + /** + * {@inheritDoc} + */ + @Override + public IPersonalAttributeList get(final AttributeSource key) { + return this.get((Object) key); + } + + /** + * {@inheritDoc} + */ + @Override + public IPersonalAttributeList remove(final AttributeSource key) { + return this.remove((Object) key); + } + + /** + * {@inheritDoc} + */ + @Override + public boolean containsKey(final AttributeSource key) { + return this.containsKey((Object) key); + } + + /** + * {@inheritDoc} + */ + @Override + public Iterator keyIterator() { + return this.keySet().iterator(); + } + + public void trace() { + Iterator iterator; + Iterator iterator2; + AttributeSource source; + IPersonalAttributeList pal; + PersonalAttribute pa; + + iterator = this.keyIterator(); + LOG.trace("Start dumping of AttributeProvidersMap\n======================="); + while (iterator.hasNext()) { + source = iterator.next(); + + LOG.trace("Source details: type [" + source.getSourceType() + "], URL [" + source.getProviderURL() + "]"); + + if(source.getSourceType() == AttributeSource.SOURCE_LOCAL_APROVIDER) { + LOG.trace("-> Attribute Provider: ID [" + source.getProvider().getProviderId() + "], name [" + source.getProvider().getProviderName() + "]"); + } + else { + LOG.trace("-> Country: ID [" + source.getCountry().getCountryId() + "], name [" + source.getCountry().getCountryName() + "]"); + } + + pal = this.get(source); + LOG.trace("++++++++=>"); + iterator2 = pal.iterator(); + while (iterator2.hasNext()) { + pa = iterator2.next(); + + LOG.trace("-> Citizen Attribute: name [" + pa.getName() + "], required [" + pa.isRequired() + "]"); + } + LOG.trace("<=++++++++"); + + LOG.trace("-----------------------"); + } + LOG.trace("END\n======================="); + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java new file mode 100644 index 000000000..846f54f67 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeSource.java @@ -0,0 +1,188 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +import org.apache.log4j.Logger; + +/** + * This class is a bean used to store the information relative to the Attribute Source (either AttributeProvider or Country). + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.10 $, $Date: 2013-11-29 $ + */ +public final class AttributeSource implements Serializable { + /** + * Unique identifier. + */ + private static final long serialVersionUID = 432243595968469014L; + + public static final int SOURCE_LOCAL_APROVIDER = 1; + public static final int SOURCE_REMOTE_COUNTRY = 2; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(AttributeSource.class.getName()); + + /** + * Provider source. + */ + private int sourceType; + + /** + * Provider URL. + */ + private String providerURL; + + /** + * The local Attribute Provider. + */ + private AttributeProvider provider; + + /** + * The remote Country. + */ + private Country country; + + /** + * Attribute Source Constructor. + * + * @param provider The local Attribute Provider. + * @param pURL URL of the Attribute Provider. + */ + public AttributeSource(final AttributeProvider provider, final String pURL) { + this.setSourceType(SOURCE_LOCAL_APROVIDER); + + this.setProvider(provider); + this.setProviderURL(pURL); + } + + /** + * Attribute Source Constructor. + * + * @param country The remote Country. + * @param pURL URL of the Country. + */ + public AttributeSource(final Country country, final String pURL) { + this.setSourceType(SOURCE_REMOTE_COUNTRY); + + this.setCountry(country); + this.setProviderURL(pURL); + } + + /** + * @param sourceType the sourceType to set + */ + public void setSourceType(final int sourceType) { + this.sourceType = sourceType; + } + + /** + * @return the sourceType + */ + public int getSourceType() { + return sourceType; + } + + /** + * @param providerURL the providerURL to set + */ + public void setProviderURL(final String providerURL) { + this.providerURL = providerURL; + } + + /** + * @return the providerURL + */ + public String getProviderURL() { + return providerURL; + } + + /** + * @param provider the provider to set + */ + public void setProvider(final AttributeProvider provider) { + this.setSourceType(SOURCE_LOCAL_APROVIDER); + + this.provider = provider; + } + + /** + * @return the provider + */ + public AttributeProvider getProvider() { + return provider; + } + + /** + * @param country the country to set + */ + public void setCountry(final Country country) { + this.setSourceType(SOURCE_REMOTE_COUNTRY); + + this.country = country; + } + + /** + * @return the country + */ + public Country getCountry() { + return country; + } + + /** + * {@inheritDoc} + */ + public boolean equals(Object obj) { + boolean outcome = false; + + LOG.debug("Calling equals with Object."); + if ( obj instanceof AttributeSource ) { + LOG.debug("Calling equals with AttributeSource."); + outcome = this.equals((AttributeSource)obj); + } + + LOG.debug("Object equals outcome: " + outcome); + return outcome; + } + + /** + * Compare the given AttributeSource with the current object in order to determinine + * if they are equal. + * + * @param obj The AttributeSource to compare to + * + * @return true if the two objects are equal + */ + public boolean equals(AttributeSource obj) { + boolean outcome = false; + + if ( this.sourceType==obj.getSourceType() ) { + if ( this.sourceType==AttributeSource.SOURCE_LOCAL_APROVIDER ) { + if ( this.provider.getProviderId().equals(obj.getProvider().getProviderId()) ) + outcome = true; + } + else if ( this.sourceType==AttributeSource.SOURCE_REMOTE_COUNTRY ) { + if ( this.country.getCountryId().equals(obj.getCountry().getCountryId()) ) + outcome = true; + } + } + + LOG.debug("AttributeSource equals outcome: " + outcome); + return outcome; + } + + /** + * {@inheritDoc} + */ + public int hashCode() { + int hash = 1; + hash = hash * 17 + this.sourceType; + if ( this.sourceType==AttributeSource.SOURCE_LOCAL_APROVIDER ) + hash = hash * 31 + this.provider.getProviderName().hashCode(); + else + hash = hash * 31 + this.country.getCountryName().hashCode(); + return hash; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java new file mode 100644 index 000000000..af7ab6cf3 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/AttributeUtil.java @@ -0,0 +1,231 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Map.Entry; + +import org.apache.commons.lang.StringUtils; + +/** + * This class holds static helper methods. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.5 $, $Date: 2010-12-15 23:19:59 $ + */ +public final class AttributeUtil { + + /** + * Private constructor. Prevents the class from being instantiated. + */ + private AttributeUtil() { + // empty constructor + } + + /** + * Safe escape any given string. + * + * @param value The HTTP Value to escaped. + * + * @return The value escaped value. + */ + public static String escape(final String value) { + + final String attrSep = PEPSValues.ATTRIBUTE_SEP.toString(); + final String attrTupleSep = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(); + final String attrValueSep = PEPSValues.ATTRIBUTE_VALUE_SEP.toString(); + + final String escAttrSep = "%" + (int) attrSep.charAt(0); + final String escAttrTupleSep = "%" + (int) attrTupleSep.charAt(0); + final String escAttrValueSep = "%" + (int) attrValueSep.charAt(0); + + return value.replace(attrSep, escAttrSep) + .replace(attrTupleSep, escAttrTupleSep) + .replace(attrValueSep, escAttrValueSep); + } + + /** + * Unescape any given string. + * + * @param value The HTTP Value to be unescaped. + * + * @return The value unescaped value. + */ + public static String unescape(final String value) { + final String attrSep = PEPSValues.ATTRIBUTE_SEP.toString(); + final String attrTupleSep = PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(); + final String attrValueSep = PEPSValues.ATTRIBUTE_VALUE_SEP.toString(); + + final String escAttrSep = "%" + (int) attrSep.charAt(0); + final String escAttrTupleSep = "%" + (int) attrTupleSep.charAt(0); + final String escAttrValueSep = "%" + (int) attrValueSep.charAt(0); + + return value.replace(escAttrSep, attrSep) + .replace(escAttrTupleSep, attrTupleSep) + .replace(escAttrValueSep, attrValueSep); + } + + /** + * Appends the string representation of an object to a StringBuilder. + * + * @param strBuilder The StringBuilder to append to. + * @param val The string representation of an object. + */ + public static void appendIfNotNull(final StringBuilder strBuilder, + final Object val) { + + if (val != null) { + strBuilder.append(val); + } + } + + /** + * Given a separator and a list of strings, joins the list, as a string, + * separated by the separator string. + * + * @param list The list of strings to join. + * @param separator The separator string. + * @return the list, as a string, separated by the separator string. + */ + public static String listToString(final List list, + final String separator) { + + final StringBuilder strBuilder = new StringBuilder(); + for (final String s : list) { + if (!StringUtils.isEmpty(s)) { + strBuilder.append(AttributeUtil.escape(s) + separator); + } + } + return strBuilder.toString(); + } + + /** + * Given a separator and a map of strings to strings, joins the map, as a + * string, separated by the separator string with the pair key/value + * concatenated with a '='. + * + * @param map The map of strings to join. + * @param separator The separator string. + * + * @return the map of strings, as a string, separated by the separator string + * with the pair key/value concatenated with a '='. + */ + public static String mapToString(final Map map, + final String separator) { + + final StringBuilder strBuilder = new StringBuilder(); + final Iterator> valuesIt = map.entrySet().iterator(); + while (valuesIt.hasNext()) { + final Entry entry = valuesIt.next(); + strBuilder.append(entry.getKey()); + strBuilder.append('='); + strBuilder.append(AttributeUtil.escape(entry.getValue())); + strBuilder.append(separator); + } + return strBuilder.toString(); + } + + /** + * Validates the attribute value format. + * + * @param value The attribute value to validate. + * + * @return true if value has a valid format. + */ + public static boolean isValidValue(final String value) { + boolean retVal = false; + if (value != null && value.charAt(0) == '[' && value.endsWith("]")) { + final String tmpAttrValue = value.substring(1, value.length() - 1); + final String[] vals = + tmpAttrValue.split(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + + if (tmpAttrValue.length() >= 0 + || (vals.length > 0 && vals[0].length() > 0)) { + retVal = true; + } + } + return retVal; + } + + /** + * Validates the attribute type value. It's case insensitive. E.g. return true + * value to: a) "true", "TRUE", "True", ... b) "false", "FALSE", "False", ... + * + * @param type The attribute type value. + * + * @return true if type has a true or false (case insensitive) value. + */ + public static boolean isValidType(final String type) { + return StringUtils.isNotEmpty(type) && (PEPSValues.TRUE.toString().equalsIgnoreCase(type) || PEPSValues.FALSE.toString().equalsIgnoreCase(type)) ; + } + + /** + * Validates the Personal attribute tuple. E.g. name:type:[value]:status + * + * @param tuples The Personal attribute's tuple. + * + * @return true if the tuples' format is valid. + * + * @see PEPSUtil#validateParameter(String, String, String) + * @see String#equalsIgnoreCase(String) + */ + public static boolean hasValidTuples(final String[] tuples) { + boolean retVal = false; + + final int numberTuples = AttributeConstants.NUMBER_TUPLES.intValue(); + if (tuples != null && tuples.length == numberTuples) { + // validate attrName + final int attrNameIndex = AttributeConstants.ATTR_NAME_INDEX.intValue(); + final int attrTypeIndex = AttributeConstants.ATTR_TYPE_INDEX.intValue(); + final int attrValueIndex = AttributeConstants.ATTR_VALUE_INDEX.intValue(); + + retVal = + StringUtils.isNotEmpty(tuples[attrNameIndex]) + && StringUtils.isNotEmpty(tuples[attrTypeIndex]) + && StringUtils.isNotEmpty(tuples[attrValueIndex]) + && AttributeUtil.isValidType(tuples[attrTypeIndex]) + && AttributeUtil.isValidValue(tuples[attrValueIndex]); + } + return retVal; + } + + /** + * Check if all mandatory attributes have values. + * + * @param personalAttrList The Personal Attributes List. + * + * @return true if all mandatory attributes have values, false if at least one + * attribute doesn't have value. + */ + public static boolean checkMandatoryAttributes( + final IPersonalAttributeList personalAttrList) { + + final Iterator itAttributes = + personalAttrList.values().iterator(); + boolean retVal = true; + while (itAttributes.hasNext() && retVal) { + final PersonalAttribute attr = itAttributes.next(); + if (attr.isRequired() + && !STORKStatusCode.STATUS_AVAILABLE.toString() + .equals(attr.getStatus())) { + retVal = false; + } + } + return retVal; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java new file mode 100644 index 000000000..9ebcfbd5a --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CitizenConsent.java @@ -0,0 +1,123 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.ArrayList; +import java.util.List; + +/** + * This class is a bean used to store the information relative to the Citizen + * Consent. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class CitizenConsent { + + /** + * Mandatory attributes list. + */ + private List mandatoryList; + + /** + * Optional attributes list. + */ + private List optionalList; + + /** + * Citizen Consent default Constructor. + */ + public CitizenConsent() { + this.mandatoryList = new ArrayList(); + this.optionalList = new ArrayList(); + } + + /** + * Getter for the mandatoryList value. + * + * @return The mandatoryList value. + */ + public List getMandatoryList() { + return this.mandatoryList; + } + + /** + * Setter for the mandatoryList value. + * + * @param mandatoryAttrList Mandatory parameters list. + */ + public void setMandatoryList(final List mandatoryAttrList) { + this.mandatoryList = mandatoryAttrList; + } + + /** + * Setter for some mandatoryAttribute. Adds the input parameter to the + * mandatoryList. + * + * @param mandatoryAttr Attribute to add to the mandatoryList. + */ + public void setMandatoryAttribute(final String mandatoryAttr) { + this.mandatoryList.add(mandatoryAttr); + } + + /** + * Getter for the optionalList value. + * + * @return The optionalList value. + */ + public List getOptionalList() { + return optionalList; + } + + /** + * Setter for the optionalList value. + * + * @param optAttrList Optional parameters list. + */ + public void setOptionalList(final List optAttrList) { + this.optionalList = optAttrList; + } + + /** + * Setter for some optionalAttr. Adds the input parameter to the optionalList. + * + * @param optionalAttr Attribute to add to the optionalList. + */ + public void setOptionalAttribute(final String optionalAttr) { + this.optionalList.add(optionalAttr); + } + + /** + * Returns a string in the following format. "Mandatory attributes: + * mandatoryAttr1;mandatoryAttr2;mandatoryAttrN Optional attributes: + * optionalAttr1;optionalAttr2;optionalAttrN" + * + * @return {@inheritDoc} + */ + public String toString() { + final StringBuilder strbldr = new StringBuilder(46); + strbldr.append("Mandatory attributes: "); + for (final String str : mandatoryList) { + strbldr.append(str).append(';'); + } + strbldr.append(" Optional attributes: "); + for (final String str : optionalList) { + strbldr.append(str).append(';'); + } + return strbldr.toString(); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java new file mode 100644 index 000000000..001f9317a --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Country.java @@ -0,0 +1,95 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +/** + * This class is a bean used to store the information relative to the Country. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.10 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class Country implements Serializable { + + /** + * + */ + private static final long serialVersionUID = 1135994036496370993L; + +/** + * Country Id. + */ + private String countryId; + + /** + * Country Name. + */ + private String countryName; + + /** + * Country Constructor. + * + * @param cId Id of the Country. + * @param cName Name of the Country. + */ + public Country(final String cId, final String cName) { + + this.countryId = cId; + this.countryName = cName; + } + + /** + * Getter for the countryId value. + * + * @return The countryId value. + */ + public String getCountryId() { + + return countryId; + } + + /** + * Setter for the countryId value. + * + * @param cId Id of the Country. + */ + public void setCountryId(final String cId) { + + this.countryId = cId; + } + + /** + * Getter for the countryName value. + * + * @return The countryName value. + */ + public String getCountryName() { + + return countryName; + } + + /** + * Setter for the countryName value. + * + * @param name Name of the Country. + */ + public void setCountryName(final String name) { + + this.countryName = name; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java new file mode 100644 index 000000000..54345f3ea --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/CountryCodes.java @@ -0,0 +1,79 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.Arrays; +import java.util.List; + +/** + * This class contains all the ISO 3166-1 Alpha 3 Country Codes. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.2 $, $Date: 2011-04-14 00:24:56 $ + */ +public final class CountryCodes { + + /** + * Private Constructor. + */ + private CountryCodes() { + + } + + /** + * ISO 3166-1 Alpha 3 Country Codes. + */ + private static List countrysAlpha3 = Arrays.asList("ABW", "AFG", + "AGO", "AIA", "ALA", "ALB", "AND", "ANT", "ARE", "ARG", "ARM", "ASM", + "ATA", "ATF", "ATG", "AUS", "AUT", "AZE", "BDI", "BEL", "BEN", "BES", + "BFA", "BGD", "BGR", "BHR", "BHS", "BIH", "BLM", "BLR", "BLZ", "BMU", + "BOL", "BRA", "BRB", "BRN", "BTN", "BUR", "BVT", "BWA", "BYS", "CAF", + "CAN", "CCK", "CHE", "CHL", "CHN", "CIV", "CMR", "COD", "COG", "COK", + "COL", "COM", "CPV", "CRI", "CSK", "CUB", "CUW", "CXR", "CYM", "CYP", + "CZE", "DEU", "DJI", "DMA", "DNK", "DOM", "DZA", "ECU", "EGY", "ERI", + "ESH", "ESP", "EST", "ETH", "FIN", "FJI", "FLK", "FRA", "FRO", "FSM", + "GAB", "GBR", "GEO", "GGY", "GHA", "GIB", "GIN", "GLP", "GMB", "GNB", + "GNQ", "GRC", "GRD", "GRL", "GTM", "GUF", "GUM", "GUY", "HKG", "HMD", + "HND", "HRV", "HTI", "HUN", "IDN", "IMN", "IND", "IOT", "IRL", "IRN", + "IRQ", "ISL", "ISR", "ITA", "JAM", "JEY", "JOR", "JPN", "KAZ", "KEN", + "KGZ", "KHM", "KIR", "KNA", "KOR", "KWT", "LAO", "LBN", "LBR", "LBY", + "LCA", "LIE", "LKA", "LSO", "LTU", "LUX", "LVA", "MAC", "MAF", "MAR", + "MCO", "MDA", "MDG", "MDV", "MEX", "MHL", "MKD", "MLI", "MLT", "MMR", + "MNE", "MNG", "MNP", "MOZ", "MRT", "MSR", "MTQ", "MUS", "MWI", "MYS", + "MYT", "NAM", "NCL", "NER", "NFK", "NGA", "NIC", "NIU", "NLD", "NOR", + "NPL", "NRU", "NZL", "OMN", "PAK", "PAN", "PCN", "PER", "PHL", "PLW", + "PNG", "POL", "PRI", "PRK", "PRT", "PRY", "PSE", "PYF", "QAT", "REU", + "ROM", "ROU", "RUS", "RWA", "SAU", "SCG", "SDN", "SEN", "SGP", "SGS", + "SHN", "SJM", "SLB", "SLE", "SLV", "SMR", "SOM", "SPM", "SRB", "STP", + "SUR", "SVK", "SVN", "SXW", "SWE", "SWZ", "SYC", "SYR", "TCA", "TCD", + "TGO", "THA", "TJK", "TKL", "TKM", "TLS", "TMP", "TON", "TTO", "TUN", + "TUR", "TUV", "TWN", "TZA", "UGA", "UKR", "UMI", "URY", "USA", "UZB", + "VAT", "VCT", "VEN", "VGB", "VIR", "VNM", "VUT", "WLF", "WSM", "YEM", + "YUG", "ZAF", "ZAR", "ZMB", "ZWE"); + + /** + * Searches the CountryCode (3166-1 alpha3 format) an return true if it + * exists. + * + * @param countryCode The Country code to search. + * + * @return true if the CountryCode exists, false otherwise. + */ + public static boolean hasCountryCodeAlpha3(final String countryCode) { + + return CountryCodes.countrysAlpha3.contains(countryCode); + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java new file mode 100644 index 000000000..9c0bd6775 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/DateUtil.java @@ -0,0 +1,169 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.sql.Timestamp; +import java.util.GregorianCalendar; + +import org.apache.log4j.Logger; +import org.joda.time.DateTime; +import org.joda.time.Years; +import org.joda.time.format.DateTimeFormat; +import org.joda.time.format.DateTimeFormatter; + +import eu.stork.peps.auth.commons.exceptions.SecurityPEPSException; + +/** + * This class holds static helper methods for Date Operations. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.4 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class DateUtil { + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(DateUtil.class.getName()); + + /** + * yyyy Date format size. + */ + private static final int YEAR_DATE_SIZE = 4; + + /** + * yyyyMM Date format size. + */ + private static final int MONTH_DATE_SIZE = 6; + + /** + * Private constructor. Prevents the class from being instantiated. + */ + private DateUtil() { + // empty constructor + } + + /** + * Fulfils dateValue with a valid date. The following roles are applied: a) If + * the dateValue only contains the year then fulfils with last year's day. + * e.g. this method returns 19951231 to the 1995 dateValue. b) If the + * dateValue contains the year and the month then fulfils with last month's + * day. e.g. this method returns 19950630 to the 199505 dateValue. + * + * @param dateValue The date to be fulfilled. + * + * @return The dateValue fulfilled. + */ + private static String fulfilDate(final String dateValue) { + + final StringBuffer strBuf = new StringBuffer(); + strBuf.append(dateValue); + // if the IdP just provides the year then we must fullfil the date. + if (dateValue.length() == YEAR_DATE_SIZE) { + strBuf.append(PEPSValues.LAST_MONTH.toString()); + } + // if the IdP provides the year and the month then we must fullfil the + // date. + if (dateValue.length() == MONTH_DATE_SIZE + || strBuf.length() == MONTH_DATE_SIZE) { + // IdP doesn't provide the day, so we will use DateTime to + // calculate it. + final String noDayCons = PEPSValues.NO_DAY_DATE_FORMAT.toString(); + final DateTimeFormatter fmt = DateTimeFormat.forPattern(noDayCons); + final DateTime dateTime = fmt.parseDateTime(strBuf.toString()); + // Append the last month's day. + strBuf.append(dateTime.dayOfMonth().withMaximumValue().getDayOfMonth()); + } + + return strBuf.toString(); + } + + /** + * Validates the dateValue format: a) if has a valid size; b) if has a numeric + * value; Note: dateValue must have the format yyyyMMdd. + * + * @param dateValueTmp The date to be validated. + * @param pattern The accepted date format. + * + * @return true if the date has a valid format. + */ + public static boolean isValidFormatDate(final String dateValueTmp, + final String pattern) { + + boolean retVal = true; + try { + final String dateValue = DateUtil.fulfilDate(dateValueTmp); + + final DateTimeFormatter fmt = DateTimeFormat.forPattern(pattern); + fmt.parseDateTime(dateValue); + } catch (final Exception e) { + // We catch Exception because we only have to return false + // value! + retVal = false; + } + return retVal; + } + + /** + * Calculates the age for a given date string. + * + * @param dateVal The date to be validated. + * @param now The current date. + * @param pattern The date pattern. + * + * @return The age value. + */ + public static int calculateAge(final String dateVal, final DateTime now, + final String pattern) { + + if (DateUtil.isValidFormatDate(dateVal, pattern)) { + try { + final String dateValueTemp = DateUtil.fulfilDate(dateVal); + final DateTimeFormatter fmt = DateTimeFormat.forPattern(pattern); + final DateTime dateTime = fmt.parseDateTime(dateValueTemp); + // Calculating age + final Years age = Years.yearsBetween(dateTime, now); + + return age.getYears(); + } catch (final IllegalArgumentException e) { + LOG.warn("Invalid date format (" + pattern + + ") or an invalid dateValue."); + throw new SecurityPEPSException( + PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorCode()), + PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorMessage()), + e); + } + } else { + LOG.warn("Couldn't calculate Age, invalid date!"); + throw new SecurityPEPSException( + PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorCode()), + PEPSUtil.getConfig(PEPSErrors.INVALID_ATTRIBUTE_VALUE.errorMessage())); + } + + } + + /** + * Generates the current timestamp. + * + * @return timestamp The current timestamp + */ + public static Timestamp currentTimeStamp() { + final GregorianCalendar cal = new GregorianCalendar(); + final long millis = cal.getTimeInMillis(); + return new Timestamp(millis); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java new file mode 100644 index 000000000..b13c70f04 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeListProcessor.java @@ -0,0 +1,148 @@ +package eu.stork.peps.auth.commons; + +import java.util.List; +import java.util.Map; + +/** + * Interface for {@link AttributeListProcessor}. + * + * @author ricardo.ferreira@multicert.com + * + * @version $Revision: $, $Date: $ + * + * @see IPersonalAttributeList + */ +public interface IAttributeListProcessor { + + /** + * Checks if attribute list only contains allowed attributes. + * + * @param attrList the requested attribute list + * @param attributes the allowed attributes + * + * @return true is all the attributes are allowed. + * + * @see IPersonalAttributeList + */ + boolean hasAllowedAttributes(final IPersonalAttributeList attrList, final List attributes); + + /** + * Lookup for business attribute. + * + * @param attrList the requested attribute list + * @param normalAttributes the normal attributes + * + * @return true is at least one business attribute was requested. + * + * @see IPersonalAttributeList + */ + boolean hasBusinessAttributes(final IPersonalAttributeList attrList, final List normalAttributes); + + /** + * Lookup for business attribute in normal attribute list (loaded by + * implementation). + * + * @param attrList the requested attribute list + * + * @return true is at least one business attribute was requested. + * + * @see IPersonalAttributeList + */ + boolean hasBusinessAttributes(final IPersonalAttributeList attrList); + + /** + * Adds eIdentifier, name, surname, and DateOfBirth attributes to get business + * attributes from some AP. + * + * @param attrList the requested attribute list + * @param attributes the list of attributes to add (eIdentifier, name, + * surname, and DateOfBirth). + * + * @return the requested attribute list and the new attributes added + * (eIdentifier, name, surname, and DateOfBirth). + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList addAPMandatoryAttributes(final IPersonalAttributeList attrList, final List attributes); + + /** + * Adds eIdentifier, name, surname, and DateOfBirth attributes, loaded by + * implementation, to get business attributes from some AP. + * + * @param attrList the requested attribute list + * + * @return the requested attribute list and the new attributes added + * (eIdentifier, name, surname, and DateOfBirth). + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList addAPMandatoryAttributes(final IPersonalAttributeList attrList); + + /** + * Removes from attribute list the given list of attributes. + * + * @param attrList the requested attribute list + * @param attributes the list of attributes to remove. + * + * @return the requested attribute list and the attributes removed. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList removeAPMandatoryAttributes(final IPersonalAttributeList attrList, final List attributes); + + /** + * Removes from attribute list the given list of attributes and change + * attributes status if attribute was optional in the request. + * + * @param attrList the requested attribute list + * @param attributes the map of attributes (attribute name, mandatory/optional) to remove. + * + * @return the requested attribute list and the attributes removed + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList removeAPMandatoryAttributes(IPersonalAttributeList attrList, Map attributes); + + /** + * Checks if mandate attribute exist in the requested Attribute List. Power + * attribute name to lookup is loaded by implementation. + * + * @param attrList the requested attribute list. + * + * @return true if mandate attribute exists or false otherwise. + * + * @see IPersonalAttributeList + */ + boolean hasPowerAttribute(final IPersonalAttributeList attrList); + + /** + * Checks if attribute name was requested and has value. + * + * @param attrList the requested attribute list. + * @param attrName the attribute name to lookup for . + * + * @return true if attribute was requested and has value or false otherwise. + * + * @see IPersonalAttributeList + */ + boolean hasAttributeValue(final IPersonalAttributeList attrList, final String attrName); + + /** + * Checks if attribute has value. + * + * @param attr the attribute to check. + * + * @return true if has value; + * + * @see PersonalAttribute + */ + boolean hasAttributeValue(final PersonalAttribute attr); + + /** + * Gets a map (attribute name, attribute isRequired) of attributes added to attribute list. + * + * @return the Map of attributes added and if is required to attribute list. + */ + Map getNormalAttributesAdded(); + +} \ No newline at end of file diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java new file mode 100644 index 000000000..733399ca3 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IAttributeProvidersMap.java @@ -0,0 +1,82 @@ +package eu.stork.peps.auth.commons; + +import java.util.Iterator; + +/** + * Interface for Attributes Providers map. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.00 $, $Date: 2013-09-20 $ + */ +public interface IAttributeProvidersMap { + + /** + * Returns the object associated the the given key. + * + * @param key with which the specified value is to be associated. + * + * @return The object associated the the given key. + */ + IPersonalAttributeList get(AttributeSource key); + + /** + * Associates a key to a value, and inserts them in the session object. + * + * @param key with which the specified value is to be associated. + * @param value to be associated with the specified key. + * + * @return previous value associated with specified key, or null if there was + * no mapping for key. A null return can also indicate that the map + * previously associated null with the specified key. + */ + Object put(AttributeSource key, IPersonalAttributeList value); + + /** + * Removes the mapping for this key. + * + * @param key with which the specified value is to be associated. + * + * @return previous value associated with specified key, or null if there was + * no mapping for key. A null return can also indicate that the map + * previously associated null with the specified key. + */ + IPersonalAttributeList remove(AttributeSource key); + + /** + * Returns the number of key-value mappings in this map. + * + * @return the number of key-value mappings in this map. + */ + int size(); + + /** + * Returns true if this map contains a mapping for the specified key. + * + * @param key with which the specified value is to be associated. + * + * @return true if this map contains a mapping for the specified key. + */ + boolean containsKey(AttributeSource key); + + /** + * Removes all mappings from this map. + */ + void clear(); + + /** + * Returns true if this map contains no key-value mappings. + * + * @return true if this map contains no key-value mappings. + */ + boolean isEmpty(); + + /** + * Returns an Iterator of the keys contained in this map. The implementation must + * take care in order for the Iterator to have predictable order of the returned + * keys. + * + * @return an iterator of the keys contained in this map + */ + Iterator keyIterator(); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java new file mode 100644 index 000000000..b24c915c0 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IPersonalAttributeList.java @@ -0,0 +1,194 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.Collection; +import java.util.Iterator; +import java.util.Set; + +/** + * Interface for {@link PersonalAttributeList}. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.16 $, $Date: 2010-11-17 05:15:28 $ + * + * @see PersonalAttribute + */ +@SuppressWarnings("PMD.CloneMethodMustImplementCloneable") +public interface IPersonalAttributeList extends Iterable, + Cloneable { + + /** + * Associates the specified value with the specified key in this Personal + * Attribute List. + * + * @param key with which the specified value is to be associated. + * @param value to be associated with the specified key. + * + * @return the previous value associated with key, or null if there was no + * mapping for key. + * + * @see PersonalAttribute + */ + PersonalAttribute put(String key, PersonalAttribute value); + + /** + * Returns the value to which the specified key is mapped, or null if this map + * contains no mapping for the key. + * + * @param key whose associated value is to be returned. + * + * @return The value to which the specified key is mapped, or null if this map + * contains no mapping for the key. + * + * @see PersonalAttribute + */ + PersonalAttribute get(Object key); + + /** + * Adds to the PersonalAttributeList the given PersonalAttribute. It sets the + * attribute name as the key to the attribute value. + * + * @param value PersonalAttribute to add to the PersonalAttributeList + */ + void add(PersonalAttribute value); + + /** + * Get the size of the Personal Attribute List. + * + * @return size of the Personal Attribute List. + */ + int size(); + + /** + * Checks if the Personal Attribute List contains the given key. + * + * @param key with which the specified value is to be associated. + * + * @return true if the Personal Attribute List contains the given key, false + * otherwise. + */ + boolean containsKey(Object key); + + /** + * Getter for the iterator of the Personal Attribute List values. + * + * @return The iterator for the Personal Attribute List values. + * + * @see PersonalAttribute + */ + Iterator iterator(); + + /** + * Creates a Personal Attribute List from a String representing an Attribute + * List. + * + * @param attrList String Object representing the attribute list. + */ + void populate(String attrList); + + /** + * Removes the mapping for this key from this map if present. + * + * @param key key whose mapping is to be removed from the map. + * @return previous value associated with specified key, or null if + * there was no mapping for key. A null return can also + * indicate that the map previously associated null with the + * specified key. + */ + PersonalAttribute remove(Object key); + + /** + * Returns a collection view of the values contained in this map. The + * collection is backed by the map, so changes to the map are reflected in the + * collection, and vice-versa. The collection supports element removal, which + * removes the corresponding mapping from this map, via the + * Iterator.remove, Collection.remove, removeAll, + * retainAll, and clear operations. It does not support the + * add or addAll operations. + * + * @return a collection view of the values contained in this map. + */ + Collection values(); + + /** + * Returns a {@link Set} view of the keys contained in this map. + * The set is backed by the map, so changes to the map are + * reflected in the set, and vice-versa. If the map is modified + * while an iteration over the set is in progress (except through + * the iterator's own remove operation), the results of + * the iteration are undefined. The set supports element removal, + * which removes the corresponding mapping from the map, via the + * Iterator.remove, Set.remove, + * removeAll, retainAll, and clear + * operations. It does not support the add or addAll + * operations. + * + * @return a set view of the keys contained in this map + */ + Set keySet(); + + + /** + * Returns a IPersonalAttributeList of the complex attributes. + * + * @return an IPersonalAttributeList of the complex attributes. + */ + IPersonalAttributeList getComplexAttributes(); + + /** + * Returns a IPersonalAttributeList of the simple value attributes. + * + * @return an IPersonalAttributeList of the simple value attributes. + */ + IPersonalAttributeList getSimpleValueAttributes(); + + /** + * Returns a IPersonalAttributeList of the mandatory attributes in this map. + * + * @return an IPersonalAttributeList of the mandatory attributes contained in this map. + */ + IPersonalAttributeList getMandatoryAttributes(); + + /** + * Returns a IPersonalAttributeList of the optional attributes in this map. + * + * @return an IPersonalAttributeList of the optional attributes contained in this map. + */ + IPersonalAttributeList getOptionalAttributes(); + + /** + * Returns true if this map contains no key-value mappings. + * + * @return true if this map contains no key-value mappings. + */ + boolean isEmpty(); + + /** + * Returns true if this map contains at least one element that doesn't have value. + * + * @return true if this map contains at least one element that doesn't have value. + */ + boolean hasMissingValues(); + + /** + * Returns a copy of this IPersonalAttributeList instance. + * + * @return The copy of this IPersonalAttributeList. + */ + Object clone() throws CloneNotSupportedException; + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java new file mode 100644 index 000000000..33eb618f0 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkLogger.java @@ -0,0 +1,239 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * Interface for stork logging. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.10 $, $Date: 2011-02-17 22:44:34 $ + */ +public interface IStorkLogger { + + /** + * Getter for SpApplication. + * + * @return The SpApplication value. + */ + String getSpApplication(); + + /** + * Setter for SpApplication. + * + * @param spApplication The SP Application. + */ + void setSpApplication(String spApplication); + + /** + * Getter for ProviderName. + * + * @return The ProviderName value. + */ + String getProviderName(); + + /** + * Setter for ProviderName. + * + * @param providerName The provider name. + */ + void setProviderName(String providerName); + + /** + * + * Getter for Origin. + * + * @return The Origin value. + * + */ + String getOrigin(); + + /** + * Setter for Origin. + * + * @param origin The origin. + */ + void setOrigin(String origin); + + /** + * + * Getter for QAA Level. + * + * @return The QAA Level value. + * + */ + int getQaaLevel(); + + /** + * Setter for QAA Level. + * + * @param qaaLevel The qaa level. + */ + void setQaaLevel(int qaaLevel); + + /** + * + * Getter for timestamp. + * + * @return The timestamp value. + * + */ + String getTimestamp(); + + /** + * Setter for timestamp. + * + * @param timestamp The request's timestamp. + */ + void setTimestamp(String timestamp); + + /** + * Getter for InResponseTo. + * + * @return The InResponseTo value. + */ + String getInResponseTo(); + + /** + * Setter for InResponseTo. + * + * @param inResponseTo The Saml's response id. + */ + void setInResponseTo(String inResponseTo); + + /** + * Getter for InResponseToSPReq. + * + * @return The InResponseToSPReq value. + */ + String getInResponseToSPReq(); + + /** + * Setter for InResponseToSPRequ. + * + * @param inResponseToSPReq The Saml's response id. + */ + void setInResponseToSPReq(String inResponseToSPReq); + + /** + * Getter for opType. + * + * @return The opType value. + */ + String getOpType(); + + /** + * Setter for opType. + * + * @param opType The operation type. + */ + void setOpType(String opType); + + /** + * Getter for destination. + * + * @return The destination value. + */ + String getDestination(); + + /** + * Setter for destinationIp. + * + * @param destination The remote IP. + */ + void setDestination(String destination); + + /** + * Getter for message or assertion consumer. + * + * @return The message or assertion consumer. + */ + String getMessage(); + + /** + * Setter for message or assertion consumer. + * + * @param message or assertion consumer. + */ + void setMessage(String message); + + /** + * Getter for country. + * + * @return The country value. + */ + String getCountry(); + + /** + * Setter for country. + * + * @param country The country. + */ + void setCountry(String country); + + /** + * Getter for samlHash. + * + * @return The samlHash value. + */ + byte[] getSamlHash(); + + /** + * Setter for samlHash. + * + * @param samlHash the encrypted SAML token + */ + void setSamlHash(byte[] samlHash); + + /** + * Getter for msgId. + * + * @return the msgId + */ + String getMsgId(); + + /** + * Setter for msgId. + * + * @param msgId the ID of the originator of this message + */ + void setMsgId(String msgId); + + /** + * Getter for sPMsgId. + * + * @return the sPMsgId + */ + String getSPMsgId(); + + /** + * Setter for sPMsgId. + * + * @param sPMsgId the ID of the originator of this message + */ + void setSPMsgId(String sPMsgId); + + /** + * The format of the returned String must be the following: + * "requestCounter#ddMMMyyyykk:mm:ss#opType#originIp#originName + * #destinationIp#destinationName#samlHash#[originatorName#msgId#]" + * + * The values enclosed in '[]' only apply when logging responses. + * + * @return {@inheritDoc} + */ + @Override + String toString(); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java new file mode 100644 index 000000000..f38b41838 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/IStorkSession.java @@ -0,0 +1,85 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * Interface for stork session. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.9 $, $Date: 2010-11-17 05:15:28 $ + */ +public interface IStorkSession { + + /** + * Returns the object associated the the given key. + * + * @param key with which the specified value is to be associated. + * + * @return The object associated the the given key. + */ + Object get(Object key); + + /** + * Associates a key to a value, and inserts them in the session object. + * + * @param key with which the specified value is to be associated. + * @param value to be associated with the specified key. + * + * @return previous value associated with specified key, or null if there was + * no mapping for key. A null return can also indicate that the map + * previously associated null with the specified key. + */ + Object put(String key, Object value); + + /** + * Removes the mapping for this key. + * + * @param key with which the specified value is to be associated. + * + * @return previous value associated with specified key, or null if there was + * no mapping for key. A null return can also indicate that the map + * previously associated null with the specified key. + */ + Object remove(Object key); + + /** + * Returns the number of key-value mappings in this map. + * + * @return the number of key-value mappings in this map. + */ + int size(); + + /** + * Returns true if this map contains a mapping for the specified key. + * + * @param key with which the specified value is to be associated. + * + * @return true if this map contains a mapping for the specified key. + */ + boolean containsKey(Object key); + + /** + * Removes all mappings from this map. + */ + void clear(); + + /** + * Returns true if this map contains no key-value mappings. + * + * @return true if this map contains no key-value mappings. + */ + boolean isEmpty(); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java new file mode 100644 index 000000000..6e7c891da --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/Linker.java @@ -0,0 +1,316 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.LinkedHashMap; +import java.util.List; + +import org.apache.log4j.Logger; + +/** + * This class is a bean used to store the information of Attribute Providers, the Attribute + * List to be requested, the Assertions returned by the Attribute Providers and the values + * that each Attribute has. This information along with the current status of the Linker (the + * attribute providers that were queried and the remaining providers) is used by the PEPS + * actions in order to complete the Attribute gathering. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: 1.50 $, $Date: 2013-11-28 $ + */ +public final class Linker implements Serializable { + /** + * Unique identifier. + */ + private static final long serialVersionUID = -3268006381745987237L; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(Linker.class.getName()); + + /** + * Attributes Providers map. + */ + private IAttributeProvidersMap attributeProvidersMap; + + /** + * Assertion map. + */ + private LinkedHashMap assertions; + + /** + * The current index of local (domestic) Attribute Providers. + */ + private int localIndex; + + /** + * The current index of remote (foreign) Attribute Providers - countries. + */ + private int remoteIndex; + + /** + * Constructs an empty Linker object. + */ + public Linker() { + localIndex = 0; + remoteIndex = 0; + + assertions = new LinkedHashMap(); + } + + /** + * Based on the internal state of the Linker it returns the next local Attribute Source + * + * @return The next Attribute Source or null if not found + * + * @see AttributeSource + */ + public AttributeSource getNextLocalProvider() { + Iterator iterator; + AttributeSource source, found; + int curIndex = 0; + + found = null; + + if ( attributeProvidersMap!=null && !attributeProvidersMap.isEmpty() ) { + iterator = attributeProvidersMap.keyIterator(); + while (iterator.hasNext()) { + source = iterator.next(); + + if ( source.getSourceType()==AttributeSource.SOURCE_LOCAL_APROVIDER ) { + if ( curIndex>=localIndex ) { + found = source; + + break; + } + + curIndex++; + } + } + } + + return found; + } + + /** + * Based on the internal state of the Linker it returns the next remote Attribute Source + * + * @return The next Attribute Source or null if not found + * + * @see AttributeSource + */ + public AttributeSource getNextRemoteProvider() { + Iterator iterator; + AttributeSource source, found; + int curIndex = 0; + + found = null; + + if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) { + iterator = attributeProvidersMap.keyIterator(); + while (iterator.hasNext()) { + source = iterator.next(); + + if ( source.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY ) { + if ( curIndex>=remoteIndex ) { + found = source; + + break; + } + + curIndex++; + } + } + } + + return found; + } + + /** + * It updates the Linker with the values returned by the Attribute Source. It also advances + * to the next index in order to mark this attribute source as completed. + * + * @param source The Attribute Source that was queried for attribute values. + * @param attrResponse The attrResponse returned by the Attribute Source that contains the attribute values. + * + * @see AttributeSource, STORKAttrQueryResponse + */ + public void setProviderReponse(AttributeSource source, STORKAttrQueryResponse attrResponse) { + if ( source.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY ) + remoteIndex++; + else + localIndex++; + + //Assertion storage + this.assertions.put(source, attrResponse); + + this.attributeProvidersMap.put(source, attrResponse.getPersonalAttributeList()); + //this.attributeProvidersMap.put(source, attrResponse.getTotalPersonalAttributeList()); + } + + /** + * Reset the internal state of the local Attribute Source in order to start over. + */ + public void resetLocalIndex() { + localIndex = 0; + } + + /** + * Reset the internal state of the remote Attribute Source in order to start over. + */ + public void resetRemoteIndex() { + remoteIndex = 0; + } + + /** + * Setter for attributeProvidersMap. + * + * @param attributeProvidersMap The attributeProvidersMap to set. + */ + public void setAttributeProvidersMap(IAttributeProvidersMap attributeProvidersMap) { + this.attributeProvidersMap = attributeProvidersMap; + } + + /** + * Getter for attributeProvidersMap. + * + * @return attributeProvidersMap + */ + public IAttributeProvidersMap getAttributeProvidersMap() { + return attributeProvidersMap; + } + + /** + * Returns the Personal Attribute list of the provided Attribute Source. + * + * @param source The attributeSource in reference + * + * @return The IPersonalAttributeList assosiated with this source or null if empty + * + * @see IPersonalAttributeList + */ + public IPersonalAttributeList getProviderAttributes(AttributeSource source) { + if ( attributeProvidersMap.containsKey(source) ) + return attributeProvidersMap.get(source); + else + return null; + } + + /** + * Returns the merged Personal Attribute list from all the Attribute Sources. + * + * @return The IPersonalAttributeList merged Personal Attribute list or null if empty + * + * @see IPersonalAttributeList + */ + public IPersonalAttributeList getAllAttributes() { + Iterator iterator; + AttributeSource source; + IPersonalAttributeList list, merged; + + merged = null; + + if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) { + iterator = attributeProvidersMap.keyIterator(); + + merged = new PersonalAttributeList(); + while (iterator.hasNext()) { + source = iterator.next(); + list = this.getProviderAttributes(source); + + for (final PersonalAttribute pa : list) { + merged.add(pa); + } + } + } + + return merged; + } + + /** + * Returns a List with all the assertions gathered by the AAS-PEPS module + * returned both by local APs or remote A-PEPS. + * + * @return The assertions returned from the APs and A-PEPS + */ + public List getAttrQueryResponseList() { + List originalAssertions; + + originalAssertions = new ArrayList(); + + //Gather all assertions + for (STORKAttrQueryResponse element : this.assertions.values()) { + originalAssertions.add(element); + } + + return originalAssertions; + } + + /** + * Checks the internal state of the Linker and if all Attribute Sources where visited + * returns true, otherwise it returns false. So if you go directly from AtPLinkerAction + * to MoreAttributesAction the call will have, since the method setProviderReponse + * was not executed from every Attribute Source. + * + * @return true if everything is OK, false otherwise + */ + public boolean isComplete() { + boolean outcome = false; + + LOG.debug("Check if linkder is complete: R[" + remoteIndex + "], L[" + localIndex + "], S[" + attributeProvidersMap.size() + "]"); + if ( attributeProvidersMap !=null && !attributeProvidersMap.isEmpty() ) { + if ( (remoteIndex + localIndex)==attributeProvidersMap.size() ) + outcome = true; + } + else { + outcome = true; + } + + return outcome; + } + + /** + * Merge the two Linker objects. + * + * @param previous The other Linker object to merge with this one. + */ + public void mergeWith(Linker previous) { + //BEFORE + if ( LOG.isDebugEnabled() ) { + LOG.debug("The attributeProvidersMap from the current object."); + ((AttributeProvidersMap)this.attributeProvidersMap).trace(); + LOG.debug("The attributeProvidersMap from the provided object."); + ((AttributeProvidersMap)previous.getAttributeProvidersMap()).trace(); + } + + IAttributeProvidersMap map = previous.getAttributeProvidersMap(); + Iterator items = map.keyIterator(); + while( items.hasNext() ) { + AttributeSource item = items.next(); + IPersonalAttributeList pal = map.get(item); + + if ( this.attributeProvidersMap.containsKey(item) ) { + IPersonalAttributeList new_pal = this.attributeProvidersMap.get(item); + + for(PersonalAttribute pa : pal) + new_pal.add(pa); + } + else { + if ( item.getSourceType()==AttributeSource.SOURCE_REMOTE_COUNTRY ) + remoteIndex++; + else + localIndex++; + + this.attributeProvidersMap.put(item, pal); + } + } + + //AFTER + if ( LOG.isDebugEnabled() ) { + LOG.debug("The attributeProvidersMap after the merge."); + ((AttributeProvidersMap)this.attributeProvidersMap).trace(); + } + } +} \ No newline at end of file diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java new file mode 100644 index 000000000..5da9ba494 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSErrors.java @@ -0,0 +1,392 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains all the STORK PEPS, Commons and Specific errors + * constant identifiers. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.10 $, $Date: 2011-02-17 22:44:34 $ + */ +public enum PEPSErrors { + + /** + * Represents the 'authenticationFailed' constant error identifier. + */ + AUTHENTICATION_FAILED_ERROR("authenticationFailed"), + /** + * Represents the 'spCountrySelector.errorCreatingSAML' constant error + * identifier. + */ + SP_COUNTRY_SELECTOR_ERROR_CREATE_SAML("spCountrySelector.errorCreatingSAML"), + /** + * Represents the 'spCountrySelector.destNull' constant error identifier. + */ + SP_COUNTRY_SELECTOR_DESTNULL("spCountrySelector.destNull"), + /** + * Represents the 'spCountrySelector.invalidAttr' constant error identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_ATTR("spCountrySelector.invalidAttr"), + /** + * Represents the 'spCountrySelector.invalidProviderName' constant error + * identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_PROVIDER_NAME( + "spCountrySelector.invalidProviderName"), + /** + * Represents the 'spCountrySelector.invalidQaaSPid' constant error + * identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_QAASPID("spCountrySelector.invalidQaaSPid"), + /** + * Represents the 'spCountrySelector.invalidSpId' constant error identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_SPID("spCountrySelector.invalidSpId"), + /** + * Represents the 'spCountrySelector.invalidSPQAA' constant error identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_SPQAA("spCountrySelector.invalidSPQAA"), + /** + * Represents the 'spCountrySelector.invalidSpURL' constant error identifier. + */ + SP_COUNTRY_SELECTOR_INVALID_SPURL("spCountrySelector.invalidSpURL"), + /** + * Represents the 'spCountrySelector.spNotAllowed' constant error identifier. + */ + SP_COUNTRY_SELECTOR_SPNOTALLOWED("spCountrySelector.spNotAllowed"), + + /** + * Represents the 'sProviderAction.errorCreatingSAML' constant error + * identifier. + */ + SPROVIDER_SELECTOR_ERROR_CREATE_SAML("sProviderAction.errorCreatingSAML"), + /** + * Represents the 'sProviderAction.attr' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_ATTR("sProviderAction.invalidAttr"), + /** + * Represents the 'sProviderAction.country' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_COUNTRY("sProviderAction.invalidCountry"), + /** + * Represents the 'sProviderAction.relayState' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_RELAY_STATE("sProviderAction.invalidRelayState"), + /** + * Represents the 'sProviderAction.saml' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SAML("sProviderAction.invalidSaml"), + /** + * Represents the 'sProviderAction.spAlias' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPALIAS("sProviderAction.invalidSPAlias"), + /** + * Represents the 'sProviderAction.spDomain' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPDOMAIN("sProviderAction.invalidSPDomain"), + /** + * Represents the 'sProviderAction.spId' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPID("sProviderAction.invalidSPId"), + /** + * Represents the 'sProviderAction.spQAA' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPQAA("sProviderAction.invalidSPQAA"), + /** + * Represents the 'sProviderAction.spQAAId' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPQAAID("sProviderAction.invalidSPQAAId"), + /** + * Represents the 'sProviderAction.spRedirect' constant error identifier. + */ + SPROVIDER_SELECTOR_INVALID_SPREDIRECT("sProviderAction.invalidSPRedirect"), + /** + * Represents the 'sPPowerValidationAction.invalidSPPVAttrList' constant error identifier. + */ + SPPOWERVALIDATION_SELECTOR_INVALID_SP_PV_ATTR_LIST("sPPowerValidationAction.invalidSPPVAttrList"), + + /** + * Represents the 'sProviderAction.invalidSPProviderName' constant error + * identifier. + */ + SPROVIDER_SELECTOR_INVALID_SP_PROVIDERNAME( + "sProviderAction.invalidSPProviderName"), + /** + * Represents the 'sProviderAction.spNotAllowed' constant error identifier. + */ + SPROVIDER_SELECTOR_SPNOTALLOWED("sProviderAction.spNotAllowed"), + + + /** + * Represents the 'internalError' constant error identifier. + */ + INTERNAL_ERROR("internalError"), + + /** + * Represents the 'colleagueRequest.attrNull' constant error identifier. + */ + COLLEAGUE_REQ_ATTR_NULL("colleagueRequest.attrNull"), + /** + * Represents the 'colleagueRequest.errorCreatingSAML' constant error + * identifier. + */ + COLLEAGUE_REQ_ERROR_CREATE_SAML("colleagueRequest.errorCreatingSAML"), + /** + * Represents the 'colleagueRequest.invalidCountryCode' constant error + * identifier. + */ + COLLEAGUE_REQ_INVALID_COUNTRYCODE("colleagueRequest.invalidCountryCode"), + /** + * Represents the 'colleagueRequest.invalidDestUrl' constant error identifier. + */ + COLLEAGUE_REQ_INVALID_DEST_URL("colleagueRequest.invalidDestUrl"), + /** + * Represents the 'colleagueRequest.invalidQaa' constant error identifier. + */ + COLLEAGUE_REQ_INVALID_QAA("colleagueRequest.invalidQaa"), + /** + * Represents the 'colleagueRequest.invalidRedirect' constant error + * identifier. + */ + COLLEAGUE_REQ_INVALID_REDIRECT("colleagueRequest.invalidRedirect"), + /** + * Represents the 'colleagueRequest.invalidSAML' constant error identifier. + */ + COLLEAGUE_REQ_INVALID_SAML("colleagueRequest.invalidSAML"), + + /** + * Represents the 'colleaguePVRequest.invalidPVAttrList' constant error identifier. + */ + COLLEAGUE_PV_REQ_INVALID_PV_ATTR_LIST("colleaguePVRequest.invalidPVAttrList"), + + + /** + * Represents the 'cpepsRedirectUrl' constant error identifier. + */ + CPEPS_REDIRECT_URL("cpepsRedirectUrl"), + /** + * Represents the 'spepsRedirectUrl' constant error identifier. + */ + SPEPS_REDIRECT_URL("spepsRedirectUrl"), + /** + * Represents the 'sProviderAction.invCountry' constant error identifier. + */ + SP_ACTION_INV_COUNTRY("sProviderAction.invCountry"), + + /** + * Represents the 'providernameAlias.invalid' constant error identifier. + */ + PROVIDER_ALIAS_INVALID("providernameAlias.invalid"), + + + /** + * Represents the 'cPeps.attrNull' constant error identifier. + */ + CPEPS_ATTR_NULL("cPeps.attrNull"), + + /** + * Represents the 'colleagueResponse.invalidSAML' constant error identifier. + */ + COLLEAGUE_RESP_INVALID_SAML("colleagueResponse.invalidSAML"), + + /** + * Represents the 'citizenNoConsent.mandatory' constant error identifier. + */ + CITIZEN_NO_CONSENT_MANDATORY("citizenNoConsent.mandatory"), + /** + * Represents the 'citizenResponse.mandatory' constant error identifier. + */ + CITIZEN_RESPONSE_MANDATORY("citizenResponse.mandatory"), + /** + * Represents the 'attVerification.mandatory' constant error identifier. + */ + ATT_VERIFICATION_MANDATORY("attVerification.mandatory"), + /** + * Represents the 'attrValue.verification' constant error identifier. + */ + ATTR_VALUE_VERIFICATION("attrValue.verification"), + + /** + * Represents the 'audienceRestrictionError' constant error identifier. + */ + AUDIENCE_RESTRICTION("audienceRestrictionError"), + /** + * Represents the 'auRequestIdError' constant error identifier. + */ + AU_REQUEST_ID("auRequestIdError"), + /** + * Represents the 'domain' constant error identifier. + */ + DOMAIN("domain"), + /** + * Represents the 'hash.error' constant error identifier. + */ + HASH_ERROR("hash.error"), + /** + * Represents the 'invalidAttributeList' constant error identifier. + */ + INVALID_ATTRIBUTE_LIST("invalidAttributeList"), + /** + * Represents the 'invalidAttributeValue' constant error identifier. + */ + INVALID_ATTRIBUTE_VALUE("invalidAttributeValue"), + /** + * Represents the 'qaaLevel' constant error identifier. + */ + QAALEVEL("qaaLevel"), + /** + * Represents the 'requests' constant error identifier. + */ + REQUESTS("requests"), + /** + * Represents the 'SPSAMLRequest' constant error identifier. + */ + SP_SAML_REQUEST("SPSAMLRequest"), + /** + * Represents the 'spepsSAMLRequest' constant error identifier. + */ + SPEPS_SAML_REQUEST("spepsSAMLRequest"), + /** + * Represents the 'IdPSAMLResponse' constant error identifier. + */ + IDP_SAML_RESPONSE("IdPSAMLResponse"), + /** + * Represents the 'cpepsSAMLResponse' constant error identifier. + */ + CPEPS_SAML_RESPONSE("cpepsSAMLResponse"), + /** + * Represents the 'cpepsSAMLResponse' constant error identifier. + */ + SPEPS_SAML_RESPONSE("spepsSAMLResponse"), + /** + * Represents the 'session' constant error identifier. + */ + SESSION("session"), + /** + * Represents the 'invalid.session' constant error identifier. + */ + INVALID_SESSION("invalid.session"), + /** + * Represents the 'invalid.sessionId' constant error identifier. + */ + INVALID_SESSION_ID("invalid.sessionId"), + /** + * Represents the 'missing.sessionId' constant error identifier. + */ + MISSING_SESSION_ID("sessionError"), + /** + * Represents the 'missing.mandate' constant error identifier. + */ + MISSING_MANDATE("missing.mandate"), + /** + * Represents the 'AtPSAMLResponse' constant error identifier. + */ + ATP_SAML_RESPONSE("AtPSAMLResponse"), + + /** + * Represents the 'AtPSAMLResponse' constant error identifier. + */ + ATP_RESPONSE_ERROR("atp.response.error"), + + /** + * Represents the 'apepsSAMLRequest' constant error identifier. + */ + APEPS_SAML_REQUEST("apepsSAMLRequest"), + + /** + * Represents the 'apepsSAMLResponse' constant error identifier. + */ + APEPS_SAML_RESPONSE("apepsSAMLResponse"), + + /** + * Represents the 'invalid.apepsRedirectUrl' constant error identifier. + */ + INVALID_APEPS_REDIRECT_URL("invalid.apepsRedirectUrl"), + + /** + * Represents the 'invalid.apepsCallbackUrl' constant error identifier. + */ + INVALID_APEPS_CALLBACK_URL("invalid.apepsCallbackUrl"), + + /** + * Represents the 'colleagueAttributeRequest.invalidSAML' constant error identifier. + */ + COLLEAGUE_ATTR_REQ_INVALID_SAML("colleagueAttributeRequest.invalidSAML"); + + /** + * Represents the constant's value. + */ + private String error; + + /** + * Solo Constructor. + * + * @param nError The Constant error value. + */ + PEPSErrors(final String nError) { + this.error = nError; + } + + /** + * Construct the errorCode Constant value. + * + * @return The errorCode Constant. + */ + public String errorCode() { + return error + ".code"; + } + + /** + * Construct the errorCode Constant value with the given code text. + * + * @param text the code text to append to the constant. + * + * @return The errorCode Constant for the given code text. + */ + public String errorCode(final String text) { + return error + "." + text + ".code"; + } + + /** + * Construct the errorMessage constant value. + * + * @return The errorMessage constant. + */ + public String errorMessage() { + return error + ".message"; + } + + /** + * Construct the errorMessage Constant value with the given message text. + * + * @param text the message text to append to the constant. + * + * @return The errorMessage Constant for the given text. + */ + public String errorMessage(final String text) { + return error + "." + text + ".message"; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public String toString() { + return error; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java new file mode 100644 index 000000000..146e4c39d --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSParameters.java @@ -0,0 +1,619 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains all the STORK PEPS, Commons and Specific Parameters. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.13 $, $Date: 2011-07-07 20:48:45 $ + */ +public enum PEPSParameters { + + /** + * Represents the 'apId' parameter constant. + */ + AP_ID("apId"), + /** + * Represents the 'apUrl' parameter constant. + */ + AP_URL("apUrl"), + /** + * Represents the 'ap.number' parameter constant. + */ + AP_NUMBER("ap.number"), + + /** + * Represents the 'assertionConsumerServiceURL' parameter constant. + */ + ASSERTION_CONSUMER_S_URL("assertionConsumerServiceURL"), + + /** + * Represents the 'auth' parameter constant. + */ + AUTHENTICATION("auth"), + + /** + * Represents the 'auth-on-behalf-of' parameter constant. + */ + AUTHENTICATION_ON_BEHALF_OF("auth-on-behalf-of"), + + /** + * Represents the 'attr' parameter constant. + */ + ATTRIBUTE("attr"), + /** + * Represents the 'attrName' parameter constant. + */ + ATTRIBUTE_NAME("attrName"), + /** + * Represents the 'attrStatus' parameter constant. + */ + ATTRIBUTE_STATUS("attrStatus"), + /** + * Represents the 'attrType' parameter constant. + */ + ATTRIBUTE_TYPE("attrType"), + /** + * Represents the 'attrValue' parameter constant. + */ + ATTRIBUTE_VALUE("attrValue"), + /** + * Represents the 'attrList' parameter constant. + */ + ATTRIBUTE_LIST("attrList"), + /** + * Represents the 'apMandAttrList' parameter constant. + */ + AP_MANDATORY_ATTRIBUTE_LIST("apMandAttrList"), + /** + * Represents the 'attrTuple' parameter constant. + */ + ATTRIBUTE_TUPLE("attrTuple"), + /** + * Represents the 'attribute-missing' parameter constant. + */ + ATTRIBUTE_MISSING("attribute-missing"), + /** + * Represents the 'attributesNotAllowed' parameter constant. + */ + ATTRIBUTES_NOT_ALLOWED("attributesNotAllowed"), + /** + * Represents the 'authnRequest' parameter constant. + */ + AUTH_REQUEST("authnRequest"), + + /** + * Represents the 'attrValue.number' parameter constant. + */ + ATTR_VALUE_NUMBER("attrValue.number"), + + /** + * Represents the 'derivation.date.format' parameter constant. + */ + DERIVATION_DATE_FORMAT("derivation.date.format"), + /** + * Represents the 'deriveAttr.number' parameter constant. + */ + DERIVE_ATTRIBUTE_NUMBER("deriveAttr.number"), + + /** + * Represents the complex attributes parameter constant. + */ + COMPLEX_ADDRESS_VALUE("canonicalResidenceAddress"), + COMPLEX_NEWATTRIBUTE_VALUE("newAttribute2"), + COMPLEX_HASDEGREE_VALUE("hasDegree"), + COMPLEX_MANDATECONTENT_VALUE("mandateContent"), + /** + * Represents the 'consent-type' parameter constant. + */ + CONSENT_TYPE("consent-type"), + /** + * Represents the 'consent-value' parameter constant. + */ + CONSENT_VALUE("consent-value"), + /** + * Represents the 'country' parameter constant. + */ + COUNTRY("country"), + /** + * Represents the 'countryOrigin' parameter constant. + */ + COUNTRY_ORIGIN("countryOrigin"), + + /** + * Represents the 'cpepsURL' parameter constant. + */ + CPEPS_URL("cpepsURL"), + /** + * Represents the 'callback' parameter constant. + */ + CPEPS_CALLBACK("callback"), + /** + * Represents the 'peps.specificidpredirect.url' parameter constant. + */ + CPEPS_IDP_CALLBACK_VALUE("peps.specificidpredirect.url"), + /** + * Represents the 'peps.specificapredirect.url' parameter constant. + */ + CPEPS_AP_CALLBACK_VALUE("peps.specificapredirect.url"), + + /** + * Represents the 'errorCode' parameter constant. + */ + ERROR_CODE("errorCode"), + /** + * Represents the 'subCode' parameter constant. + */ + ERROR_SUBCODE("subCode"), + /** + * Represents the 'errorMessage' parameter constant. + */ + ERROR_MESSAGE("errorMessage"), + /** + * Represents the 'errorRedirectUrl' parameter constant. + */ + ERROR_REDIRECT_URL("errorRedirectUrl"), + + /** + * errorRedirectUrl Represents the 'external-authentication' parameter + * constant. + */ + EXTERNAL_AUTH("external-authentication"), + /** + * Represents the 'external-ap' parameter constant. + */ + EXTERNAL_AP("external-ap"), + /** + * Represents the 'external-pv' parameter constant. + */ + EXTERNAL_PV("external-pv"), + /** + * Represents the 'external-sig-module' parameter constant. + */ + EXT_SIG_CREATOR_MOD("external-sig-module"), + + /** + * Represents the 'http-x-forwarded-for' parameter constant. + */ + HTTP_X_FORWARDED_FOR("http-x-forwarded-for"), + + /** + * Represents the 'idp.url' parameter constant. + */ + IDP_URL("idp.url"), + /** + * Represents the 'idpAUB.url' parameter constant. + */ + IDPAUB_URL("idpAUB.url"), + /** + * Represents the 'internal-authentication' parameter constant. + */ + INTERNAL_AUTH("internal-authentication"), + /** + * Represents the 'internal-ap' parameter constant. + */ + INTERNAL_AP("internal-ap"), + /** + * Represents the 'internal-pv' parameter constant. + */ + INTERNAL_PV("internal-pv"), + + /** + * Represents the 'samlIssuer' parameter constant. + */ + ISSUER("samlIssuer"), + /** + * Represents the 'samlIssuer.idp' parameter constant. + */ + ISSUER_IDP("samlIssuer.idp"), + /** + * Represents the 'samlIssuer.atp' parameter constant. + */ + ISSUER_ATP("samlIssuer.atp"), + + /** + * Represents the 'mandatory' parameter constant. + */ + MANDATORY("mandatory"), + /** + * Represents the 'mandatoryAttributeMissing' parameter constant. + */ + MANDATORY_ATTR_MISSING("mandatoryAttributeMissing"), + /** + * Represents the 'mandatoryConsentAttrMissing' parameter constant. + */ + MANDATORY_CONSENT_MISSING("mandatoryConsentAttrMissing"), + /** + * Represents the 'missing-attrs' parameter constant. + */ + MISSING_ATTRS("missing-attrs"), + /** + * Represents the 'no-more-attrs' parameter constant. + */ + NO_MORE_ATTRS("no-more-attrs"), + + /** + * Represents the 'optional' parameter constant. + */ + OPTIONAL("optional"), + + /** + * Represents the 'no-consent-type' parameter constant. + */ + NO_CONSENT_TYPE("no-consent-type"), + /** + * Represents the 'no-consent-value' parameter constant. + */ + NO_CONSENT_VALUE("no-consent-value"), + + /** + * Represents the 'provider.name' parameter constant. + */ + PROVIDER_NAME_VALUE("providerName"), + /** + * Represents the 'cpeps.askconsent' parameter constant. + */ + PEPS_ASK_CONSENT("cpeps.askconsent"), + /** + * Represents the 'cpeps.askconsentvalue' parameter constant. + */ + PEPS_ASK_CONSENT_VALUE("cpeps.askconsentvalue"), + /** + * Represents the 'pepsAuth' parameter constant. + */ + PEPS_AUTH_CONSENT("pepsAuth"), + /** + * Represents the 'validation.bypass' parameter constant. + */ + PEPS_BYPASS("validation.bypass"), + /** + * Represents the 'cpeps.number' parameter constant. + */ + PEPS_NUMBER("cpeps.number"), + /** + * Represents the 'cpeps.specificapredirect.url' parameter constant. + */ + PEPS_SPECIFIC_URL("cpeps.specificapredirect.url"), + /** + * Represents the 'pv.url' parameter constant. + */ + PV_URL("pv.url"), + + /** + * Represents the 'qaaLevel' parameter constant. + */ + QAALEVEL("qaaLevel"), + + /** + * Represents the 'speps.redirectUrl' parameter constant. + */ + SPEPS_REDIRECT_URL("speps.redirectUrl"), + + /** + * Represents the 'sp.redirectUrl' parameter constant. + */ + SP_REDIRECT_URL("sp.redirectUrl"), + /** + * Represents the 'cpeps.redirectUrl' parameter constant. + */ + CPEPS_REDIRECT_URL("cpeps.redirectUrl"), + /** + * Represents the 'RelayState' parameter constant. + */ + RELAY_STATE("RelayState"), + /** + * Represents the 'remoteAddr' parameter constant. + */ + REMOTE_ADDR("remoteAddr"), + /** + * Represents the 'remoteUser' parameter constant. + */ + REMOTE_USER("remoteUser"), + + /** + * Represents the 'SAMLRequest' parameter constant. + */ + SAML_REQUEST("SAMLRequest"), + /** + * Represents the 'SAMLResponse' parameter constant. + */ + SAML_RESPONSE("SAMLResponse"), + /** + * Represents the 'SAMLFail' parameter constant. + */ + SAML_TOKEN_FAIL("SAMLFail"), + /** + * Represents the 'TokenId' parameter constant. + */ + SAML_TOKEN_ID("TokenId"), + /** + * Represents the 'inResponseTo' parameter constant. + */ + SAML_IN_RESPONSE_TO("inResponseTo"), + /** + * Represents the 'inResponseTo.idp' parameter constant. + */ + SAML_IN_RESPONSE_TO_IDP("inResponseTo.idp"), + /** + * Represents the 'inResponseTo.atp' parameter constant. + */ + SAML_IN_RESPONSE_TO_ATP("inResponseTo.atp"), + /** + * Represents the 'SignatureResponse' parameter constant. + */ + SIGNATURE_RESPONSE("SignatureResponse"), + + /** + * Represents the 'cPepsSession' parameter constant. + */ + SESSION_ID_URL("cPepsSession"), + /** + * Represents the 'spId' parameter constant. + */ + SP_ID("spId"), + /** + * Represents the 'spQaaLevel' parameter constant. + */ + SP_QAALEVEL("spQaaLevel"), + /** + * Represents the 'spUrl' parameter constant. + */ + SP_URL("spUrl"), + + /** + * Represents the 'allow.derivation.all' parameter constant. + */ + SPECIFIC_ALLOW_DERIVATION_ALL("allow.derivation.all"), + /** + * Represents the ''allow.unknowns parameter constant. + */ + SPECIFIC_ALLOW_UNKNOWNS("allow.unknowns"), + /** + * Represents the 'derivation.date.separator' parameter constant. + */ + SPECIFIC_DERIVATION_DATE_SEP("derivation.date.separator"), + /** + * Represents the 'derivation.month.position' parameter constant. + */ + SPECIFIC_DERIVATION_MONTH_POS("derivation.month.position"), + /** + * Represents the 'derivation.day.position' parameter constant. + */ + SPECIFIC_DERIVATION_DAY_POS("derivation.day.position"), + /** + * Represents the 'derivation.year.position' parameter constant. + */ + SPECIFIC_DERIVATION_YEAR_POS("derivation.year.position"), + + /** + * sp.authorized.parameters Represents the '' parameter constant. + */ + SPEPS_AUTHORIZED("sp.authorized.parameters"), + + /** + * Represents the 'spSector' constant value. + */ + SPSECTOR("spSector"), + /** + * Represents the 'spApplication' constant value. + */ + SPAPPLICATION("spApplication"), + /** + * Represents the 'spCountry' constant value. + */ + SPCOUNTRY("spCountry"), + /** + * Represents the 'spInstitution' constant value. + */ + SPINSTITUTION("spInstitution"), + /** + * Represents the 'storkAttribute.number' parameter constant. + */ + STORK_ATTRIBUTE_NUMBER("storkAttribute.number"), + /** + * Represents the 'storkAttributeValue.number' parameter constant. + */ + STORK_ATTRIBUTE_VALUE_NUMBER("storkAttributeValue.number"), + + /** + * Represents the 'username' parameter constant. + */ + USERNAME("username"), + + /** + * Represents the 'tooManyParameters' parameter constant. + */ + TOO_MANY_PARAMETERS("tooManyParameters"), + /** + * Represents the 'validation.active' parameter constant. + */ + VALIDATION_ACTIVE("validation.active"), + + /** + * Represents the 'x-forwarded-for' parameter constant. + */ + X_FORWARDED_FOR("x-forwarded-for"), + /** + * Represents the 'x-forwarded-host' parameter constant. + */ + X_FORWARDED_HOST("x-forwarded-host"), + /** + * Represents the 'XMLResponse' parameter constant. + */ + XML_RESPONSE("XMLResponse"), + + /** + * Represents the 'ap-cpeps.number' parameter constant. + */ + AP_PEPS_NUMBER("ap-cpeps.number"), + + /** + * Represents the 'atp.number' parameter constant. + */ + ATTRIBUTE_PROVIDER_NUMBER("atp.number"), + + /** + * Represents the 'atn.number' parameter constant. + */ + ATTRIBUTE_NAME_NUMBER("atn.number"), + + /** + * Represents the 'apLinker' parameter constant. + */ + AP_LINKER("apLinker"), + + /** + * Represents the 'prevApLinker' parameter constant. + */ + PREV_AP_LINKER("prevApLinker"), + + /** + * Represents the 'NOSEL' parameter constant (no attribute provider selected). + */ + AP_NO_SELECTION("NOSEL"), + + /** + * Represents the 'OCSEL' parameter constant (attribute provider in another country). + */ + AP_OTHER_COUNTRY("OCSEL"), + + /** + * Represents the '_provider' suffix parameter constant. + */ + AP_PROVIDER_SELECT_SUFFIX("_provider"), + + /** + * Represents the '_country' suffix parameter constant. + */ + AP_COUNTRY_SELECT_SUFFIX("_country"), + + /** + * Represents the '_name' suffix parameter constant. + */ + AP_NAME_SELECT_SUFFIX("_name"), + + /** + * Represents the 'next-ap' parameter constant. + */ + NEXT_AP("next-ap"), + + /** + * Represents the 'next-apeps' parameter constant. + */ + NEXT_APEPS("next-apeps"), + + /** + * Represents the 'back-to-apeps' parameter constant. + */ + BACK_TO_APEPS("back-to-apeps"), + + /** + * Represents the 'is-remote-apeps' parameter constant. + */ + IS_REMOTE_APEPS("is-remote-apeps"), + + /** + * Represents the 'more-attributes' parameter constant. + */ + MORE_ATTRIBUTES("more-attributes"), + + /** + * Represents the 'attr-filter.number' parameter constant. + */ + ATTRIBUTES_FILTER_NUMBER("attr-filter.number"), + + /** + * Represents the 'atp.url' parameter constant. + */ + ATP_URL("atp.url"), + /** + * Represents the 'apepsURL' parameter constant. + */ + APEPS_URL("apepsUrl"), + + /** + * Represents the 'apepsCountry' parameter constant. + */ + APEPS_COUNTRY("apepsCountry"), + + /** + * Represents the 'apepsAuthRequest' parameter constant. + */ + APEPS_ATTR_REQUEST("apepsAttrRequest"), + + /** + * Represents the 'isApepsRequest' parameter constant. + */ + APEPS_REQUEST_COMPLETE("apeps-request-complete"), + + /** + * Represents the 'apeps.callbackUrl' parameter constant. + */ + APEPS_CALLBACK_URL("apeps.callbackUrl"), + /** + * Represents the 'attrListMand' parameter constant. + */ + ATTR_LIST_MAND("attrListMand"), + + /** + * Represents the 'attrListOpt' parameter constant. + */ + ATTR_LIST_OPT("attrListOpt"), + + /** + * Represents the 'simpleAttrListMand' parameter constant. + */ + SIMPLE_ATTR_LIST_MAND("simpleAttrListMand"), + + /** + * Represents the 'simpleAttrListOpt' parameter constant. + */ + SIMPLE_ATTR_LIST_OPT("simpleAttrListOpt"), + + /** + * Represents the 'complexAttrListMand' parameter constant. + */ + COMPLEX_ATTR_LIST_MAND("complexAttrListMand"), + + /** + * Represents the 'complexAttrListOpt' parameter constant. + */ + COMPLEX_ATTR_LIST_OPT("complexAttrListOpt"); + + /** + * Represents the constant's value. + */ + private String value; + + /** + * Solo Constructor. + * + * @param nValue The Constant value. + */ + PEPSParameters(final String nValue) { + this.value = nValue; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public String toString() { + return value; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java new file mode 100644 index 000000000..a16b03edb --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSUtil.java @@ -0,0 +1,353 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.io.UnsupportedEncodingException; +import java.util.Properties; + +import org.apache.commons.lang.StringUtils; +import org.apache.log4j.Logger; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.util.encoders.Base64; + +import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; +import eu.stork.peps.auth.commons.exceptions.InvalidParameterPEPSException; + +/** + * This class holds static helper methods. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.75 $, $Date: 2010-11-23 00:05:35 $ + */ +public final class PEPSUtil { + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(PEPSUtil.class.getName()); + + /** + * Configurations object. + */ + private static Properties configs; + + /** + * Max prefix. + */ + private static final String MAX_PARAM_PREFIX = "max."; + + /** + * Code prefix to get error code. + */ + private static final String CODE_PARAM_SUFFIX = ".code"; + + /** + * param's size prefix to get max param size. + */ + private static final String MAX_PARAM_SUFFIX = ".size"; + + /** + * Message prefix to get error message. + */ + private static final String MSG_PARAM_SUFFIX = ".message"; + + /** + * Private constructor. Prevents the class from being instantiated. + */ + private PEPSUtil() { + // empty constructor + } + + /** + * Creates a single instance of this class and sets the properties. + * + * @param nConfigs The set of available configurations. + * + * @return The created PEPSUtil's class. + */ + public static PEPSUtil createInstance(final Properties nConfigs) { + if (nConfigs != null) { + PEPSUtil.configs = nConfigs; + } + return new PEPSUtil(); + } + + /** + * Getter for the Properties. + * + * @return configs The properties value. + */ + public Properties getConfigs() { + return configs; + } + + /** + * Setter for the Properties. + * + * @param nConfigs The new properties value. + */ + public static void setConfigs(final Properties nConfigs) { + if (nConfigs != null) { + PEPSUtil.configs = nConfigs; + } + } + + /** + * Returns the identifier of some configuration given a set of configurations + * and the corresponding configuration key. + * + * @param configKey The key that IDs some configuration. + * + * @return The configuration String value. + */ + public static String getConfig(final String configKey) { + return configs.getProperty(configKey); + } + + /** + * Validates the input paramValue identified by the paramName. + * + * @param paramName The name of the parameter to validate. + * @param paramValue The value of the parameter to validate. + * + * @return true if the parameter is valid. + */ + public static boolean isValidParameter(final String paramName, + final String paramValue) { + + final String validationParam = + PEPSUtil.getConfig(PEPSParameters.VALIDATION_ACTIVE.toString()); + boolean retVal = true; + + final String paramConf = MAX_PARAM_PREFIX + paramName + MAX_PARAM_SUFFIX; + + if (PEPSValues.TRUE.toString().equals(validationParam)) { + final String paramSizeStr = PEPSUtil.getConfig(paramConf); + // Checking if the parameter size exists and if it's numeric + if (StringUtils.isNumeric(paramSizeStr)) { + final int maxParamSize = Integer.valueOf(paramSizeStr); + if (StringUtils.isEmpty(paramValue) + || paramValue.length() > maxParamSize) { + retVal = false; + LOG.warn("Invalid parameter [" + paramName + "] value " + paramValue); + } + } else { + retVal = false; + LOG.error("Missing " + paramConf + + " configuration in the pepsUtils.properties configuration file"); + } + } + return retVal; + } + + /** + * Validates the Parameter and throws an exception if an error occurs. Throws + * an InvalidParameterPEPSException runtime exception if the parameter is + * invalid. + * + * @param className The Class Name that invoked the method. + * @param paramName The name of the parameter to validate. + * @param paramValue The value of the parameter to validate. + */ + public static void validateParameter(final String className, + final String paramName, final Object paramValue) { + + if (paramValue == null) { + PEPSUtil.validateParameter(className, paramName, ""); + } else { + PEPSUtil.validateParameter(className, paramName, paramValue.toString()); + } + } + + /** + * Validates the Parameters and throws an exception if an error occurs. + * + * @param className The Class Name that invoked the method. + * @param paramName The name of the parameter to validate. + * @param paramValue The value of the parameter to validate. + */ + public static void validateParameter(final String className, + final String paramName, final String paramValue) { + + PEPSUtil.validateParameter(className, paramName, paramValue, + PEPSUtil.getErrorCode(paramName), PEPSUtil.getErrorMessage(paramName)); + } + + /** + * Validates the Parameters and throws an exception if an error occurs. + * + * @param className The Class Name that invoked the method. + * @param paramName The name of the parameter to validate. + * @param paramValue The value of the parameter to validate. + * @param error The PEPSError to get error code and messages from configs. + */ + public static void validateParameter(final String className, + final String paramName, final String paramValue, final PEPSErrors error) { + + PEPSUtil.validateParameter(className, paramName, paramValue, + PEPSUtil.getConfig(error.errorCode()), + PEPSUtil.getConfig(error.errorMessage())); + } + + /** + * Validates the HTTP Parameter and throws an exception if an error occurs. + * Throws an InvalidParameterPEPSException runtime exception if the parameter + * is invalid. + * + * @param className The Class Name that invoked the method. + * @param paramName The name of the parameter to validate. + * @param paramValue The value of the parameter to validate. + * @param errorCode The error code to include on the exception. + * @param errorMessage The error message to include on the exception. + */ + public static void validateParameter(final String className, + final String paramName, final String paramValue, final String errorCode, + final String errorMessage) { + + if (!isValidParameter(paramName, paramValue)) { + LOG.warn("Invalid parameter [" + paramName + "] value found at " + + className); + throw new InvalidParameterPEPSException(errorCode, errorMessage); + } + } + + /** + * Getter for the error code of some given error related to the input param. + * + * @param paramName The name of the parameter associated with the error. + * + * @return The code of the error. + */ + private static String getErrorCode(final String paramName) { + return getConfig(paramName + CODE_PARAM_SUFFIX); + } + + /** + * Getter for the error message of some given error related to the input + * parameter. + * + * @param paramName The name of the parameter associated with the message. + * + * @return The message for the error. + */ + private static String getErrorMessage(final String paramName) { + return getConfig(paramName + MSG_PARAM_SUFFIX); + } + + /** + * {@link Base64} encodes the input samlToken parameter. + * + * @param samlToken the SAML Token to be encoded. + * + * @return The Base64 String representing the samlToken. + * + * @see Base64#encode + */ + public static String encodeSAMLToken(final byte[] samlToken) { + try { + return new String(Base64.encode(samlToken), "UTF8"); + } catch (UnsupportedEncodingException e) { + LOG.error(PEPSErrors.INTERNAL_ERROR.errorMessage(), e); + return null; + } + } + + /** + * Decodes the {@link Base64} String input parameter representing a samlToken. + * + * @param samlToken the SAML Token to be decoded. + * + * @return The samlToken decoded bytes. + * + * @see Base64#decode + */ + public static byte[] decodeSAMLToken(final String samlToken) { + return Base64.decode(samlToken); + } + + /** + * Hashes a SAML token. Throws an InternalErrorPEPSException runtime exception + * if the Cryptographic Engine fails. + * + * @param samlToken the SAML Token to be hashed. + * + * @return byte[] with the hashed SAML Token. + */ + public static byte[] hashPersonalToken(final byte[] samlToken) { + try { + final String className = + PEPSUtil.getConfig(PEPSValues.HASH_DIGEST_CLASS.toString()); + + final Digest digest = + (Digest) Class.forName(className).getConstructor() + .newInstance((Object[]) null); + digest.update(samlToken, 0, samlToken.length); + + final int retLength = digest.getDigestSize(); + final byte[] ret = new byte[retLength]; + + digest.doFinal(ret, 0); + return ret; + + } catch (final Exception e) { + // For all those exceptions that could be thrown, we always log it and + // thrown an InternalErrorPEPSException. + LOG.error(PEPSErrors.HASH_ERROR.errorMessage(), e); + throw new InternalErrorPEPSException( + PEPSUtil.getConfig(PEPSErrors.HASH_ERROR.errorCode()), + PEPSUtil.getConfig(PEPSErrors.HASH_ERROR.errorMessage()), e); + } + } + + /** + * Gets the Stork error code in the error message if exists! + * + * @param errorMessage The message to get the error code if exists; + * + * @return the error code if exists. Returns null otherwise. + */ + public static String getStorkErrorCode(final String errorMessage) { + if (StringUtils.isNotBlank(errorMessage) + && errorMessage.indexOf(PEPSValues.ERROR_MESSAGE_SEP.toString()) >= 0) { + final String[] msgSplitted = + errorMessage.split(PEPSValues.ERROR_MESSAGE_SEP.toString()); + if (msgSplitted.length == 2 && StringUtils.isNumeric(msgSplitted[0])) { + return msgSplitted[0]; + } + } + return null; + } + + /** + * Gets the Stork error message in the saml message if exists! + * + * @param errorMessage The message to get in the saml message if exists; + * + * @return the error message if exists. Returns the original message + * otherwise. + */ + public static String getStorkErrorMessage(final String errorMessage) { + if (StringUtils.isNotBlank(errorMessage) + && errorMessage.indexOf(PEPSValues.ERROR_MESSAGE_SEP.toString()) >= 0) { + final String[] msgSplitted = + errorMessage.split(PEPSValues.ERROR_MESSAGE_SEP.toString()); + if (msgSplitted.length == 2 && StringUtils.isNumeric(msgSplitted[0])) { + return msgSplitted[1]; + } + } + return errorMessage; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java new file mode 100644 index 000000000..e14c21cb5 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PEPSValues.java @@ -0,0 +1,329 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains all the value constants. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.17 $, $Date: 2011-07-07 20:48:45 $ + */ +public enum PEPSValues { + + /** + * Represents the 'all' constant value. + */ + ALL("all"), + /** + * Represents the 'none' constant value. + */ + NONE("none"), + /** + * Represents the 'true' constant value. + */ + TRUE("true"), + /** + * Represents the 'false' constant value. + */ + FALSE("false"), + /** + * Represents the empty string constant value. + */ + EMPTY_STRING(""), + + /** + * Represents the ',' separator constant value. + */ + ATTRIBUTE_VALUE_SEP(","), + /** + * Represents the ';' separator constant value. + */ + ATTRIBUTE_SEP(";"), + /** + * Represents the ':' separator constant value. + */ + ATTRIBUTE_TUPLE_SEP(":"), + /** + * Represents the '/' separator constant value. + */ + EID_SEPARATOR("/"), + /** + * Represents the ' - ' separator constant value. + */ + ERROR_MESSAGE_SEP(" - "), + /** + * Represents the '#' parameter constant value. + */ + LOGGER_SEP("#"), + /** + * Represents the 'NOT_AVAILABLE' parameter constant value. + */ + NOT_AVAILABLE("NotAvailable"), + /** + * Represents the ';' parameter constant value. + */ + SPEPS_AUTHORIZED_SEP(";"), + + /** + * Represents the 'ap' constant value. + */ + AP("ap"), + /** + * Represents the 'C-PEPS' constant value. + */ + CPEPS("C-PEPS"), + /** + * Represents the 'cpeps' constant value. + */ + CPEPS_PREFIX("cpeps"), + /** + * Represents the 'peps' constant value. + */ + PEPS("peps"), + /** + * Represents the '-PEPS' constant value. + */ + PEPS_SUFFIX("-PEPS"), + /** + * Represents the 'SP' constant value. + */ + SP("SP"), + /** + * Represents the 'S-PEPS' constant value. + */ + SPEPS("S-PEPS"), + /** + * Represents the 'speps' constant value. + */ + SPEPS_PREFIX("speps"), + /** + * Represents the 'sp.default.parameters' constant value. + */ + DEFAULT("sp.default.parameters"), + /** + * Represents the default saml id constant value. + */ + DEFAULT_SAML_ID("1"), + /** + * Represents the 'hashDigest.className' constant value. + */ + HASH_DIGEST_CLASS("hashDigest.className"), + + /** + * Represents the 'eu.stork.communication.requests' constant value. + */ + STORK_PACKAGE_REQUEST_LOGGER_VALUE("eu.stork.communication.requests"), + /** + * Represents the 'eu.stork.communication.responses' constant value. + */ + STORK_PACKAGE_RESPONSE_LOGGER_VALUE("eu.stork.communication.responses"), + + /** + * Represents the 'S-PEPS receives request from SP' constant value. + */ + SP_REQUEST("S-PEPS receives request from SP"), + /** + * Represents the 'Get Citizen Consent' constant value. + */ + CITIZEN_CONSENT_LOG("Get Citizen Consent"), + /** + * Represents the 'C-PEPS receives request from S-PEPS' constant value. + */ + CPEPS_REQUEST("C-PEPS receives request from S-PEPS"), + /** + * Represents the 'C-PEPS generates response to S-PEPS' constant value. + */ + CPEPS_RESPONSE("C-PEPS generates response to S-PEPS"), + /** + * Represents the 'S-PEPS generates request to C-PEPS' constant value. + */ + SPEPS_REQUEST("S-PEPS generates request to C-PEPS"), + /** + * Represents the 'S-PEPS receives response from C-PEPS' constant value. + */ + SPEPS_RESPONSE("S-PEPS receives response from C-PEPS"), + /** + * Represents the 'S-PEPS generates response to SP' constant value. + */ + SP_RESPONSE("S-PEPS generates response to SP"), + /** + * Represents the 'Success' constant value. + */ + SUCCESS("Success"), + /** + * Represents the December's month number constant value. + */ + LAST_MONTH("12"), + /** + * Represents the yyyyMM constant value. + */ + NO_DAY_DATE_FORMAT("yyyyMM"), + + /** + * Represents the 'attrValue' constant value. + */ + ATTRIBUTE("attrValue"), + /** + * Represents the 'derivedAttr' constant value. + */ + DERIVE_ATTRIBUTE("deriveAttr"), + /** + * Represents the 'storkAttribute' constant value. + */ + STORK_ATTRIBUTE("storkAttribute"), + + /** + * Represents the 'properties' constant value. + */ + PROPERTIES("properties"), + /** + * Represents the 'referer' constant value. + */ + REFERER("referer"), + /** + * Represents the 'host' constant value. + */ + HOST("host"), + /** + * Represents the 'spid' constant value. + */ + SPID("spid"), + /** + * Represents the 'domain' constant value. + */ + DOMAIN("domain"), + /** + * Represents the '.validation' constant value. + */ + VALIDATION_SUFFIX(".validation"), + /** + * Represents the 'jsessionid' constant value. + */ + EQUAL("="), + /** + * Represents the 'HttpOnly' constant value. + */ + HTTP_ONLY("HttpOnly"), + /** + * Represents the 'SET-COOKIE' constant value. + */ + JSSESSION("JSESSIONID"), + /** + * Represents the '=' constant value. + */ + SETCOOKIE("SET-COOKIE"), + /** + * Represents the ';' constant value. + */ + SEMICOLON(";"), + /** + * Represents the ' ' constant value. + */ + SPACE(" "), + /** + * Represents the 'atp' constant value. + */ + APROVIDER_PREFIX("atp"), + /** + * Represents the 'atn' constant value. + */ + ANAME_PREFIX("atn"), + /** + * Represents the 'ap-cpeps' constant value. + */ + AP_CPEPS_PREFIX("ap-cpeps"), + /** + * Represents the 'attr-filter' constant value. + */ + AP_ATTRFILTER_PREFIX("attr-filter"); + + /** + * Represents the constant's value. + */ + private String value; + + /** + * Solo Constructor. + * + * @param val The Constant value. + */ + PEPSValues(final String val) { + + this.value = val; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public String toString() { + + return value; + } + + /** + * Construct the return value with the following structure + * CONSTANT_VALUE+index+".id". + * + * @param index the number. + * + * @return The concatenated String value. + */ + public String index(final int index) { + + return value + index + ".id"; + } + + /** + * Construct the return value with the following structure + * CONSTANT_VALUE+index+".value". + * + * @param index the number. + * + * @return The concatenated string value. + */ + public String value(final int index) { + + return value + index + ".value"; + } + + /** + * Construct the return value with the following structure + * CONSTANT_VALUE+index+".name". + * + * @param index the number. + * + * @return The concatenated String value. + */ + public String name(final int index) { + + return value + index + ".name"; + } + + /** + * Construct the return value with the following structure + * CONSTANT_VALUE+index+".url". + * + * @param index the number. + * + * @return The concatenated String value. + */ + public String url(final int index) { + + return value + index + ".url"; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java new file mode 100644 index 000000000..5d8281445 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttribute.java @@ -0,0 +1,348 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; + +import org.apache.log4j.Logger; + +import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; + +/** + * This class is a bean used to store the information relative to the + * PersonalAttribute. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.22 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class PersonalAttribute implements Serializable, Cloneable { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 2612951678412632174L; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(PersonalAttribute.class + .getName()); + + /** + * Name of the personal attribute. + */ + private String name; + + /** + * Values of the personal attribute. + */ + private List value = new ArrayList(); + + /** + * Type of the personal attribute. + */ + private String type; + + /** + * Complex values of the personal attribute. + */ + private Map complexValue = new ConcurrentHashMap(); + + /** + * Is the personal attribute mandatory? + */ + private transient boolean required; + + /** + * Returned status of the attribute from the IdP. + */ + private String status; + + /** + * Name of the personal attribute. + */ + private String friendlyName; + + /** + * Empty Constructor. + */ + public PersonalAttribute() { + super(); + } + + /** + * PersonalAttribute Constructor for complex values. + * + * @param attrName The attribute name. + * @param attrIsRequired The attribute type value. + * @param attrComplexValue The attribute's value. + * @param attrStatus The attribute's status value. + */ + public PersonalAttribute(final String attrName, final boolean attrIsRequired, + final List attrComplexValue, final String attrStatus) { + this.setName(attrName); + this.setIsRequired(attrIsRequired); + this.setValue(attrComplexValue); + this.setStatus(attrStatus); + } + + /** + * PersonalAttribute Constructor for complex values. + * + * @param attrName The attribute name. + * @param attrIsRequired The attribute type value. + * @param attrComplexValue The attribute's complex value. + * @param attrStatus The attribute's status value. + */ + public PersonalAttribute(final String attrName, final boolean attrIsRequired, + final Map attrComplexValue, final String attrStatus) { + this.setName(attrName); + this.setIsRequired(attrIsRequired); + this.setComplexValue(attrComplexValue); + this.setStatus(attrStatus); + } + + /** + * {@inheritDoc} + */ + @SuppressWarnings("unchecked") + public Object clone() { + + try { + final PersonalAttribute personalAttr = (PersonalAttribute) super.clone(); + personalAttr.setIsRequired(this.isRequired()); + personalAttr.setName(this.getName()); + personalAttr.setStatus(this.getStatus()); + if (!isEmptyValue()) { + final List val = + (List) ((ArrayList) this.getValue()).clone(); + personalAttr.setValue(val); + } + if (!isEmptyComplexValue()) { + final Map complexVal = + (Map) ((HashMap) this + .getComplexValue()).clone(); + personalAttr.setComplexValue(complexVal); + } + return personalAttr; + } catch (final CloneNotSupportedException e) { + // assert false; + LOG.trace("Nothing to do."); + throw new InternalErrorPEPSException( + PEPSUtil.getConfig(PEPSErrors.INTERNAL_ERROR.errorCode()), + PEPSUtil.getConfig(PEPSErrors.INTERNAL_ERROR.errorMessage()), e); + } + } + + /** + * Getter for the required value. + * + * @return The required value. + */ + public boolean isRequired() { + return required; + } + + /** + * Setter for the required value. + * + * @param attrIsRequired this attribute? + */ + public void setIsRequired(final boolean attrIsRequired) { + this.required = attrIsRequired; + } + + /** + * Getter for the name value. + * + * @return The name value. + */ + public String getName() { + return name; + } + + /** + * Setter for the name value. + * + * @param attrName The personal attribute name. + */ + public void setName(final String attrName) { + this.name = attrName; + } + + /** + * Getter for the value. + * + * @return The list of values. + */ + public List getValue() { + return value; + } + + /** + * Setter for the list of values. + * + * @param attrValue The personal attribute value. + */ + public void setValue(final List attrValue) { + if (attrValue != null) { + this.value = attrValue; + } + } + + + /** + * Getter for the type value. + * + * @return The name value. + */ + public String getType() { + return type; + } + + /** + * Setter for the type value. + * + * @param attrName The personal attribute type. + */ + public void setType(final String attrType) { + this.type = attrType; + } + + /** + * Getter for the status. + * + * @return The status value. + */ + public String getStatus() { + return status; + } + + /** + * Setter for the status value. + * + * @param attrStatus The personal attribute status. + */ + public void setStatus(final String attrStatus) { + this.status = attrStatus; + } + + /** + * Getter for the complex value. + * + * @return The complex value. + */ + public Map getComplexValue() { + return complexValue; + } + + /** + * Setter for the complex value. + * + * @param complexVal The personal attribute Complex value. + */ + public void setComplexValue(final Map complexVal) { + if (complexVal != null) { + this.complexValue = complexVal; + } + } + + /** + * Getter for the personal's friendly name. + * + * @return The personal's friendly name value. + */ + public String getFriendlyName() { + return friendlyName; + } + + /** + * Setter for the personal's friendly name. + * + * @param fName The personal's friendly name. + */ + public void setFriendlyName(final String fName) { + this.friendlyName = fName; + } + + /** + * Return true the value is empty. + * + * @return True if the value is empty "[]"; + */ + public boolean isEmptyValue() { + return value.isEmpty() || (value.size() == 1 && value.get(0).length() == 0); + } + + /** + * Returns true if the Complex Value is empty. + * + * @return True if the Complex Value is empty; + */ + public boolean isEmptyComplexValue() { + return complexValue.isEmpty(); + } + + /** + * Returns true if the Status is empty. + * + * @return True if the Status is empty; + */ + public boolean isEmptyStatus() { + return (status == null || status.length() == 0); + } + + /** + * Prints the PersonalAttribute in the following format. + * name:required:[v,a,l,u,e,s]|[v=a,l=u,e=s]:status; + * + * @return The PersonalAttribute as a string. + */ + public String toString() { + final StringBuilder strBuild = new StringBuilder(); + + AttributeUtil.appendIfNotNull(strBuild, getName()); + strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); + AttributeUtil.appendIfNotNull(strBuild, String.valueOf(isRequired())); + strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); + strBuild.append('['); + + if (isEmptyValue()) { + if (!isEmptyComplexValue()) { + AttributeUtil.appendIfNotNull(strBuild, AttributeUtil.mapToString( + getComplexValue(), PEPSValues.ATTRIBUTE_VALUE_SEP.toString())); + } + } else { + AttributeUtil.appendIfNotNull( + strBuild, + AttributeUtil.listToString(getValue(), + PEPSValues.ATTRIBUTE_VALUE_SEP.toString())); + } + + strBuild.append(']'); + strBuild.append(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString()); + AttributeUtil.appendIfNotNull(strBuild, getStatus()); + strBuild.append(PEPSValues.ATTRIBUTE_SEP.toString()); + + return strBuild.toString(); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java new file mode 100644 index 000000000..642b249d4 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java @@ -0,0 +1,396 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; +import java.util.StringTokenizer; + +import org.apache.commons.lang.StringUtils; +import org.apache.log4j.Logger; + +/** + * This class is a bean used to store the information relative to the + * PersonalAttributeList. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.27 $, $Date: 2010-11-18 22:54:56 $ + * + * @see PersonalAttribute + */ +@SuppressWarnings("PMD") +public final class PersonalAttributeList extends + ConcurrentHashMap implements IPersonalAttributeList{ + + /** + * Logger object. + */ + private static final Logger LOG = Logger + .getLogger(PersonalAttributeList.class.getName()); + + /** + * Serial id. + */ + private static final long serialVersionUID = 7375127363889975062L; + + /** + * Hash with the latest fetched attribute name alias. + */ + private final transient Map latestAttrAlias = + new HashMap(); + + /** + * Hash with mapping number of alias or the attribute name. + */ + private final transient Map attrAliasNumber = + new HashMap(); + + /** + * Default constructor. + */ + public PersonalAttributeList() { + // The best practices recommend to call the super constructor. + super(); + } + + /** + * Constructor with initial capacity for the PersonalAttributeList size. + * + * @param capacity The initial capacity for the PersonalAttributeList. + */ + public PersonalAttributeList(final int capacity) { + super(capacity); + } + + /** + * {@inheritDoc} + */ + public Iterator iterator() { + return this.values().iterator(); + } + + /** + * {@inheritDoc} + */ + public PersonalAttribute get(final Object key) { + String attrName = (String) key; + + if (this.latestAttrAlias.containsKey(key)) { + attrName = attrName + this.latestAttrAlias.get(key); + } else { + if (this.attrAliasNumber.containsKey(key)) { + this.latestAttrAlias.put(attrName, this.attrAliasNumber.get(key)); + } + } + return super.get(attrName); + } + + /** + * {@inheritDoc} + */ + public void add(final PersonalAttribute value) { + if (value != null) { + this.put(value.getName(), value); + } + } + + /** + * {@inheritDoc} + */ + public PersonalAttribute put(final String key, final PersonalAttribute val) { + if (StringUtils.isNotEmpty(key) && val != null) { + // Validate if attribute name already exists! + String attrAlias = key; + if (this.containsKey(attrAlias)) { + //TODO isAgeOver should not be hardcoded, a better way of handling multipe isAgeOver requests should be implemented. + if (!val.isEmptyValue() && StringUtils.isNumeric(val.getValue().get(0)) && "isAgeOver".equals( val.getName() ) ) { + final String attrValue = val.getValue().get(0); + attrAlias = key + attrValue; + this.attrAliasNumber.put(key, Integer.valueOf(attrValue)); + } else { + final PersonalAttribute attr = super.get(key); + if (!attr.isEmptyValue() + && StringUtils.isNumeric(attr.getValue().get(0))) { + attrAlias = key + attr.getValue().get(0); + super.put(key, (PersonalAttribute) attr); + this.attrAliasNumber.put(key, null); + } + } + } + return super.put(attrAlias, val); + } else { + return null; + } + } + + /** + * {@inheritDoc} + */ + public void populate(final String attrList) { + final StringTokenizer strToken = + new StringTokenizer(attrList, PEPSValues.ATTRIBUTE_SEP.toString()); + + while (strToken.hasMoreTokens()) { + final PersonalAttribute persAttr = new PersonalAttribute(); + String[] tuples = + strToken.nextToken().split(PEPSValues.ATTRIBUTE_TUPLE_SEP.toString(), + AttributeConstants.NUMBER_TUPLES.intValue()); + + // Convert to the new format if needed! + tuples = convertFormat(tuples); + + if (AttributeUtil.hasValidTuples(tuples)) { + final int attrValueIndex = + AttributeConstants.ATTR_VALUE_INDEX.intValue(); + final String tmpAttrValue = + tuples[attrValueIndex].substring(1, + tuples[attrValueIndex].length() - 1); + final String[] vals = + tmpAttrValue.split(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + + persAttr.setName(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()]); + persAttr.setIsRequired(Boolean + .valueOf(tuples[AttributeConstants.ATTR_TYPE_INDEX.intValue()])); + + // check if it is a complex value + if (isComplexValue(vals)) { + persAttr.setComplexValue(createComplexValue(vals)); + } + else + { + persAttr.setValue(createValues(vals)); + } + + if (tuples.length == AttributeConstants.NUMBER_TUPLES.intValue()) { + persAttr.setStatus(tuples[AttributeConstants.ATTR_STATUS_INDEX + .intValue()]); + } + this.put(tuples[AttributeConstants.ATTR_NAME_INDEX.intValue()], + persAttr); + + } else { + LOG.warn("Invalid personal attribute list tuples"); + } + + } + } + + /** + * Returns a copy of this IPersonalAttributeList instance. + * + * @return The copy of this IPersonalAttributeList. + */ + public Object clone() { + try { + return (PersonalAttributeList) super.clone(); + } catch (CloneNotSupportedException e) { + return null; + } + } + + /** + * Creates a string in the following format. + * + * attrName:attrType:[attrValue1,attrValue2=attrComplexValue]:attrStatus; + * + * @return {@inheritDoc} + */ + @Override + public String toString() { + final Iterator> itAttrs = + this.entrySet().iterator(); + final StringBuilder strBuilder = new StringBuilder(); + + while (itAttrs.hasNext()) { + final Entry attrEntry = itAttrs.next(); + final PersonalAttribute attr = attrEntry.getValue(); + //strBuilder.append(attr.toString()); + strBuilder.insert(0, attr.toString()); + } + + return strBuilder.toString(); + } + + /** + * Validates and creates the attribute's complex values. + * + * @param values The complex values. + * + * @return The {@link Map} with the complex values. + * + * @see Map + */ + private Map createComplexValue(final String[] values) { + final Map complexValue = new HashMap(); + for (final String val : values) { + final String[] tVal = val.split("="); + if (StringUtils.isNotEmpty(val) && tVal.length == 2) { + complexValue.put(tVal[0], AttributeUtil.unescape(tVal[1])); + } + } + return complexValue; + } + + /** + * Checks if value is complex or not + * @param values The values to check + * @return True if succesful + */ + private boolean isComplexValue(final String[] values) { + boolean isComplex = false; + if (values.length > 0) { + final String[] tVal = values[0].split("="); + if (StringUtils.isNotEmpty(values[0]) && tVal.length == 2) { + isComplex = true; + } + } + return isComplex; + } + + /** + * Validates and creates the attribute values. + * + * @param vals The attribute values. + * + * @return The {@link List} with the attribute values. + * + * @see List + */ + private List createValues(final String[] vals) { + final List values = new ArrayList(); + for (final String val : vals) { + if (StringUtils.isNotEmpty(val)) { + values.add(AttributeUtil.unescape(val)); + } + } + return values; + } + + /** + * Converts the attribute tuple (attrName:attrType...) to the new format. + * + * @param tuples The attribute tuples to convert. + * + * @return The attribute tuples in the new format. + */ + private String[] convertFormat(final String[] tuples) { + final String[] newFormatTuples = + new String[AttributeConstants.NUMBER_TUPLES.intValue()]; + if (tuples != null) { + System.arraycopy(tuples, 0, newFormatTuples, 0, tuples.length); + + for (int i = tuples.length; i < newFormatTuples.length; i++) { + if (i == AttributeConstants.ATTR_VALUE_INDEX.intValue()) { + newFormatTuples[i] = "[]"; + } else { + newFormatTuples[i] = ""; + } + } + } + return newFormatTuples; + } + + /** + * Returns a IPersonalAttributeList of the complex attributes in this map. + * + * @return an IPersonalAttributeList of the complex attributes contained in this map. + */ + public IPersonalAttributeList getComplexAttributes() { + LOG.info("get complex attributes"); + IPersonalAttributeList attrList = new PersonalAttributeList(); + for(PersonalAttribute attr: this) { + if(!attr.getComplexValue().isEmpty()) { + attrList.put(attr.getName(), attr); + LOG.info("adding complex attribute:"+attr.getName()); + } + } + return attrList; + } + + /** + * Returns a IPersonalAttributeList of the mandatory attributes in this map. + * + * @return an IPersonalAttributeList of the mandatory attributes contained in this map. + */ + public IPersonalAttributeList getSimpleValueAttributes() { + LOG.info("get simple attributes"); + IPersonalAttributeList attrList = new PersonalAttributeList(); + for(PersonalAttribute attr: this) { + if(attr.getComplexValue().isEmpty()) { + attrList.put(attr.getName(), attr); + LOG.info("adding simple attribute:"+attr.getName()); + } + } + return attrList; + } + + + + /** + * Returns a IPersonalAttributeList of the mandatory attributes in this map. + * + * @return an IPersonalAttributeList of the mandatory attributes contained in this map. + */ + public IPersonalAttributeList getMandatoryAttributes() { + return getAttributesByParam(true); + } + + + /** + * Returns a IPersonalAttributeList of the attributes in this map by parameter value. + * + * @param compareValue The boolean to get mandatory (true) or optional (false) attributes. + * + * @return an IPersonalAttributeList of the mandatory attributes contained in this map if compareValue is true or optional otherwise. + */ + private IPersonalAttributeList getAttributesByParam(final boolean compareValue) { + LOG.info("get attributes by param :"+compareValue); + IPersonalAttributeList attrList = new PersonalAttributeList(); + for(PersonalAttribute attr: this) { + if(attr.isRequired() == compareValue) { + attrList.put(attr.getName(), attr); + LOG.info("adding attribute:"+attr.getName()); + } + } + return attrList; + } + + + /** + * Returns a IPersonalAttributeList of the optional attributes in this map. + * + * @return an IPersonalAttributeList of the optional attributes contained in this map. + */ + public IPersonalAttributeList getOptionalAttributes() { + return getAttributesByParam(false); + } + + /** + * {@inheritDoc} + */ + public boolean hasMissingValues() { + for(PersonalAttribute attr: this) { + if(attr.isEmptyValue() && attr.isEmptyComplexValue()) { + return true; + } + } + return false; + } +} \ No newline at end of file diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java new file mode 100644 index 000000000..65936f1a8 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryRequest.java @@ -0,0 +1,447 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +import org.apache.log4j.Logger; + +public class STORKAttrQueryRequest implements Serializable, Cloneable { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 4778480781609392750L; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(STORKAttrQueryRequest.class + .getName()); + + /** The samlId. */ + private String samlId; + + /** The destination. */ + private String destination; + + /** The assertion consumer service url. */ + private String serviceURL; + + /** The distinguished name. */ + private String distinguishedName; + + /** The e id sector share. */ + private boolean eIDSectorShare; + + /** The e id cross sector share. */ + private boolean eIDCrossSectorShare; + + /** The e id cross border share. */ + private boolean eIDCrossBorderShare; + + /** The personal attribute list. */ + private IPersonalAttributeList attributeList = new PersonalAttributeList(); + + /** The qaa. */ + private int qaa; + + /** The token saml. */ + private byte[] tokenSaml = new byte[0]; + + /** The issuer. */ + private String issuer; + + /** The service provider sector. */ + private String spSector; + + /** The service provider institution. */ + private String spInstitution; + + /** The service provider application. */ + private String spApplication; + + /** The service provider country. */ + private String spCountry; + + /** The country. */ + private String country; + + /** The citizen country code. */ + private String citizenCountry; + + /** The Service Provider ID. */ + private String sPID; + + /** The Alias used at the keystore for saving this certificate. */ + private String alias; + + /** + * Gets the SP's Certificate Alias. + * + * @return alias The SP's Certificate Alias. + */ + public String getAlias() { + return alias; + } + + /** + * Sets the SP's Certificate Alias. + * + * @param nAlias The SP's Certificate Alias. + */ + public void setAlias(final String nAlias) { + this.alias = nAlias; + } + + /** + * Gets the SP ID. + * + * @return sPID The SP ID. + */ + public String getSPID() { + return sPID; + } + + /** + * Sets the SP ID. + * + * @param sPId The new sp samlId. + */ + public void setSPID(final String sPId) { + this.sPID = sPId; + } + + /** + * Gets the citizen country code. + * + * @return The citizen country code value. + */ + public String getCitizenCountryCode() { + return citizenCountry; + } + + /** + * Sets the citizen country code. + * + * @param countryCode the new citizen country code value. + */ + public void setCitizenCountryCode(final String countryCode) { + this.citizenCountry = countryCode; + } + + /** + * Gets the sp country. + * + * @return The sp country value. + */ + public String getSpCountry() { + return spCountry; + } + + /** + * Sets the sp country. + * + * @param sPCountry the new sp country value. + */ + public void setSpCountry(final String sPCountry) { + this.spCountry = sPCountry; + } + + /** + * Gets the issuer. + * + * @return The issuer value. + */ + public String getIssuer() { + return issuer; + } + + /** + * Sets the issuer. + * + * @param samlIssuer the new issuer value. + */ + public void setIssuer(final String samlIssuer) { + this.issuer = samlIssuer; + } + + /** + * Gets the SAML Token. + * + * @return The SAML Token value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Sets the SAML Token. + * + * @param samlToken The new SAML Token value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Gets the country. + * + * @return The country value. + */ + public String getCountry() { + return country; + } + + /** + * Sets the country. + * + * @param nCountry the new country value. + */ + public void setCountry(final String nCountry) { + this.country = nCountry; + } + + /** + * Getter for the qaa value. + * + * @return The qaa value value. + */ + public int getQaa() { + return qaa; + } + + /** + * Setter for the qaa value. + * + * @param qaaLevel The new qaa value. + */ + public void setQaa(final int qaaLevel) { + this.qaa = qaaLevel; + } + + /** + * Getter for the serviceURL value. + * + * @return The serviceURL value. + */ + public String getAssertionConsumerServiceURL() { + return serviceURL; + } + + /** + * Setter for the serviceURL value. + * + * @param newServiceURL the assertion consumer service URL. + */ + public void setAssertionConsumerServiceURL(final String newServiceURL) { + this.serviceURL = newServiceURL; + } + + /** + * Getter for the destination value. + * + * @return The destination value. + */ + public String getDestination() { + return destination; + } + + /** + * Setter for the destination value. + * + * @param detination the new destination value. + */ + public void setDestination(final String detination) { + this.destination = detination; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param newSamlId the new samlId value. + */ + public void setSamlId(final String newSamlId) { + this.samlId = newSamlId; + } + + + /** + * Getter for the attributeList value. + * + * @return The attributeList value. + * + * @see IPersonalAttributeList + */ + public IPersonalAttributeList getPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the attributeList value. + * + * @param attrList the personal attribute list value. + * + * @see IPersonalAttributeList + */ + public void setPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.attributeList = attrList; + } + } + + /** + * Getter for the distinguishedName value. + * + * @return The distinguishedName value. + */ + public String getDistinguishedName() { + return distinguishedName; + } + + /** + * Setter for the distinguishedName value. + * + * @param certDN the distinguished name value. + */ + public void setDistinguishedName(final String certDN) { + this.distinguishedName = certDN; + } + + /** + * Gets the service provider sector. + * + * @return The service provider sector value. + */ + public String getSpSector() { + return spSector; + } + + /** + * Sets the service provider sector. + * + * @param samlSPSector the new service provider sector value. + */ + public void setSpSector(final String samlSPSector) { + this.spSector = samlSPSector; + } + + /** + * Gets the service provider institution. + * + * @return The service provider institution value. + */ + public String getSpInstitution() { + return spInstitution; + } + + /** + * Sets the service provider institution. + * + * @param samlSPInst the new service provider institution value. + */ + public void setSpInstitution(final String samlSPInst) { + this.spInstitution = samlSPInst; + } + + /** + * Gets the service provider application. + * + * @return The service provider application value. + */ + public String getSpApplication() { + return spApplication; + } + + /** + * Sets the service provider application. + * + * @param samlSPApp the new service provider application value. + */ + public void setSpApplication(final String samlSPApp) { + this.spApplication = samlSPApp; + } + + /** + * Checks if is eId sector share. + * + * @return true, if is eId sector share. + */ + public boolean isEIDSectorShare() { + return eIDSectorShare; + } + + /** + * Sets the eId sector share. + * + * @param eIdSectorShare the new eId sector share value. + */ + public void setEIDSectorShare(final boolean eIdSectorShare) { + this.eIDSectorShare = eIdSectorShare; + } + + /** + * Checks if is eId cross sector share. + * + * @return true, if is eId cross sector share. + */ + public boolean isEIDCrossSectorShare() { + return eIDCrossSectorShare; + } + + /** + * Sets the eId cross sector share. + * + * @param eIdCrossSectorShare the new eId cross sector share value. + */ + public void setEIDCrossSectorShare(final boolean eIdCrossSectorShare) { + this.eIDCrossSectorShare = eIdCrossSectorShare; + } + + /** + * Checks if is eId cross border share. + * + * @return true, if is eId cross border share. + */ + public boolean isEIDCrossBorderShare() { + return eIDCrossBorderShare; + } + + /** + * Sets the eId cross border share. + * + * @param eIdCrossBorderShare the new eId cross border share value. + */ + public void setEIDCrossBorderShare(final boolean eIdCrossBorderShare) { + this.eIDCrossBorderShare = eIdCrossBorderShare; + } + + /** + * Returns a copy of this STORKAttrQueryRequest instance. + * + * @return The copy of this STORKAttrQueryRequest. + * @throws CloneNotSupportedException on clone exception + */ + @Override + public Object clone() throws CloneNotSupportedException{ + STORKAttrQueryRequest storkAttrQueryReq = null; + storkAttrQueryReq = (STORKAttrQueryRequest) super.clone(); + storkAttrQueryReq.setPersonalAttributeList(getPersonalAttributeList()); + storkAttrQueryReq.setTokenSaml(getTokenSaml()); + return storkAttrQueryReq; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java new file mode 100644 index 000000000..fcfa74fc8 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAttrQueryResponse.java @@ -0,0 +1,392 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; +import java.util.List; + +import org.apache.log4j.Logger; +import org.joda.time.DateTime; +import org.opensaml.saml2.core.Assertion; + +public class STORKAttrQueryResponse implements Serializable { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 7653893041391541235L; + +/** Response Id. */ + private String samlId; + + /** Request failed? */ + private boolean fail; + + /** Status code. */ + private String statusCode; + + /** Secondary status code. */ + private String subStatusCode; + + /** Audience restriction. */ + private transient String audienceRest; + + /** Error message. */ + private String message; + + /** Id of the request that originated this response. */ + private String inResponseTo; + + /** Expiration date. */ + private DateTime notOnOrAfter; + + /** Creation date. */ + private DateTime notBefore; + + /** The SAML token. */ + private byte[] tokenSaml = new byte[0]; + + /** Country. */ + private String country; + + /** The complete assertion **/ + private Assertion assertion; + + /** List of all assertions in response **/ + private List assertions; + + /** The complete list from all assertions **/ + private transient IPersonalAttributeList totalAttributeList = new PersonalAttributeList(); + + /** All personal attribute lists **/ + private List attributeLists; + + /** Citizen's personal attribute list. */ + private transient IPersonalAttributeList attributeList = new PersonalAttributeList(); + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(STORKAttrQueryResponse.class.getName()); + + /** + * Getter for the subStatusCode. + * + * @return The subStatusCode value. + */ + public String getSubStatusCode() { + return subStatusCode; + } + + /** + * Setter for the subStatusCode. + * + * @param samlSubStatusCode the new subStatusCode value. + */ + public void setSubStatusCode(final String samlSubStatusCode) { + this.subStatusCode = samlSubStatusCode; + } + + /** + * Getter for audienceRest. + * + * @return The audienceRest value. + */ + public String getAudienceRestriction() { + return audienceRest; + } + + /** + * Setter for audienceRest. + * + * @param audRest the new audienceRest value. + */ + public void setAudienceRestriction(final String audRest) { + this.audienceRest = audRest; + } + + /** + * Getter for the samlToken. + * + * @return The samlToken value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Setter for samlToken. + * + * @param samlToken the new tokenSaml value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Getter for the country name. + * + * @return The country name value. + */ + public String getCountry() { + return country; + } + + /** + * Setter for the country name. + * + * @param cCountry the new country name value. + */ + public void setCountry(final String cCountry) { + this.country = cCountry; + } + + /** + * Getter for pal value. + * + * @return The pal value. + * + * @see PersonalAttributeList + */ + public IPersonalAttributeList getPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.attributeList = attrList; + } + } + + /** + * Getter for the inResponseTo value. + * + * @return The inResponseTo value. + */ + public String getInResponseTo() { + return inResponseTo; + } + + /** + * Setter for the inResponseTo value. + * + * @param samlInResponseTo the new inResponseTo value. + */ + public void setInResponseTo(final String samlInResponseTo) { + this.inResponseTo = samlInResponseTo; + } + + /** + * Getter for the fail value. + * + * @return The fail value. + */ + public boolean isFail() { + return fail; + } + + /** + * Setter for the fail value. + * + * @param failVal the new fail value. + */ + public void setFail(final boolean failVal) { + this.fail = failVal; + } + + /** + * Getter for the message value. + * + * @return The message value. + */ + public String getMessage() { + return message; + } + + /** + * Setter for the message value. + * + * @param msg the new message value. + */ + public void setMessage(final String msg) { + this.message = msg; + } + + /** + * Getter for the statusCode value. + * + * @return The statusCode value. + */ + public String getStatusCode() { + return statusCode; + } + + /** + * Setter for the statusCode value. + * + * @param status the new statusCode value. + */ + public void setStatusCode(final String status) { + this.statusCode = status; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param nSamlId the new samlId value. + */ + public void setSamlId(final String nSamlId) { + this.samlId = nSamlId; + } + + /** + * Getter for the notOnOrAfter value. + * + * @return The notOnOrAfter value. + * + * @see DateTime + */ + public DateTime getNotOnOrAfter() { + return this.notOnOrAfter; + } + + /** + * Setter for the notOnOrAfter value. + * + * @param nOnOrAfter the new notOnOrAfter value. + * + * @see DateTime + */ + public void setNotOnOrAfter(final DateTime nOnOrAfter) { + this.notOnOrAfter = nOnOrAfter; + } + + /** + * Getter for the notBefore value. + * + * @return The notBefore value. + * + * @see DateTime + */ + public DateTime getNotBefore() { + return notBefore; + } + + /** + * Setter for the notBefore value. + * + * @param nBefore the new notBefore value. + * + * @see DateTime + */ + public void setNotBefore(final DateTime nBefore) { + this.notBefore = nBefore; + } + + /** Get the assertion from the response **/ + public Assertion getAssertion() { + return assertion; + } + + /** Set the assertion in the response **/ + public void setAssertion(final Assertion nAssertion) { + this.assertion = nAssertion; + } + + public void setAssertions(List newAssert) { + this.assertions = newAssert; + } + + public List getAssertions() { + return assertions; + } + + /** + * Getter for the toal pal value. + * + * @return The total pal value. + * + * @see PersonalAttributeList + */ + public IPersonalAttributeList getTotalPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) totalAttributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the total Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setTotalPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.totalAttributeList = attrList; + } + } + + /** + * Getter for personal attribute lists + * + * @return The lists + * + * @see PersonalAttributeList + */ + public List getPersonalAttributeLists() { + return attributeLists; + } + + /** + * Setter for the Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setPersonalAttributeLists(final List attrLists) { + if (attrLists != null) { + this.attributeLists = attrLists; + } + } + +} + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java new file mode 100644 index 000000000..2354d0eb1 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnRequest.java @@ -0,0 +1,495 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +import org.apache.log4j.Logger; + +/** + * This class is a bean used to store the information relative to the + * STORKAuthnRequest (SAML Token Request). + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.21 $, $Date: 2011-02-17 22:44:34 $ + */ +public final class STORKAuthnRequest implements Serializable, Cloneable { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = 4778480781609392750L; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(STORKAuthnRequest.class + .getName()); + + /** The samlId. */ + private String samlId; + + /** The assertion consumer service url. */ + private String serviceURL; + + /** The destination. */ + private String destination; + + /** The provider name. */ + private String providerName; + + /** The distinguished name. */ + private String distinguishedName; + + /** The e id sector share. */ + private boolean eIDSectorShare; + + /** The e id cross sector share. */ + private boolean eIDCrossSectorShare; + + /** The e id cross border share. */ + private boolean eIDCrossBorderShare; + + /** The personal attribute list. */ + private IPersonalAttributeList attributeList = new PersonalAttributeList(); + + /** The qaa. */ + private int qaa; + + /** The token saml. */ + private byte[] tokenSaml = new byte[0]; + + /** The issuer. */ + private String issuer; + + /** The service provider sector. */ + private String spSector; + + /** The service provider institution. */ + private String spInstitution; + + /** The service provider application. */ + private String spApplication; + + /** The service provider country. */ + private String spCountry; + + /** The country. */ + private String country; + + /** The citizen country code. */ + private String citizenCountry; + + /** The Service Provider ID. */ + private String sPID; + + /** The Alias used at the keystore for saving this certificate. */ + private String alias; + + /** + * Gets the SP's Certificate Alias. + * + * @return alias The SP's Certificate Alias. + */ + public String getAlias() { + return alias; + } + + /** + * Sets the SP's Certificate Alias. + * + * @param nAlias The SP's Certificate Alias. + */ + public void setAlias(final String nAlias) { + this.alias = nAlias; + } + + /** + * Gets the SP ID. + * + * @return sPID The SP ID. + */ + public String getSPID() { + return sPID; + } + + /** + * Sets the SP ID. + * + * @param sPId The new sp samlId. + */ + public void setSPID(final String sPId) { + this.sPID = sPId; + } + + /** + * Gets the citizen country code. + * + * @return The citizen country code value. + */ + public String getCitizenCountryCode() { + return citizenCountry; + } + + /** + * Sets the citizen country code. + * + * @param countryCode the new citizen country code value. + */ + public void setCitizenCountryCode(final String countryCode) { + this.citizenCountry = countryCode; + } + + /** + * Gets the sp country. + * + * @return The sp country value. + */ + public String getSpCountry() { + return spCountry; + } + + /** + * Sets the sp country. + * + * @param sPCountry the new sp country value. + */ + public void setSpCountry(final String sPCountry) { + this.spCountry = sPCountry; + } + + /** + * Gets the issuer. + * + * @return The issuer value. + */ + public String getIssuer() { + return issuer; + } + + /** + * Sets the issuer. + * + * @param samlIssuer the new issuer value. + */ + public void setIssuer(final String samlIssuer) { + this.issuer = samlIssuer; + } + + /** + * Gets the SAML Token. + * + * @return The SAML Token value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Sets the SAML Token. + * + * @param samlToken The new SAML Token value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Gets the country. + * + * @return The country value. + */ + public String getCountry() { + return country; + } + + /** + * Sets the country. + * + * @param nCountry the new country value. + */ + public void setCountry(final String nCountry) { + this.country = nCountry; + } + + /** + * Getter for the qaa value. + * + * @return The qaa value value. + */ + public int getQaa() { + return qaa; + } + + /** + * Setter for the qaa value. + * + * @param qaaLevel The new qaa value. + */ + public void setQaa(final int qaaLevel) { + this.qaa = qaaLevel; + } + + /** + * Getter for the serviceURL value. + * + * @return The serviceURL value. + */ + public String getAssertionConsumerServiceURL() { + return serviceURL; + } + + /** + * Setter for the serviceURL value. + * + * @param newServiceURL the assertion consumer service URL. + */ + public void setAssertionConsumerServiceURL(final String newServiceURL) { + this.serviceURL = newServiceURL; + } + + /** + * Getter for the destination value. + * + * @return The destination value. + */ + public String getDestination() { + return destination; + } + + /** + * Setter for the destination value. + * + * @param detination the new destination value. + */ + public void setDestination(final String detination) { + this.destination = detination; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param newSamlId the new samlId value. + */ + public void setSamlId(final String newSamlId) { + this.samlId = newSamlId; + } + + /** + * Getter for the providerName value. + * + * @return The provider name value. + */ + public String getProviderName() { + return providerName; + } + + /** + * Setter for the providerName value. + * + * @param samlProvider the provider name value. + */ + public void setProviderName(final String samlProvider) { + this.providerName = samlProvider; + } + + /** + * Getter for the attributeList value. + * + * @return The attributeList value. + * + * @see IPersonalAttributeList + */ + public IPersonalAttributeList getPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the attributeList value. + * + * @param attrList the personal attribute list value. + * + * @see IPersonalAttributeList + */ + public void setPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.attributeList = attrList; + } + } + + /** + * Getter for the distinguishedName value. + * + * @return The distinguishedName value. + */ + public String getDistinguishedName() { + return distinguishedName; + } + + /** + * Setter for the distinguishedName value. + * + * @param certDN the distinguished name value. + */ + public void setDistinguishedName(final String certDN) { + this.distinguishedName = certDN; + } + + /** + * Gets the service provider sector. + * + * @return The service provider sector value. + */ + public String getSpSector() { + return spSector; + } + + /** + * Sets the service provider sector. + * + * @param samlSPSector the new service provider sector value. + */ + public void setSpSector(final String samlSPSector) { + this.spSector = samlSPSector; + } + + /** + * Gets the service provider institution. + * + * @return The service provider institution value. + */ + public String getSpInstitution() { + return spInstitution; + } + + /** + * Sets the service provider institution. + * + * @param samlSPInst the new service provider institution value. + */ + public void setSpInstitution(final String samlSPInst) { + this.spInstitution = samlSPInst; + } + + /** + * Gets the service provider application. + * + * @return The service provider application value. + */ + public String getSpApplication() { + return spApplication; + } + + /** + * Sets the service provider application. + * + * @param samlSPApp the new service provider application value. + */ + public void setSpApplication(final String samlSPApp) { + this.spApplication = samlSPApp; + } + + /** + * Checks if is eId sector share. + * + * @return true, if is eId sector share. + */ + public boolean isEIDSectorShare() { + return eIDSectorShare; + } + + /** + * Sets the eId sector share. + * + * @param eIdSectorShare the new eId sector share value. + */ + public void setEIDSectorShare(final boolean eIdSectorShare) { + this.eIDSectorShare = eIdSectorShare; + } + + /** + * Checks if is eId cross sector share. + * + * @return true, if is eId cross sector share. + */ + public boolean isEIDCrossSectorShare() { + return eIDCrossSectorShare; + } + + /** + * Sets the eId cross sector share. + * + * @param eIdCrossSectorShare the new eId cross sector share value. + */ + public void setEIDCrossSectorShare(final boolean eIdCrossSectorShare) { + this.eIDCrossSectorShare = eIdCrossSectorShare; + } + + /** + * Checks if is eId cross border share. + * + * @return true, if is eId cross border share. + */ + public boolean isEIDCrossBorderShare() { + return eIDCrossBorderShare; + } + + /** + * Sets the eId cross border share. + * + * @param eIdCrossBorderShare the new eId cross border share value. + */ + public void setEIDCrossBorderShare(final boolean eIdCrossBorderShare) { + this.eIDCrossBorderShare = eIdCrossBorderShare; + } + + /** + * Returns a copy of this STORKAuthnRequest instance. + * + * @return The copy of this STORKAuthnRequest. + * @throws CloneNotSupportedException on clone exception + */ + @Override + public Object clone() throws CloneNotSupportedException{ + STORKAuthnRequest storkAuthnReq = null; + try { + storkAuthnReq = (STORKAuthnRequest) super.clone(); + storkAuthnReq.setPersonalAttributeList(getPersonalAttributeList()); + storkAuthnReq.setTokenSaml(getTokenSaml()); + } catch (final CloneNotSupportedException e) { + // assert false; + LOG.trace("[PersonalAttribute] Nothing to do."); + } + + return storkAuthnReq; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java new file mode 100644 index 000000000..dd99cb8f6 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java @@ -0,0 +1,395 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; +import java.util.List; + +import org.apache.log4j.Logger; +import org.joda.time.DateTime; +import org.opensaml.saml2.core.Assertion; + +/** + * This class is a bean used to store the information relative to the + * STORKAuthnResponse. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class STORKAuthnResponse implements Serializable { + + /** The Constant serialVersionUID. */ + private static final long serialVersionUID = -9100982727074068660L; + + /** Response Id. */ + private String samlId; + + /** Authentication failed?. */ + private boolean fail; + + /** Status code. */ + private String statusCode; + + /** Secondary status code. */ + private String subStatusCode; + + /** Audience restriction. */ + private transient String audienceRest; + + /** Error message. */ + private String message; + + /** Id of the request that originated this response. */ + private String inResponseTo; + + /** Expiration date. */ + private DateTime notOnOrAfter; + + /** Creation date. */ + private DateTime notBefore; + + /** The SAML token. */ + private byte[] tokenSaml = new byte[0]; + + /** Country. */ + private String country; + + /** Citizen's personal attribute list. */ + private transient IPersonalAttributeList attributeList = new PersonalAttributeList(); + + /** List of all assertions in response *. */ + private List assertions; + + /** The complete list from all assertions *. */ + private transient IPersonalAttributeList totalAttributeList = new PersonalAttributeList(); + + /** All personal attribute lists *. */ + private List attributeLists; + + /** + * Logger object. + */ + private static final Logger LOG = Logger.getLogger(STORKAuthnResponse.class.getName()); + + /** + * Getter for the subStatusCode. + * + * @return The subStatusCode value. + */ + public String getSubStatusCode() { + return subStatusCode; + } + + /** + * Setter for the subStatusCode. + * + * @param samlSubStatusCode the new subStatusCode value. + */ + public void setSubStatusCode(final String samlSubStatusCode) { + this.subStatusCode = samlSubStatusCode; + } + + /** + * Getter for audienceRest. + * + * @return The audienceRest value. + */ + public String getAudienceRestriction() { + return audienceRest; + } + + /** + * Setter for audienceRest. + * + * @param audRest the new audienceRest value. + */ + public void setAudienceRestriction(final String audRest) { + this.audienceRest = audRest; + } + + /** + * Getter for the samlToken. + * + * @return The samlToken value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Setter for samlToken. + * + * @param samlToken the new tokenSaml value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Getter for the country name. + * + * @return The country name value. + */ + public String getCountry() { + return country; + } + + /** + * Setter for the country name. + * + * @param cCountry the new country name value. + */ + public void setCountry(final String cCountry) { + this.country = cCountry; + } + + /** + * Getter for pal value. + * + * @return The pal value. + * + * @see PersonalAttributeList + */ + public IPersonalAttributeList getPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) attributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.attributeList = attrList; + } + } + + /** + * Getter for the inResponseTo value. + * + * @return The inResponseTo value. + */ + public String getInResponseTo() { + return inResponseTo; + } + + /** + * Setter for the inResponseTo value. + * + * @param samlInResponseTo the new inResponseTo value. + */ + public void setInResponseTo(final String samlInResponseTo) { + this.inResponseTo = samlInResponseTo; + } + + /** + * Getter for the fail value. + * + * @return The fail value. + */ + public boolean isFail() { + return fail; + } + + /** + * Setter for the fail value. + * + * @param failVal the new fail value. + */ + public void setFail(final boolean failVal) { + this.fail = failVal; + } + + /** + * Getter for the message value. + * + * @return The message value. + */ + public String getMessage() { + return message; + } + + /** + * Setter for the message value. + * + * @param msg the new message value. + */ + public void setMessage(final String msg) { + this.message = msg; + } + + /** + * Getter for the statusCode value. + * + * @return The statusCode value. + */ + public String getStatusCode() { + return statusCode; + } + + /** + * Setter for the statusCode value. + * + * @param status the new statusCode value. + */ + public void setStatusCode(final String status) { + this.statusCode = status; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param nSamlId the new samlId value. + */ + public void setSamlId(final String nSamlId) { + this.samlId = nSamlId; + } + + /** + * Getter for the notOnOrAfter value. + * + * @return The notOnOrAfter value. + * + * @see DateTime + */ + public DateTime getNotOnOrAfter() { + return this.notOnOrAfter; + } + + /** + * Setter for the notOnOrAfter value. + * + * @param nOnOrAfter the new notOnOrAfter value. + * + * @see DateTime + */ + public void setNotOnOrAfter(final DateTime nOnOrAfter) { + this.notOnOrAfter = nOnOrAfter; + } + + /** + * Getter for the notBefore value. + * + * @return The notBefore value. + * + * @see DateTime + */ + public DateTime getNotBefore() { + return notBefore; + } + + /** + * Setter for the notBefore value. + * + * @param nBefore the new notBefore value. + * + * @see DateTime + */ + public void setNotBefore(final DateTime nBefore) { + this.notBefore = nBefore; + } + + /** + * Sets the assertions. + * + * @param newAssert the new assertions + */ + public void setAssertions(List newAssert) { + this.assertions = newAssert; + } + + /** + * Gets the assertions. + * + * @return the assertions + */ + public List getAssertions() { + return assertions; + } + + /** + * Getter for the toal pal value. + * + * @return The total pal value. + * + * @see PersonalAttributeList + */ + public IPersonalAttributeList getTotalPersonalAttributeList() { + IPersonalAttributeList personnalAttributeList = null; + try { + personnalAttributeList = (IPersonalAttributeList) totalAttributeList.clone(); + } catch (CloneNotSupportedException e1) { + LOG.trace("[PersonalAttribute] Nothing to do."); + } + return personnalAttributeList; + } + + /** + * Setter for the total Personal Attribute List value. + * + * @param attrList the new value. + * + * @see PersonalAttributeList + */ + public void setTotalPersonalAttributeList(final IPersonalAttributeList attrList) { + if (attrList != null) { + this.totalAttributeList = attrList; + } + } + + /** + * Getter for personal attribute lists. + * + * @return The lists + * @see PersonalAttributeList + */ + public List getPersonalAttributeLists() { + return attributeLists; + } + + /** + * Setter for the Personal Attribute List value. + * + * @param attrLists the new personal attribute lists + * @see PersonalAttributeList + */ + public void setPersonalAttributeLists(final List attrLists) { + if (attrLists != null) { + this.attributeLists = attrLists; + } + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java new file mode 100644 index 000000000..44811aee2 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutRequest.java @@ -0,0 +1,197 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +public class STORKLogoutRequest implements Serializable, Cloneable { + private static final long serialVersionUID = 4778480781609392750L; + + /** The samlId. */ + private String samlId; + + /** The destination. */ + private String destination; + + /** The distinguished name. */ + private String distinguishedName; + + /** The qaa. */ + private int qaa; + + /** The token saml. */ + private byte[] tokenSaml = new byte[0]; + + /** The issuer. */ + private String issuer; + + /** The country. */ + private String country; + + /** The Alias used at the keystore for saving this certificate. */ + private String alias; + + /** The ID of principal as known to SP **/ + private String spProvidedId; + + /** + * Gets the SP's Certificate Alias. + * + * @return alias The SP's Certificate Alias. + */ + public String getAlias() { + return alias; + } + + /** + * Sets the SP's Certificate Alias. + * + * @param nAlias The SP's Certificate Alias. + */ + public void setAlias(final String nAlias) { + this.alias = nAlias; + } + + /** + * Gets the issuer. + * + * @return The issuer value. + */ + public String getIssuer() { + return issuer; + } + + /** + * Sets the issuer. + * + * @param samlIssuer the new issuer value. + */ + public void setIssuer(final String samlIssuer) { + this.issuer = samlIssuer; + } + + /** + * Gets the SAML Token. + * + * @return The SAML Token value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Sets the SAML Token. + * + * @param samlToken The new SAML Token value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Gets the country. + * + * @return The country value. + */ + public String getCountry() { + return country; + } + + /** + * Sets the country. + * + * @param nCountry the new country value. + */ + public void setCountry(final String nCountry) { + this.country = nCountry; + } + + /** + * Getter for the qaa value. + * + * @return The qaa value value. + */ + public int getQaa() { + return qaa; + } + + /** + * Setter for the qaa value. + * + * @param qaaLevel The new qaa value. + */ + public void setQaa(final int qaaLevel) { + this.qaa = qaaLevel; + } + + /** + * Getter for the destination value. + * + * @return The destination value. + */ + public String getDestination() { + return destination; + } + + /** + * Setter for the destination value. + * + * @param detination the new destination value. + */ + public void setDestination(final String detination) { + this.destination = detination; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param newSamlId the new samlId value. + */ + public void setSamlId(final String newSamlId) { + this.samlId = newSamlId; + } + + /** + * Getter for the distinguishedName value. + * + * @return The distinguishedName value. + */ + public String getDistinguishedName() { + return distinguishedName; + } + + /** + * Setter for the distinguishedName value. + * + * @param certDN the distinguished name value. + */ + public void setDistinguishedName(final String certDN) { + this.distinguishedName = certDN; + } + + /** Getter for spProvidedId **/ + public String getSpProvidedId() { + return spProvidedId; + } + + public void setSpProvidedId(final String nSpProvidedId) { + this.spProvidedId = nSpProvidedId; + } + + @Override + public Object clone() throws CloneNotSupportedException{ + STORKLogoutRequest storkLogoutRequest = null; + storkLogoutRequest = (STORKLogoutRequest) super.clone(); + storkLogoutRequest.setTokenSaml(getTokenSaml()); + return storkLogoutRequest; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java new file mode 100644 index 000000000..21b53a652 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKLogoutResponse.java @@ -0,0 +1,250 @@ +package eu.stork.peps.auth.commons; + +import java.io.Serializable; + +public class STORKLogoutResponse implements Serializable, Cloneable { + private static final long serialVersionUID = 4778480781609392750L; + + /** The samlId. */ + private String samlId; + + /** The destination. */ + private String destination; + + /** The distinguished name. */ + private String distinguishedName; + + /** The token saml. */ + private byte[] tokenSaml = new byte[0]; + + /** The issuer. */ + private String issuer; + + /** The country. */ + private String country; + + /** The Alias used at the keystore for saving this certificate. */ + private String alias; + + /** Status code. */ + private String statusCode; + + /** Secondary status code. */ + private String subStatusCode; + + /** Status message. */ + private String statusMessage; + + /** Logout failed? */ + private boolean fail; + + /** + * Gets the SP's Certificate Alias. + * + * @return alias The SP's Certificate Alias. + */ + public String getAlias() { + return alias; + } + + /** + * Sets the SP's Certificate Alias. + * + * @param nAlias The SP's Certificate Alias. + */ + public void setAlias(final String nAlias) { + this.alias = nAlias; + } + + /** + * Gets the issuer. + * + * @return The issuer value. + */ + public String getIssuer() { + return issuer; + } + + /** + * Sets the issuer. + * + * @param samlIssuer the new issuer value. + */ + public void setIssuer(final String samlIssuer) { + this.issuer = samlIssuer; + } + + /** + * Gets the SAML Token. + * + * @return The SAML Token value. + */ + public byte[] getTokenSaml() { + return tokenSaml.clone(); + } + + /** + * Sets the SAML Token. + * + * @param samlToken The new SAML Token value. + */ + public void setTokenSaml(final byte[] samlToken) { + if (samlToken != null) { + this.tokenSaml = samlToken.clone(); + } + } + + /** + * Gets the country. + * + * @return The country value. + */ + public String getCountry() { + return country; + } + + /** + * Sets the country. + * + * @param nCountry the new country value. + */ + public void setCountry(final String nCountry) { + this.country = nCountry; + } + + /** + * Getter for the destination value. + * + * @return The destination value. + */ + public String getDestination() { + return destination; + } + + /** + * Setter for the destination value. + * + * @param detination the new destination value. + */ + public void setDestination(final String detination) { + this.destination = detination; + } + + /** + * Getter for the samlId value. + * + * @return The samlId value. + */ + public String getSamlId() { + return samlId; + } + + /** + * Setter for the samlId value. + * + * @param newSamlId the new samlId value. + */ + public void setSamlId(final String newSamlId) { + this.samlId = newSamlId; + } + + /** + * Getter for the distinguishedName value. + * + * @return The distinguishedName value. + */ + public String getDistinguishedName() { + return distinguishedName; + } + + /** + * Setter for the distinguishedName value. + * + * @param certDN the distinguished name value. + */ + public void setDistinguishedName(final String certDN) { + this.distinguishedName = certDN; + } + + + /** + * Getter for the fail value. + * + * @return The fail value. + */ + public boolean isFail() { + return fail; + } + + /** + * Setter for the fail value. + * + * @param failVal the new fail value. + */ + public void setFail(final boolean failVal) { + this.fail = failVal; + } + + /** + * Getter for the statusCode value. + * + * @return The statusCode value. + */ + public String getStatusCode() { + return statusCode; + } + + /** + * Getter for the subStatusCode. + * + * @return The subStatusCode value. + */ + public String getSubStatusCode() { + return subStatusCode; + } + + /** + * Setter for the subStatusCode. + * + * @param samlSubStatusCode the new subStatusCode value. + */ + public void setSubStatusCode(final String samlSubStatusCode) { + this.subStatusCode = samlSubStatusCode; + } + + /** + * Setter for the statusMessage value. + * + * @param status the new statusMessage value. + */ + public void setStatusMessage(final String status) { + this.statusMessage = status; + } + + /** + * Getter for the statusMessage value. + * + * @return The statusMessage value. + */ + public String getStatusMessage() { + return statusMessage; + } + + /** + * Setter for the statusCode value. + * + * @param status the new statusCode value. + */ + public void setStatusCode(final String status) { + this.statusCode = status; + } + + @Override + public Object clone() throws CloneNotSupportedException{ + STORKLogoutResponse storkLogoutResponse = null; + storkLogoutResponse = (STORKLogoutResponse) super.clone(); + storkLogoutResponse.setTokenSaml(getTokenSaml()); + return storkLogoutResponse; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java new file mode 100644 index 000000000..a9c4a156b --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKStatusCode.java @@ -0,0 +1,68 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains the SAML Token Status Code. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ + */ +public enum STORKStatusCode { + + /** URI for Requester status code. */ + REQUESTER_URI("urn:oasis:names:tc:SAML:2.0:status:Requester"), + + /** URI for Responder status code. */ + RESPONDER_URI("urn:oasis:names:tc:SAML:2.0:status:Responder"), + + /** URI for Success status code. */ + SUCCESS_URI("urn:oasis:names:tc:SAML:2.0:status:Success"), + + /** Attribute is Available. */ + STATUS_AVAILABLE("Available"), + + /** Attribute is NotAvailable. */ + STATUS_NOT_AVAILABLE("NotAvailable"), + + /** Attribute is Withheld. */ + STATUS_WITHHELD("Withheld"); + + /** + * Represents the constant's value. + */ + private String value; + + /** + * Solo Constructor. + * + * @param val The Constant value. + */ + private STORKStatusCode(final String val) { + + this.value = val; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public String toString() { + + return value; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java new file mode 100644 index 000000000..0a711c9b7 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKSubStatusCode.java @@ -0,0 +1,71 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons; + +/** + * This enum class contains the SAML Token Sub Status Code. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.7 $, $Date: 2010-11-17 05:15:28 $ + */ +public enum STORKSubStatusCode { + + /** URI for AuthnFailed status code. */ + AUTHN_FAILED_URI("urn:oasis:names:tc:SAML:2.0:status:AuthnFailed"), + + /** URI for InvalidAttrNameOrValue status code. */ + INVALID_ATTR_NAME_VALUE_URI( + "urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue"), + + /** URI for InvalidNameIDPolicy status code. */ + INVALID_NAMEID_POLICY_URI( + "urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy"), + + /** URI for VersionMismatch status code. */ + VERSION_MISMATCH_URI("urn:oasis:names:tc:SAML:2.0:status:VersionMismatch"), + + /** URI for RequestDenied status code. */ + REQUEST_DENIED_URI("urn:oasis:names:tc:SAML:2.0:status:RequestDenied"), + + /** URI for QaaNotSupported status code. */ + QAA_NOT_SUPPORTED( + "http://www.stork.gov.eu/saml20/statusCodes/QAANotSupported"); + + /** + * Represents the constant's value. + */ + private String value; + + /** + * Solo Constructor. + * + * @param val The Constant value. + */ + private STORKSubStatusCode(final String val) { + + this.value = val; + } + + /** + * Return the Constant Value. + * + * @return The constant value. + */ + public String toString() { + + return value; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/all-wcprops b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/all-wcprops new file mode 100644 index 000000000..14f05b17c --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/all-wcprops @@ -0,0 +1,53 @@ +K 25 +svn:wc:ra_dav:version-url +V 96 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/exceptions +END +InvalidParameterPEPSException.java +K 25 +svn:wc:ra_dav:version-url +V 131 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java +END +SecurityPEPSException.java +K 25 +svn:wc:ra_dav:version-url +V 123 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java +END +InvalidSessionPEPSException.java +K 25 +svn:wc:ra_dav:version-url +V 129 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 114 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java +END +CPEPSException.java +K 25 +svn:wc:ra_dav:version-url +V 116 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java +END +StorkPEPSException.java +K 25 +svn:wc:ra_dav:version-url +V 120 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java +END +AbstractPEPSException.java +K 25 +svn:wc:ra_dav:version-url +V 123 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java +END +InternalErrorPEPSException.java +K 25 +svn:wc:ra_dav:version-url +V 128 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java +END diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/entries b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/entries new file mode 100644 index 000000000..06755237e --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/entries @@ -0,0 +1,300 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/java/eu/stork/peps/auth/commons/exceptions +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +InternalErrorPEPSException.java +file + + + + +2013-12-20T12:27:56.626475Z +36d8f6310e84c550f65bef78d5dc4238 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2471 + +InvalidParameterPEPSException.java +file + + + + +2013-12-20T12:27:56.626475Z +c6ad53378b03a346ca0fc48a381ed771 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1800 + +SecurityPEPSException.java +file + + + + +2013-12-20T12:27:56.626475Z +78d50b78a69cb0c630e4e14420e3b7be +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2199 + +InvalidSessionPEPSException.java +file + + + + +2013-12-20T12:27:56.626475Z +5fd7f04ad6f6cc121084e682b2a4e678 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1555 + +package-info.java +file + + + + +2013-12-20T12:27:56.626475Z +7055c01b74382c525c7fcf110646d8fc +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +129 + +CPEPSException.java +file + + + + +2013-12-20T12:27:56.626475Z +5d3cb4a7303baeaf2104aaa7da301b21 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +3570 + +StorkPEPSException.java +file + + + + +2013-12-20T12:27:56.626475Z +fea01f750728ea5f15b449acb517f4b2 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1690 + +AbstractPEPSException.java +file + + + + +2013-12-20T12:27:56.626475Z +c9aedb030e6dbc9f002c7cd3d52cf03f +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +4422 + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/AbstractPEPSException.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/AbstractPEPSException.java.svn-base new file mode 100644 index 000000000..e9a96d7c2 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/AbstractPEPSException.java.svn-base @@ -0,0 +1,173 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +import java.io.Serializable; + +/** + * Abstract class to represent the various PEPS exceptions. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ + */ +public abstract class AbstractPEPSException extends RuntimeException implements + Serializable { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = -1884417567740138022L; + + /** + * Error code. + */ + private String errorCode; + + /** + * Error message. + */ + private String errorMessage; + + /** + * SAML token. + */ + private String samlTokenFail; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param code The error code value. + * @param message The error message value. + */ + public AbstractPEPSException(final String code, final String message) { + + super(message); + this.errorCode = code; + this.errorMessage = message; + } + + /** + * Exception Constructor with the errorMessage as parameters and the Throwable + * cause. + * + * @param message The error message value. + * @param cause The throwable object. + */ + public AbstractPEPSException(final String message, final Throwable cause) { + + super(message, cause); + this.errorMessage = message; + } + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters and the Throwable cause. + * + * @param code The error code value. + * @param message The error message value. + * @param cause The throwable object. + */ + public AbstractPEPSException(final String code, final String message, + final Throwable cause) { + + super(message, cause); + this.errorCode = code; + this.errorMessage = message; + } + + /** + * Exception Constructor with three Strings representing the errorCode, + * errorMessage and encoded samlToken as parameters. + * + * @param code The error code value. + * @param message The error message value. + * @param samlToken The error SAML Token. + */ + public AbstractPEPSException(final String code, final String message, + final String samlToken) { + + super(message); + this.errorCode = code; + this.errorMessage = message; + this.samlTokenFail = samlToken; + } + + /** + * Constructor with SAML Token as argument. Error message and error code are + * embedded in the SAML. + * + * @param samlToken The error SAML Token. + */ + public AbstractPEPSException(final String samlToken) { + super(); + this.samlTokenFail = samlToken; + } + + /** + * Getter for errorCode. + * + * @return The errorCode value. + */ + public final String getErrorCode() { + return errorCode; + } + + /** + * Setter for errorCode. + * + * @param code The error code value. + */ + public final void setErrorCode(final String code) { + this.errorCode = code; + } + + /** + * Getter for errorMessage. + * + * @return The error Message value. + */ + public final String getErrorMessage() { + return errorMessage; + } + + /** + * Setter for errorMessage. + * + * @param message The error message value. + */ + public final void setErrorMessage(final String message) { + this.errorMessage = message; + } + + /** + * Getter for SAMLTokenFail. + * + * @return The error SAML Token. + */ + public final String getSamlTokenFail() { + return samlTokenFail; + } + + /** + * Setter for SAMLTokenFail. + * + * @param samlToken The error SAML token. + */ + public final void setSamlTokenFail(final String samlToken) { + this.samlTokenFail = samlToken; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/CPEPSException.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/CPEPSException.java.svn-base new file mode 100644 index 000000000..69cb20fdd --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/CPEPSException.java.svn-base @@ -0,0 +1,143 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * This exception is thrown by the C-PEPS service and holds the relative + * information to present to the citizen. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.9 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class CPEPSException extends RuntimeException { + + /** + * Serial id. + */ + private static final long serialVersionUID = -4012295047127999362L; + + /** + * Error code. + */ + private String errorCode; + + /** + * Error message. + */ + private String errorMessage; + + /** + * SAML token. + */ + private String samlTokenFail; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param samlToken The SAML Token. + * @param code The error code value. + * @param message The error message value. + */ + public CPEPSException(final String samlToken, final String code, + final String message) { + + super(message); + this.setErrorCode(code); + this.setErrorMessage(message); + this.setSamlTokenFail(samlToken); + } + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param samlToken The SAML Token. + * @param code The error code value. + * @param message The error message value. + * @param cause The original exception; + */ + public CPEPSException(final String samlToken, final String code, + final String message, final Throwable cause) { + + super(message, cause); + this.setErrorCode(code); + this.setErrorMessage(message); + this.setSamlTokenFail(samlToken); + } + + /** + * {@inheritDoc} + */ + public String getMessage() { + return this.getErrorMessage() + " (" + this.getErrorCode() + ")"; + } + + /** + * Getter for the error code. + * + * @return The errorCode value. + */ + public String getErrorCode() { + return errorCode; + } + + /** + * Setter for the error code. + * + * @param code The error code. + */ + public void setErrorCode(final String code) { + this.errorCode = code; + } + + /** + * Getter for the error message. + * + * @return The errorMessage value. + */ + public String getErrorMessage() { + return errorMessage; + } + + /** + * Setter for the error message. + * + * @param message The error message. + */ + public void setErrorMessage(final String message) { + this.errorMessage = message; + } + + /** + * Getter for the samlTokenFail. + * + * @return The samlTokenFail value. + */ + public String getSamlTokenFail() { + return samlTokenFail; + } + + /** + * Setter for the samlTokenFail. + * + * @param samlToken The error Saml Token. + */ + public void setSamlTokenFail(final String samlToken) { + this.samlTokenFail = samlToken; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InternalErrorPEPSException.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InternalErrorPEPSException.java.svn-base new file mode 100644 index 000000000..67514d4fe --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InternalErrorPEPSException.java.svn-base @@ -0,0 +1,74 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * Internal Error Exception class. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ + * + * @see AbstractPEPSException + */ +public final class InternalErrorPEPSException extends AbstractPEPSException { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 1193001455410319795L; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters and the Throwable cause. + * + * @param errorCode The error code value. + * @param errorMessage The error message value. + * @param cause The throwable object. + */ + public InternalErrorPEPSException(final String errorCode, + final String errorMessage, final Throwable cause) { + + super(errorCode, errorMessage, cause); + } + + /** + * Exception Constructor with three strings representing the errorCode, + * errorMessage and encoded samlToken as parameters. + * + * @param errorCode The error code value. + * @param errorMessage The error message value. + * @param samlTokenFail The error SAML Token. + */ + public InternalErrorPEPSException(final String errorCode, + final String errorMessage, final String samlTokenFail) { + + super(errorCode, errorMessage, samlTokenFail); + } + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param errorCode The error code value. + * @param errorMessage The error message value. + */ + public InternalErrorPEPSException(final String errorCode, + final String errorMessage) { + + super(errorCode, errorMessage); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InvalidParameterPEPSException.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InvalidParameterPEPSException.java.svn-base new file mode 100644 index 000000000..12c83b589 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InvalidParameterPEPSException.java.svn-base @@ -0,0 +1,54 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * Invalid Parameter Exception class. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.11 $, $Date: 2010-11-17 05:15:28 $ + * + * @see InvalidParameterPEPSException + */ +public class InvalidParameterPEPSException extends AbstractPEPSException { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 2046282148740524875L; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param errorCode The error code value. + * @param errorMessage The error code message value. + */ + public InvalidParameterPEPSException(final String errorCode, + final String errorMessage) { + super(errorCode, errorMessage); + } + + /** + * Exception Constructor with one String representing the encoded samlToken. + * + * @param samlTokenFail The error SAML Token. + */ + public InvalidParameterPEPSException(final String samlTokenFail) { + super(samlTokenFail); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InvalidSessionPEPSException.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InvalidSessionPEPSException.java.svn-base new file mode 100644 index 000000000..800525eee --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/InvalidSessionPEPSException.java.svn-base @@ -0,0 +1,46 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * Invalid session Exception class. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.14 $, $Date: 2010-11-17 05:15:28 $ + * + * @see InvalidParameterPEPSException + */ +public class InvalidSessionPEPSException extends InvalidParameterPEPSException { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 7147090160978319016L; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param errorCode The error code value. + * @param errorMessage The error message value. + */ + public InvalidSessionPEPSException(final String errorCode, + final String errorMessage) { + + super(errorCode, errorMessage); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/SecurityPEPSException.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/SecurityPEPSException.java.svn-base new file mode 100644 index 000000000..fc27371d2 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/SecurityPEPSException.java.svn-base @@ -0,0 +1,67 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * Security PEPS Exception class. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.18 $, $Date: 2010-11-17 05:15:28 $ + * + * @see AbstractPEPSException + */ +public final class SecurityPEPSException extends AbstractPEPSException { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 5605743302478554967L; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param errorCode The error code value. + * @param errorMsg The error message value. + */ + public SecurityPEPSException(final String errorCode, final String errorMsg) { + super(errorCode, errorMsg); + } + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters and the Throwable cause. + * + * @param errorCode The error code value. + * @param errorMessage The error message value. + * @param cause The throwable object. + */ + public SecurityPEPSException(final String errorCode, + final String errorMessage, final Throwable cause) { + + super(errorCode, errorMessage, cause); + } + + /** + * Exception Constructor with one String representing the encoded samlToken. + * + * @param samlTokenFail The error SAML Token. + */ + public SecurityPEPSException(final String samlTokenFail) { + super(samlTokenFail); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/StorkPEPSException.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/StorkPEPSException.java.svn-base new file mode 100644 index 000000000..a2da61a02 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/StorkPEPSException.java.svn-base @@ -0,0 +1,53 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * Security PEPS Exception class. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ + * + * @see AbstractPEPSException + */ +public final class StorkPEPSException extends AbstractPEPSException { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 8048033129798427574L; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param errorCode The error code value. + * @param errorMsg The error message value. + */ + public StorkPEPSException(final String errorCode, final String errorMsg) { + super(errorCode, errorMsg); + } + + /** + * {@inheritDoc} + */ + public String getMessage() { + + return "Security Error (" + this.getErrorCode() + ") processing request : " + + this.getErrorMessage(); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/package-info.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..d83068beb --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,7 @@ +/** + * Package for the PEPS’ Exceptions handling. + * + * @since 1.0 + */ +package eu.stork.peps.auth.commons.exceptions; + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java new file mode 100644 index 000000000..e9a96d7c2 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/AbstractPEPSException.java @@ -0,0 +1,173 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +import java.io.Serializable; + +/** + * Abstract class to represent the various PEPS exceptions. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ + */ +public abstract class AbstractPEPSException extends RuntimeException implements + Serializable { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = -1884417567740138022L; + + /** + * Error code. + */ + private String errorCode; + + /** + * Error message. + */ + private String errorMessage; + + /** + * SAML token. + */ + private String samlTokenFail; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param code The error code value. + * @param message The error message value. + */ + public AbstractPEPSException(final String code, final String message) { + + super(message); + this.errorCode = code; + this.errorMessage = message; + } + + /** + * Exception Constructor with the errorMessage as parameters and the Throwable + * cause. + * + * @param message The error message value. + * @param cause The throwable object. + */ + public AbstractPEPSException(final String message, final Throwable cause) { + + super(message, cause); + this.errorMessage = message; + } + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters and the Throwable cause. + * + * @param code The error code value. + * @param message The error message value. + * @param cause The throwable object. + */ + public AbstractPEPSException(final String code, final String message, + final Throwable cause) { + + super(message, cause); + this.errorCode = code; + this.errorMessage = message; + } + + /** + * Exception Constructor with three Strings representing the errorCode, + * errorMessage and encoded samlToken as parameters. + * + * @param code The error code value. + * @param message The error message value. + * @param samlToken The error SAML Token. + */ + public AbstractPEPSException(final String code, final String message, + final String samlToken) { + + super(message); + this.errorCode = code; + this.errorMessage = message; + this.samlTokenFail = samlToken; + } + + /** + * Constructor with SAML Token as argument. Error message and error code are + * embedded in the SAML. + * + * @param samlToken The error SAML Token. + */ + public AbstractPEPSException(final String samlToken) { + super(); + this.samlTokenFail = samlToken; + } + + /** + * Getter for errorCode. + * + * @return The errorCode value. + */ + public final String getErrorCode() { + return errorCode; + } + + /** + * Setter for errorCode. + * + * @param code The error code value. + */ + public final void setErrorCode(final String code) { + this.errorCode = code; + } + + /** + * Getter for errorMessage. + * + * @return The error Message value. + */ + public final String getErrorMessage() { + return errorMessage; + } + + /** + * Setter for errorMessage. + * + * @param message The error message value. + */ + public final void setErrorMessage(final String message) { + this.errorMessage = message; + } + + /** + * Getter for SAMLTokenFail. + * + * @return The error SAML Token. + */ + public final String getSamlTokenFail() { + return samlTokenFail; + } + + /** + * Setter for SAMLTokenFail. + * + * @param samlToken The error SAML token. + */ + public final void setSamlTokenFail(final String samlToken) { + this.samlTokenFail = samlToken; + } +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java new file mode 100644 index 000000000..69cb20fdd --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/CPEPSException.java @@ -0,0 +1,143 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * This exception is thrown by the C-PEPS service and holds the relative + * information to present to the citizen. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.9 $, $Date: 2010-11-17 05:15:28 $ + */ +public final class CPEPSException extends RuntimeException { + + /** + * Serial id. + */ + private static final long serialVersionUID = -4012295047127999362L; + + /** + * Error code. + */ + private String errorCode; + + /** + * Error message. + */ + private String errorMessage; + + /** + * SAML token. + */ + private String samlTokenFail; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param samlToken The SAML Token. + * @param code The error code value. + * @param message The error message value. + */ + public CPEPSException(final String samlToken, final String code, + final String message) { + + super(message); + this.setErrorCode(code); + this.setErrorMessage(message); + this.setSamlTokenFail(samlToken); + } + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param samlToken The SAML Token. + * @param code The error code value. + * @param message The error message value. + * @param cause The original exception; + */ + public CPEPSException(final String samlToken, final String code, + final String message, final Throwable cause) { + + super(message, cause); + this.setErrorCode(code); + this.setErrorMessage(message); + this.setSamlTokenFail(samlToken); + } + + /** + * {@inheritDoc} + */ + public String getMessage() { + return this.getErrorMessage() + " (" + this.getErrorCode() + ")"; + } + + /** + * Getter for the error code. + * + * @return The errorCode value. + */ + public String getErrorCode() { + return errorCode; + } + + /** + * Setter for the error code. + * + * @param code The error code. + */ + public void setErrorCode(final String code) { + this.errorCode = code; + } + + /** + * Getter for the error message. + * + * @return The errorMessage value. + */ + public String getErrorMessage() { + return errorMessage; + } + + /** + * Setter for the error message. + * + * @param message The error message. + */ + public void setErrorMessage(final String message) { + this.errorMessage = message; + } + + /** + * Getter for the samlTokenFail. + * + * @return The samlTokenFail value. + */ + public String getSamlTokenFail() { + return samlTokenFail; + } + + /** + * Setter for the samlTokenFail. + * + * @param samlToken The error Saml Token. + */ + public void setSamlTokenFail(final String samlToken) { + this.samlTokenFail = samlToken; + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java new file mode 100644 index 000000000..67514d4fe --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InternalErrorPEPSException.java @@ -0,0 +1,74 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * Internal Error Exception class. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.13 $, $Date: 2010-11-17 05:15:28 $ + * + * @see AbstractPEPSException + */ +public final class InternalErrorPEPSException extends AbstractPEPSException { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 1193001455410319795L; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters and the Throwable cause. + * + * @param errorCode The error code value. + * @param errorMessage The error message value. + * @param cause The throwable object. + */ + public InternalErrorPEPSException(final String errorCode, + final String errorMessage, final Throwable cause) { + + super(errorCode, errorMessage, cause); + } + + /** + * Exception Constructor with three strings representing the errorCode, + * errorMessage and encoded samlToken as parameters. + * + * @param errorCode The error code value. + * @param errorMessage The error message value. + * @param samlTokenFail The error SAML Token. + */ + public InternalErrorPEPSException(final String errorCode, + final String errorMessage, final String samlTokenFail) { + + super(errorCode, errorMessage, samlTokenFail); + } + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param errorCode The error code value. + * @param errorMessage The error message value. + */ + public InternalErrorPEPSException(final String errorCode, + final String errorMessage) { + + super(errorCode, errorMessage); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java new file mode 100644 index 000000000..12c83b589 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidParameterPEPSException.java @@ -0,0 +1,54 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * Invalid Parameter Exception class. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.11 $, $Date: 2010-11-17 05:15:28 $ + * + * @see InvalidParameterPEPSException + */ +public class InvalidParameterPEPSException extends AbstractPEPSException { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 2046282148740524875L; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param errorCode The error code value. + * @param errorMessage The error code message value. + */ + public InvalidParameterPEPSException(final String errorCode, + final String errorMessage) { + super(errorCode, errorMessage); + } + + /** + * Exception Constructor with one String representing the encoded samlToken. + * + * @param samlTokenFail The error SAML Token. + */ + public InvalidParameterPEPSException(final String samlTokenFail) { + super(samlTokenFail); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java new file mode 100644 index 000000000..800525eee --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/InvalidSessionPEPSException.java @@ -0,0 +1,46 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * Invalid session Exception class. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.14 $, $Date: 2010-11-17 05:15:28 $ + * + * @see InvalidParameterPEPSException + */ +public class InvalidSessionPEPSException extends InvalidParameterPEPSException { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 7147090160978319016L; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param errorCode The error code value. + * @param errorMessage The error message value. + */ + public InvalidSessionPEPSException(final String errorCode, + final String errorMessage) { + + super(errorCode, errorMessage); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java new file mode 100644 index 000000000..fc27371d2 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/SecurityPEPSException.java @@ -0,0 +1,67 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * Security PEPS Exception class. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.18 $, $Date: 2010-11-17 05:15:28 $ + * + * @see AbstractPEPSException + */ +public final class SecurityPEPSException extends AbstractPEPSException { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 5605743302478554967L; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param errorCode The error code value. + * @param errorMsg The error message value. + */ + public SecurityPEPSException(final String errorCode, final String errorMsg) { + super(errorCode, errorMsg); + } + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters and the Throwable cause. + * + * @param errorCode The error code value. + * @param errorMessage The error message value. + * @param cause The throwable object. + */ + public SecurityPEPSException(final String errorCode, + final String errorMessage, final Throwable cause) { + + super(errorCode, errorMessage, cause); + } + + /** + * Exception Constructor with one String representing the encoded samlToken. + * + * @param samlTokenFail The error SAML Token. + */ + public SecurityPEPSException(final String samlTokenFail) { + super(samlTokenFail); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java new file mode 100644 index 000000000..a2da61a02 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/StorkPEPSException.java @@ -0,0 +1,53 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.commons.exceptions; + +/** + * Security PEPS Exception class. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.15 $, $Date: 2010-11-17 05:15:28 $ + * + * @see AbstractPEPSException + */ +public final class StorkPEPSException extends AbstractPEPSException { + + /** + * Unique identifier. + */ + private static final long serialVersionUID = 8048033129798427574L; + + /** + * Exception Constructor with two Strings representing the errorCode and + * errorMessage as parameters. + * + * @param errorCode The error code value. + * @param errorMsg The error message value. + */ + public StorkPEPSException(final String errorCode, final String errorMsg) { + super(errorCode, errorMsg); + } + + /** + * {@inheritDoc} + */ + public String getMessage() { + + return "Security Error (" + this.getErrorCode() + ") processing request : " + + this.getErrorMessage(); + } + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java new file mode 100644 index 000000000..d83068beb --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/exceptions/package-info.java @@ -0,0 +1,7 @@ +/** + * Package for the PEPS’ Exceptions handling. + * + * @since 1.0 + */ +package eu.stork.peps.auth.commons.exceptions; + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java new file mode 100644 index 000000000..19d45aaa2 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/package-info.java @@ -0,0 +1,9 @@ +/** + * Common Authentication Service functionalities to be deployed in every PEPS + * is contained in this package. + * In particular, it contains the SAML Engine that implements the SAML messages + * management + * + * @since 1.0 + */ +package eu.stork.peps.auth.commons; diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/all-wcprops b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/all-wcprops new file mode 100644 index 000000000..3cd5d5378 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/all-wcprops @@ -0,0 +1,41 @@ +K 25 +svn:wc:ra_dav:version-url +V 87 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/specific +END +IDeriveAttribute.java +K 25 +svn:wc:ra_dav:version-url +V 108 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java +END +IAUService.java +K 25 +svn:wc:ra_dav:version-url +V 103 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java +END +INormaliseValue.java +K 25 +svn:wc:ra_dav:version-url +V 107 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java +END +ITranslatorService.java +K 25 +svn:wc:ra_dav:version-url +V 111 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 104 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/specific/package-info.java +END +ICheckAttributeValue.java +K 25 +svn:wc:ra_dav:version-url +V 112 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java +END diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/entries b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/entries new file mode 100644 index 000000000..1dfa9b9fc --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/entries @@ -0,0 +1,232 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/java/eu/stork/peps/auth/specific +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +IDeriveAttribute.java +file + + + + +2013-12-20T12:27:56.654475Z +dce3856a97583f739cdf50ca78491277 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1504 + +IAUService.java +file + + + + +2014-01-21T08:38:55.228702Z +b622aaaa29b0cd72261ca7799db691b9 +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +7023 + +INormaliseValue.java +file + + + + +2013-12-20T12:27:56.654475Z +09f6e376875762fca294be4dfecb71f1 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1237 + +ITranslatorService.java +file + + + + +2014-01-21T08:38:55.228702Z +c027ed5506150c744b8e586b325de5fb +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +3120 + +package-info.java +file + + + + +2013-12-20T12:27:56.654475Z +eef7721d55c2edb02a432fc08ae9e487 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +164 + +ICheckAttributeValue.java +file + + + + +2013-12-20T12:27:56.654475Z +b0472ff15d1c86f175da134b0f0eda71 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +1321 + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/IAUService.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/IAUService.java.svn-base new file mode 100644 index 000000000..5c24cc5a8 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/IAUService.java.svn-base @@ -0,0 +1,215 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.specific; + +import java.util.Map; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.IStorkSession; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnResponse; + +/** + * Interface for Specific Authentication methods. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com + */ +public interface IAUService { + + /** + * Prepares the citizen to be redirected to the IdP. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param session The session object. + * @param requestAttributes The Requested attributes. + * + * @return byte[] containing a SAML Request. + * + * @see IPersonalAttributeList + * @see IStorkSession + */ + byte[] prepareCitizenAuthentication(IPersonalAttributeList personalList, + Map parameters, Map requestAttributes, + IStorkSession session); + + /** + * Prepares the citizen to be redirected to the PV. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param session The session object. + * @param requestAttributes The Requested attributes. + * + * @return byte[] containing a SAML Request. + * + * @see IPersonalAttributeList + * @see IStorkSession + */ + byte[] preparePVRequest(IPersonalAttributeList personalList, + Map parameters, Map requestAttributes, + IStorkSession session); + + /** + * Authenticates a citizen. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param requestAttributes The requested attributes. + * + * @return The updated Personal Attribute List. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList authenticateCitizen( + IPersonalAttributeList personalList, Map parameters, + Map requestAttributes); + + /** + * Validates a power. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param requestAttributes The requested attributes. + * + * @return The updated Personal Attribute List (power validated). + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList powerValidation( + IPersonalAttributeList personalList, Map parameters, + Map requestAttributes); + + /** + * Prepares the Citizen browser to be redirected to the AP. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param session The session object. + * @param requestAttributes The requested attributes. + * + * @return true in case of no error. + * + * @see IPersonalAttributeList + * @see IStorkSession + */ + boolean prepareAPRedirect(IPersonalAttributeList personalList, + Map parameters, Map requestAttributes, + IStorkSession session); + + /** + * Returns the attributes values from the AP. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param requestAttributes The request attributes. + * + * @return The updated Personal Attribute List. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList getAttributesFromAttributeProviders( + IPersonalAttributeList personalList, Map parameters, + Map requestAttributes); + + /** + * Get the attributes from the AP with verification. + * + * @param personalList The Personal Attribute List. + * @param parameters The HTTP Parameters. + * @param requestAttributes The requested Attributes. + * @param session The session object. + * @param auProcessId The SAML identifier. + * + * @return true if the attributes were correctly verified. + * + * @see IPersonalAttributeList + * @see IStorkSession + */ + boolean getAttributesWithVerification(IPersonalAttributeList personalList, + Map parameters, Map requestAttributes, + IStorkSession session, String auProcessId); + + /** + * Validates a SAML Response. + * + * @param samlToken The SAML Token. + * @param session The session object. + * + * @return the STORKAuthnResponse associated with the validated response. + * + * @see IStorkSession + */ + STORKAuthnResponse processAuthenticationResponse(byte[] samlToken, + IStorkSession session); + + /** + * Generates a SAML Response in case of error. + * + * @param inResponseTo The SAML's identifier to response. + * @param issuer The issuer value. + * @param assertionURL The assertion URL. + * @param code The error code. + * @param subcode The sub error code. + * @param message The error message. + * @param ipUserAddress The user IP address. + * + * @return byte[] containing the SAML Response. + */ + byte[] generateErrorAuthenticationResponse(String inResponseTo, + String issuer, String assertionURL, String code, String subcode, + String message, String ipUserAddress); + + /** + * Compares two given personal attribute lists. + * + * @param original The original Personal Attribute List. + * @param modified The modified Personal Attribute List. + * @return true if the original list contains the modified one. False + * otherwise. + * + * @see IPersonalAttributeList + */ + boolean comparePersonalAttributeLists(IPersonalAttributeList original, + IPersonalAttributeList modified); + + /** + * Prepares the citizen to be redirected to the AtP. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param session The session object. + * + * @return byte[] containing a SAML Request. + * + * @see IPersonalAttributeList + * @see IStorkSession + */ + byte[] prepareAttributeRequest(IPersonalAttributeList personalList, + Map parameters, IStorkSession session); + + /** + * Validates a SAML Response. + * + * @param samlToken The SAML Token. + * @param session The session object. + * + * @return the STORKAttrQueryResponse associated with the validated response. + * + * @see IStorkSession + */ + STORKAttrQueryResponse processAttributeResponse(byte[] samlToken, + IStorkSession session); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/ICheckAttributeValue.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/ICheckAttributeValue.java.svn-base new file mode 100644 index 000000000..31a8d78ff --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/ICheckAttributeValue.java.svn-base @@ -0,0 +1,37 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.specific; + +import java.util.List; + +/** + * Interface that defines the methods to work with the validation of attributes. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com + */ +public interface ICheckAttributeValue { + + /** + * Checks if the list of values contains the expected value. + * + * @param values The List of values. + * @param expectedValue The value to check if it exists on the list. + * + * @return boolean true, if the value is present in the list. False, + * otherwise. + */ + boolean checkValue(List values, String expectedValue); + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/IDeriveAttribute.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/IDeriveAttribute.java.svn-base new file mode 100644 index 000000000..78eb53004 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/IDeriveAttribute.java.svn-base @@ -0,0 +1,40 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.specific; + +import eu.stork.peps.auth.commons.IStorkSession; +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * Interface that defines the methods to work with derivation of attributes. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com + */ +public interface IDeriveAttribute { + + /** + * Derives the attribute value. Set the Personal Attribute value to null if + * the value in session or the value of age are invalid (non-numeric or null). + * + * @param personalAttrList The Personal Attribute List. + * @param session The session object. + * + * @see PersonalAttribute The personal Attribute + * @see IStorkSession The session object. + */ + void deriveAttributeToData(PersonalAttribute personalAttrList, + IStorkSession session); + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/INormaliseValue.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/INormaliseValue.java.svn-base new file mode 100644 index 000000000..ca2114e32 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/INormaliseValue.java.svn-base @@ -0,0 +1,35 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.specific; + +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * Interface for attribute's value normalisation. + * + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com + */ +public interface INormaliseValue { + + /** + * Translates the attribute's value from local format to STORK format. + * + * @param personalAttribute The Personal Attribute to normalise the value. + * + * @see PersonalAttribute + */ + void normaliseAttributeValueToStork(PersonalAttribute personalAttribute); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/ITranslatorService.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/ITranslatorService.java.svn-base new file mode 100644 index 000000000..8a33897d8 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/ITranslatorService.java.svn-base @@ -0,0 +1,100 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.specific; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.IStorkSession; +import eu.stork.peps.auth.commons.STORKAuthnRequest; + +/** + * Interface for attributes normalization. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com + */ +public interface ITranslatorService { + + /** + * Translates the attributes from local format to STORK format. + * + * @param personalList The Personal Attribute List. + * + * @return The Personal Attribute List with normalised attributes. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList normaliseAttributeNamesToStork( + IPersonalAttributeList personalList); + + /** + * Translates the attributes values from local format to STORK format. + * + * @param personalList The Personal Attribute List. + * + * @return The PersonalAttributeList with normalised values. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList normaliseAttributeValuesToStork( + IPersonalAttributeList personalList); + + /** + * Translates the attributes from STORK format to local format. + * + * @param personalList The Personal Attribute List. + * + * @return The PersonalAttributeList with normalised attributes. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList normaliseAttributeNamesFromStork( + IPersonalAttributeList personalList); + + /** + * Derive Attribute Names To Stork format. + * + * @param personalList The Personal Attribute List, + * + * @return The PersonalAttributeList with derived attributes. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList deriveAttributeFromStork( + IPersonalAttributeList personalList); + + /** + * Derive Attribute Names from Stork format. + * + * @param session The session object. + * @param modifiedList The Personal Attribute List. + * + * @return The PersonalAttributeList with derived attributes. + * + * @see IStorkSession + * @see IPersonalAttributeList + */ + IPersonalAttributeList deriveAttributeToStork(IStorkSession session, + IPersonalAttributeList modifiedList); + + /** + * Validate the values of the attributes. + * + * @param pal The attribute list + * + * @return True, if all the attributes have values. False, otherwise. + * + * @see STORKAuthnRequest + */ + boolean checkAttributeValues(IPersonalAttributeList pa); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/package-info.java.svn-base b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..a25c52311 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,8 @@ +/** + * Specific PEPS Interfaces that implements functionality of the Authentication + * Service. + * + * @since 1.0 + */ +package eu.stork.peps.auth.specific; + diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java new file mode 100644 index 000000000..5c24cc5a8 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IAUService.java @@ -0,0 +1,215 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.specific; + +import java.util.Map; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.IStorkSession; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnResponse; + +/** + * Interface for Specific Authentication methods. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com + */ +public interface IAUService { + + /** + * Prepares the citizen to be redirected to the IdP. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param session The session object. + * @param requestAttributes The Requested attributes. + * + * @return byte[] containing a SAML Request. + * + * @see IPersonalAttributeList + * @see IStorkSession + */ + byte[] prepareCitizenAuthentication(IPersonalAttributeList personalList, + Map parameters, Map requestAttributes, + IStorkSession session); + + /** + * Prepares the citizen to be redirected to the PV. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param session The session object. + * @param requestAttributes The Requested attributes. + * + * @return byte[] containing a SAML Request. + * + * @see IPersonalAttributeList + * @see IStorkSession + */ + byte[] preparePVRequest(IPersonalAttributeList personalList, + Map parameters, Map requestAttributes, + IStorkSession session); + + /** + * Authenticates a citizen. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param requestAttributes The requested attributes. + * + * @return The updated Personal Attribute List. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList authenticateCitizen( + IPersonalAttributeList personalList, Map parameters, + Map requestAttributes); + + /** + * Validates a power. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param requestAttributes The requested attributes. + * + * @return The updated Personal Attribute List (power validated). + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList powerValidation( + IPersonalAttributeList personalList, Map parameters, + Map requestAttributes); + + /** + * Prepares the Citizen browser to be redirected to the AP. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param session The session object. + * @param requestAttributes The requested attributes. + * + * @return true in case of no error. + * + * @see IPersonalAttributeList + * @see IStorkSession + */ + boolean prepareAPRedirect(IPersonalAttributeList personalList, + Map parameters, Map requestAttributes, + IStorkSession session); + + /** + * Returns the attributes values from the AP. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param requestAttributes The request attributes. + * + * @return The updated Personal Attribute List. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList getAttributesFromAttributeProviders( + IPersonalAttributeList personalList, Map parameters, + Map requestAttributes); + + /** + * Get the attributes from the AP with verification. + * + * @param personalList The Personal Attribute List. + * @param parameters The HTTP Parameters. + * @param requestAttributes The requested Attributes. + * @param session The session object. + * @param auProcessId The SAML identifier. + * + * @return true if the attributes were correctly verified. + * + * @see IPersonalAttributeList + * @see IStorkSession + */ + boolean getAttributesWithVerification(IPersonalAttributeList personalList, + Map parameters, Map requestAttributes, + IStorkSession session, String auProcessId); + + /** + * Validates a SAML Response. + * + * @param samlToken The SAML Token. + * @param session The session object. + * + * @return the STORKAuthnResponse associated with the validated response. + * + * @see IStorkSession + */ + STORKAuthnResponse processAuthenticationResponse(byte[] samlToken, + IStorkSession session); + + /** + * Generates a SAML Response in case of error. + * + * @param inResponseTo The SAML's identifier to response. + * @param issuer The issuer value. + * @param assertionURL The assertion URL. + * @param code The error code. + * @param subcode The sub error code. + * @param message The error message. + * @param ipUserAddress The user IP address. + * + * @return byte[] containing the SAML Response. + */ + byte[] generateErrorAuthenticationResponse(String inResponseTo, + String issuer, String assertionURL, String code, String subcode, + String message, String ipUserAddress); + + /** + * Compares two given personal attribute lists. + * + * @param original The original Personal Attribute List. + * @param modified The modified Personal Attribute List. + * @return true if the original list contains the modified one. False + * otherwise. + * + * @see IPersonalAttributeList + */ + boolean comparePersonalAttributeLists(IPersonalAttributeList original, + IPersonalAttributeList modified); + + /** + * Prepares the citizen to be redirected to the AtP. + * + * @param personalList The Personal Attribute List. + * @param parameters The parameters. + * @param session The session object. + * + * @return byte[] containing a SAML Request. + * + * @see IPersonalAttributeList + * @see IStorkSession + */ + byte[] prepareAttributeRequest(IPersonalAttributeList personalList, + Map parameters, IStorkSession session); + + /** + * Validates a SAML Response. + * + * @param samlToken The SAML Token. + * @param session The session object. + * + * @return the STORKAttrQueryResponse associated with the validated response. + * + * @see IStorkSession + */ + STORKAttrQueryResponse processAttributeResponse(byte[] samlToken, + IStorkSession session); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java new file mode 100644 index 000000000..31a8d78ff --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ICheckAttributeValue.java @@ -0,0 +1,37 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.specific; + +import java.util.List; + +/** + * Interface that defines the methods to work with the validation of attributes. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com + */ +public interface ICheckAttributeValue { + + /** + * Checks if the list of values contains the expected value. + * + * @param values The List of values. + * @param expectedValue The value to check if it exists on the list. + * + * @return boolean true, if the value is present in the list. False, + * otherwise. + */ + boolean checkValue(List values, String expectedValue); + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java new file mode 100644 index 000000000..78eb53004 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/IDeriveAttribute.java @@ -0,0 +1,40 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.specific; + +import eu.stork.peps.auth.commons.IStorkSession; +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * Interface that defines the methods to work with derivation of attributes. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com + */ +public interface IDeriveAttribute { + + /** + * Derives the attribute value. Set the Personal Attribute value to null if + * the value in session or the value of age are invalid (non-numeric or null). + * + * @param personalAttrList The Personal Attribute List. + * @param session The session object. + * + * @see PersonalAttribute The personal Attribute + * @see IStorkSession The session object. + */ + void deriveAttributeToData(PersonalAttribute personalAttrList, + IStorkSession session); + +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java new file mode 100644 index 000000000..ca2114e32 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/INormaliseValue.java @@ -0,0 +1,35 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.specific; + +import eu.stork.peps.auth.commons.PersonalAttribute; + +/** + * Interface for attribute's value normalisation. + * + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com + */ +public interface INormaliseValue { + + /** + * Translates the attribute's value from local format to STORK format. + * + * @param personalAttribute The Personal Attribute to normalise the value. + * + * @see PersonalAttribute + */ + void normaliseAttributeValueToStork(PersonalAttribute personalAttribute); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java new file mode 100644 index 000000000..8a33897d8 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/ITranslatorService.java @@ -0,0 +1,100 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.auth.specific; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.IStorkSession; +import eu.stork.peps.auth.commons.STORKAuthnRequest; + +/** + * Interface for attributes normalization. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com + */ +public interface ITranslatorService { + + /** + * Translates the attributes from local format to STORK format. + * + * @param personalList The Personal Attribute List. + * + * @return The Personal Attribute List with normalised attributes. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList normaliseAttributeNamesToStork( + IPersonalAttributeList personalList); + + /** + * Translates the attributes values from local format to STORK format. + * + * @param personalList The Personal Attribute List. + * + * @return The PersonalAttributeList with normalised values. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList normaliseAttributeValuesToStork( + IPersonalAttributeList personalList); + + /** + * Translates the attributes from STORK format to local format. + * + * @param personalList The Personal Attribute List. + * + * @return The PersonalAttributeList with normalised attributes. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList normaliseAttributeNamesFromStork( + IPersonalAttributeList personalList); + + /** + * Derive Attribute Names To Stork format. + * + * @param personalList The Personal Attribute List, + * + * @return The PersonalAttributeList with derived attributes. + * + * @see IPersonalAttributeList + */ + IPersonalAttributeList deriveAttributeFromStork( + IPersonalAttributeList personalList); + + /** + * Derive Attribute Names from Stork format. + * + * @param session The session object. + * @param modifiedList The Personal Attribute List. + * + * @return The PersonalAttributeList with derived attributes. + * + * @see IStorkSession + * @see IPersonalAttributeList + */ + IPersonalAttributeList deriveAttributeToStork(IStorkSession session, + IPersonalAttributeList modifiedList); + + /** + * Validate the values of the attributes. + * + * @param pal The attribute list + * + * @return True, if all the attributes have values. False, otherwise. + * + * @see STORKAuthnRequest + */ + boolean checkAttributeValues(IPersonalAttributeList pa); +} diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java new file mode 100644 index 000000000..a25c52311 --- /dev/null +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/specific/package-info.java @@ -0,0 +1,8 @@ +/** + * Specific PEPS Interfaces that implements functionality of the Authentication + * Service. + * + * @since 1.0 + */ +package eu.stork.peps.auth.specific; + diff --git a/id/server/stork2-commons/src/main/resources/.svn/all-wcprops b/id/server/stork2-commons/src/main/resources/.svn/all-wcprops new file mode 100644 index 000000000..48074222b --- /dev/null +++ b/id/server/stork2-commons/src/main/resources/.svn/all-wcprops @@ -0,0 +1,11 @@ +K 25 +svn:wc:ra_dav:version-url +V 63 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/resources +END +log4j.xml +K 25 +svn:wc:ra_dav:version-url +V 73 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/main/resources/log4j.xml +END diff --git a/id/server/stork2-commons/src/main/resources/.svn/entries b/id/server/stork2-commons/src/main/resources/.svn/entries new file mode 100644 index 000000000..4e038b836 --- /dev/null +++ b/id/server/stork2-commons/src/main/resources/.svn/entries @@ -0,0 +1,62 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/main/resources +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +log4j.xml +file + + + + +2013-12-20T12:27:56.554475Z +aa8c46e41a236b8c7049713b3eeecc49 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +660 + diff --git a/id/server/stork2-commons/src/main/resources/.svn/text-base/log4j.xml.svn-base b/id/server/stork2-commons/src/main/resources/.svn/text-base/log4j.xml.svn-base new file mode 100644 index 000000000..8bce0bec0 --- /dev/null +++ b/id/server/stork2-commons/src/main/resources/.svn/text-base/log4j.xml.svn-base @@ -0,0 +1,19 @@ + + + + + + + + + + + + + + + + + + + diff --git a/id/server/stork2-commons/src/main/resources/log4j.xml b/id/server/stork2-commons/src/main/resources/log4j.xml new file mode 100644 index 000000000..8bce0bec0 --- /dev/null +++ b/id/server/stork2-commons/src/main/resources/log4j.xml @@ -0,0 +1,19 @@ + + + + + + + + + + + + + + + + + + + diff --git a/id/server/stork2-commons/src/test/.svn/all-wcprops b/id/server/stork2-commons/src/test/.svn/all-wcprops new file mode 100644 index 000000000..48b797f41 --- /dev/null +++ b/id/server/stork2-commons/src/test/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 54 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/test +END diff --git a/id/server/stork2-commons/src/test/.svn/entries b/id/server/stork2-commons/src/test/.svn/entries new file mode 100644 index 000000000..20b446883 --- /dev/null +++ b/id/server/stork2-commons/src/test/.svn/entries @@ -0,0 +1,34 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/test +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +java +dir + +resources +dir + diff --git a/id/server/stork2-commons/src/test/java/.svn/all-wcprops b/id/server/stork2-commons/src/test/java/.svn/all-wcprops new file mode 100644 index 000000000..6957eb776 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 59 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/test/java +END diff --git a/id/server/stork2-commons/src/test/java/.svn/entries b/id/server/stork2-commons/src/test/java/.svn/entries new file mode 100644 index 000000000..ae019ed10 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/test/java +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +eu +dir + diff --git a/id/server/stork2-commons/src/test/java/eu/.svn/all-wcprops b/id/server/stork2-commons/src/test/java/eu/.svn/all-wcprops new file mode 100644 index 000000000..51a31d6f6 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 62 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/test/java/eu +END diff --git a/id/server/stork2-commons/src/test/java/eu/.svn/entries b/id/server/stork2-commons/src/test/java/eu/.svn/entries new file mode 100644 index 000000000..f649532fd --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/test/java/eu +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +stork +dir + diff --git a/id/server/stork2-commons/src/test/java/eu/stork/.svn/all-wcprops b/id/server/stork2-commons/src/test/java/eu/stork/.svn/all-wcprops new file mode 100644 index 000000000..dece991f4 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 68 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/test/java/eu/stork +END diff --git a/id/server/stork2-commons/src/test/java/eu/stork/.svn/entries b/id/server/stork2-commons/src/test/java/eu/stork/.svn/entries new file mode 100644 index 000000000..ed1d5001e --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/test/java/eu/stork +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +peps +dir + diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/.svn/all-wcprops b/id/server/stork2-commons/src/test/java/eu/stork/peps/.svn/all-wcprops new file mode 100644 index 000000000..57300d6a5 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/.svn/all-wcprops @@ -0,0 +1,5 @@ +K 25 +svn:wc:ra_dav:version-url +V 73 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/test/java/eu/stork/peps +END diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/.svn/entries b/id/server/stork2-commons/src/test/java/eu/stork/peps/.svn/entries new file mode 100644 index 000000000..5908857a7 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/.svn/entries @@ -0,0 +1,31 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/test/java/eu/stork/peps +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +tests +dir + diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/all-wcprops b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/all-wcprops new file mode 100644 index 000000000..0bc94ebcd --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/all-wcprops @@ -0,0 +1,53 @@ +K 25 +svn:wc:ra_dav:version-url +V 79 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/test/java/eu/stork/peps/tests +END +PersonalAttributeTestCase.java +K 25 +svn:wc:ra_dav:version-url +V 109 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java +END +package-info.java +K 25 +svn:wc:ra_dav:version-url +V 96 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/test/java/eu/stork/peps/tests/package-info.java +END +DateUtilTestCase.java +K 25 +svn:wc:ra_dav:version-url +V 100 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java +END +AttributeProvidersMapTestCase.java +K 25 +svn:wc:ra_dav:version-url +V 114 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java +END +AttributeUtilTestCase.java +K 25 +svn:wc:ra_dav:version-url +V 105 +/CITnet/svn/STORK2/!svn/ver/96/trunk/Commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java +END +PersonalAttributeListTestCase.java +K 25 +svn:wc:ra_dav:version-url +V 114 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java +END +AttributeSourceTestCase.java +K 25 +svn:wc:ra_dav:version-url +V 108 +/CITnet/svn/STORK2/!svn/ver/484/trunk/Commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java +END +PEPSUtilTestCase.java +K 25 +svn:wc:ra_dav:version-url +V 100 +/CITnet/svn/STORK2/!svn/ver/96/trunk/Commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java +END diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/entries b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/entries new file mode 100644 index 000000000..8a8c64359 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/entries @@ -0,0 +1,300 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/test/java/eu/stork/peps/tests +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +AttributeSourceTestCase.java +file + + + + +2014-01-21T08:38:55.140702Z +28eeedf050cdff69d4d2cca83a98bcc8 +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +2363 + +PEPSUtilTestCase.java +file + + + + +2013-12-20T12:27:56.518475Z +f54beadeab9af936f44af326eb1116d2 +2013-11-01T20:35:30.927048Z +96 +emferreri + + + + + + + + + + + + + + + + + + + + + +16714 + +PersonalAttributeTestCase.java +file + + + + +2013-12-20T12:27:56.518475Z +77386880d5ffadd21c9b3a3c7d51b990 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +5449 + +package-info.java +file + + + + +2013-12-20T12:27:56.518475Z +04f136539bda0caa3d5ccdfee912cfce +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +92 + +DateUtilTestCase.java +file + + + + +2013-12-20T12:27:56.518475Z +244cc6104660a7835dbf72dadb305d71 +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +8907 + +AttributeProvidersMapTestCase.java +file + + + + +2014-01-21T08:38:55.140702Z +943e143bcc0ee8e573997e358859d6f2 +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +3809 + +AttributeUtilTestCase.java +file + + + + +2013-12-20T12:27:56.518475Z +6037f125adf7f4c2f6873a0d99ab0705 +2013-11-01T20:35:30.927048Z +96 +emferreri + + + + + + + + + + + + + + + + + + + + + +16318 + +PersonalAttributeListTestCase.java +file + + + + +2014-01-21T08:38:55.140702Z +ae552dce95a6b83d15e381306e2f5e59 +2014-01-15T09:44:59.969756Z +484 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +24508 + diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeProvidersMapTestCase.java.svn-base b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeProvidersMapTestCase.java.svn-base new file mode 100644 index 000000000..2e8cc2e62 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeProvidersMapTestCase.java.svn-base @@ -0,0 +1,134 @@ +package eu.stork.peps.tests; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import org.junit.Test; + +import eu.stork.peps.auth.commons.AttributeProvider; +import eu.stork.peps.auth.commons.AttributeProvidersMap; +import eu.stork.peps.auth.commons.AttributeSource; +import eu.stork.peps.auth.commons.Country; +import eu.stork.peps.auth.commons.IAttributeProvidersMap; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttributeList; + +/** + * The AttributeSource's Test Case. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: $, $Date: $ + */ +public class AttributeProvidersMapTestCase { + + @Test + public void testObjectOK1() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(source) ) { + outcome = true; + } + + assertTrue(outcome); + } + + @Test + public void testObjectOK2() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(source) ) { + if ( map.get(source)!=null ) { + outcome = true; + } + } + + assertTrue(outcome); + } + + @Test + public void testObjectOK3() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + AttributeSource target = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(target) ) { + outcome = true; + } + + assertTrue(outcome); + } + + @Test + public void testObjectOK4() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + AttributeSource target = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(target) ) { + if ( map.get(target)!=null ) { + outcome = true; + } + } + + assertTrue(outcome); + } + + @Test + public void testObjectNOK1() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + AttributeSource target = new AttributeSource(new Country("ID1", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(target) ) { + outcome = true; + } + + assertFalse(outcome); + } + + @Test + public void testObjectNOK2() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + AttributeSource target = new AttributeSource(new AttributeProvider("ID2", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(target) ) { + outcome = true; + } + + assertFalse(outcome); + } +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeSourceTestCase.java.svn-base b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeSourceTestCase.java.svn-base new file mode 100644 index 000000000..31cabb612 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeSourceTestCase.java.svn-base @@ -0,0 +1,88 @@ +package eu.stork.peps.tests; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import org.junit.Test; + +import eu.stork.peps.auth.commons.AttributeProvider; +import eu.stork.peps.auth.commons.AttributeSource; +import eu.stork.peps.auth.commons.Country; + +/** + * The AttributeSource's Test Case. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: $, $Date: $ + */ +public final class AttributeSourceTestCase { + private AttributeSource ap1 = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL1"); + private AttributeSource ap2 = new AttributeSource(new AttributeProvider("ID2", "Name 2"), "URL2"); + private AttributeSource ap3 = new AttributeSource(new AttributeProvider("ID1", "Name 2"), "URL2"); + private AttributeSource ap4 = new AttributeSource(new AttributeProvider("ID1", "Name 2"), "URL1"); + private AttributeSource ap5 = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL1"); + + private AttributeSource c1 = new AttributeSource(new Country("ID1", "Name 1"), "URL1"); + private AttributeSource c2 = new AttributeSource(new Country("ID2", "Name 2"), "URL2"); + private AttributeSource c3 = new AttributeSource(new Country("ID1", "Name 2"), "URL2"); + private AttributeSource c4 = new AttributeSource(new Country("ID1", "Name 2"), "URL1"); + private AttributeSource c5 = new AttributeSource(new Country("ID1", "Name 1"), "URL1"); + + @Test + public void testNotEquals1() { + assertFalse(ap1.equals(ap2)); + } + + @Test + public void testNotEquals2() { + assertFalse(ap1.equals(c1)); + } + + @Test + public void testNotEquals3() { + assertFalse(c1.equals(c2)); + } + + @Test + public void testEquals1() { + assertTrue(ap1.equals(ap3)); + } + + @Test + public void testEquals2() { + assertTrue(ap1.equals(ap4)); + } + + @Test + public void testEquals3() { + assertTrue(ap1.equals(ap5)); + } + + @Test + public void testEquals4() { + assertTrue(c1.equals(c3)); + } + + @Test + public void testEquals5() { + assertTrue(c1.equals(c4)); + } + + @Test + public void testEquals6() { + assertTrue(c1.equals(c5)); + } + + @Test + public void testEquals7() { + Object obj = ap5; + assertTrue(ap1.equals(obj)); + } + + @Test + public void testEquals8() { + Object obj = c5; + assertTrue(c1.equals(obj)); + } +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeUtilTestCase.java.svn-base b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeUtilTestCase.java.svn-base new file mode 100644 index 000000000..77fc4b9c2 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/AttributeUtilTestCase.java.svn-base @@ -0,0 +1,537 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.tests; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.assertEquals; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.junit.Test; + +import eu.stork.peps.auth.commons.AttributeUtil; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSValues; +import eu.stork.peps.auth.commons.PersonalAttributeList; + +/** + * The AttributeUtil's Test Case. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com + * + * @version $Revision: $, $Date: $ + */ +public final class AttributeUtilTestCase { + + /** + * Empty String to be used on the tests. + */ + private static final String EMPTY_STRING = ""; + + /** + * Tuple value sample to be used on the tests. + */ + private static final String[] TUPLE_STRING = new String[] { "age", "true", + "[18]", "Available" }; + + /** + * Complex value to be used on escape/unescape tests. + */ + private static final String COMPLEX_VAL = "postalCode=4100," + + "apartmentNumber=A,state=Porto,countryCodeAddress=PT,streetNumber=379," + + "streetName=Avenida Sidonio Pais,town=Porto,"; + + /** + * Escaped Complex value to be used on escape/unescape tests. + */ + private static final String ESC_COMPLEX_VAL = "postalCode=4100%44" + + "apartmentNumber=A%44state=Porto%44countryCodeAddress=PT%44" + + "streetNumber=379%44streetName=Avenida Sidonio Pais%44town=Porto%44"; + + /** + * Simple value to be used on escape/unescape tests. + */ + private static final String SIMPLE_VAL = "Avenida da Boavista, Porto"; + + /** + * Escaped simple value to be used on escape/unescape tests. + */ + private static final String ESC_SIMPLE_VAL = "Avenida da Boavista%44 Porto"; + + /** + * Simple text to be used on escape/unescape tests. Must match the escaped + * text. + */ + private static final String SIMPLE_TEXT = "John Doe"; + + /** + * Tests the {@link AttributeUtil#escape(String)} method for the given complex + * attribute value (canonical address' example attribute value). + */ + @Test + public void testEscapeSpecialCharsComplexVal() { + assertEquals(AttributeUtil.escape(COMPLEX_VAL), ESC_COMPLEX_VAL); + } + + /** + * Tests the {@link AttributeUtil#escape(String)} method for the given + * attribute value. + */ + @Test + public void testEscapeSpecialCharsVal() { + assertEquals(AttributeUtil.escape(SIMPLE_VAL), ESC_SIMPLE_VAL); + } + + /** + * Tests the {@link AttributeUtil#escape(String)} method for the given simple + * text: no special characters to escape. + */ + @Test + public void testEscapeNormalChars() { + assertEquals(AttributeUtil.escape(SIMPLE_TEXT), SIMPLE_TEXT); + } + + /** + * Tests the {@link AttributeUtil#unescape(String)} method for the given + * escape complex attribute value (canonical address' example attribute + * value). + */ + @Test + public void testUnescapeSpecialCharsComplexVal() { + assertEquals(AttributeUtil.unescape(ESC_COMPLEX_VAL), COMPLEX_VAL); + } + + /** + * Tests the {@link AttributeUtil#escape(String)} method for the given escape + * attribute value. + */ + @Test + public void testUnescapeSpecialCharsVal() { + assertEquals(AttributeUtil.unescape(ESC_SIMPLE_VAL), SIMPLE_VAL); + } + + /** + * Tests the {@link AttributeUtil#escape(String)} method for the given simple + * text: no special characters to unescape. + */ + @Test + public void testUnescapeNormalChars() { + assertEquals(AttributeUtil.unescape(SIMPLE_TEXT), SIMPLE_TEXT); + } + + /** + * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} + * method for the given empty string. + */ + @Test + public void testAppendIfNotNullEmptyStr() { + final StringBuilder strBuilder = new StringBuilder(SIMPLE_TEXT); + AttributeUtil.appendIfNotNull(strBuilder, EMPTY_STRING); + assertEquals(strBuilder.toString(), SIMPLE_TEXT); + } + + /** + * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} + * method for the given string. + */ + @Test + public void testAppendIfNotNullStr() { + final StringBuilder strBuilder = new StringBuilder(); + AttributeUtil.appendIfNotNull(strBuilder, SIMPLE_TEXT); + assertEquals(strBuilder.toString(), SIMPLE_TEXT); + } + + /** + * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} + * method for the given null value. + */ + @Test + public void testAppendIfNotNull() { + final StringBuilder strBuilder = new StringBuilder(); + AttributeUtil.appendIfNotNull(strBuilder, null); + assertEquals(strBuilder.toString(), EMPTY_STRING); + } + + /** + * Tests the {@link AttributeUtil#listToString(List, String)} method for the + * given List with two values. + */ + @Test + public void testListToStringTwoVals() { + final List vals = new ArrayList(); + vals.add(SIMPLE_VAL); + vals.add(SIMPLE_TEXT); + + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append(SIMPLE_TEXT); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + + assertEquals( + AttributeUtil.listToString(vals, + PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); + } + + /** + * Tests the {@link AttributeUtil#listToString(List, String)} method for the + * given List with one values. + */ + @Test + public void testListToStringOneVal() { + final List vals = new ArrayList(); + vals.add(SIMPLE_VAL); + + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + + assertEquals( + AttributeUtil.listToString(vals, + PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); + } + + /** + * Tests the {@link AttributeUtil#listToString(List, String)} method for the + * given List with one value. + */ + @Test + public void testListToStringEmptyVal() { + final List vals = new ArrayList(); + + final StringBuilder strBuilder = new StringBuilder(); + + assertEquals( + AttributeUtil.listToString(vals, + PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); + } + + /** + * Tests the {@link AttributeUtil#mapToString(java.util.Map, String)} method + * for the given Map with one value. + */ + @Test + public void testMapToStringOneVal() { + final Map vals = new HashMap(); + vals.put("CanonicalAddress", COMPLEX_VAL); + + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("CanonicalAddress="); + strBuilder.append(ESC_COMPLEX_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + + assertEquals(AttributeUtil.mapToString(vals, + PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); + } + + /** + * Tests the {@link AttributeUtil#mapToString(java.util.Map, String)} method + * for the given empty Map. + */ + @Test + public void testMapToStringEmptyVal() { + final Map vals = new HashMap(); + + final StringBuilder strBuilder = new StringBuilder(); + + assertEquals(AttributeUtil.mapToString(vals, + PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * invalid List. + */ + @Test + public void testIsValidValueInvalidList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append("]"); + assertFalse(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * null value. + */ + @Test + public void testIsValidValueNullList() { + assertFalse(AttributeUtil.isValidValue(null)); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * empty List. + */ + @Test + public void testIsValidValueEmptyList() { + assertTrue(AttributeUtil.isValidValue("[]")); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * empty List. + */ + @Test + public void testIsValidValueEmptyCommaList() { + assertTrue(AttributeUtil.isValidValue("[,]")); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * one simple value List. + */ + @Test + public void testIsValidValueOneValueList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("["); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append("]"); + assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * one simple value List. + */ + @Test + public void testIsValidValueOneValueCommaList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("["); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append("]"); + assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * one complex value List. + */ + @Test + public void testIsValidValueOneComplexValueList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("["); + strBuilder.append(ESC_COMPLEX_VAL); + strBuilder.append("]"); + assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * one complex value List. + */ + @Test + public void testIsValidValueOneComplexValueCommaList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("["); + strBuilder.append(ESC_COMPLEX_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append("]"); + assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * multi value List. + */ + @Test + public void testIsValidValueMultiValueList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("["); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append(SIMPLE_TEXT); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append("]"); + assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * invalid multi value List. + */ + @Test + public void testIsValidValueInvalidMultiValueList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append(SIMPLE_TEXT); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append("]"); + assertFalse(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * true type. + */ + @Test + public void testIsValidTypetrue() { + assertTrue(AttributeUtil.isValidType("true")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * True type. + */ + @Test + public void testIsValidTypeTrue() { + assertTrue(AttributeUtil.isValidType("True")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * TRUE type. + */ + @Test + public void testIsValidTypeTRUE() { + assertTrue(AttributeUtil.isValidType("TRUE")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * invalid type. + */ + @Test + public void testIsValidTypeInvalidType() { + assertFalse(AttributeUtil.isValidType("str")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * false type. + */ + @Test + public void testIsValidTypefalse() { + assertTrue(AttributeUtil.isValidType("false")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * False type. + */ + @Test + public void testIsValidTypeFalse() { + assertTrue(AttributeUtil.isValidType("False")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * FALSE type. + */ + @Test + public void testIsValidTypeFALSEVal() { + assertTrue(AttributeUtil.isValidType("False")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * null. + */ + @Test + public void testIsValidTypeNullVal() { + assertFalse(AttributeUtil.isValidType(null)); + } + + /** + * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the + * given valid tuple. + */ + @Test + public void testHasValidTuples() { + assertTrue(AttributeUtil.hasValidTuples(TUPLE_STRING)); + } + + /** + * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the + * given invalid tuple. + */ + @Test + public void testHasValidTuplesInvalid() { + final String[] tuple = new String[]{"name", "type"}; + assertFalse(AttributeUtil.hasValidTuples(tuple)); + } + + /** + * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the + * given invalid tuple with valid size. + */ + @Test + public void testHasValidTuplesSameSizeInvalidValues() { + final String[] tuple = new String[] { "age", "type", "[18]", "Available"}; + assertFalse(AttributeUtil.hasValidTuples(tuple)); + } + + /** + * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the + * given null value. + */ + @Test + public void testHasValidTuplesNull() { + assertFalse(AttributeUtil.hasValidTuples(null)); + } + + /** + * Tests the + * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} + * method for the given attribute list.. + */ + @Test + public void testCheckMandatoryAttributes() { + final IPersonalAttributeList attrList = new PersonalAttributeList(); + attrList.populate("isAgeOver:true:[18,]:Available;"); + assertTrue(AttributeUtil.checkMandatoryAttributes(attrList)); + + } + + /** + * Tests the + * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} + * method for the given null value. + */ + @Test(expected = NullPointerException.class) + public void testCheckMandatoryAttributesNullAttrList() { + assertTrue(AttributeUtil.checkMandatoryAttributes(null)); + } + + /** + * Tests the + * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} + * method for the given empty attribute list. + */ + @Test + public void testCheckMandatoryAttributesEmptyAttrList() { + final IPersonalAttributeList attrList = new PersonalAttributeList(); + assertTrue(AttributeUtil.checkMandatoryAttributes(attrList)); + } + + /** + * Tests the + * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} + * method for the given attribute list (missing mandatory attribute). + */ + @Test + public void testCheckMandatoryAttributesMissingAttr() { + final IPersonalAttributeList attrList = new PersonalAttributeList(); + attrList.populate("isAgeOver:true:[]:NotAvailable;"); + assertFalse(AttributeUtil.checkMandatoryAttributes(attrList)); + } + +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/DateUtilTestCase.java.svn-base b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/DateUtilTestCase.java.svn-base new file mode 100644 index 000000000..5d2296997 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/DateUtilTestCase.java.svn-base @@ -0,0 +1,294 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.tests; + +import java.sql.Timestamp; +import java.util.Properties; + +import org.joda.time.DateTime; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +import eu.stork.peps.auth.commons.DateUtil; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.exceptions.SecurityPEPSException; + +/** + * The PersonalAttribute's Test Case. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.2 $, $Date: 2010-11-17 05:17:03 $ + */ +public final class DateUtilTestCase { + + /** + * Stork Format date. + */ + private static final String FORMAT = "yyyyMMdd"; + + /** + * Expected 10 value. + */ + private static final int TEN = 10; + + /** + * Expected 11 value. + */ + private static final int ELEVEN = 11; + + /** + * The testing Date ("current" date). + */ + private static final DateTime TESTDATE = new DateTime(2011, 10, 10, 15, 20, + 0, 0); + + /** + * Init DateUtilTestCase class. + */ + @BeforeClass + public static void runsBeforeTheTestSuite() { + final Properties configs = new Properties(); + configs.setProperty("invalidAgeDateValue.code", "35"); + configs.setProperty("invalidAttributeValue.code", "34"); + configs + .setProperty( + "invalidAttributeValue.message", + "Unexpected or invalid content was encountered within a " + + " or element."); + PEPSUtil.createInstance(configs); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given year against + * the testDate: 2011-10-10 15:20:00.0. Must return 10. + */ + @Test + public void calculateAgeFromYear() { + Assert.assertTrue(TEN == DateUtil.calculateAge("2000", TESTDATE, FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given year and month + * against the testDate: 2011-10-10 15:20:00.0. Must return 11. + */ + @Test + public void calculateAgeFromEarlyMonth() { + Assert.assertTrue(ELEVEN == DateUtil.calculateAge("200001", TESTDATE, + FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given year and month + * against the testDate: 2011-10-10 15:20:00.0. Must return 10. + */ + @Test + public void calculateAgeFromSameMonth() { + Assert.assertTrue(TEN == DateUtil.calculateAge("200010", TESTDATE, FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given year and month + * against the testDate: 2011-10-10 15:20:00.0. Must return 10. + */ + @Test + public void calculateAgeFromLaterMonth() { + Assert.assertTrue(TEN == DateUtil.calculateAge("200011", TESTDATE, FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return 11. + */ + @Test + public void calculateAgeFromEarlyFullDate() { + Assert.assertTrue(ELEVEN == DateUtil.calculateAge("20000101", TESTDATE, + FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return 11. + */ + @Test + public void calculateAgeFromSameDay() { + Assert.assertTrue(ELEVEN == DateUtil.calculateAge("20001010", TESTDATE, + FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return 10. + */ + @Test + public void calculateAgeFromLaterFullDate() { + Assert.assertTrue(TEN == DateUtil + .calculateAge("20001011", TESTDATE, FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromInvalidDate() { + DateUtil.calculateAge("200", TESTDATE, FORMAT); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromInvalidMonth() { + DateUtil.calculateAge("200013", TESTDATE, FORMAT); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromInvalidDay() { + DateUtil.calculateAge("20000230", TESTDATE, FORMAT); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromNullDate() { + DateUtil.calculateAge(null, TESTDATE, FORMAT); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromNullCurDate() { + DateUtil.calculateAge("2000", null, FORMAT); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromNullFormat() { + DateUtil.calculateAge("2000", TESTDATE, null); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return true + */ + @Test + public void isValidFormatDateFromYear() { + Assert.assertTrue(DateUtil.isValidFormatDate("2000", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year and + * month. Must return true. + */ + @Test + public void isValidFormatDateFromMonth() { + Assert.assertTrue(DateUtil.isValidFormatDate("200001", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDate() { + Assert.assertTrue(DateUtil.isValidFormatDate("20000101", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDateInvalidYear() { + Assert.assertFalse(DateUtil.isValidFormatDate("200", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDateInvalidMonth() { + Assert.assertFalse(DateUtil.isValidFormatDate("200013", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDateInvalidDate() { + Assert.assertFalse(DateUtil.isValidFormatDate("20010229", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDateNullDate() { + Assert.assertFalse(DateUtil.isValidFormatDate(null, FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDateNullFormat() { + Assert.assertFalse(DateUtil.isValidFormatDate("2000", null)); + } + + /** + * Tests the {@link DateUtil#currentTimeStamp()} method for the current + * TimeStamp (TS). Must return true. + */ + @Test + public void testCurrentTimeStampBefore() { + Timestamp ts = DateUtil.currentTimeStamp(); + Assert.assertNotSame(ts, DateUtil.currentTimeStamp()); + } + + /** + * Tests the {@link DateUtil#currentTimeStamp()} method for the current + * TimeStamp (TS). Must return true. + */ + @Test + public void testCurrentTimeStampAfter() { + Timestamp ts = DateUtil.currentTimeStamp(); + Assert.assertEquals(DateUtil.currentTimeStamp(), ts); + } + +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PEPSUtilTestCase.java.svn-base b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PEPSUtilTestCase.java.svn-base new file mode 100644 index 000000000..d4841ed43 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PEPSUtilTestCase.java.svn-base @@ -0,0 +1,553 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.tests; + +import static org.junit.Assert.assertArrayEquals; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotSame; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.assertFalse; + +import java.util.Properties; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSErrors; +import eu.stork.peps.auth.commons.PEPSParameters; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; +import eu.stork.peps.auth.commons.exceptions.InvalidParameterPEPSException; + +/** + * The PEPSUtil's Test Case. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com + * + * @version $Revision: $, $Date: $ + */ +public final class PEPSUtilTestCase { + + /** + * Message example. + */ + private static final String MESSAGE_SAMPLE = "003002 - Authentication Failed"; + + /** + * Error message example. + */ + private static final String ERROR_MESSAGE_SAMPLE = "Authentication Failed"; + + /** + * Error code example. + */ + private static final String ERROR_CODE_SAMPLE = "003002"; + + /** + * Properties values for testing proposes. + */ + private static final Properties CONFIGS1 = new Properties(); + + /** + * Properties values for testing proposes. + */ + private static final Properties CONFIGS2 = new Properties(); + + /** + * The empty string value: "". + */ + private static final String EMPTY_STRING = ""; + + /** + * The empty byte value: []. + */ + private static final byte[] EMPTY_BYTE = new byte[] {}; + + /** + * The empty byte hash value. + */ + private static final byte[] EMPTY_HASH_BYTE = new byte[] { -49, -125, -31, + 53, 126, -17, -72, -67, -15, 84, 40, 80, -42, 109, -128, 7, -42, 32, -28, + 5, 11, 87, 21, -36, -125, -12, -87, 33, -45, 108, -23, -50, 71, -48, -47, + 60, 93, -123, -14, -80, -1, -125, 24, -46, -121, 126, -20, 47, 99, -71, 49, + -67, 71, 65, 122, -127, -91, 56, 50, 122, -7, 39, -38, 62 }; + + /** + * The SAML example byte[] value. + */ + private static final byte[] SAML_BYTE_SAMPLE = new byte[] { 60, 115, 97, 109, + 108, 62, 46, 46, 46, 60, 47, 115, 97, 109, 108 }; + + /** + * The SAML's Base64 example value. + */ + private static final String SAML_BASE64_SAMPLE = "PHNhbWw+Li4uPC9zYW1s"; + + /** + * The SAML's Base64 byte[] example value. + */ + private static byte[] SAML_BASE64_BYTE_SAMPLE = new byte[] { 80, 72, 78, 104, + 98, 87, 119, 43, 76, 105, 52, 117, 80, 67, 57, 122, 89, 87, 49, 115 }; + + /** + * The SAML's Base64 Hash byte[] example value. + */ + private static byte[] HASH_BYTE_SAMPLE = new byte[] { 67, 38, 11, 115, 49, + -5, 54, -85, 38, 43, -99, 96, 71, -41, 50, -96, 71, -86, 90, -97, 66, -67, + 90, 101, 30, 82, -13, 60, -106, -72, -103, -75, 19, 2, -107, 107, -6, -56, + 34, -111, -44, -57, -26, -5, 33, 78, -1, 30, 21, 74, -26, 118, -46, -12, + -102, 12, -56, 30, -59, -104, -21, -42, -103, 82 }; + + /** + * Init PEPSUtilTestCase class. + */ + @BeforeClass + public static void runsBeforeTheTestSuite() { + + CONFIGS1.setProperty("max.attrList.size", "20000"); + CONFIGS1.setProperty("attrList.code", "202005"); + CONFIGS1.setProperty("attrList.message", "invalid.attrList.parameter"); + + CONFIGS1.setProperty("max.qaaLevel.size", "1"); + CONFIGS1.setProperty("max.spUrl.size", "inv"); + CONFIGS1.setProperty("validation.active", "true"); + CONFIGS1.setProperty("hashDigest.className", + "org.bouncycastle.crypto.digests.SHA512Digest"); + CONFIGS1.setProperty("invalidAgeDateValue.code", "35"); + CONFIGS1.setProperty("invalidAttributeValue.code", "34"); + CONFIGS1.setProperty("invalidAttributeValue.message", + "Unexpected or invalid content was encountered within a " + + " or element."); + } + + /** + * Tests the {@link PEPSUtil#createInstance(Properties)} method for the given + * properties object. + */ + @Test + public void testCreateInstance() { + Assert.assertNotNull(PEPSUtil.createInstance(CONFIGS2)); + } + + /** + * Tests the {@link PEPSUtil#getConfigs()}. + */ + @Test + public void testGetConfigs() { + final PEPSUtil pepsUtils = PEPSUtil.createInstance(CONFIGS1); + assertEquals(pepsUtils.getConfigs(), CONFIGS1); + } + + /** + * Tests the {@link PEPSUtil#getConfigs()}. + */ + @Test + public void testGetConfigsDifferent() { + final PEPSUtil pepsUtils = PEPSUtil.createInstance(CONFIGS1); + assertNotSame(pepsUtils.getConfigs(), CONFIGS2); + } + + /** + * Tests the {@link PEPSUtil#getConfig(String)} method for the given existing + * config. + */ + @Test + public void testGetConfigExists() { + assertEquals(PEPSUtil.getConfig("hashDigest.className"), + "org.bouncycastle.crypto.digests.SHA512Digest"); + } + + /** + * Tests the {@link PEPSUtil#getConfig(String)} method for the given not + * existing config. + */ + @Test + public void testGetConfigNoExists() { + assertNull(PEPSUtil.getConfig("doesnt.exists")); + } + + /** + * Tests the {@link PEPSUtil#getConfig(String)} method for the given null + * value. + */ + @Test(expected = NullPointerException.class) + public void testGetConfigNull() { + assertNull(PEPSUtil.getConfig(null)); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterExists() { + assertTrue(PEPSUtil.isValidParameter("qaaLevel", "1")); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterExistsGreat() { + assertFalse(PEPSUtil.isValidParameter("qaaLevel", "12")); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterExistsIvalidConf() { + assertFalse(PEPSUtil + .isValidParameter("spUrl", "http://localhost:8080/SP/")); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterNotExists() { + assertFalse(PEPSUtil.isValidParameter("doesntexists", + "http://localhost:8080/SP/")); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterNullParamName() { + assertFalse(PEPSUtil.isValidParameter(null, "http://localhost:8080/SP/")); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterNullParamValue() { + assertFalse(PEPSUtil.isValidParameter("spUrl", null)); + } + + /** + * Tests the {@link PEPSUtil#validateParameter(String, String, Object)} method + * for the given object values. + */ + @Test + public void testValidateParameterValid() { + final IPersonalAttributeList persAttrList = new PersonalAttributeList(); + persAttrList.populate("isAgeOver:true:[15,]:Available;"); + PEPSUtil.validateParameter("ServiceProviderAction", + PEPSParameters.ATTRIBUTE_LIST.toString(), persAttrList); + } + + /** + * Tests the {@link PEPSUtil#validateParameter(String, String, Object)} method + * for the given string values. + */ + @Test(expected = InvalidParameterPEPSException.class) + public void testValidateParameterNull() { + PEPSUtil.validateParameter("ServiceProviderAction", + PEPSParameters.ATTRIBUTE_LIST.toString(), null); + } + + /** + * Tests the {@link PEPSUtil#validateParameter(String, String, String)} method + * for the given string values. + * + * The tested class just invokes + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * so further tests will be later. + */ + @Test + public void testValidateParameter() { + PEPSUtil.validateParameter("ServiceProviderAction", + PEPSParameters.ATTRIBUTE_LIST.toString(), + "isAgeOver:true:[15,]:Available;"); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, PEPSErrors)} + * method for the given string value and {@link PEPSErrors} enum. + * + * The tested class just invokes + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * so further tests will be later. + */ + @Test + public void testValidateParameterPEPSErrors() { + PEPSUtil.validateParameter("CountrySelectorAction", + PEPSParameters.ATTRIBUTE_LIST.toString(), + "isAgeOver:true:[15,]:Available;", + PEPSErrors.SP_COUNTRY_SELECTOR_INVALID_ATTR); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * method for the given string values. + */ + @Test + public void testValidateParameterValidParams() { + PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", "1", + "qaaLevel.code", "qaaLevel.message"); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * method for the given string values. + */ + @Test(expected = InvalidParameterPEPSException.class) + public void testValidateParameterInvalidParamValue() { + PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", "10", + "qaaLevel.code", "qaaLevel.message"); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * method for the given string values. + */ + @Test(expected = InvalidParameterPEPSException.class) + public void testValidateParameterInvalidParamName() { + PEPSUtil.validateParameter("ServiceProviderAction", "doesnt.exists", "1", + "qaaLevel.code", "qaaLevel.message"); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * method for the given string values. + */ + @Test(expected = InvalidParameterPEPSException.class) + public void testValidateParameterNullParamName() { + PEPSUtil.validateParameter("ServiceProviderAction", null, "1", + "qaaLevel.code", "qaaLevel.message"); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * method for the given string values. + */ + @Test(expected = InvalidParameterPEPSException.class) + public void testValidateParameterNullParamValue() { + PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", null, + "qaaLevel.code", "qaaLevel.message"); + } + + /** + * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given + * string value. + */ + @Test + public void testEncodeSAMLToken() { + assertEquals(PEPSUtil.encodeSAMLToken(SAML_BYTE_SAMPLE), SAML_BASE64_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given + * null. + */ + @Test(expected = NullPointerException.class) + public void testEncodeSAMLTokenNull() { + assertNotSame(PEPSUtil.encodeSAMLToken(null), SAML_BASE64_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given + * empty byte[] value. + */ + @Test + public void testEncodeSAMLTokenEmpty() { + assertEquals(PEPSUtil.encodeSAMLToken(EMPTY_BYTE), EMPTY_STRING); + } + + /** + * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given + * byte[] value. + */ + @Test + public void testDecodeSAMLToken() { + assertArrayEquals(PEPSUtil.decodeSAMLToken(SAML_BASE64_SAMPLE), + SAML_BYTE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given + * null value. + */ + @Test(expected = NullPointerException.class) + public void testDecodeSAMLTokenNull() { + assertNotSame(PEPSUtil.decodeSAMLToken(null), SAML_BYTE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given + * empty string value. + */ + @Test(expected = StringIndexOutOfBoundsException.class) + public void testDecodeSAMLTokenEmpty() { + assertTrue(PEPSUtil.decodeSAMLToken(EMPTY_STRING) == EMPTY_BYTE); + } + + /** + * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given + * byte[] value. + */ + @Test + public void testHashPersonalToken() { + assertArrayEquals(PEPSUtil.hashPersonalToken(SAML_BASE64_BYTE_SAMPLE), + HASH_BYTE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given + * null value. + */ + @Test(expected = InternalErrorPEPSException.class) + public void testHashPersonalTokenNull() { + assertNull(PEPSUtil.hashPersonalToken(null)); + } + + /** + * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given + * empty value. + */ + @Test + public void testHashPersonalTokenEmpty() { + assertArrayEquals(PEPSUtil.hashPersonalToken(EMPTY_BYTE), EMPTY_HASH_BYTE); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * correct message. + */ + @Test + public void testGetStorkErrorCodeExists() { + assertEquals(PEPSUtil.getStorkErrorCode(MESSAGE_SAMPLE), ERROR_CODE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * invalid message. + */ + @Test + public void testGetStorkErrorCodeNoExists() { + assertNull(PEPSUtil.getStorkErrorCode(ERROR_MESSAGE_SAMPLE)); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * empty message. + */ + @Test + public void testGetStorkErrorCodeEmpty() { + assertNull(PEPSUtil.getStorkErrorCode(EMPTY_STRING)); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * null message. + */ + @Test + public void testGetStorkErrorCodeNull() { + assertNull(PEPSUtil.getStorkErrorCode(null)); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * invalid message. + */ + @Test + public void testGetStorkErrorCodeWithSepFake() { + assertNull(PEPSUtil.getStorkErrorCode("-")); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * invalid message. + */ + @Test + public void testGetStorkErrorCodeWithSepAndCodeFake() { + assertNull(PEPSUtil.getStorkErrorCode("000001 -")); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given correct message. + */ + @Test + public void testGetStorkErrorMessageExists() { + assertEquals(PEPSUtil.getStorkErrorMessage(MESSAGE_SAMPLE), + ERROR_MESSAGE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given invalid message. + */ + @Test + public void testGetStorkErrorMessageNoExists() { + assertEquals(PEPSUtil.getStorkErrorMessage(ERROR_MESSAGE_SAMPLE), + ERROR_MESSAGE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given empty message. + */ + @Test + public void testGetStorkErrorMessageEmpty() { + assertEquals(PEPSUtil.getStorkErrorMessage(EMPTY_STRING), + EMPTY_STRING); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given null message. + */ + @Test + public void testGetStorkErrorMessageNull() { + assertNull(PEPSUtil.getStorkErrorMessage(null)); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given invalid message. + */ + @Test + public void testGetStorkErrorMessageWithSepFake() { + assertEquals(PEPSUtil.getStorkErrorMessage("-"),"-"); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given invalid message. + */ + @Test + public void testGetStorkErrorMessageWithSepAndCodeFake() { + assertEquals(PEPSUtil.getStorkErrorMessage("000001 -"),"000001 -"); + } + +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PersonalAttributeListTestCase.java.svn-base b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PersonalAttributeListTestCase.java.svn-base new file mode 100644 index 000000000..7052b320a --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PersonalAttributeListTestCase.java.svn-base @@ -0,0 +1,747 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.tests; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKStatusCode; + +/** + * The PersonalAttributeList's Test Case. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.5 $, $Date: 2010-11-17 05:17:02 $ + */ +public final class PersonalAttributeListTestCase { + + /** + * isAgeOver constant value. + */ + private static final String ISAGEOVER_CONS = "isAgeOver"; + + /** + * 1 constant value. + */ + private static final int ONE_CONS = 1; + + /** + * 2 constant value. + */ + private static final int TWO_CONS = 2; + + /** + * An empty attribute. + */ + @SuppressWarnings("unused") + private static final PersonalAttributeList EMPTY_ATTR_LIST = + new PersonalAttributeList(0); + + /** + * An attribute with a complex value (canonicalResidenceAddress). + */ + private static PersonalAttribute complexAttrValue = null; + + /** + * Simple attribute value list string. + */ + private static final String SIMPLE_ATTRLIST = + "isAgeOver:true:[15,]:Available;"; + + /** + * Simple attribute value list string. + */ + private static final String SIMPLE_ATTRLIST2 = + "isAgeOver:true:[18,]:Available;"; + + /** + * Simple attribute value list string. + */ + private static final String SIMPLE_ATTRLIST3 = + "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; + + /** + * Simple attribute value list string. + */ + private static final String SIMPLE_ATTRLIST3_REVERSE = + "isAgeOver:true:[18,]:Available;isAgeOver:true:[15,]:Available;"; + /** + * Simple attribute value list string. + */ + private static final String COMPLEX_ATTRLIST = + "canonicalResidenceAddress:true:[postalCode=4100,apartmentNumber=Ed. B," + + "state=Porto,countryCodeAddress=PT,streetNumber=379," + + "streetName=Avenida Sidonio Pais,town=Porto,]:Available;"; + /** + * Mix attribute list string. + */ + private static final String STR_MIX_ATTR_LIST = + "isAgeOver:true:[15,]:Available;canonicalResidenceAddress:true:[" + + "postalCode=4100,apartmentNumber=Ed.B,state=Porto,countryCodeAddress=PT," + + "streetNumber=379,streetName=Avenida Sidonio Pais,town=Porto,]:" + + "Available;"; + + /** + * Mix attribute list 2 string. + */ + private static final String STR_MIX_ATTR_LIST2 = + "isAgeOver:true:[15,]:Available;canonicalResidenceAddress:true:[" + + "postalCode=4100,apartmentNumber=Ed.B,state=Porto,countryCodeAddress=PT," + + "streetNumber=379,streetName=Avenida Sidonio Pais,town=Porto,]:Available;" + + "mandateContent:true:[" + + "isJoint=\"isjoint\",typeOfPower=\"power\",ValidTo=\"validto\",validfrom=\"validfrom\",AQAA=\"3\",isChained=\"ischained\",]:" + + "Available;"; + + /** + * Attribute List example. + */ + @SuppressWarnings({ "serial" }) + private static final PersonalAttribute ATTR_VALUE = new PersonalAttribute( + "age", true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + /** + * Init PersonalAttributeListTestCase class. + */ + @SuppressWarnings("serial") + @BeforeClass + public static void runsBeforeTheTestSuite() { + final Map values = new HashMap() { + { + put("countryCodeAddress", "PT"); + put("state", "Porto"); + put("town", "Porto"); + put("postalCode", "4100"); + put("streetName", "Avenida Sidonio Pais"); + put("streetNumber", "379"); + put("apartmentNumber", "Ed. B"); + } + }; + + complexAttrValue = + new PersonalAttribute("canonicalResidenceAddress", true, values, + STORKStatusCode.STATUS_AVAILABLE.toString()); + + } + + /** + * Testing Personal Attribute List add method. Personal Attribute list must be + * size 1 - Simple attribute. + */ + @Test + public void testAddSimpleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(ATTR_VALUE); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List add method. Personal Attribute list must be + * size 1 - Complex attribute. + */ + @Test + public void testAddCompleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(complexAttrValue); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List add method. Personal Attribute list must be + * size 0 - no attribute. + */ + @Test + public void testAddNull() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(null); + Assert.assertTrue(attrList.size() == 0); + } + + /** + * Testing Personal Attribute List add method. Same attribute name added + * twice. Personal Attribute list must be size 2 - IsAgeOver attribute added + * twice. + */ + @SuppressWarnings("serial") + @Test + public void testAddSameAttrName() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(attrValueUnder); + attrList.add(attrValueOver); + Assert.assertTrue(attrList.size() == 2); + } + + /** + * Testing Personal Attribute List add method. Same attribute name added + * twice. Personal Attribute list must be size 2 - IsAgeOver attribute added + * twice. + */ + @SuppressWarnings("serial") + @Test + public void testAddSameAttrNameEmpty() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add(""); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(attrValueUnder); + attrList.add(attrValueOver); + Assert.assertTrue(attrList.size() == 2); + } + + /** + * Testing Personal Attribute List put method. Personal Attribute list must be + * size 1 - Simple Value. + */ + @Test + public void testPutSimpleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(ATTR_VALUE.getName(), ATTR_VALUE); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List put method. Personal Attribute list must be + * size 1 - Complex Value. + */ + @Test + public void testPutComplexAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(ATTR_VALUE.getName(), complexAttrValue); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List put method. Personal Attribute list must be + * size 0 - no attribute. + */ + @Test + public void testPutNull() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put("", null); + Assert.assertTrue(attrList.size() == 0); + } + + /** + * Testing Personal Attribute List put method. Personal Attribute list must be + * size 2 - IsAgeOver attribute added twice. + */ + @SuppressWarnings("serial") + @Test + public void testPutSameAttrName() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(attrValueUnder.getName(), attrValueUnder); + attrList.put(attrValueOver.getName(), attrValueOver); + Assert.assertTrue(attrList.size() == 2); + } + + /** + * Testing Personal Attribute List put method. Personal Attribute list must be + * size 2 - IsAgeOver attribute added twice. + */ + @SuppressWarnings("serial") + @Test + public void testPutSameAttrNameEmpty() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add(""); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(attrValueUnder.getName(), attrValueUnder); + attrList.put(attrValueOver.getName(), attrValueOver); + Assert.assertTrue(attrList.size() == 2); + } + + /** + * Testing Personal Attribute List get method. Personal Attribute list must be + * size 1 - Simple attribute. + */ + @Test + public void testGetSimpleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(ATTR_VALUE); + Assert.assertEquals(ATTR_VALUE, attrList.get(ATTR_VALUE.getName())); + } + + /** + * Testing Personal Attribute List add method. Personal Attribute list must be + * size 1 - Complex attribute. + */ + @Test + public void testGetCompleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(complexAttrValue); + Assert.assertEquals(complexAttrValue.toString(), + attrList.get(complexAttrValue.getName()).toString()); + } + + /** + * Testing Personal Attribute List get method. Personal Attribute list must be + * size 2 - IsAgeOver attribute. + */ + @SuppressWarnings("serial") + @Test + public void testGetIsAgeOverAttr() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(attrValueUnder); + attrList.add(attrValueOver); + Assert.assertEquals(SIMPLE_ATTRLIST, + attrList.get(attrValueUnder.getName()).toString()); + Assert.assertEquals(SIMPLE_ATTRLIST2, + attrList.get(attrValueOver.getName()).toString()); + } + + /** + * Testing Personal Attribute List populate method. Personal Attribute list + * must be size 1 - Simple attribute. + */ + @Test + public void testPopulateSimpleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.populate(SIMPLE_ATTRLIST); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List populate method. Personal Attribute list + * must be size 1 - Complex attribute. + */ + @Test + public void testPopulateComplexAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.populate(COMPLEX_ATTRLIST); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List populate method. Personal Attribute list + * must be size 1 - Simple and Complex attribute. + */ + @Test + public void testPopulateMixAttrs() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.populate(STR_MIX_ATTR_LIST); + Assert.assertTrue(attrList.size() == 2); + } + + /** + * Testing Personal Attribute List toString method using add. + */ + @SuppressWarnings("serial") + @Test + public void testToStringFromAdd() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(attrValueUnder); + attrList.add(attrValueOver); + Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString()); + } + + /** + * Testing Personal Attribute List toString method using put. + * + */ + @SuppressWarnings("serial") + @Test + public void testToStringFromPut() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(attrValueUnder.getName(), attrValueUnder); + attrList.put(attrValueOver.getName(), attrValueOver); + Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString()); + } + + /** + * Testing Personal Attribute List toString method using populate. + */ + @Test + public void testToStringFromSimplePopulate() { + final String strAttrList = "isAgeOver:true"; + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.populate(strAttrList); + Assert.assertEquals("isAgeOver:true:[]:;", attrList.toString()); + } + + /** + * Testing Personal Attribute List toString method using populate. + */ + @Test + public void testToStringFromPopulate() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.populate(SIMPLE_ATTRLIST3); + Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString()); + } + + /** + * Testing Personal Attribute List populate method, with invalid values. + */ + @Test + public void testPopulateWithInvalidValuesFormat() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate("name:type:values:status;"); + Assert.assertEquals(pal, new PersonalAttributeList()); + } + + /** + * Testing Personal Attribute List populate method, with invalid format. + */ + @Test + public void testPopulateWithInvalidFormat() { + + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate("name:type::status;"); + Assert.assertEquals(pal, new PersonalAttributeList()); + } + + /** + * Testing Personal Attribute List clone method using add. + */ + @SuppressWarnings("serial") + @Test + public void testCloneFromAdd() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(attrValueUnder); + attrList.add(attrValueOver); + Assert.assertNotSame(attrList, attrList.clone()); + } + + /** + * Testing Personal Attribute List clone method using put. + */ + @SuppressWarnings("serial") + @Test + public void testCloneFromPut() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(attrValueUnder.getName(), attrValueUnder); + attrList.put(attrValueOver.getName(), attrValueOver); + Assert.assertNotSame(attrList, attrList.clone()); + } + + /** + * Testing Personal Attribute List clone method using populate. + */ + @Test + public void testCloneFromPopulate() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(SIMPLE_ATTRLIST3); + Assert.assertNotSame(pal, pal.clone()); + } + + /** + * Testing Personal Attribute List iterator. + */ + @Test + public void testIterator() { + final String strAttrList = + "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + final Iterator itAttr = pal.iterator(); + while (itAttr.hasNext()) { + final PersonalAttribute attr = itAttr.next(); + Assert.assertEquals(ISAGEOVER_CONS, attr.getName()); + } + } + + /** + * Testing Personal Attribute List's GetOptionalAttributes method with empty attribute list. + */ + @Test + public void testGetOptionalAttributesWithEmptyList() { + final PersonalAttributeList pal = new PersonalAttributeList(); + Assert.assertTrue(pal.getOptionalAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's GetOptionalAttributes method without optional attributes. + */ + @Test + public void testGetOptionalAttributesWithoutOptional() { + final String strAttrList = + "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getOptionalAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's GetOptionalAttributes method with one optional attribute. + */ + @Test + public void testGetOptionalAttributesWithOneOptional() { + final String strAttrList = + "age:false:[]:;isAgeOver:true:[15,]:;isAgeOver:true:[18,]:;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getOptionalAttributes().size() == ONE_CONS); + } + + /** + * Testing Personal Attribute List's GetOptionalAttributes method with two optional attribute. + */ + @Test + public void testGetOptionalAttributesWithOnlyOptional() { + final String strAttrList = + "age:false:[]:;isAgeOver:false:[18,]:;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getOptionalAttributes().size() == TWO_CONS); + } + + /** + * Testing Personal Attribute List's getMandatoryAttributes method with empty attribute list. + */ + @Test + public void testGetMandatoryAttributesWithEmptyList() { + final PersonalAttributeList pal = new PersonalAttributeList(); + Assert.assertTrue(pal.getMandatoryAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's getMandatoryAttributes method without mandatory attributes. + */ + @Test + public void testGetMandatoryAttributesWithoutMandatory() { + final String strAttrList = + "isAgeOver:false:[15,]:Available;isAgeOver:false:[18,]:Available;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getMandatoryAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's GetMandatoryAttributes method with one mandatory attribute. + */ + @Test + public void testGetMandatoryAttributesWithOneMandatory() { + final String strAttrList = + "age:true:[]:;isAgeOver:false:[15,]:;isAgeOver:false:[18,]:;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getMandatoryAttributes().size() == ONE_CONS); + } + + /** + * Testing Personal Attribute List's GetMandatoryAttributes method with two mandatory attribute. + */ + @Test + public void testGetMandatoryAttributesWithOnlyMandatory() { + final String strAttrList = + "age:true:[]:;isAgeOver:true:[18,]:;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getMandatoryAttributes().size() == TWO_CONS); + } + + /** + * Testing Personal Attribute List's getSimpleValueAttributes method with empty attribute list. + */ + @Test + public void testGetSimpleValueAttributesWithEmptyList() { + final PersonalAttributeList pal = new PersonalAttributeList(); + Assert.assertTrue(pal.getSimpleValueAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's getSimpleValueAttributes() method without simple attributes. + */ + @Test + public void testGetSimpleValueAttributesWithoutSimple() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(COMPLEX_ATTRLIST); + Assert.assertTrue(pal.getSimpleValueAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's getSimpleValueAttributes() method with one simple attribute. + */ + @Test + public void testGetSimpleValueAttributesWithOneSimple() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(STR_MIX_ATTR_LIST); + Assert.assertTrue(pal.getSimpleValueAttributes().size() == ONE_CONS); + } + + /** + * Testing Personal Attribute List's GetMandatoryAttributes method with two simple attribute. + */ + @Test + public void testGetSimpleValueAttributesWithOnlySimple() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(SIMPLE_ATTRLIST3); + Assert.assertTrue(pal.getSimpleValueAttributes().size() == TWO_CONS); + } + + /** + * Testing Personal Attribute List's getComplexValueAttributes method with empty attribute list. + */ + @Test + public void testGetComplexAttributesWithEmptyList() { + final PersonalAttributeList pal = new PersonalAttributeList(); + Assert.assertTrue(pal.getComplexAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's getComplexAttributes() method without complex attributes. + */ + @Test + public void testGetComplexAttributesWithoutSimple() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(SIMPLE_ATTRLIST2); + Assert.assertTrue(pal.getComplexAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's getComplexAttributes() method with one complex attribute. + */ + @Test + public void testGetComplexAttributesWithOneComplex() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(STR_MIX_ATTR_LIST); + Assert.assertTrue(pal.getComplexAttributes().size() == ONE_CONS); + } + + /** + * Testing Personal Attribute List's GetMandatoryAttributes method with only two Complex attribute. + */ + @Test + public void testGetComplexAttributesWithOnlyComplex() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(STR_MIX_ATTR_LIST2); + Assert.assertTrue(pal.getComplexAttributes().size() == TWO_CONS); + } + +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PersonalAttributeTestCase.java.svn-base b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PersonalAttributeTestCase.java.svn-base new file mode 100644 index 000000000..458d510e0 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/PersonalAttributeTestCase.java.svn-base @@ -0,0 +1,182 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.tests; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Map; + +import junit.framework.Assert; + +import org.junit.BeforeClass; +import org.junit.Test; + +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.STORKStatusCode; + +/** + * The PersonalAttribute's Test Case. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.4 $, $Date: 2010-11-17 05:17:03 $ + */ +public final class PersonalAttributeTestCase { + + /** + * An empty attribute. + */ + private static final PersonalAttribute EMPTYATTR = new PersonalAttribute(); + + /** + * An attribute with a complex value (canonicalResidenceAddress). + */ + private static PersonalAttribute complexAttrValue = null; + + /** + * An attribute with a simple value (age). + */ + @SuppressWarnings("serial") + private static final PersonalAttribute ATTR_VALUE = new PersonalAttribute( + "age", true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + /** + * Init PersonalAttributeTestCase class. + */ + @SuppressWarnings("serial") + @BeforeClass + public static void runsBeforeTheTestSuite() { + final Map values = new HashMap() { + { + put("countryCodeAddress", "PT"); + put("state", "Porto"); + put("town", "Porto"); + put("postalCode", "4100"); + put("streetName", "Avenida Sidonio Pais"); + put("streetNumber", "379"); + put("apartmentNumber", "B"); + } + }; + + complexAttrValue = + new PersonalAttribute("canonicalResidenceAddress", true, values, + STORKStatusCode.STATUS_AVAILABLE.toString()); + + } + + /** + * Tests the {@link PersonalAttribute#toString()} method for the given simple + * attribute value. Values must match. + */ + @Test + public void testToStringValues() { + Assert.assertEquals("age:true:[15,]:Available;", ATTR_VALUE.toString()); + } + + /** + * Tests the {@link PersonalAttribute#toString()} method for the given complex + * attribute value. Values must match. + */ + @Test + public void testToStringComplexValues() { + Assert.assertEquals( + "canonicalResidenceAddress:true:[postalCode=4100,apartmentNumber=B," + + "state=Porto,countryCodeAddress=PT,streetNumber=379," + + "streetName=Avenida Sidonio Pais,town=Porto,]:Available;", + complexAttrValue.toString()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyStatus()} method for the given + * empty attribute. Must return true. + */ + @Test + public void testToIsEmptyStatusWithNull() { + Assert.assertTrue(EMPTYATTR.isEmptyStatus()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyStatus()} method for the given + * new attribute. Must return true. + */ + @Test + public void testToIsEmptyStatusWithEmptyString() { + final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); + attr.setStatus(""); + Assert.assertTrue(attr.isEmptyStatus()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyValue()} method for the given + * empty attribute. Must return true. + */ + @Test + public void testToIsEmptyValueWithNull() { + final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); + attr.setValue(null); + Assert.assertTrue(attr.isEmptyValue()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyValue()} method for the given + * empty attribute. Must return true. + */ + @Test + public void testToIsEmptyValue() { + Assert.assertTrue(EMPTYATTR.isEmptyValue()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyComplexValue()} method for the + * given empty attribute. Must return true. + */ + @Test + public void testToIsEmptyComplexValueWithNull() { + final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); + attr.setComplexValue(null); + Assert.assertTrue(attr.isEmptyComplexValue()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyComplexValue()} method for the + * given empty attribute. Must return true. + */ + @Test + public void testToIsEmptyComplexValueWithEmptyComplexValue() { + Assert.assertTrue(EMPTYATTR.isEmptyComplexValue()); + } + + /** + * Tests the {@link PersonalAttribute#clone()} method for the given attribute. + * Must return true. + */ + @Test + public void testCloneToComplexValue() { + Assert.assertNotSame(complexAttrValue, complexAttrValue.clone()); + } + + /** + * Tests the {@link PersonalAttribute#clone()} method for the given attribute. + * Must return true. + */ + @Test + public void testCloneToValue() { + Assert.assertNotSame(ATTR_VALUE, ATTR_VALUE.clone()); + } +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/package-info.java.svn-base b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/package-info.java.svn-base new file mode 100644 index 000000000..452602210 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/.svn/text-base/package-info.java.svn-base @@ -0,0 +1,5 @@ +/** + * This package provides all JUnit test classes. + */ +package eu.stork.peps.tests; + diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java new file mode 100644 index 000000000..2e8cc2e62 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeProvidersMapTestCase.java @@ -0,0 +1,134 @@ +package eu.stork.peps.tests; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import org.junit.Test; + +import eu.stork.peps.auth.commons.AttributeProvider; +import eu.stork.peps.auth.commons.AttributeProvidersMap; +import eu.stork.peps.auth.commons.AttributeSource; +import eu.stork.peps.auth.commons.Country; +import eu.stork.peps.auth.commons.IAttributeProvidersMap; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttributeList; + +/** + * The AttributeSource's Test Case. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: $, $Date: $ + */ +public class AttributeProvidersMapTestCase { + + @Test + public void testObjectOK1() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(source) ) { + outcome = true; + } + + assertTrue(outcome); + } + + @Test + public void testObjectOK2() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(source) ) { + if ( map.get(source)!=null ) { + outcome = true; + } + } + + assertTrue(outcome); + } + + @Test + public void testObjectOK3() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + AttributeSource target = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(target) ) { + outcome = true; + } + + assertTrue(outcome); + } + + @Test + public void testObjectOK4() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + AttributeSource target = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(target) ) { + if ( map.get(target)!=null ) { + outcome = true; + } + } + + assertTrue(outcome); + } + + @Test + public void testObjectNOK1() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + AttributeSource target = new AttributeSource(new Country("ID1", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(target) ) { + outcome = true; + } + + assertFalse(outcome); + } + + @Test + public void testObjectNOK2() { + IAttributeProvidersMap map = new AttributeProvidersMap(); + AttributeSource source = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL"); + AttributeSource target = new AttributeSource(new AttributeProvider("ID2", "Name 1"), "URL"); + IPersonalAttributeList pal = new PersonalAttributeList(); + boolean outcome = false; + + //Add a single item + map.put(source, pal); + + if ( map.containsKey(target) ) { + outcome = true; + } + + assertFalse(outcome); + } +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java new file mode 100644 index 000000000..31cabb612 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeSourceTestCase.java @@ -0,0 +1,88 @@ +package eu.stork.peps.tests; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + +import org.junit.Test; + +import eu.stork.peps.auth.commons.AttributeProvider; +import eu.stork.peps.auth.commons.AttributeSource; +import eu.stork.peps.auth.commons.Country; + +/** + * The AttributeSource's Test Case. + * + * @author Stelios Lelis (stelios.lelis@aegean.gr), Elias Pastos (ilias@aegean.gr) + * + * @version $Revision: $, $Date: $ + */ +public final class AttributeSourceTestCase { + private AttributeSource ap1 = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL1"); + private AttributeSource ap2 = new AttributeSource(new AttributeProvider("ID2", "Name 2"), "URL2"); + private AttributeSource ap3 = new AttributeSource(new AttributeProvider("ID1", "Name 2"), "URL2"); + private AttributeSource ap4 = new AttributeSource(new AttributeProvider("ID1", "Name 2"), "URL1"); + private AttributeSource ap5 = new AttributeSource(new AttributeProvider("ID1", "Name 1"), "URL1"); + + private AttributeSource c1 = new AttributeSource(new Country("ID1", "Name 1"), "URL1"); + private AttributeSource c2 = new AttributeSource(new Country("ID2", "Name 2"), "URL2"); + private AttributeSource c3 = new AttributeSource(new Country("ID1", "Name 2"), "URL2"); + private AttributeSource c4 = new AttributeSource(new Country("ID1", "Name 2"), "URL1"); + private AttributeSource c5 = new AttributeSource(new Country("ID1", "Name 1"), "URL1"); + + @Test + public void testNotEquals1() { + assertFalse(ap1.equals(ap2)); + } + + @Test + public void testNotEquals2() { + assertFalse(ap1.equals(c1)); + } + + @Test + public void testNotEquals3() { + assertFalse(c1.equals(c2)); + } + + @Test + public void testEquals1() { + assertTrue(ap1.equals(ap3)); + } + + @Test + public void testEquals2() { + assertTrue(ap1.equals(ap4)); + } + + @Test + public void testEquals3() { + assertTrue(ap1.equals(ap5)); + } + + @Test + public void testEquals4() { + assertTrue(c1.equals(c3)); + } + + @Test + public void testEquals5() { + assertTrue(c1.equals(c4)); + } + + @Test + public void testEquals6() { + assertTrue(c1.equals(c5)); + } + + @Test + public void testEquals7() { + Object obj = ap5; + assertTrue(ap1.equals(obj)); + } + + @Test + public void testEquals8() { + Object obj = c5; + assertTrue(c1.equals(obj)); + } +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java new file mode 100644 index 000000000..77fc4b9c2 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/AttributeUtilTestCase.java @@ -0,0 +1,537 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.tests; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.assertEquals; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import org.junit.Test; + +import eu.stork.peps.auth.commons.AttributeUtil; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSValues; +import eu.stork.peps.auth.commons.PersonalAttributeList; + +/** + * The AttributeUtil's Test Case. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com + * + * @version $Revision: $, $Date: $ + */ +public final class AttributeUtilTestCase { + + /** + * Empty String to be used on the tests. + */ + private static final String EMPTY_STRING = ""; + + /** + * Tuple value sample to be used on the tests. + */ + private static final String[] TUPLE_STRING = new String[] { "age", "true", + "[18]", "Available" }; + + /** + * Complex value to be used on escape/unescape tests. + */ + private static final String COMPLEX_VAL = "postalCode=4100," + + "apartmentNumber=A,state=Porto,countryCodeAddress=PT,streetNumber=379," + + "streetName=Avenida Sidonio Pais,town=Porto,"; + + /** + * Escaped Complex value to be used on escape/unescape tests. + */ + private static final String ESC_COMPLEX_VAL = "postalCode=4100%44" + + "apartmentNumber=A%44state=Porto%44countryCodeAddress=PT%44" + + "streetNumber=379%44streetName=Avenida Sidonio Pais%44town=Porto%44"; + + /** + * Simple value to be used on escape/unescape tests. + */ + private static final String SIMPLE_VAL = "Avenida da Boavista, Porto"; + + /** + * Escaped simple value to be used on escape/unescape tests. + */ + private static final String ESC_SIMPLE_VAL = "Avenida da Boavista%44 Porto"; + + /** + * Simple text to be used on escape/unescape tests. Must match the escaped + * text. + */ + private static final String SIMPLE_TEXT = "John Doe"; + + /** + * Tests the {@link AttributeUtil#escape(String)} method for the given complex + * attribute value (canonical address' example attribute value). + */ + @Test + public void testEscapeSpecialCharsComplexVal() { + assertEquals(AttributeUtil.escape(COMPLEX_VAL), ESC_COMPLEX_VAL); + } + + /** + * Tests the {@link AttributeUtil#escape(String)} method for the given + * attribute value. + */ + @Test + public void testEscapeSpecialCharsVal() { + assertEquals(AttributeUtil.escape(SIMPLE_VAL), ESC_SIMPLE_VAL); + } + + /** + * Tests the {@link AttributeUtil#escape(String)} method for the given simple + * text: no special characters to escape. + */ + @Test + public void testEscapeNormalChars() { + assertEquals(AttributeUtil.escape(SIMPLE_TEXT), SIMPLE_TEXT); + } + + /** + * Tests the {@link AttributeUtil#unescape(String)} method for the given + * escape complex attribute value (canonical address' example attribute + * value). + */ + @Test + public void testUnescapeSpecialCharsComplexVal() { + assertEquals(AttributeUtil.unescape(ESC_COMPLEX_VAL), COMPLEX_VAL); + } + + /** + * Tests the {@link AttributeUtil#escape(String)} method for the given escape + * attribute value. + */ + @Test + public void testUnescapeSpecialCharsVal() { + assertEquals(AttributeUtil.unescape(ESC_SIMPLE_VAL), SIMPLE_VAL); + } + + /** + * Tests the {@link AttributeUtil#escape(String)} method for the given simple + * text: no special characters to unescape. + */ + @Test + public void testUnescapeNormalChars() { + assertEquals(AttributeUtil.unescape(SIMPLE_TEXT), SIMPLE_TEXT); + } + + /** + * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} + * method for the given empty string. + */ + @Test + public void testAppendIfNotNullEmptyStr() { + final StringBuilder strBuilder = new StringBuilder(SIMPLE_TEXT); + AttributeUtil.appendIfNotNull(strBuilder, EMPTY_STRING); + assertEquals(strBuilder.toString(), SIMPLE_TEXT); + } + + /** + * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} + * method for the given string. + */ + @Test + public void testAppendIfNotNullStr() { + final StringBuilder strBuilder = new StringBuilder(); + AttributeUtil.appendIfNotNull(strBuilder, SIMPLE_TEXT); + assertEquals(strBuilder.toString(), SIMPLE_TEXT); + } + + /** + * Tests the {@link AttributeUtil#appendIfNotNull(StringBuilder, Object)} + * method for the given null value. + */ + @Test + public void testAppendIfNotNull() { + final StringBuilder strBuilder = new StringBuilder(); + AttributeUtil.appendIfNotNull(strBuilder, null); + assertEquals(strBuilder.toString(), EMPTY_STRING); + } + + /** + * Tests the {@link AttributeUtil#listToString(List, String)} method for the + * given List with two values. + */ + @Test + public void testListToStringTwoVals() { + final List vals = new ArrayList(); + vals.add(SIMPLE_VAL); + vals.add(SIMPLE_TEXT); + + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append(SIMPLE_TEXT); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + + assertEquals( + AttributeUtil.listToString(vals, + PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); + } + + /** + * Tests the {@link AttributeUtil#listToString(List, String)} method for the + * given List with one values. + */ + @Test + public void testListToStringOneVal() { + final List vals = new ArrayList(); + vals.add(SIMPLE_VAL); + + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + + assertEquals( + AttributeUtil.listToString(vals, + PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); + } + + /** + * Tests the {@link AttributeUtil#listToString(List, String)} method for the + * given List with one value. + */ + @Test + public void testListToStringEmptyVal() { + final List vals = new ArrayList(); + + final StringBuilder strBuilder = new StringBuilder(); + + assertEquals( + AttributeUtil.listToString(vals, + PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); + } + + /** + * Tests the {@link AttributeUtil#mapToString(java.util.Map, String)} method + * for the given Map with one value. + */ + @Test + public void testMapToStringOneVal() { + final Map vals = new HashMap(); + vals.put("CanonicalAddress", COMPLEX_VAL); + + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("CanonicalAddress="); + strBuilder.append(ESC_COMPLEX_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + + assertEquals(AttributeUtil.mapToString(vals, + PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); + } + + /** + * Tests the {@link AttributeUtil#mapToString(java.util.Map, String)} method + * for the given empty Map. + */ + @Test + public void testMapToStringEmptyVal() { + final Map vals = new HashMap(); + + final StringBuilder strBuilder = new StringBuilder(); + + assertEquals(AttributeUtil.mapToString(vals, + PEPSValues.ATTRIBUTE_VALUE_SEP.toString()), strBuilder.toString()); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * invalid List. + */ + @Test + public void testIsValidValueInvalidList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append("]"); + assertFalse(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * null value. + */ + @Test + public void testIsValidValueNullList() { + assertFalse(AttributeUtil.isValidValue(null)); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * empty List. + */ + @Test + public void testIsValidValueEmptyList() { + assertTrue(AttributeUtil.isValidValue("[]")); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * empty List. + */ + @Test + public void testIsValidValueEmptyCommaList() { + assertTrue(AttributeUtil.isValidValue("[,]")); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * one simple value List. + */ + @Test + public void testIsValidValueOneValueList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("["); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append("]"); + assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * one simple value List. + */ + @Test + public void testIsValidValueOneValueCommaList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("["); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append("]"); + assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * one complex value List. + */ + @Test + public void testIsValidValueOneComplexValueList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("["); + strBuilder.append(ESC_COMPLEX_VAL); + strBuilder.append("]"); + assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * one complex value List. + */ + @Test + public void testIsValidValueOneComplexValueCommaList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("["); + strBuilder.append(ESC_COMPLEX_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append("]"); + assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * multi value List. + */ + @Test + public void testIsValidValueMultiValueList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append("["); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append(SIMPLE_TEXT); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append("]"); + assertTrue(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidValue(String)} method for the given + * invalid multi value List. + */ + @Test + public void testIsValidValueInvalidMultiValueList() { + final StringBuilder strBuilder = new StringBuilder(); + strBuilder.append(ESC_SIMPLE_VAL); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append(SIMPLE_TEXT); + strBuilder.append(PEPSValues.ATTRIBUTE_VALUE_SEP.toString()); + strBuilder.append("]"); + assertFalse(AttributeUtil.isValidValue(strBuilder.toString())); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * true type. + */ + @Test + public void testIsValidTypetrue() { + assertTrue(AttributeUtil.isValidType("true")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * True type. + */ + @Test + public void testIsValidTypeTrue() { + assertTrue(AttributeUtil.isValidType("True")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * TRUE type. + */ + @Test + public void testIsValidTypeTRUE() { + assertTrue(AttributeUtil.isValidType("TRUE")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * invalid type. + */ + @Test + public void testIsValidTypeInvalidType() { + assertFalse(AttributeUtil.isValidType("str")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * false type. + */ + @Test + public void testIsValidTypefalse() { + assertTrue(AttributeUtil.isValidType("false")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * False type. + */ + @Test + public void testIsValidTypeFalse() { + assertTrue(AttributeUtil.isValidType("False")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * FALSE type. + */ + @Test + public void testIsValidTypeFALSEVal() { + assertTrue(AttributeUtil.isValidType("False")); + } + + /** + * Tests the {@link AttributeUtil#isValidType(String)} method for the given + * null. + */ + @Test + public void testIsValidTypeNullVal() { + assertFalse(AttributeUtil.isValidType(null)); + } + + /** + * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the + * given valid tuple. + */ + @Test + public void testHasValidTuples() { + assertTrue(AttributeUtil.hasValidTuples(TUPLE_STRING)); + } + + /** + * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the + * given invalid tuple. + */ + @Test + public void testHasValidTuplesInvalid() { + final String[] tuple = new String[]{"name", "type"}; + assertFalse(AttributeUtil.hasValidTuples(tuple)); + } + + /** + * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the + * given invalid tuple with valid size. + */ + @Test + public void testHasValidTuplesSameSizeInvalidValues() { + final String[] tuple = new String[] { "age", "type", "[18]", "Available"}; + assertFalse(AttributeUtil.hasValidTuples(tuple)); + } + + /** + * Tests the {@link AttributeUtil#hasValidTuples(String[])} method for the + * given null value. + */ + @Test + public void testHasValidTuplesNull() { + assertFalse(AttributeUtil.hasValidTuples(null)); + } + + /** + * Tests the + * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} + * method for the given attribute list.. + */ + @Test + public void testCheckMandatoryAttributes() { + final IPersonalAttributeList attrList = new PersonalAttributeList(); + attrList.populate("isAgeOver:true:[18,]:Available;"); + assertTrue(AttributeUtil.checkMandatoryAttributes(attrList)); + + } + + /** + * Tests the + * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} + * method for the given null value. + */ + @Test(expected = NullPointerException.class) + public void testCheckMandatoryAttributesNullAttrList() { + assertTrue(AttributeUtil.checkMandatoryAttributes(null)); + } + + /** + * Tests the + * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} + * method for the given empty attribute list. + */ + @Test + public void testCheckMandatoryAttributesEmptyAttrList() { + final IPersonalAttributeList attrList = new PersonalAttributeList(); + assertTrue(AttributeUtil.checkMandatoryAttributes(attrList)); + } + + /** + * Tests the + * {@link AttributeUtil#checkMandatoryAttributes(IPersonalAttributeList)} + * method for the given attribute list (missing mandatory attribute). + */ + @Test + public void testCheckMandatoryAttributesMissingAttr() { + final IPersonalAttributeList attrList = new PersonalAttributeList(); + attrList.populate("isAgeOver:true:[]:NotAvailable;"); + assertFalse(AttributeUtil.checkMandatoryAttributes(attrList)); + } + +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java new file mode 100644 index 000000000..5d2296997 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/DateUtilTestCase.java @@ -0,0 +1,294 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.tests; + +import java.sql.Timestamp; +import java.util.Properties; + +import org.joda.time.DateTime; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +import eu.stork.peps.auth.commons.DateUtil; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.exceptions.SecurityPEPSException; + +/** + * The PersonalAttribute's Test Case. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.2 $, $Date: 2010-11-17 05:17:03 $ + */ +public final class DateUtilTestCase { + + /** + * Stork Format date. + */ + private static final String FORMAT = "yyyyMMdd"; + + /** + * Expected 10 value. + */ + private static final int TEN = 10; + + /** + * Expected 11 value. + */ + private static final int ELEVEN = 11; + + /** + * The testing Date ("current" date). + */ + private static final DateTime TESTDATE = new DateTime(2011, 10, 10, 15, 20, + 0, 0); + + /** + * Init DateUtilTestCase class. + */ + @BeforeClass + public static void runsBeforeTheTestSuite() { + final Properties configs = new Properties(); + configs.setProperty("invalidAgeDateValue.code", "35"); + configs.setProperty("invalidAttributeValue.code", "34"); + configs + .setProperty( + "invalidAttributeValue.message", + "Unexpected or invalid content was encountered within a " + + " or element."); + PEPSUtil.createInstance(configs); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given year against + * the testDate: 2011-10-10 15:20:00.0. Must return 10. + */ + @Test + public void calculateAgeFromYear() { + Assert.assertTrue(TEN == DateUtil.calculateAge("2000", TESTDATE, FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given year and month + * against the testDate: 2011-10-10 15:20:00.0. Must return 11. + */ + @Test + public void calculateAgeFromEarlyMonth() { + Assert.assertTrue(ELEVEN == DateUtil.calculateAge("200001", TESTDATE, + FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given year and month + * against the testDate: 2011-10-10 15:20:00.0. Must return 10. + */ + @Test + public void calculateAgeFromSameMonth() { + Assert.assertTrue(TEN == DateUtil.calculateAge("200010", TESTDATE, FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given year and month + * against the testDate: 2011-10-10 15:20:00.0. Must return 10. + */ + @Test + public void calculateAgeFromLaterMonth() { + Assert.assertTrue(TEN == DateUtil.calculateAge("200011", TESTDATE, FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return 11. + */ + @Test + public void calculateAgeFromEarlyFullDate() { + Assert.assertTrue(ELEVEN == DateUtil.calculateAge("20000101", TESTDATE, + FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return 11. + */ + @Test + public void calculateAgeFromSameDay() { + Assert.assertTrue(ELEVEN == DateUtil.calculateAge("20001010", TESTDATE, + FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return 10. + */ + @Test + public void calculateAgeFromLaterFullDate() { + Assert.assertTrue(TEN == DateUtil + .calculateAge("20001011", TESTDATE, FORMAT)); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromInvalidDate() { + DateUtil.calculateAge("200", TESTDATE, FORMAT); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromInvalidMonth() { + DateUtil.calculateAge("200013", TESTDATE, FORMAT); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromInvalidDay() { + DateUtil.calculateAge("20000230", TESTDATE, FORMAT); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromNullDate() { + DateUtil.calculateAge(null, TESTDATE, FORMAT); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromNullCurDate() { + DateUtil.calculateAge("2000", null, FORMAT); + } + + /** + * Tests the {@link DateUtil#calculateAge} method for the given full date + * against the testDate: 2011-10-10 15:20:00.0. Must return a + * SecurityPEPSException exception. + */ + @Test(expected = SecurityPEPSException.class) + public void calculateAgeFromNullFormat() { + DateUtil.calculateAge("2000", TESTDATE, null); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return true + */ + @Test + public void isValidFormatDateFromYear() { + Assert.assertTrue(DateUtil.isValidFormatDate("2000", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year and + * month. Must return true. + */ + @Test + public void isValidFormatDateFromMonth() { + Assert.assertTrue(DateUtil.isValidFormatDate("200001", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDate() { + Assert.assertTrue(DateUtil.isValidFormatDate("20000101", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDateInvalidYear() { + Assert.assertFalse(DateUtil.isValidFormatDate("200", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDateInvalidMonth() { + Assert.assertFalse(DateUtil.isValidFormatDate("200013", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDateInvalidDate() { + Assert.assertFalse(DateUtil.isValidFormatDate("20010229", FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDateNullDate() { + Assert.assertFalse(DateUtil.isValidFormatDate(null, FORMAT)); + } + + /** + * Tests the {@link DateUtil#isValidFormatDate} method for the given year. + * Must return false. + */ + @Test + public void isValidFormatDateNullFormat() { + Assert.assertFalse(DateUtil.isValidFormatDate("2000", null)); + } + + /** + * Tests the {@link DateUtil#currentTimeStamp()} method for the current + * TimeStamp (TS). Must return true. + */ + @Test + public void testCurrentTimeStampBefore() { + Timestamp ts = DateUtil.currentTimeStamp(); + Assert.assertNotSame(ts, DateUtil.currentTimeStamp()); + } + + /** + * Tests the {@link DateUtil#currentTimeStamp()} method for the current + * TimeStamp (TS). Must return true. + */ + @Test + public void testCurrentTimeStampAfter() { + Timestamp ts = DateUtil.currentTimeStamp(); + Assert.assertEquals(DateUtil.currentTimeStamp(), ts); + } + +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java new file mode 100644 index 000000000..d4841ed43 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PEPSUtilTestCase.java @@ -0,0 +1,553 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.tests; + +import static org.junit.Assert.assertArrayEquals; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotSame; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.assertFalse; + +import java.util.Properties; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PEPSErrors; +import eu.stork.peps.auth.commons.PEPSParameters; +import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.exceptions.InternalErrorPEPSException; +import eu.stork.peps.auth.commons.exceptions.InvalidParameterPEPSException; + +/** + * The PEPSUtil's Test Case. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com + * + * @version $Revision: $, $Date: $ + */ +public final class PEPSUtilTestCase { + + /** + * Message example. + */ + private static final String MESSAGE_SAMPLE = "003002 - Authentication Failed"; + + /** + * Error message example. + */ + private static final String ERROR_MESSAGE_SAMPLE = "Authentication Failed"; + + /** + * Error code example. + */ + private static final String ERROR_CODE_SAMPLE = "003002"; + + /** + * Properties values for testing proposes. + */ + private static final Properties CONFIGS1 = new Properties(); + + /** + * Properties values for testing proposes. + */ + private static final Properties CONFIGS2 = new Properties(); + + /** + * The empty string value: "". + */ + private static final String EMPTY_STRING = ""; + + /** + * The empty byte value: []. + */ + private static final byte[] EMPTY_BYTE = new byte[] {}; + + /** + * The empty byte hash value. + */ + private static final byte[] EMPTY_HASH_BYTE = new byte[] { -49, -125, -31, + 53, 126, -17, -72, -67, -15, 84, 40, 80, -42, 109, -128, 7, -42, 32, -28, + 5, 11, 87, 21, -36, -125, -12, -87, 33, -45, 108, -23, -50, 71, -48, -47, + 60, 93, -123, -14, -80, -1, -125, 24, -46, -121, 126, -20, 47, 99, -71, 49, + -67, 71, 65, 122, -127, -91, 56, 50, 122, -7, 39, -38, 62 }; + + /** + * The SAML example byte[] value. + */ + private static final byte[] SAML_BYTE_SAMPLE = new byte[] { 60, 115, 97, 109, + 108, 62, 46, 46, 46, 60, 47, 115, 97, 109, 108 }; + + /** + * The SAML's Base64 example value. + */ + private static final String SAML_BASE64_SAMPLE = "PHNhbWw+Li4uPC9zYW1s"; + + /** + * The SAML's Base64 byte[] example value. + */ + private static byte[] SAML_BASE64_BYTE_SAMPLE = new byte[] { 80, 72, 78, 104, + 98, 87, 119, 43, 76, 105, 52, 117, 80, 67, 57, 122, 89, 87, 49, 115 }; + + /** + * The SAML's Base64 Hash byte[] example value. + */ + private static byte[] HASH_BYTE_SAMPLE = new byte[] { 67, 38, 11, 115, 49, + -5, 54, -85, 38, 43, -99, 96, 71, -41, 50, -96, 71, -86, 90, -97, 66, -67, + 90, 101, 30, 82, -13, 60, -106, -72, -103, -75, 19, 2, -107, 107, -6, -56, + 34, -111, -44, -57, -26, -5, 33, 78, -1, 30, 21, 74, -26, 118, -46, -12, + -102, 12, -56, 30, -59, -104, -21, -42, -103, 82 }; + + /** + * Init PEPSUtilTestCase class. + */ + @BeforeClass + public static void runsBeforeTheTestSuite() { + + CONFIGS1.setProperty("max.attrList.size", "20000"); + CONFIGS1.setProperty("attrList.code", "202005"); + CONFIGS1.setProperty("attrList.message", "invalid.attrList.parameter"); + + CONFIGS1.setProperty("max.qaaLevel.size", "1"); + CONFIGS1.setProperty("max.spUrl.size", "inv"); + CONFIGS1.setProperty("validation.active", "true"); + CONFIGS1.setProperty("hashDigest.className", + "org.bouncycastle.crypto.digests.SHA512Digest"); + CONFIGS1.setProperty("invalidAgeDateValue.code", "35"); + CONFIGS1.setProperty("invalidAttributeValue.code", "34"); + CONFIGS1.setProperty("invalidAttributeValue.message", + "Unexpected or invalid content was encountered within a " + + " or element."); + } + + /** + * Tests the {@link PEPSUtil#createInstance(Properties)} method for the given + * properties object. + */ + @Test + public void testCreateInstance() { + Assert.assertNotNull(PEPSUtil.createInstance(CONFIGS2)); + } + + /** + * Tests the {@link PEPSUtil#getConfigs()}. + */ + @Test + public void testGetConfigs() { + final PEPSUtil pepsUtils = PEPSUtil.createInstance(CONFIGS1); + assertEquals(pepsUtils.getConfigs(), CONFIGS1); + } + + /** + * Tests the {@link PEPSUtil#getConfigs()}. + */ + @Test + public void testGetConfigsDifferent() { + final PEPSUtil pepsUtils = PEPSUtil.createInstance(CONFIGS1); + assertNotSame(pepsUtils.getConfigs(), CONFIGS2); + } + + /** + * Tests the {@link PEPSUtil#getConfig(String)} method for the given existing + * config. + */ + @Test + public void testGetConfigExists() { + assertEquals(PEPSUtil.getConfig("hashDigest.className"), + "org.bouncycastle.crypto.digests.SHA512Digest"); + } + + /** + * Tests the {@link PEPSUtil#getConfig(String)} method for the given not + * existing config. + */ + @Test + public void testGetConfigNoExists() { + assertNull(PEPSUtil.getConfig("doesnt.exists")); + } + + /** + * Tests the {@link PEPSUtil#getConfig(String)} method for the given null + * value. + */ + @Test(expected = NullPointerException.class) + public void testGetConfigNull() { + assertNull(PEPSUtil.getConfig(null)); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterExists() { + assertTrue(PEPSUtil.isValidParameter("qaaLevel", "1")); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterExistsGreat() { + assertFalse(PEPSUtil.isValidParameter("qaaLevel", "12")); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterExistsIvalidConf() { + assertFalse(PEPSUtil + .isValidParameter("spUrl", "http://localhost:8080/SP/")); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterNotExists() { + assertFalse(PEPSUtil.isValidParameter("doesntexists", + "http://localhost:8080/SP/")); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterNullParamName() { + assertFalse(PEPSUtil.isValidParameter(null, "http://localhost:8080/SP/")); + } + + /** + * Tests the {@link PEPSUtil#isValidParameter(String, String)} method for the + * given param values. + */ + @Test + public void testIsValidParameterNullParamValue() { + assertFalse(PEPSUtil.isValidParameter("spUrl", null)); + } + + /** + * Tests the {@link PEPSUtil#validateParameter(String, String, Object)} method + * for the given object values. + */ + @Test + public void testValidateParameterValid() { + final IPersonalAttributeList persAttrList = new PersonalAttributeList(); + persAttrList.populate("isAgeOver:true:[15,]:Available;"); + PEPSUtil.validateParameter("ServiceProviderAction", + PEPSParameters.ATTRIBUTE_LIST.toString(), persAttrList); + } + + /** + * Tests the {@link PEPSUtil#validateParameter(String, String, Object)} method + * for the given string values. + */ + @Test(expected = InvalidParameterPEPSException.class) + public void testValidateParameterNull() { + PEPSUtil.validateParameter("ServiceProviderAction", + PEPSParameters.ATTRIBUTE_LIST.toString(), null); + } + + /** + * Tests the {@link PEPSUtil#validateParameter(String, String, String)} method + * for the given string values. + * + * The tested class just invokes + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * so further tests will be later. + */ + @Test + public void testValidateParameter() { + PEPSUtil.validateParameter("ServiceProviderAction", + PEPSParameters.ATTRIBUTE_LIST.toString(), + "isAgeOver:true:[15,]:Available;"); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, PEPSErrors)} + * method for the given string value and {@link PEPSErrors} enum. + * + * The tested class just invokes + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * so further tests will be later. + */ + @Test + public void testValidateParameterPEPSErrors() { + PEPSUtil.validateParameter("CountrySelectorAction", + PEPSParameters.ATTRIBUTE_LIST.toString(), + "isAgeOver:true:[15,]:Available;", + PEPSErrors.SP_COUNTRY_SELECTOR_INVALID_ATTR); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * method for the given string values. + */ + @Test + public void testValidateParameterValidParams() { + PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", "1", + "qaaLevel.code", "qaaLevel.message"); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * method for the given string values. + */ + @Test(expected = InvalidParameterPEPSException.class) + public void testValidateParameterInvalidParamValue() { + PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", "10", + "qaaLevel.code", "qaaLevel.message"); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * method for the given string values. + */ + @Test(expected = InvalidParameterPEPSException.class) + public void testValidateParameterInvalidParamName() { + PEPSUtil.validateParameter("ServiceProviderAction", "doesnt.exists", "1", + "qaaLevel.code", "qaaLevel.message"); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * method for the given string values. + */ + @Test(expected = InvalidParameterPEPSException.class) + public void testValidateParameterNullParamName() { + PEPSUtil.validateParameter("ServiceProviderAction", null, "1", + "qaaLevel.code", "qaaLevel.message"); + } + + /** + * Tests the + * {@link PEPSUtil#validateParameter(String, String, String, String, String)} + * method for the given string values. + */ + @Test(expected = InvalidParameterPEPSException.class) + public void testValidateParameterNullParamValue() { + PEPSUtil.validateParameter("ServiceProviderAction", "qaaLevel", null, + "qaaLevel.code", "qaaLevel.message"); + } + + /** + * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given + * string value. + */ + @Test + public void testEncodeSAMLToken() { + assertEquals(PEPSUtil.encodeSAMLToken(SAML_BYTE_SAMPLE), SAML_BASE64_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given + * null. + */ + @Test(expected = NullPointerException.class) + public void testEncodeSAMLTokenNull() { + assertNotSame(PEPSUtil.encodeSAMLToken(null), SAML_BASE64_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#encodeSAMLToken(byte[])} method for the given + * empty byte[] value. + */ + @Test + public void testEncodeSAMLTokenEmpty() { + assertEquals(PEPSUtil.encodeSAMLToken(EMPTY_BYTE), EMPTY_STRING); + } + + /** + * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given + * byte[] value. + */ + @Test + public void testDecodeSAMLToken() { + assertArrayEquals(PEPSUtil.decodeSAMLToken(SAML_BASE64_SAMPLE), + SAML_BYTE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given + * null value. + */ + @Test(expected = NullPointerException.class) + public void testDecodeSAMLTokenNull() { + assertNotSame(PEPSUtil.decodeSAMLToken(null), SAML_BYTE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#decodeSAMLToken(byte[])} method for the given + * empty string value. + */ + @Test(expected = StringIndexOutOfBoundsException.class) + public void testDecodeSAMLTokenEmpty() { + assertTrue(PEPSUtil.decodeSAMLToken(EMPTY_STRING) == EMPTY_BYTE); + } + + /** + * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given + * byte[] value. + */ + @Test + public void testHashPersonalToken() { + assertArrayEquals(PEPSUtil.hashPersonalToken(SAML_BASE64_BYTE_SAMPLE), + HASH_BYTE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given + * null value. + */ + @Test(expected = InternalErrorPEPSException.class) + public void testHashPersonalTokenNull() { + assertNull(PEPSUtil.hashPersonalToken(null)); + } + + /** + * Tests the {@link PEPSUtil#hashPersonalToken(byte[])} method for the given + * empty value. + */ + @Test + public void testHashPersonalTokenEmpty() { + assertArrayEquals(PEPSUtil.hashPersonalToken(EMPTY_BYTE), EMPTY_HASH_BYTE); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * correct message. + */ + @Test + public void testGetStorkErrorCodeExists() { + assertEquals(PEPSUtil.getStorkErrorCode(MESSAGE_SAMPLE), ERROR_CODE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * invalid message. + */ + @Test + public void testGetStorkErrorCodeNoExists() { + assertNull(PEPSUtil.getStorkErrorCode(ERROR_MESSAGE_SAMPLE)); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * empty message. + */ + @Test + public void testGetStorkErrorCodeEmpty() { + assertNull(PEPSUtil.getStorkErrorCode(EMPTY_STRING)); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * null message. + */ + @Test + public void testGetStorkErrorCodeNull() { + assertNull(PEPSUtil.getStorkErrorCode(null)); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * invalid message. + */ + @Test + public void testGetStorkErrorCodeWithSepFake() { + assertNull(PEPSUtil.getStorkErrorCode("-")); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorCode(String)} method for the given + * invalid message. + */ + @Test + public void testGetStorkErrorCodeWithSepAndCodeFake() { + assertNull(PEPSUtil.getStorkErrorCode("000001 -")); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given correct message. + */ + @Test + public void testGetStorkErrorMessageExists() { + assertEquals(PEPSUtil.getStorkErrorMessage(MESSAGE_SAMPLE), + ERROR_MESSAGE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given invalid message. + */ + @Test + public void testGetStorkErrorMessageNoExists() { + assertEquals(PEPSUtil.getStorkErrorMessage(ERROR_MESSAGE_SAMPLE), + ERROR_MESSAGE_SAMPLE); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given empty message. + */ + @Test + public void testGetStorkErrorMessageEmpty() { + assertEquals(PEPSUtil.getStorkErrorMessage(EMPTY_STRING), + EMPTY_STRING); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given null message. + */ + @Test + public void testGetStorkErrorMessageNull() { + assertNull(PEPSUtil.getStorkErrorMessage(null)); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given invalid message. + */ + @Test + public void testGetStorkErrorMessageWithSepFake() { + assertEquals(PEPSUtil.getStorkErrorMessage("-"),"-"); + } + + /** + * Tests the {@link PEPSUtil#getStorkErrorMessage(String)} method for the + * given invalid message. + */ + @Test + public void testGetStorkErrorMessageWithSepAndCodeFake() { + assertEquals(PEPSUtil.getStorkErrorMessage("000001 -"),"000001 -"); + } + +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java new file mode 100644 index 000000000..7052b320a --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeListTestCase.java @@ -0,0 +1,747 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.tests; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.Map; + +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKStatusCode; + +/** + * The PersonalAttributeList's Test Case. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.5 $, $Date: 2010-11-17 05:17:02 $ + */ +public final class PersonalAttributeListTestCase { + + /** + * isAgeOver constant value. + */ + private static final String ISAGEOVER_CONS = "isAgeOver"; + + /** + * 1 constant value. + */ + private static final int ONE_CONS = 1; + + /** + * 2 constant value. + */ + private static final int TWO_CONS = 2; + + /** + * An empty attribute. + */ + @SuppressWarnings("unused") + private static final PersonalAttributeList EMPTY_ATTR_LIST = + new PersonalAttributeList(0); + + /** + * An attribute with a complex value (canonicalResidenceAddress). + */ + private static PersonalAttribute complexAttrValue = null; + + /** + * Simple attribute value list string. + */ + private static final String SIMPLE_ATTRLIST = + "isAgeOver:true:[15,]:Available;"; + + /** + * Simple attribute value list string. + */ + private static final String SIMPLE_ATTRLIST2 = + "isAgeOver:true:[18,]:Available;"; + + /** + * Simple attribute value list string. + */ + private static final String SIMPLE_ATTRLIST3 = + "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; + + /** + * Simple attribute value list string. + */ + private static final String SIMPLE_ATTRLIST3_REVERSE = + "isAgeOver:true:[18,]:Available;isAgeOver:true:[15,]:Available;"; + /** + * Simple attribute value list string. + */ + private static final String COMPLEX_ATTRLIST = + "canonicalResidenceAddress:true:[postalCode=4100,apartmentNumber=Ed. B," + + "state=Porto,countryCodeAddress=PT,streetNumber=379," + + "streetName=Avenida Sidonio Pais,town=Porto,]:Available;"; + /** + * Mix attribute list string. + */ + private static final String STR_MIX_ATTR_LIST = + "isAgeOver:true:[15,]:Available;canonicalResidenceAddress:true:[" + + "postalCode=4100,apartmentNumber=Ed.B,state=Porto,countryCodeAddress=PT," + + "streetNumber=379,streetName=Avenida Sidonio Pais,town=Porto,]:" + + "Available;"; + + /** + * Mix attribute list 2 string. + */ + private static final String STR_MIX_ATTR_LIST2 = + "isAgeOver:true:[15,]:Available;canonicalResidenceAddress:true:[" + + "postalCode=4100,apartmentNumber=Ed.B,state=Porto,countryCodeAddress=PT," + + "streetNumber=379,streetName=Avenida Sidonio Pais,town=Porto,]:Available;" + + "mandateContent:true:[" + + "isJoint=\"isjoint\",typeOfPower=\"power\",ValidTo=\"validto\",validfrom=\"validfrom\",AQAA=\"3\",isChained=\"ischained\",]:" + + "Available;"; + + /** + * Attribute List example. + */ + @SuppressWarnings({ "serial" }) + private static final PersonalAttribute ATTR_VALUE = new PersonalAttribute( + "age", true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + /** + * Init PersonalAttributeListTestCase class. + */ + @SuppressWarnings("serial") + @BeforeClass + public static void runsBeforeTheTestSuite() { + final Map values = new HashMap() { + { + put("countryCodeAddress", "PT"); + put("state", "Porto"); + put("town", "Porto"); + put("postalCode", "4100"); + put("streetName", "Avenida Sidonio Pais"); + put("streetNumber", "379"); + put("apartmentNumber", "Ed. B"); + } + }; + + complexAttrValue = + new PersonalAttribute("canonicalResidenceAddress", true, values, + STORKStatusCode.STATUS_AVAILABLE.toString()); + + } + + /** + * Testing Personal Attribute List add method. Personal Attribute list must be + * size 1 - Simple attribute. + */ + @Test + public void testAddSimpleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(ATTR_VALUE); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List add method. Personal Attribute list must be + * size 1 - Complex attribute. + */ + @Test + public void testAddCompleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(complexAttrValue); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List add method. Personal Attribute list must be + * size 0 - no attribute. + */ + @Test + public void testAddNull() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(null); + Assert.assertTrue(attrList.size() == 0); + } + + /** + * Testing Personal Attribute List add method. Same attribute name added + * twice. Personal Attribute list must be size 2 - IsAgeOver attribute added + * twice. + */ + @SuppressWarnings("serial") + @Test + public void testAddSameAttrName() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(attrValueUnder); + attrList.add(attrValueOver); + Assert.assertTrue(attrList.size() == 2); + } + + /** + * Testing Personal Attribute List add method. Same attribute name added + * twice. Personal Attribute list must be size 2 - IsAgeOver attribute added + * twice. + */ + @SuppressWarnings("serial") + @Test + public void testAddSameAttrNameEmpty() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add(""); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(attrValueUnder); + attrList.add(attrValueOver); + Assert.assertTrue(attrList.size() == 2); + } + + /** + * Testing Personal Attribute List put method. Personal Attribute list must be + * size 1 - Simple Value. + */ + @Test + public void testPutSimpleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(ATTR_VALUE.getName(), ATTR_VALUE); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List put method. Personal Attribute list must be + * size 1 - Complex Value. + */ + @Test + public void testPutComplexAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(ATTR_VALUE.getName(), complexAttrValue); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List put method. Personal Attribute list must be + * size 0 - no attribute. + */ + @Test + public void testPutNull() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put("", null); + Assert.assertTrue(attrList.size() == 0); + } + + /** + * Testing Personal Attribute List put method. Personal Attribute list must be + * size 2 - IsAgeOver attribute added twice. + */ + @SuppressWarnings("serial") + @Test + public void testPutSameAttrName() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(attrValueUnder.getName(), attrValueUnder); + attrList.put(attrValueOver.getName(), attrValueOver); + Assert.assertTrue(attrList.size() == 2); + } + + /** + * Testing Personal Attribute List put method. Personal Attribute list must be + * size 2 - IsAgeOver attribute added twice. + */ + @SuppressWarnings("serial") + @Test + public void testPutSameAttrNameEmpty() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add(""); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(attrValueUnder.getName(), attrValueUnder); + attrList.put(attrValueOver.getName(), attrValueOver); + Assert.assertTrue(attrList.size() == 2); + } + + /** + * Testing Personal Attribute List get method. Personal Attribute list must be + * size 1 - Simple attribute. + */ + @Test + public void testGetSimpleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(ATTR_VALUE); + Assert.assertEquals(ATTR_VALUE, attrList.get(ATTR_VALUE.getName())); + } + + /** + * Testing Personal Attribute List add method. Personal Attribute list must be + * size 1 - Complex attribute. + */ + @Test + public void testGetCompleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(complexAttrValue); + Assert.assertEquals(complexAttrValue.toString(), + attrList.get(complexAttrValue.getName()).toString()); + } + + /** + * Testing Personal Attribute List get method. Personal Attribute list must be + * size 2 - IsAgeOver attribute. + */ + @SuppressWarnings("serial") + @Test + public void testGetIsAgeOverAttr() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(attrValueUnder); + attrList.add(attrValueOver); + Assert.assertEquals(SIMPLE_ATTRLIST, + attrList.get(attrValueUnder.getName()).toString()); + Assert.assertEquals(SIMPLE_ATTRLIST2, + attrList.get(attrValueOver.getName()).toString()); + } + + /** + * Testing Personal Attribute List populate method. Personal Attribute list + * must be size 1 - Simple attribute. + */ + @Test + public void testPopulateSimpleAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.populate(SIMPLE_ATTRLIST); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List populate method. Personal Attribute list + * must be size 1 - Complex attribute. + */ + @Test + public void testPopulateComplexAttr() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.populate(COMPLEX_ATTRLIST); + Assert.assertTrue(attrList.size() == 1); + } + + /** + * Testing Personal Attribute List populate method. Personal Attribute list + * must be size 1 - Simple and Complex attribute. + */ + @Test + public void testPopulateMixAttrs() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.populate(STR_MIX_ATTR_LIST); + Assert.assertTrue(attrList.size() == 2); + } + + /** + * Testing Personal Attribute List toString method using add. + */ + @SuppressWarnings("serial") + @Test + public void testToStringFromAdd() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(attrValueUnder); + attrList.add(attrValueOver); + Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString()); + } + + /** + * Testing Personal Attribute List toString method using put. + * + */ + @SuppressWarnings("serial") + @Test + public void testToStringFromPut() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(attrValueUnder.getName(), attrValueUnder); + attrList.put(attrValueOver.getName(), attrValueOver); + Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString()); + } + + /** + * Testing Personal Attribute List toString method using populate. + */ + @Test + public void testToStringFromSimplePopulate() { + final String strAttrList = "isAgeOver:true"; + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.populate(strAttrList); + Assert.assertEquals("isAgeOver:true:[]:;", attrList.toString()); + } + + /** + * Testing Personal Attribute List toString method using populate. + */ + @Test + public void testToStringFromPopulate() { + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.populate(SIMPLE_ATTRLIST3); + Assert.assertEquals(SIMPLE_ATTRLIST3_REVERSE, attrList.toString()); + } + + /** + * Testing Personal Attribute List populate method, with invalid values. + */ + @Test + public void testPopulateWithInvalidValuesFormat() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate("name:type:values:status;"); + Assert.assertEquals(pal, new PersonalAttributeList()); + } + + /** + * Testing Personal Attribute List populate method, with invalid format. + */ + @Test + public void testPopulateWithInvalidFormat() { + + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate("name:type::status;"); + Assert.assertEquals(pal, new PersonalAttributeList()); + } + + /** + * Testing Personal Attribute List clone method using add. + */ + @SuppressWarnings("serial") + @Test + public void testCloneFromAdd() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.add(attrValueUnder); + attrList.add(attrValueOver); + Assert.assertNotSame(attrList, attrList.clone()); + } + + /** + * Testing Personal Attribute List clone method using put. + */ + @SuppressWarnings("serial") + @Test + public void testCloneFromPut() { + final PersonalAttribute attrValueUnder = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + final PersonalAttribute attrValueOver = + new PersonalAttribute(ISAGEOVER_CONS, true, new ArrayList() { + { + add("18"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + final PersonalAttributeList attrList = new PersonalAttributeList(1); + attrList.put(attrValueUnder.getName(), attrValueUnder); + attrList.put(attrValueOver.getName(), attrValueOver); + Assert.assertNotSame(attrList, attrList.clone()); + } + + /** + * Testing Personal Attribute List clone method using populate. + */ + @Test + public void testCloneFromPopulate() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(SIMPLE_ATTRLIST3); + Assert.assertNotSame(pal, pal.clone()); + } + + /** + * Testing Personal Attribute List iterator. + */ + @Test + public void testIterator() { + final String strAttrList = + "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + final Iterator itAttr = pal.iterator(); + while (itAttr.hasNext()) { + final PersonalAttribute attr = itAttr.next(); + Assert.assertEquals(ISAGEOVER_CONS, attr.getName()); + } + } + + /** + * Testing Personal Attribute List's GetOptionalAttributes method with empty attribute list. + */ + @Test + public void testGetOptionalAttributesWithEmptyList() { + final PersonalAttributeList pal = new PersonalAttributeList(); + Assert.assertTrue(pal.getOptionalAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's GetOptionalAttributes method without optional attributes. + */ + @Test + public void testGetOptionalAttributesWithoutOptional() { + final String strAttrList = + "isAgeOver:true:[15,]:Available;isAgeOver:true:[18,]:Available;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getOptionalAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's GetOptionalAttributes method with one optional attribute. + */ + @Test + public void testGetOptionalAttributesWithOneOptional() { + final String strAttrList = + "age:false:[]:;isAgeOver:true:[15,]:;isAgeOver:true:[18,]:;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getOptionalAttributes().size() == ONE_CONS); + } + + /** + * Testing Personal Attribute List's GetOptionalAttributes method with two optional attribute. + */ + @Test + public void testGetOptionalAttributesWithOnlyOptional() { + final String strAttrList = + "age:false:[]:;isAgeOver:false:[18,]:;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getOptionalAttributes().size() == TWO_CONS); + } + + /** + * Testing Personal Attribute List's getMandatoryAttributes method with empty attribute list. + */ + @Test + public void testGetMandatoryAttributesWithEmptyList() { + final PersonalAttributeList pal = new PersonalAttributeList(); + Assert.assertTrue(pal.getMandatoryAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's getMandatoryAttributes method without mandatory attributes. + */ + @Test + public void testGetMandatoryAttributesWithoutMandatory() { + final String strAttrList = + "isAgeOver:false:[15,]:Available;isAgeOver:false:[18,]:Available;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getMandatoryAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's GetMandatoryAttributes method with one mandatory attribute. + */ + @Test + public void testGetMandatoryAttributesWithOneMandatory() { + final String strAttrList = + "age:true:[]:;isAgeOver:false:[15,]:;isAgeOver:false:[18,]:;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getMandatoryAttributes().size() == ONE_CONS); + } + + /** + * Testing Personal Attribute List's GetMandatoryAttributes method with two mandatory attribute. + */ + @Test + public void testGetMandatoryAttributesWithOnlyMandatory() { + final String strAttrList = + "age:true:[]:;isAgeOver:true:[18,]:;"; + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(strAttrList); + Assert.assertTrue(pal.getMandatoryAttributes().size() == TWO_CONS); + } + + /** + * Testing Personal Attribute List's getSimpleValueAttributes method with empty attribute list. + */ + @Test + public void testGetSimpleValueAttributesWithEmptyList() { + final PersonalAttributeList pal = new PersonalAttributeList(); + Assert.assertTrue(pal.getSimpleValueAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's getSimpleValueAttributes() method without simple attributes. + */ + @Test + public void testGetSimpleValueAttributesWithoutSimple() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(COMPLEX_ATTRLIST); + Assert.assertTrue(pal.getSimpleValueAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's getSimpleValueAttributes() method with one simple attribute. + */ + @Test + public void testGetSimpleValueAttributesWithOneSimple() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(STR_MIX_ATTR_LIST); + Assert.assertTrue(pal.getSimpleValueAttributes().size() == ONE_CONS); + } + + /** + * Testing Personal Attribute List's GetMandatoryAttributes method with two simple attribute. + */ + @Test + public void testGetSimpleValueAttributesWithOnlySimple() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(SIMPLE_ATTRLIST3); + Assert.assertTrue(pal.getSimpleValueAttributes().size() == TWO_CONS); + } + + /** + * Testing Personal Attribute List's getComplexValueAttributes method with empty attribute list. + */ + @Test + public void testGetComplexAttributesWithEmptyList() { + final PersonalAttributeList pal = new PersonalAttributeList(); + Assert.assertTrue(pal.getComplexAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's getComplexAttributes() method without complex attributes. + */ + @Test + public void testGetComplexAttributesWithoutSimple() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(SIMPLE_ATTRLIST2); + Assert.assertTrue(pal.getComplexAttributes().isEmpty()); + } + + /** + * Testing Personal Attribute List's getComplexAttributes() method with one complex attribute. + */ + @Test + public void testGetComplexAttributesWithOneComplex() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(STR_MIX_ATTR_LIST); + Assert.assertTrue(pal.getComplexAttributes().size() == ONE_CONS); + } + + /** + * Testing Personal Attribute List's GetMandatoryAttributes method with only two Complex attribute. + */ + @Test + public void testGetComplexAttributesWithOnlyComplex() { + final PersonalAttributeList pal = new PersonalAttributeList(); + pal.populate(STR_MIX_ATTR_LIST2); + Assert.assertTrue(pal.getComplexAttributes().size() == TWO_CONS); + } + +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java new file mode 100644 index 000000000..458d510e0 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/PersonalAttributeTestCase.java @@ -0,0 +1,182 @@ +/* + * This work is Open Source and licensed by the European Commission under the + * conditions of the European Public License v1.1 + * + * (http://www.osor.eu/eupl/european-union-public-licence-eupl-v.1.1); + * + * any use of this file implies acceptance of the conditions of this license. + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + */ +package eu.stork.peps.tests; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Map; + +import junit.framework.Assert; + +import org.junit.BeforeClass; +import org.junit.Test; + +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.STORKStatusCode; + +/** + * The PersonalAttribute's Test Case. + * + * @author ricardo.ferreira@multicert.com, renato.portela@multicert.com, + * luis.felix@multicert.com, hugo.magalhaes@multicert.com, + * paulo.ribeiro@multicert.com + * @version $Revision: 1.4 $, $Date: 2010-11-17 05:17:03 $ + */ +public final class PersonalAttributeTestCase { + + /** + * An empty attribute. + */ + private static final PersonalAttribute EMPTYATTR = new PersonalAttribute(); + + /** + * An attribute with a complex value (canonicalResidenceAddress). + */ + private static PersonalAttribute complexAttrValue = null; + + /** + * An attribute with a simple value (age). + */ + @SuppressWarnings("serial") + private static final PersonalAttribute ATTR_VALUE = new PersonalAttribute( + "age", true, new ArrayList() { + { + add("15"); + } + }, STORKStatusCode.STATUS_AVAILABLE.toString()); + + /** + * Init PersonalAttributeTestCase class. + */ + @SuppressWarnings("serial") + @BeforeClass + public static void runsBeforeTheTestSuite() { + final Map values = new HashMap() { + { + put("countryCodeAddress", "PT"); + put("state", "Porto"); + put("town", "Porto"); + put("postalCode", "4100"); + put("streetName", "Avenida Sidonio Pais"); + put("streetNumber", "379"); + put("apartmentNumber", "B"); + } + }; + + complexAttrValue = + new PersonalAttribute("canonicalResidenceAddress", true, values, + STORKStatusCode.STATUS_AVAILABLE.toString()); + + } + + /** + * Tests the {@link PersonalAttribute#toString()} method for the given simple + * attribute value. Values must match. + */ + @Test + public void testToStringValues() { + Assert.assertEquals("age:true:[15,]:Available;", ATTR_VALUE.toString()); + } + + /** + * Tests the {@link PersonalAttribute#toString()} method for the given complex + * attribute value. Values must match. + */ + @Test + public void testToStringComplexValues() { + Assert.assertEquals( + "canonicalResidenceAddress:true:[postalCode=4100,apartmentNumber=B," + + "state=Porto,countryCodeAddress=PT,streetNumber=379," + + "streetName=Avenida Sidonio Pais,town=Porto,]:Available;", + complexAttrValue.toString()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyStatus()} method for the given + * empty attribute. Must return true. + */ + @Test + public void testToIsEmptyStatusWithNull() { + Assert.assertTrue(EMPTYATTR.isEmptyStatus()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyStatus()} method for the given + * new attribute. Must return true. + */ + @Test + public void testToIsEmptyStatusWithEmptyString() { + final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); + attr.setStatus(""); + Assert.assertTrue(attr.isEmptyStatus()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyValue()} method for the given + * empty attribute. Must return true. + */ + @Test + public void testToIsEmptyValueWithNull() { + final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); + attr.setValue(null); + Assert.assertTrue(attr.isEmptyValue()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyValue()} method for the given + * empty attribute. Must return true. + */ + @Test + public void testToIsEmptyValue() { + Assert.assertTrue(EMPTYATTR.isEmptyValue()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyComplexValue()} method for the + * given empty attribute. Must return true. + */ + @Test + public void testToIsEmptyComplexValueWithNull() { + final PersonalAttribute attr = (PersonalAttribute) EMPTYATTR.clone(); + attr.setComplexValue(null); + Assert.assertTrue(attr.isEmptyComplexValue()); + } + + /** + * Tests the {@link PersonalAttribute#isEmptyComplexValue()} method for the + * given empty attribute. Must return true. + */ + @Test + public void testToIsEmptyComplexValueWithEmptyComplexValue() { + Assert.assertTrue(EMPTYATTR.isEmptyComplexValue()); + } + + /** + * Tests the {@link PersonalAttribute#clone()} method for the given attribute. + * Must return true. + */ + @Test + public void testCloneToComplexValue() { + Assert.assertNotSame(complexAttrValue, complexAttrValue.clone()); + } + + /** + * Tests the {@link PersonalAttribute#clone()} method for the given attribute. + * Must return true. + */ + @Test + public void testCloneToValue() { + Assert.assertNotSame(ATTR_VALUE, ATTR_VALUE.clone()); + } +} diff --git a/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java new file mode 100644 index 000000000..452602210 --- /dev/null +++ b/id/server/stork2-commons/src/test/java/eu/stork/peps/tests/package-info.java @@ -0,0 +1,5 @@ +/** + * This package provides all JUnit test classes. + */ +package eu.stork.peps.tests; + diff --git a/id/server/stork2-commons/src/test/resources/.svn/all-wcprops b/id/server/stork2-commons/src/test/resources/.svn/all-wcprops new file mode 100644 index 000000000..a3a21b424 --- /dev/null +++ b/id/server/stork2-commons/src/test/resources/.svn/all-wcprops @@ -0,0 +1,11 @@ +K 25 +svn:wc:ra_dav:version-url +V 63 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/test/resources +END +log4j.xml +K 25 +svn:wc:ra_dav:version-url +V 73 +/CITnet/svn/STORK2/!svn/ver/19/trunk/Commons/src/test/resources/log4j.xml +END diff --git a/id/server/stork2-commons/src/test/resources/.svn/entries b/id/server/stork2-commons/src/test/resources/.svn/entries new file mode 100644 index 000000000..e6b7f5399 --- /dev/null +++ b/id/server/stork2-commons/src/test/resources/.svn/entries @@ -0,0 +1,62 @@ +10 + +dir +665 +https://webgate.ec.europa.eu/CITnet/svn/STORK2/trunk/Commons/src/test/resources +https://webgate.ec.europa.eu/CITnet/svn/STORK2 + + + +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + +aa842e49-f825-43fc-93ba-11ee9fd5a035 + +log4j.xml +file + + + + +2013-12-20T12:27:56.542475Z +4e990a84da0033594135b05cd01a9cdd +2013-07-25T08:54:09.995385Z +7 +emsomavmi + + + + + + + + + + + + + + + + + + + + + +645 + diff --git a/id/server/stork2-commons/src/test/resources/.svn/text-base/log4j.xml.svn-base b/id/server/stork2-commons/src/test/resources/.svn/text-base/log4j.xml.svn-base new file mode 100644 index 000000000..0ad2ea9a4 --- /dev/null +++ b/id/server/stork2-commons/src/test/resources/.svn/text-base/log4j.xml.svn-base @@ -0,0 +1,19 @@ + + + + + + + + + + + + + + + + + + + diff --git a/id/server/stork2-commons/src/test/resources/log4j.xml b/id/server/stork2-commons/src/test/resources/log4j.xml new file mode 100644 index 000000000..0ad2ea9a4 --- /dev/null +++ b/id/server/stork2-commons/src/test/resources/log4j.xml @@ -0,0 +1,19 @@ + + + + + + + + + + + + + + + + + + + -- cgit v1.2.3 From 142bf6e5c229aa523e5c1363716d011df6d6af93 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 14:03:38 +0100 Subject: attr supporT --- .../data/deploy/conf/moa-id/stork/SamlEngine.xml | 17 ++++ .../conf/moa-id/stork/SignModule_incoming_attr.xml | 12 +++ .../moa-id/stork/StorkSamlEngine_incoming_attr.xml | 93 +++++++++++++++++++++ .../id/protocols/stork2/AuthenticationRequest.java | 95 ++++++++++------------ .../id/protocols/stork2/MOAAttributeProvider.java | 10 +-- .../id/protocols/stork2/MOASTORKAuthnRequest.java | 71 ---------------- .../moa/id/protocols/stork2/MOASTORKRequest.java | 95 ++++++++++++++++++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 25 ++++-- 8 files changed, 282 insertions(+), 136 deletions(-) create mode 100644 id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml create mode 100644 id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java (limited to 'id') diff --git a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml index 75245d8f0..166a48ff8 100644 --- a/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml +++ b/id/server/data/deploy/conf/moa-id/stork/SamlEngine.xml @@ -33,6 +33,23 @@ + + + + + + + + + + + + + + + + + diff --git a/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml b/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml new file mode 100644 index 000000000..68b15e667 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/stork/SignModule_incoming_attr.xml @@ -0,0 +1,12 @@ + + + + + SWModule sign with JKS. + /home/stork/repos/moa-idspss/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks + local-demo + local-demo + CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES + 4BA89DB2 + JKS + diff --git a/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml new file mode 100644 index 000000000..fb786529a --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml @@ -0,0 +1,93 @@ + + + + + SAML constants for AuthnRequests and Responses. + + + unspecified + + + obtained + + + entity + + + + HTTP-POST + + + + + + + + + + false + + + true + + + http://S-PEPS.gov.xx + + + http://C-PEPS.gov.xx + + + 300 + + + false + + + + http://www.stork.gov.eu/1.0/eIdentifier + http://www.stork.gov.eu/1.0/givenName + http://www.stork.gov.eu/1.0/surname + http://www.stork.gov.eu/1.0/inheritedFamilyName + http://www.stork.gov.eu/1.0/adoptedFamilyName + http://www.stork.gov.eu/1.0/gender + http://www.stork.gov.eu/1.0/dateOfBirth + http://www.stork.gov.eu/1.0/countryCodeOfBirth + http://www.stork.gov.eu/1.0/nationalityCode + http://www.stork.gov.eu/1.0/maritalStatus + http://www.stork.gov.eu/1.0/residenceAddress + http://www.stork.gov.eu/1.0/eMail + http://www.stork.gov.eu/1.0/academicTitle + http://www.stork.gov.eu/1.0/pseudonym + http://www.stork.gov.eu/1.0/age + http://www.stork.gov.eu/1.0/isAgeOver + + http://www.stork.gov.eu/1.0/textResidenceAddress + http://www.stork.gov.eu/1.0/canonicalResidenceAddress + + http://www.stork.gov.eu/1.0/title + http://www.stork.gov.eu/1.0/residencePermit + + http://www.stork.gov.eu/1.0/signedDoc + http://www.stork.gov.eu/1.0/citizen509Certificate + + http://www.stork.gov.eu/1.0/newAttribute1 + http://www.stork.gov.eu/1.0/newAttribute2 + http://www.stork.gov.eu/1.0/hasDegree + http://www.stork.gov.eu/1.0/mandateContent + http://www.stork.gov.eu/1.0/representative + http://www.stork.gov.eu/1.0/represented + + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index e10c4d9d9..91326a51d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -3,91 +3,77 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; -import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; -import edu.emory.mathcs.backport.java.util.Collections; -import eu.stork.peps.auth.commons.*; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -import org.apache.commons.io.IOUtils; -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAuthnResponse; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; -import org.opensaml.xml.util.Base64; -import org.opensaml.xml.util.XMLHelper; -import javax.servlet.ServletOutputStream; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import java.io.*; -import java.util.HashMap; -import eu.stork.peps.auth.engine.SAMLEngine; import org.w3c.dom.Element; import org.w3c.dom.NamedNodeMap; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + /** + * Second request step - after authentication of the user is done and moasession obtained, + * process request and forward the user further to PEPS and/or other entities + * * @author bsuzic - * Date: 12/3/13, Time: 2:08 PM */ public class AuthenticationRequest implements IAction { - /* - Second request step - after authentication of the user is done and moasession obtained, - process request and forward the user further to PEPS and/or other entities - */ private VelocityEngine velocityEngine; private AuthenticationSession moaSession; - private MOASTORKAuthnRequest moaStorkAuthnRequest; + private MOASTORKRequest moaStorkRequest; public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { this.moaSession = moasession; - this.moaStorkAuthnRequest = (MOASTORKAuthnRequest)req; - - try { - MISMandate mandate = moasession.getMISMandate(); - String owbpk = mandate.getOWbPK(); - byte[] mand = mandate.getMandate(); - String profprep = mandate.getProfRep(); - //String textdesc = mandate.getTextualDescriptionOfOID(); - Element mndt = moasession.getMandate(); + this.moaStorkRequest = (MOASTORKRequest) req; + + if (moasession.getUseMandate()) { + try { + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); + + iterate(mndt.getAttributes()); + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); + } catch (Exception x) { + Logger.debug("There is no mandate used in transaction"); + } + } - iterate(mndt.getAttributes()); - Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); - } catch (Exception x) {} Logger.debug("Starting AuthenticationRequest"); - //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); - Logger.debug("Http Response: " + httpResp.toString() + ", "); - Logger.debug("Remote user: " + httpReq.getRemoteAddr()); - Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget()); httpResp.reset(); STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry(((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getSpCountry()); - + authnResponse.setCountry(((MOASTORKRequest) req).getStorkAuthnRequest().getSpCountry()); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); // Prepare basic AT attributes try { - IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); + IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); @@ -114,13 +100,13 @@ public class AuthenticationRequest implements IAction { DataContainer container = new DataContainer(); // - fill in the request we extracted above - container.setRequest(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); - + container.setRequest(((MOASTORKRequest) req).getStorkAuthnRequest()); + // - fill in the partial response created above container.setResponse(authnResponse); - + // - memorize the target url were we have to return the result - container.setTarget(((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + container.setTarget(((MOASTORKRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); container.setRemoteAddress(httpReq.getRemoteAddr()); @@ -141,24 +127,25 @@ public class AuthenticationRequest implements IAction { Logger.debug("--Attribute: " + attributesList.item(j).getNodeName() + " = " + attributesList.item(j).getNodeValue()); - } } + } + } public PersonalAttributeList populateAttributes() { - IPersonalAttributeList attrLst = moaStorkAuthnRequest.getStorkAuthnRequest().getPersonalAttributeList(); - Logger.info("Found " + attrLst.size() + " personal attributes in the request." ); + IPersonalAttributeList attrLst = moaStorkRequest.getStorkAuthnRequest().getPersonalAttributeList(); + Logger.info("Found " + attrLst.size() + " personal attributes in the request."); // Define attribute list to be populated PersonalAttributeList attributeList = new PersonalAttributeList(); - MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink(), moaStorkAuthnRequest); + MOAAttributeProvider moaAttributeProvider = new MOAAttributeProvider(moaSession.getIdentityLink(), moaStorkRequest); try { for (PersonalAttribute personalAttribute : attrLst) { Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired()); moaAttributeProvider.populateAttribute(attributeList, personalAttribute); } - } catch (Exception e) { + } catch (Exception e) { Logger.error("Exception, attributes: " + e.getMessage()); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java index 190a0d27c..d89fb8cb2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java @@ -22,7 +22,7 @@ public class MOAAttributeProvider { private final IdentityLink identityLink; private static final Map storkAttributeSimpleMapping; private static final Map storkAttributeFunctionMapping; - private final MOASTORKAuthnRequest moastorkAuthnRequest; + private final MOASTORKRequest moastorkRequest; static { Map tempSimpleMap = new HashMap(); @@ -35,9 +35,9 @@ public class MOAAttributeProvider { storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap); } - public MOAAttributeProvider(IdentityLink identityLink, MOASTORKAuthnRequest moastorkAuthnRequest) { + public MOAAttributeProvider(IdentityLink identityLink, MOASTORKRequest moastorkRequest) { this.identityLink = identityLink; - this.moastorkAuthnRequest = moastorkAuthnRequest; + this.moastorkRequest = moastorkRequest; Logger.debug("identity " + identityLink.getIdentificationType() + " " + identityLink.getIdentificationValue()); } @@ -70,9 +70,9 @@ public class MOAAttributeProvider { } private String geteIdentifier() { - Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry()); + Logger.debug("Using base urn for identification value: " + identityLink.getIdentificationType() + " and target country: " + moastorkRequest.getStorkAuthnRequest().getSpCountry()); try { - return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkAuthnRequest.getStorkAuthnRequest().getSpCountry()); + return new BPKBuilder().buildStorkbPK(identityLink.getIdentificationValue(), moastorkRequest.getStorkAuthnRequest().getSpCountry()); } catch (BuildException be) { Logger.error("Stork eid could not be constructed; " + be.getMessage()); return null; // TODO error diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java deleted file mode 100644 index cee64e16e..000000000 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKAuthnRequest.java +++ /dev/null @@ -1,71 +0,0 @@ -package at.gv.egovernment.moa.id.protocols.stork2; - -import at.gv.egovernment.moa.id.moduls.IRequest; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import org.opensaml.common.xml.SAMLConstants; - -/** - * @author bsuzic - * Date: 12/4/13, Time: 6:31 PM - */ - -public class MOASTORKAuthnRequest implements IRequest { - private String requestID; - private String target = null; - String module = null; - String action = null; - private STORKAuthnRequest storkAuthnRequest; - - public void setSTORKAuthnRequest(STORKAuthnRequest request) { - this.storkAuthnRequest = request; - } - - public STORKAuthnRequest getStorkAuthnRequest() { - return this.storkAuthnRequest; - } - - public String getOAURL() { - - return "https://sp:8889/SP"; // - } - - public boolean isPassiv() { - return false; // - } - - public boolean forceAuth() { - return false; // - } - - public boolean isSSOSupported() { - return false; // - } - - public String requestedModule() { - return this.module; // - } - - public String requestedAction() { - return action; // - } - - public void setModule(String module) { - this.module = module; - } - - public void setAction(String action) { - this.action = action; - } - - public String getTarget() { - return this.target; // - } - - public void setRequestID(String id) { - this.requestID = id; - } - - public String getRequestID() { - return this.requestID; // - } -} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java new file mode 100644 index 000000000..8c7fd8706 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -0,0 +1,95 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.moduls.IRequest; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAuthnRequest; + +/** + * Implements MOA request and stores StorkAuthnRequest related data + * + * @author bsuzic + */ + +public class MOASTORKRequest implements IRequest { + private String requestID; + private String target = null; + String module = null; + String action = null; + private STORKAuthnRequest storkAuthnRequest; + private STORKAttrQueryRequest storkAttrQueryRequest; + private boolean isAttrRequest = false; + private boolean isAuthnRequest = false; + + public void setSTORKAuthnRequest(STORKAuthnRequest request) { + this.storkAuthnRequest = request; + if (request != null) { + isAuthnRequest = true; + } + } + + public void setSTORKAttrRequest(STORKAttrQueryRequest request) { + this.storkAttrQueryRequest = request; + if (request != null) { + isAttrRequest = true; + } + + } + + public boolean isAttrRequest() { + return this.isAttrRequest; + } + + public boolean isAuthnRequest() { + return this.isAuthnRequest; + } + + + public STORKAuthnRequest getStorkAuthnRequest() { + return this.storkAuthnRequest; + } + + public String getOAURL() { + + return storkAuthnRequest.getAssertionConsumerServiceURL(); + } + + public boolean isPassiv() { + return false; + } + + public boolean forceAuth() { + return false; + } + + public boolean isSSOSupported() { + return false; + } + + public String requestedModule() { + return this.module; + } + + public String requestedAction() { + return action; + } + + public void setModule(String module) { + this.module = module; + } + + public void setAction(String action) { + this.action = action; + } + + public String getTarget() { + return this.target; + } + + public void setRequestID(String id) { + this.requestID = id; + } + + public String getRequestID() { + return this.requestID; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 042d61080..28a516d2a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -5,13 +5,12 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.protocols.pvp2x.binding.MOAURICompare; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PEPSUtil; +import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.opensaml.common.binding.BasicSAMLMessageContext; -import org.opensaml.saml2.binding.decoding.HTTPPostDecoder; import org.opensaml.ws.transport.http.HTTPInTransport; import org.opensaml.ws.transport.http.HTTPOutTransport; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; @@ -20,7 +19,6 @@ import eu.stork.peps.auth.commons.STORKAuthnRequest; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import java.util.Collections; import java.util.HashMap; /** @@ -81,6 +79,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); samlMessageContext.setInboundMessageTransport(profileReq); +/* HTTPPostDecoder postDecoder = new HTTPPostDecoder(); postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator @@ -90,8 +89,9 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } catch (Exception e) { Logger.error("Error decoding STORKAuthnRequest", e); } +*/ - MOASTORKAuthnRequest STORK2Request = new MOASTORKAuthnRequest(); + MOASTORKRequest STORK2Request = new MOASTORKRequest(); //extract STORK Response from HTTP Request @@ -99,7 +99,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { try { decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest")); } catch(NullPointerException e) { - Logger.error("Unable to retrieve STORK Response", e); + Logger.error("Unable to retrieve STORK Request", e); throw new MOAIDException("stork.04", null); } @@ -107,13 +107,26 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); STORKAuthnRequest authnRequest = null; + STORKAttrQueryRequest attrRequest = null; + // check if valid authn request is contained try { authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() ); } + + // check if a valid attr request is container + try { + attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken); + } catch (STORKSAMLEngineException ex) { + Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() ); + } + + + + Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL()); Logger.error("cc " + authnRequest.getCitizenCountryCode()); Logger.error("iss " + authnRequest.getIssuer()); @@ -121,7 +134,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.error("spi " + authnRequest.getSpInstitution()); STORK2Request.setSTORKAuthnRequest(authnRequest); - + STORK2Request.setSTORKAttrRequest(attrRequest); return STORK2Request; } -- cgit v1.2.3 From b04102cfcf46aa62417b6f1990dff76e2b706862 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 14:05:18 +0100 Subject: remove comments --- .../moa/id/protocols/stork2/STORKProtocol.java | 25 ++++++---------------- 1 file changed, 6 insertions(+), 19 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 28a516d2a..3b9a5bc29 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -8,6 +8,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; +import eu.stork.peps.auth.commons.STORKAuthnRequest; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -15,7 +16,6 @@ import org.opensaml.ws.transport.http.HTTPInTransport; import org.opensaml.ws.transport.http.HTTPOutTransport; import org.opensaml.ws.transport.http.HttpServletRequestAdapter; import org.opensaml.ws.transport.http.HttpServletResponseAdapter; -import eu.stork.peps.auth.commons.STORKAuthnRequest; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -23,6 +23,7 @@ import java.util.HashMap; /** * Stork 2 Protocol Support + * * @author bsuzic */ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { @@ -31,7 +32,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public static final String PATH = "id_stork2"; public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; - public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; + public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; private static HashMap actions = new HashMap(); @@ -79,18 +80,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); samlMessageContext.setInboundMessageTransport(profileReq); -/* - HTTPPostDecoder postDecoder = new HTTPPostDecoder(); - postDecoder.setURIComparator(new MOAURICompare()); // TODO Abstract to use general comparator - - try { - Logger.debug("Attempting to decode request..."); - postDecoder.decode(samlMessageContext); - } catch (Exception e) { - Logger.error("Error decoding STORKAuthnRequest", e); - } -*/ - MOASTORKRequest STORK2Request = new MOASTORKRequest(); @@ -98,7 +87,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { byte[] decSamlToken; try { decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest")); - } catch(NullPointerException e) { + } catch (NullPointerException e) { Logger.error("Unable to retrieve STORK Request", e); throw new MOAIDException("stork.04", null); } @@ -113,7 +102,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { try { authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() ); + Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } @@ -121,12 +110,10 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { try { attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage() ); + Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } - - Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL()); Logger.error("cc " + authnRequest.getCitizenCountryCode()); Logger.error("iss " + authnRequest.getIssuer()); -- cgit v1.2.3 From c900f870b2e64c2e25820b8162d8f0444c0dc7d4 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 16:03:08 +0100 Subject: aatributes --- .../id/protocols/stork2/AuthenticationRequest.java | 112 +++++++++++---------- .../stork2/DemoNoRedirectAttributeProvider.java | 3 - .../stork2/DemoRedirectAttributeProvider.java | 3 - .../id/protocols/stork2/MISAttributeProvider.java | 27 +++++ .../moa/id/protocols/stork2/MOASTORKRequest.java | 15 ++- .../moa/id/protocols/stork2/STORKProtocol.java | 22 ++-- .../resources/properties/id_messages_de.properties | 2 + 7 files changed, 110 insertions(+), 74 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 91326a51d..d33b33c77 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -33,88 +33,96 @@ public class AuthenticationRequest implements IAction { private VelocityEngine velocityEngine; - private AuthenticationSession moaSession; - private MOASTORKRequest moaStorkRequest; + private AuthenticationSession moaSession = null; + private MOASTORKRequest moaStorkRequest = null; public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { this.moaSession = moasession; - this.moaStorkRequest = (MOASTORKRequest) req; - if (moasession.getUseMandate()) { - try { - MISMandate mandate = moasession.getMISMandate(); - String owbpk = mandate.getOWbPK(); - byte[] mand = mandate.getMandate(); - String profprep = mandate.getProfRep(); - //String textdesc = mandate.getTextualDescriptionOfOID(); - Element mndt = moasession.getMandate(); - - iterate(mndt.getAttributes()); - Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); - } catch (Exception x) { - Logger.debug("There is no mandate used in transaction"); + if (req instanceof MOASTORKRequest) { + + this.moaStorkRequest = (MOASTORKRequest) req; + + + if (moasession.getUseMandate()) { + try { + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); + + iterate(mndt.getAttributes()); + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); + } catch (Exception x) { + Logger.debug("There is no mandate used in transaction"); + } } - } - Logger.debug("Starting AuthenticationRequest"); - httpResp.reset(); + Logger.debug("Starting AuthenticationRequest"); + httpResp.reset(); - STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry(((MOASTORKRequest) req).getStorkAuthnRequest().getSpCountry()); + STORKAuthnResponse authnResponse = new STORKAuthnResponse(); + authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry()); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - // Prepare basic AT attributes - try { - IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); - Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); + // Prepare basic AT attributes + try { + IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); + Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); - for (PersonalAttribute personalAttribute : moaAttrList) { - Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); - if (personalAttribute.getValue().size() > 0) { - for (String value : personalAttribute.getValue()) { - Logger.info(" Value found: " + value); + for (PersonalAttribute personalAttribute : moaAttrList) { + Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); + if (personalAttribute.getValue().size() > 0) { + for (String value : personalAttribute.getValue()) { + Logger.info(" Value found: " + value); + } } } - } - } catch (Exception e) { - Logger.error("Exception, attributes: " + e.getMessage()); - } + } catch (Exception e) { + Logger.error("Exception, attributes: " + e.getMessage()); + } - // Get personal attributtes from MOA/IdentityLink - authnResponse.setPersonalAttributeList(populateAttributes()); + // Get personal attributtes from MOA/IdentityLink + authnResponse.setPersonalAttributeList(populateAttributes()); - // Prepare extended attributes - Logger.debug("Preparing data container"); + // Prepare extended attributes + Logger.debug("Preparing data container"); - // create fresh container - DataContainer container = new DataContainer(); + // create fresh container + DataContainer container = new DataContainer(); - // - fill in the request we extracted above - container.setRequest(((MOASTORKRequest) req).getStorkAuthnRequest()); + // - fill in the request we extracted above + container.setRequest(moaStorkRequest.getStorkAuthnRequest()); - // - fill in the partial response created above - container.setResponse(authnResponse); + // - fill in the partial response created above + container.setResponse(authnResponse); - // - memorize the target url were we have to return the result - container.setTarget(((MOASTORKRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); + // - memorize the target url were we have to return the result + container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL()); - container.setRemoteAddress(httpReq.getRemoteAddr()); + container.setRemoteAddress(httpReq.getRemoteAddr()); - Logger.debug("Data container prepared"); + Logger.debug("Data container prepared"); - return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + } else { + Logger.error("Could not recognize request."); + throw new MOAIDException("stork.15", null); + } } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java index 669a9389b..9c0869d97 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java @@ -20,7 +20,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession) throws UnsupportedAttributeException { PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); @@ -31,7 +30,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) { // TODO Auto-generated method stub return null; @@ -40,7 +38,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ - @Override public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java index 2f6b69075..26fc00406 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java @@ -20,7 +20,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException { throw new ExternalAttributeRequestRequiredException(this); @@ -29,7 +28,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) { PersonalAttributeList requestedAttributes = new PersonalAttributeList(1); requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList(), "")); @@ -39,7 +37,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) */ - @Override public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) { // we should not get here diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java new file mode 100644 index 000000000..7665bb239 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java @@ -0,0 +1,27 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * Implements Attribute Provider for Mandates + */ +public class MISAttributeProvider implements AttributeProvider { + public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { + return null; // + } + + public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { + // + } + + public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { + return null; // + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index 8c7fd8706..1776d958c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -1,11 +1,13 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAuthnRequest; /** - * Implements MOA request and stores StorkAuthnRequest related data + * Implements MOA request and stores StorkAuthn/Attr-Request related data * * @author bsuzic */ @@ -32,7 +34,6 @@ public class MOASTORKRequest implements IRequest { if (request != null) { isAttrRequest = true; } - } public boolean isAttrRequest() { @@ -49,8 +50,14 @@ public class MOASTORKRequest implements IRequest { } public String getOAURL() { - - return storkAuthnRequest.getAssertionConsumerServiceURL(); + if (isAuthnRequest) + return storkAuthnRequest.getAssertionConsumerServiceURL(); + else if (isAttrRequest) + return storkAttrQueryRequest.getAssertionConsumerServiceURL(); + else { + Logger.error("There is no authentication or attribute request contained in MOASTORKRequest."); + return null; + } } public boolean isPassiv() { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 3b9a5bc29..e68b66510 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -6,9 +6,7 @@ import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.STORKAttrQueryRequest; -import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.*; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.opensaml.common.binding.BasicSAMLMessageContext; @@ -93,14 +91,15 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } //Get SAMLEngine instance - STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); + STORKSAMLEngine authnEngine = STORKSAMLEngine.getInstance("incoming"); + STORKSAMLEngine attrEngine = STORKSAMLEngine.getInstance("incoming_attr"); STORKAuthnRequest authnRequest = null; STORKAttrQueryRequest attrRequest = null; // check if valid authn request is contained try { - authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); + authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } @@ -108,17 +107,16 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { // check if a valid attr request is container try { - attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken); + attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } - - Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL()); - Logger.error("cc " + authnRequest.getCitizenCountryCode()); - Logger.error("iss " + authnRequest.getIssuer()); - Logger.error("spid " + authnRequest.getSPID()); - Logger.error("spi " + authnRequest.getSpInstitution()); + // if there is no authn or attr request, raise error + if ((authnRequest == null) && (attrRequest == null)) { + Logger.error("There is no authentication or attribute request contained."); + throw new MOAIDException("stork.14", null); + } STORK2Request.setSTORKAuthnRequest(authnRequest); STORK2Request.setSTORKAttrRequest(attrRequest); diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties index 4007eacdc..99d5d7612 100644 --- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties +++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties @@ -208,6 +208,8 @@ stork.10=Fehler in der Verbindung zum SZR-Gateway stork.11=Fehler beim Sammeln von StorkAttributen stork.12=Konnte keine VIDP Konfiguration finden stork.13=Fehler beim Sammeln eines Attributes in einem AttributProviderPlugin +stork.14=Es wurde weder Authentifizierungs/ noch Attributerequest empfangen +stork.15=Unbekannte request. pvp2.00={0} ist kein gueltiger consumer service index pvp2.01=Fehler beim kodieren der PVP2 Antwort -- cgit v1.2.3 From e6dc09e9274cc5e38fa0c0832c205881faece862 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 16:03:18 +0100 Subject: remove attr test --- .../moa/id/protocols/stork2/AuthenticationRequest.java | 18 ------------------ 1 file changed, 18 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index d33b33c77..4e7a1bb8b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -75,24 +75,6 @@ public class AuthenticationRequest implements IAction { throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - // Prepare basic AT attributes - try { - IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); - Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); - - - for (PersonalAttribute personalAttribute : moaAttrList) { - Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); - if (personalAttribute.getValue().size() > 0) { - for (String value : personalAttribute.getValue()) { - Logger.info(" Value found: " + value); - } - } - } - - } catch (Exception e) { - Logger.error("Exception, attributes: " + e.getMessage()); - } // Get personal attributtes from MOA/IdentityLink authnResponse.setPersonalAttributeList(populateAttributes()); -- cgit v1.2.3 From 594dc394d958ee8c9106ff4ba837d6ba40fbecae Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 16:03:22 +0100 Subject: remove attr test --- .../at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java | 1 - 1 file changed, 1 deletion(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 4e7a1bb8b..cb49856c4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -75,7 +75,6 @@ public class AuthenticationRequest implements IAction { throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - // Get personal attributtes from MOA/IdentityLink authnResponse.setPersonalAttributeList(populateAttributes()); -- cgit v1.2.3 From 0d11865d1ccab1aca91e28c71cd86d1443faff41 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 16:20:00 +0100 Subject: putting attrrequest in main endpoint --- .../id/protocols/stork2/AuthenticationRequest.java | 101 ++++++++++++--------- .../moa/id/protocols/stork2/MOASTORKRequest.java | 5 +- 2 files changed, 63 insertions(+), 43 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index cb49856c4..18d0b479e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -9,10 +9,7 @@ import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.commons.*; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; import org.w3c.dom.Element; @@ -45,65 +42,63 @@ public class AuthenticationRequest implements IAction { this.moaStorkRequest = (MOASTORKRequest) req; + Logger.debug("Entering MOASTORKRequest"); + httpResp.reset(); - if (moasession.getUseMandate()) { - try { - MISMandate mandate = moasession.getMISMandate(); - String owbpk = mandate.getOWbPK(); - byte[] mand = mandate.getMandate(); - String profprep = mandate.getProfRep(); - //String textdesc = mandate.getTextualDescriptionOfOID(); - Element mndt = moasession.getMandate(); - - iterate(mndt.getAttributes()); - Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); - } catch (Exception x) { - Logger.debug("There is no mandate used in transaction"); - } - } - + // check if it is attribute query + if (moaStorkRequest.isAttrRequest()) { + Logger.debug("Starting AttrQueryRequest"); + STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse(); + IPersonalAttributeList personalAttributeList = moaStorkRequest.getStorkAttrQueryRequest().getPersonalAttributeList(); - Logger.debug("Starting AuthenticationRequest"); - httpResp.reset(); + // TODO Check if this instance is eligible to fetch attributes locally, assuming yes - STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry()); + return (new AttributeCollector()).processRequest(req, httpReq, httpResp, moasession); + } else + // check if we have authentication request + if (moaStorkRequest.isAuthnRequest()) { + Logger.debug("Starting AuthenticationRequest"); - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + STORKAuthnResponse authnResponse = new STORKAuthnResponse(); + authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry()); + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - // Get personal attributtes from MOA/IdentityLink - authnResponse.setPersonalAttributeList(populateAttributes()); + // Get personal attributtes from MOA/IdentityLink + authnResponse.setPersonalAttributeList(populateAttributes()); - // Prepare extended attributes - Logger.debug("Preparing data container"); + // Prepare extended attributes + Logger.debug("Preparing data container"); - // create fresh container - DataContainer container = new DataContainer(); + // create fresh container + DataContainer container = new DataContainer(); - // - fill in the request we extracted above - container.setRequest(moaStorkRequest.getStorkAuthnRequest()); + // - fill in the request we extracted above + container.setRequest(moaStorkRequest.getStorkAuthnRequest()); - // - fill in the partial response created above - container.setResponse(authnResponse); + // - fill in the partial response created above + container.setResponse(authnResponse); - // - memorize the target url were we have to return the result - container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL()); + // - memorize the target url were we have to return the result + container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL()); - container.setRemoteAddress(httpReq.getRemoteAddr()); + container.setRemoteAddress(httpReq.getRemoteAddr()); - Logger.debug("Data container prepared"); + Logger.debug("Data container prepared"); - return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + } } else { Logger.error("Could not recognize request."); throw new MOAIDException("stork.15", null); } + + return null; } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { @@ -120,6 +115,28 @@ public class AuthenticationRequest implements IAction { } + // does nothing + public void mandate(AuthenticationSession moasession) { + + if (moasession.getUseMandate()) { + try { + MISMandate mandate = moasession.getMISMandate(); + String owbpk = mandate.getOWbPK(); + byte[] mand = mandate.getMandate(); + String profprep = mandate.getProfRep(); + //String textdesc = mandate.getTextualDescriptionOfOID(); + Element mndt = moasession.getMandate(); + + iterate(mndt.getAttributes()); + Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand))); + } catch (Exception x) { + Logger.debug("There is no mandate used in transaction"); + } + } + + + } + public PersonalAttributeList populateAttributes() { IPersonalAttributeList attrLst = moaStorkRequest.getStorkAuthnRequest().getPersonalAttributeList(); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index 1776d958c..47a86174f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; @@ -49,6 +48,10 @@ public class MOASTORKRequest implements IRequest { return this.storkAuthnRequest; } + public STORKAttrQueryRequest getStorkAttrQueryRequest() { + return this.storkAttrQueryRequest; + } + public String getOAURL() { if (isAuthnRequest) return storkAuthnRequest.getAssertionConsumerServiceURL(); -- cgit v1.2.3 From 5e7e02ef338811ea240dd5e53a215f82fdf40954 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 16:30:07 +0100 Subject: remove override --- .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java | 3 --- 1 file changed, 3 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 8b96e0d10..758b70f2d 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -55,7 +55,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(eu.stork.peps.auth.commons.PersonalAttribute) */ - @Override public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { @@ -203,7 +202,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) */ - @Override public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { @@ -213,7 +211,6 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest) */ - @Override public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { // there is no redirect required, so we throw an exception when someone asks us to parse a response -- cgit v1.2.3 From 156ef68f4d89cf83e55fac8526e98e7cd445a31c Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 11:17:30 +0100 Subject: cleanup --- .../id/protocols/stork2/AttributeCollector.java | 91 ++++++++++++---------- 1 file changed, 48 insertions(+), 43 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index c711d9400..428d1c52c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -42,54 +42,59 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException; * */ public class AttributeCollector implements IAction { - - /** The Constant ARTIFACT_ID. */ - private static final String ARTIFACT_ID = "artifactId"; - + + /** + * The Constant ARTIFACT_ID. + */ + private static final String ARTIFACT_ID = "artifactId"; + /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession) */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { - // read configuration parameters of OA - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); - - // find the attribute provider plugin that can handle the response - IPersonalAttributeList newAttributes = null; - for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) - try { - newAttributes = current.parse(httpReq); - } catch (UnsupportedAttributeException e1) { - // the current provider cannot find anything familiar within the - // provided httpreq. Try the next one. - } - - if (null == newAttributes) { - // we do not have a provider which is capable of fetching something - // from the received httpreq. - // TODO should we continue with the next attribute? - Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); - throw new MOAIDException("stork.11", null); - } - - // - fetch the container - String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); - DataContainer container; - try { - container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); - } catch (MOADatabaseException e) { - Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); - throw new MOAIDException("stork.11", null); - } - - // - insert the embedded attribute(s) into the container - for(PersonalAttribute current : newAttributes) - container.getResponse().getPersonalAttributeList().add(current); - - // see if we need some more attributes - return processRequest(container, httpReq, httpResp, moasession, oaParam); + // read configuration parameters of OA + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + + // find the attribute provider plugin that can handle the response + IPersonalAttributeList newAttributes = null; + for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) + try { + newAttributes = current.parse(httpReq); + } catch (UnsupportedAttributeException e1) { + // the current provider cannot find anything familiar within the + // provided httpreq. Try the next one. + // TODO check the loop + } + + if (null == newAttributes) { + // we do not have a provider which is capable of fetching something + // from the received httpreq. + // TODO should we continue with the next attribute? + Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); + throw new MOAIDException("stork.11", null); + } + + // - fetch the container + String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); + DataContainer container; + try { + container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); + throw new MOAIDException("stork.11", null); + } + + + + // - insert the embedded attribute(s) into the container + for (PersonalAttribute current : newAttributes) + container.getResponse().getPersonalAttributeList().add(current); + + // see if we need some more attributes + return processRequest(container, httpReq, httpResp, moasession, oaParam); } /** -- cgit v1.2.3 From e938b31db45af14312e0fe195d274f7f4c9e0aa9 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 14:43:47 +0100 Subject: fixed spCountryCode in Stork AttrQuery Plugin --- .../egovernment/moa/id/protocols/stork2/AttributeCollector.java | 4 ++-- .../egovernment/moa/id/protocols/stork2/AttributeProvider.java | 6 +++--- .../moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java | 2 +- .../moa/id/protocols/stork2/StorkAttributeRequestProvider.java | 9 ++++----- 4 files changed, 10 insertions(+), 11 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 428d1c52c..6b7769c49 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -157,12 +157,12 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); + e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? - Logger.error("Error putting incomplete Stork response into temporary storage", e); + Logger.error("Error putting incomplete Stork response into temporary storage", e1); throw new MOAIDException("stork.11", null); } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 59376fef6..6fba91fde 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -34,13 +34,13 @@ public interface AttributeProvider { * Perform redirect. * * @param url the return URL ending with ?artifactId=... - * @param citizenCountyCode the citizen county code + * @param spCountyCode the sp county code * @param req the request we got from the S-PEPS and for which we have to ask our APs * @param resp the response to the preceding request * @param oaParam the oa param - * @throws MOAIDException + * @throws MOAIDException the mOAID exception */ - public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException; + public void performRedirect(String url, String spCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException; /** * Parses the response we got from the external attribute provider. diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 8b96e0d10..4404af4e3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -204,7 +204,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.config.auth.OAAuthParameter) */ @Override - public void performRedirect(String url, String citizenCountyCode, + public void performRedirect(String url, String spCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { // there is no redirect required diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index bd6f192dc..5efdfd117 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -91,13 +91,11 @@ public class StorkAttributeRequestProvider implements AttributeProvider { /* (non-Javadoc) * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String) */ - @Override - public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { + public void performRedirect(String url, String spCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { String spSector = "Business"; String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); String spApplication = spInstitution; - String spCountry = "AT"; //generate AuthnRquest STORKAttrQueryRequest attributeRequest = new STORKAttrQueryRequest(); @@ -106,12 +104,13 @@ public class StorkAttributeRequestProvider implements AttributeProvider { attributeRequest.setIssuer(HTTPUtils.getBaseURL(req)); attributeRequest.setQaa(oaParam.getQaaLevel()); attributeRequest.setSpInstitution(spInstitution); - attributeRequest.setCountry(spCountry); + attributeRequest.setCountry(spCountryCode); + attributeRequest.setSpCountry(spCountryCode); attributeRequest.setSpApplication(spApplication); attributeRequest.setSpSector(spSector); attributeRequest.setPersonalAttributeList(requestedAttributes); - attributeRequest.setCitizenCountryCode(citizenCountryCode); + attributeRequest.setCitizenCountryCode("AT"); Logger.debug("STORK AttrRequest succesfully assembled."); -- cgit v1.2.3 From 013bc5647275872ba182ad7bf62be1cbd7c80f38 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Mon, 3 Mar 2014 16:47:25 +0100 Subject: treated possible infinite loop in ap collection --- .../id/protocols/stork2/AttributeCollector.java | 59 ++++++++++++++++------ 1 file changed, 43 insertions(+), 16 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 6b7769c49..2735fde68 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -27,6 +27,7 @@ import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.PersonalAttributeList; import eu.stork.peps.auth.commons.STORKAuthnRequest; import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; @@ -63,18 +64,18 @@ public class AttributeCollector implements IAction { for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) try { newAttributes = current.parse(httpReq); + + // stop as soon as we hit a capable plugin + break; } catch (UnsupportedAttributeException e1) { // the current provider cannot find anything familiar within the // provided httpreq. Try the next one. - // TODO check the loop } if (null == newAttributes) { // we do not have a provider which is capable of fetching something // from the received httpreq. - // TODO should we continue with the next attribute? Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); - throw new MOAIDException("stork.11", null); } // - fetch the container @@ -87,11 +88,8 @@ public class AttributeCollector implements IAction { throw new MOAIDException("stork.11", null); } - - // - insert the embedded attribute(s) into the container - for (PersonalAttribute current : newAttributes) - container.getResponse().getPersonalAttributeList().add(current); + addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes); // see if we need some more attributes return processRequest(container, httpReq, httpResp, moasession, oaParam); @@ -119,23 +117,35 @@ public class AttributeCollector implements IAction { try { // for each attribute still missing for (PersonalAttribute currentAttribute : missingAttributes) { - // - check if we can find a suitable AttributeProvider Plugin + + /* + * prefill attributes with "notAvailable". If we get them later, we override the value and status. + * This way, there is no error case in which an attribute is left unanswered. + */ + IPersonalAttributeList aquiredAttributes = new PersonalAttributeList(); + currentAttribute.setStatus("notAvailable"); + addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); + + // - check if we can find a suitable AttributeProvider Plugin for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { try { // - hand over control to the suitable plugin - IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); - - // - add the aquired attribute to the container - for (PersonalAttribute current : aquiredAttributes) - container.getResponse().getPersonalAttributeList().add(current); + aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); + break; } catch (UnsupportedAttributeException e) { // ok, try the next attributeprovider } catch (MOAIDException e) { // the current plugin had an error. Try the next one. - // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop } - } + + // check if we could fetch the attribute + if (null == aquiredAttributes) { + // if not + Logger.error("We have no suitable plugin for obtaining the attribute '" + currentAttribute.getName() + "'"); + } else + // else, update any existing attributes + addOrUpdateAll(container.getResponse().getPersonalAttributeList(), aquiredAttributes); } // build response @@ -159,7 +169,6 @@ public class AttributeCollector implements IAction { // add container-key to redirect embedded within the return URL e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); - } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e1); @@ -238,6 +247,24 @@ public class AttributeCollector implements IAction { Logger.error("Velocity error: " + e.getMessage()); } } + + /** + * Adds or updates all {@link PersonalAttribute} objects given in {@code source} to/in {@code target}. + * + * @param target the target + * @param source the source + */ + private void addOrUpdateAll(IPersonalAttributeList target, IPersonalAttributeList source) { + for (PersonalAttribute current : source) { + // check if we need to update the current pa + if (target.containsKey(current.getName())) { + target.get(current.getName()).setStatus(current.getStatus()); + target.get(current.getName()).setValue(current.getValue()); + target.get(current.getName()).setComplexValue(current.getComplexValue()); + } else + target.add(current); + } + } /* (non-Javadoc) * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse) -- cgit v1.2.3 From 8dbc7af299d5e7a1dd4d1085d2840ff00f403bbb Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Mon, 3 Mar 2014 20:28:57 +0100 Subject: attribut test --- .../auth/src/main/webapp/WEB-INF/urlrewrite.xml | 4 + .../moa/id/entrypoints/DispatcherServlet.java | 2 +- .../id/protocols/stork2/AttributeCollector.java | 12 ++- .../moa/id/protocols/stork2/AttributeProvider.java | 1 + .../protocols/stork2/AttributeProviderFactory.java | 98 +++++++++++----------- .../id/protocols/stork2/MISAttributeProvider.java | 22 ++++- .../moa/id/protocols/stork2/MOASTORKRequest.java | 2 +- .../protocols/stork2/MandateRetrievalRequest.java | 28 +++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 8 +- 9 files changed, 120 insertions(+), 57 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java (limited to 'id') diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml index 59d6d6cce..d6df363c5 100644 --- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml +++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml @@ -68,6 +68,10 @@ ^/moa-id-auth/SendPEPSAuthnRequest$ /dispatcher?mod=id_stork2&action=AuthenticationRequest&%{query-string} + + ^/moa-id-auth/RetrieveMandate$ + /dispatcher?mod=id_stork2&action=MandateRetrievalRequest&%{query-string} + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java index 3af8bcfe5..647c8bb39 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java @@ -491,7 +491,7 @@ public class DispatcherServlet extends AuthServlet{ } } catch (Throwable e) { - Logger.info("An authentication error occous: " + e.getMessage());; + Logger.info("An authentication error occured: " + e.getMessage());; // Try handle module specific, if not possible rethrow if (!info.generateErrorMessage(e, req, resp, protocolRequest)) { throw e; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 57c68e94c..030d7c497 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -124,15 +124,18 @@ public class AttributeCollector implements IAction { try { // for each attribute still missing for (PersonalAttribute currentAttribute : missingAttributes) { + Logger.error("Checking missing attribute: " + currentAttribute.getName()); // - check if we can find a suitable AttributeProvider Plugin for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { try { // - hand over control to the suitable plugin + Logger.error("Going to acquire missing attribute: " + currentAttribute.getName() + " at provider: " + currentProvider.getClass().getName()); IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); // - add the aquired attribute to the container - for (PersonalAttribute current : aquiredAttributes) - container.getResponse().getPersonalAttributeList().add(current); + + try { for (PersonalAttribute current : aquiredAttributes) + container.getResponse().getPersonalAttributeList().add(current); } catch (NullPointerException ex) { Logger.error ("Nothing found");} } catch (UnsupportedAttributeException e) { // ok, try the next attributeprovider } catch (MOAIDException e) { @@ -154,6 +157,7 @@ public class AttributeCollector implements IAction { } catch (ExternalAttributeRequestRequiredException e) { // the attribute request is ongoing and requires an external service. + Logger.error("EXTERNAL EXCEPTION CAUGHT"); try { // memorize the container again // - generate new key @@ -163,19 +167,19 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL + Logger.info("Performing redirect to gather attributes to: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix()); e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getCitizenCountryCode(), request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); + e1.printStackTrace(); throw new MOAIDException("stork.11", null); } return "12345"; // TODO what to do here? } - - } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java index 59376fef6..2ecae1288 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProvider.java @@ -52,4 +52,5 @@ public interface AttributeProvider { */ public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException; + } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java index 23edf69f9..953758dc3 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java @@ -1,59 +1,61 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; + import java.util.ArrayList; import java.util.List; -import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin; - /** * A factory for creating AttributeProvider objects. */ public class AttributeProviderFactory { - /** - * Gets the available plugins. - * - * @return the available plugins - */ - public static List getAvailablePlugins() { - List result = new ArrayList(); - result.add("StorkAttributeRequestProvider"); - result.add("EHvdAttributeProvider"); - - return result; - } - - /** - * Creates an AttributeProvider object for the given shortname. Returns - * {@code null} if there is no such provider available. - * - * @param shortname - * the simpleName for the providers class - * @return the attribute provider - */ - public static AttributeProvider create(String shortname, String url) { - if (shortname.equals("StorkAttributeRequestProvider")) { - return new StorkAttributeRequestProvider(url); - } else if(shortname.equals("EHvdAttributeProvider")) { - return new EHvdAttributeProviderPlugin(url); - } else { - return null; - } - } - - /** - * Gets fresh instances of the configured plugins. - * - * @param configuredAPs the configured a ps - * @return the configured plugins - */ - public static List getConfiguredPlugins( - List configuredAPs) { - - List result = new ArrayList(); - for(AttributeProviderPlugin current : configuredAPs) - result.add(create(current.getName(), current.getUrl())); - - return result; - } + /** + * Gets the available plugins. + * + * @return the available plugins + */ + public static List getAvailablePlugins() { + List result = new ArrayList(); + result.add("StorkAttributeRequestProvider"); + result.add("EHvdAttributeProvider"); + result.add("MISAttributeProvider"); + + return result; + } + + /** + * Creates an AttributeProvider object for the given shortname. Returns + * {@code null} if there is no such provider available. + * + * @param shortname the simpleName for the providers class + * @return the attribute provider + */ + public static AttributeProvider create(String shortname, String url) { + if (shortname.equals("StorkAttributeRequestProvider")) { + return new StorkAttributeRequestProvider(url); + } else if (shortname.equals("EHvdAttributeProvider")) { + return new EHvdAttributeProviderPlugin(url); + } else if (shortname.equals("MISAttributeProvider")) { + return new MISAttributeProvider(url); + } else { + return null; + } + } + + /** + * Gets fresh instances of the configured plugins. + * + * @param configuredAPs the configured a ps + * @return the configured plugins + */ + public static List getConfiguredPlugins( + List configuredAPs) { + + List result = new ArrayList(); + for (AttributeProviderPlugin current : configuredAPs) + result.add(create(current.getName(), current.getUrl())); + + return result; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java index 7665bb239..8cdbfd37c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java @@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -13,15 +14,34 @@ import javax.servlet.http.HttpServletResponse; * Implements Attribute Provider for Mandates */ public class MISAttributeProvider implements AttributeProvider { + + String url = null; + + public MISAttributeProvider(String url) { + this.url = url; + } + public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException { + Logger.error("Entering MIS for attribute: " + attributes.getName()); + + if (attributes.getName().equals("residencePermit")) { + Logger.error("MIS EXCEPTION: " + attributes.getName()); + throw new ExternalAttributeRequestRequiredException(this); + } + return null; // } public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException { - // + Logger.error("Entering MIS redirect for attribute: " ); + } public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException { return null; // } + + public String getName() { + return "MandateProvider"; + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index 47a86174f..39a6907c1 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -52,7 +52,7 @@ public class MOASTORKRequest implements IRequest { return this.storkAttrQueryRequest; } - public String getOAURL() { + public String getOAURL() { // TODO CHECK IT if (isAuthnRequest) return storkAuthnRequest.getAssertionConsumerServiceURL(); else if (isAttrRequest) diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java new file mode 100644 index 000000000..bad711dbb --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MandateRetrievalRequest.java @@ -0,0 +1,28 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.moduls.IAction; +import at.gv.egovernment.moa.id.moduls.IRequest; +import com.sun.xml.ws.security.trust.WSTrustConstants; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * Processes mandate data after authentication is done in AT + * @author bsuzic + */ +public class MandateRetrievalRequest implements IAction { + public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + return null; // + } + + public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { + return true; + } + + public String getDefaultActionName() { + return STORKProtocol.MANDATERETRIEVALREQUEST; + } +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index e68b66510..3762a5101 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -31,6 +31,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; + public static final String MANDATERETRIEVALREQUEST = "MandateRetrievalRequest"; private static HashMap actions = new HashMap(); @@ -102,16 +103,19 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); + } catch (ClassCastException e) { + Logger.error("Could not extract authenticaiton request"); } - // check if a valid attr request is container + // check if a valid attr request is containerd try { attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); + } catch (ClassCastException e) { + Logger.error("Could not extract attribute request"); } - // if there is no authn or attr request, raise error if ((authnRequest == null) && (attrRequest == null)) { Logger.error("There is no authentication or attribute request contained."); -- cgit v1.2.3 From e503775e1b98bb9ff5ed188a5ff574026c022461 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 4 Mar 2014 13:21:14 +0100 Subject: refactored attributecollector url --- .../at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index c5125912a..bd32bfc78 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -164,7 +164,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL - e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); + e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); } catch (Exception e1) { // TODO should we return the response as is to the PEPS? -- cgit v1.2.3 From 4843bccbf840ae93f855ef6548683ee794593915 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 4 Mar 2014 13:23:37 +0100 Subject: vidp can handle attrquery and authnrequest --- .../id/protocols/stork2/AttributeCollector.java | 34 +++++----- .../id/protocols/stork2/AuthenticationRequest.java | 68 +++++++++----------- .../moa/id/protocols/stork2/DataContainer.java | 24 +++---- .../moa/id/protocols/stork2/MOASTORKRequest.java | 29 ++++++++- .../moa/id/protocols/stork2/MOASTORKResponse.java | 75 ++++++++++++++++++++++ .../moa/id/protocols/stork2/STORKProtocol.java | 16 ++--- 6 files changed, 169 insertions(+), 77 deletions(-) create mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index bd32bfc78..5f46153af 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -19,8 +19,6 @@ import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.apache.velocity.Template; @@ -183,15 +181,18 @@ public class AttributeCollector implements IAction { * @throws MOAIDException the mOAID exception */ private void generateSTORKResponse(DataContainer container) throws MOAIDException { - STORKAuthnResponse authnResponse = container.getResponse(); - STORKAuthnRequest authnRequest = container.getRequest(); + MOASTORKRequest request = container.getRequest(); + MOASTORKResponse response = container.getResponse(); try { //Get SAMLEngine instance STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); Logger.debug("Starting generation of SAML response"); - authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false); - + if(response.isAuthnResponse()) + response.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(request.getStorkAuthnRequest(), response.getStorkAuthnResponse(), container.getRemoteAddress(), false)); + else + response.setSTORKAttrResponse(engine.generateSTORKAttrQueryResponse(request.getStorkAttrQueryRequest(), response.getStorkAttrQueryResponse(), container.getRemoteAddress(), "", false)); + //generateSAML Token Logger.info("SAML response succesfully generated!"); } catch (STORKSAMLEngineException e) { @@ -200,11 +201,6 @@ public class AttributeCollector implements IAction { } Logger.info("STORK SAML Response message succesfully generated "); - Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); - Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); - Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml())); - - container.setResponse(authnResponse); } /** @@ -214,17 +210,23 @@ public class AttributeCollector implements IAction { * @param container the container */ private void generateRedirectResponse(HttpServletResponse httpResp, DataContainer container) { - STORKAuthnResponse authnResponse = container.getResponse(); - STORKAuthnRequest authnRequest = container.getRequest(); + MOASTORKResponse authnResponse = container.getResponse(); + MOASTORKRequest authnRequest = container.getRequest(); // preparing redirection for the client try { VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); VelocityContext context = new VelocityContext(); - - context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml()).getBytes()); - Logger.debug("SAMLResponse original: " + new String(authnResponse.getTokenSaml()).getBytes()); + + byte[] blob; + if(authnRequest.isAttrRequest()) + blob = authnResponse.getStorkAttrQueryResponse().getTokenSaml(); + else + blob = authnResponse.getStorkAuthnResponse().getTokenSaml(); + + context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob).getBytes()); + Logger.debug("SAMLResponse original: " + new String(blob).getBytes()); Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); context.put("action", authnRequest.getAssertionConsumerServiceURL()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index 18d0b479e..619935abe 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -44,61 +44,55 @@ public class AuthenticationRequest implements IAction { Logger.debug("Entering MOASTORKRequest"); httpResp.reset(); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + MOASTORKResponse moaStorkResponse = new MOASTORKResponse(); + // check if it is attribute query if (moaStorkRequest.isAttrRequest()) { Logger.debug("Starting AttrQueryRequest"); - STORKAttrQueryResponse attrResponse = new STORKAttrQueryResponse(); - IPersonalAttributeList personalAttributeList = moaStorkRequest.getStorkAttrQueryRequest().getPersonalAttributeList(); - - // TODO Check if this instance is eligible to fetch attributes locally, assuming yes - - return (new AttributeCollector()).processRequest(req, httpReq, httpResp, moasession); - - } else - // check if we have authentication request - if (moaStorkRequest.isAuthnRequest()) { - Logger.debug("Starting AuthenticationRequest"); - - STORKAuthnResponse authnResponse = new STORKAuthnResponse(); - authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry()); - - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); - - // Get personal attributtes from MOA/IdentityLink - authnResponse.setPersonalAttributeList(populateAttributes()); + + moaStorkResponse.setSTORKAttrResponse(new STORKAttrQueryResponse()); + } + // check if we have authentication request + else if (moaStorkRequest.isAuthnRequest()) { + Logger.debug("Starting AuthenticationRequest"); - // Prepare extended attributes - Logger.debug("Preparing data container"); + moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse()); + // Get personal attributtes from MOA/IdentityLink + moaStorkResponse.setPersonalAttributeList(populateAttributes()); + } + + moaStorkResponse.setCountry(moaStorkRequest.getSpCountry()); - // create fresh container - DataContainer container = new DataContainer(); + // Prepare extended attributes + Logger.debug("Preparing data container"); - // - fill in the request we extracted above - container.setRequest(moaStorkRequest.getStorkAuthnRequest()); + // create fresh container + DataContainer container = new DataContainer(); - // - fill in the partial response created above - container.setResponse(authnResponse); + // - fill in the request we extracted above + container.setRequest(moaStorkRequest); - // - memorize the target url were we have to return the result - container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL()); + // - fill in the partial response created above + container.setResponse(moaStorkResponse); - container.setRemoteAddress(httpReq.getRemoteAddr()); + // - memorize the target url were we have to return the result + container.setTarget(moaStorkRequest.getAssertionConsumerServiceURL()); + container.setRemoteAddress(httpReq.getRemoteAddr()); - Logger.debug("Data container prepared"); - return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); + Logger.debug("Data container prepared"); - } + return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); } else { Logger.error("Could not recognize request."); throw new MOAIDException("stork.15", null); } - - return null; } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java index a1c40526d..74239318b 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java @@ -2,10 +2,6 @@ package at.gv.egovernment.moa.id.protocols.stork2; import java.io.Serializable; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; - -// TODO: Auto-generated Javadoc /** * Holds info about an ongoing but yet incomplete stork authnrequest process. */ @@ -15,10 +11,10 @@ public class DataContainer implements Serializable { private static final long serialVersionUID = -8765997480582363012L; /** The incoming request. */ - private STORKAuthnRequest request; + private MOASTORKRequest request; /** The yet incomplete response. */ - private STORKAuthnResponse response; + private MOASTORKResponse response; /** The target. */ private String target; @@ -31,17 +27,17 @@ public class DataContainer implements Serializable { * * @return the request */ - public STORKAuthnRequest getRequest() { + public MOASTORKRequest getRequest() { return request; } /** * Sets the request. * - * @param request the new request + * @param moaStorkRequest the new request */ - public void setRequest(STORKAuthnRequest request) { - this.request = request; + public void setRequest(MOASTORKRequest moaStorkRequest) { + this.request = moaStorkRequest; } /** @@ -49,17 +45,17 @@ public class DataContainer implements Serializable { * * @return the response */ - public STORKAuthnResponse getResponse() { + public MOASTORKResponse getResponse() { return response; } /** * Sets the response. * - * @param response the new response + * @param moaStorkResponse the new response */ - public void setResponse(STORKAuthnResponse response) { - this.response = response; + public void setResponse(MOASTORKResponse moaStorkResponse) { + this.response = moaStorkResponse; } /** diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java index 47a86174f..fa7db82c4 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java @@ -1,7 +1,10 @@ package at.gv.egovernment.moa.id.protocols.stork2; +import java.io.Serializable; + import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.STORKAttrQueryRequest; import eu.stork.peps.auth.commons.STORKAuthnRequest; @@ -11,8 +14,9 @@ import eu.stork.peps.auth.commons.STORKAuthnRequest; * @author bsuzic */ -public class MOASTORKRequest implements IRequest { - private String requestID; +public class MOASTORKRequest implements IRequest, Serializable { + private static final long serialVersionUID = 4581953368724501376L; + private String requestID; private String target = null; String module = null; String action = null; @@ -102,4 +106,25 @@ public class MOASTORKRequest implements IRequest { public String getRequestID() { return this.requestID; } + + public IPersonalAttributeList getPersonalAttributeList() { + if(isAttrRequest()) + return this.storkAttrQueryRequest.getPersonalAttributeList(); + else + return this.storkAuthnRequest.getPersonalAttributeList(); + } + + public String getSpCountry() { + if(isAttrRequest()) + return this.storkAttrQueryRequest.getSpCountry(); + else + return this.storkAuthnRequest.getSpCountry(); + } + + public String getAssertionConsumerServiceURL() { + if(isAttrRequest()) + return this.storkAttrQueryRequest.getAssertionConsumerServiceURL(); + else + return this.storkAuthnRequest.getAssertionConsumerServiceURL(); + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java new file mode 100644 index 000000000..36f5a80b4 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKResponse.java @@ -0,0 +1,75 @@ +package at.gv.egovernment.moa.id.protocols.stork2; + +import java.io.Serializable; + +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.STORKAttrQueryResponse; +import eu.stork.peps.auth.commons.STORKAuthnResponse; + +/** + * Implements MOA request and stores StorkAuthn/Attr-Request related data + * + * @author bsuzic + */ + +public class MOASTORKResponse implements Serializable { + private static final long serialVersionUID = -5798803155055518747L; + private STORKAuthnResponse storkAuthnRequest; + private STORKAttrQueryResponse storkAttrQueryRequest; + private boolean isAttrRequest = false; + private boolean isAuthnRequest = false; + + public void setSTORKAuthnResponse(STORKAuthnResponse request) { + this.storkAuthnRequest = request; + if (request != null) { + isAuthnRequest = true; + } + } + + public void setSTORKAttrResponse(STORKAttrQueryResponse request) { + this.storkAttrQueryRequest = request; + if (request != null) { + isAttrRequest = true; + } + } + + public boolean isAttrResponse() { + return this.isAttrRequest; + } + + public boolean isAuthnResponse() { + return this.isAuthnRequest; + } + + + public STORKAuthnResponse getStorkAuthnResponse() { + return this.storkAuthnRequest; + } + + public STORKAttrQueryResponse getStorkAttrQueryResponse() { + return this.storkAttrQueryRequest; + } + + public IPersonalAttributeList getPersonalAttributeList() { + if(isAttrResponse()) + return this.storkAttrQueryRequest.getPersonalAttributeList(); + else + return this.storkAuthnRequest.getPersonalAttributeList(); + } + + public void setPersonalAttributeList(PersonalAttributeList populateAttributes) { + if(isAttrResponse()) + this.storkAttrQueryRequest.setPersonalAttributeList(populateAttributes); + else + this.storkAuthnRequest.setPersonalAttributeList(populateAttributes); + } + + public void setCountry(String spCountry) { + if(isAttrResponse()) + this.storkAttrQueryRequest.setCountry(spCountry); + else + this.storkAuthnRequest.setCountry(spCountry); + } + +} diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index e68b66510..d2f2ff663 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -102,14 +102,14 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); - } - - - // check if a valid attr request is container - try { - attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); - } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); + } catch(ClassCastException e) { + // we do not have a authnRequest + // check if a valid attr request is container + try { + attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); + } catch (STORKSAMLEngineException ex) { + Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); + } } // if there is no authn or attr request, raise error -- cgit v1.2.3 From 4e5383a60b4cc2db7b51883f2e85aeff6f3f70cd Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 4 Mar 2014 16:09:21 +0100 Subject: fixed eHVD plugin --- .../id/protocols/stork2/AttributeCollector.java | 4 +-- .../stork2/EHvdAttributeProviderPlugin.java | 39 ++++++++++++++++------ 2 files changed, 30 insertions(+), 13 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 5f46153af..7342a45aa 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -225,8 +225,8 @@ public class AttributeCollector implements IAction { else blob = authnResponse.getStorkAuthnResponse().getTokenSaml(); - context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob).getBytes()); - Logger.debug("SAMLResponse original: " + new String(blob).getBytes()); + context.put("SAMLResponse", PEPSUtil.encodeSAMLToken(blob)); + Logger.debug("SAMLResponse original: " + new String(blob)); Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); context.put("action", authnRequest.getAssertionConsumerServiceURL()); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java index 4404af4e3..f97d8c804 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/EHvdAttributeProviderPlugin.java @@ -8,6 +8,7 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.xml.namespace.QName; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.soap.MessageFactory; import javax.xml.soap.SOAPBody; @@ -27,6 +28,7 @@ import javax.xml.transform.stream.StreamResult; import org.w3c.dom.Document; import org.w3c.dom.Element; +import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -61,7 +63,7 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { ExternalAttributeRequestRequiredException, MOAIDException { // break when we cannot handle the requested attribute - if(!attributes.getFriendlyName().equals("isHCP")) + if(!attributes.getName().equals("isHealthCareProfessional")) throw new UnsupportedAttributeException(); try { @@ -95,8 +97,9 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { // SOAP Body SOAPBody requestBody = envelope.getBody(); SOAPElement requestBodyElem = requestBody.addChildElement("IsHealthcareProfessional"); + requestBodyElem.addAttribute(new QName("xmlns"), "http://gesundheit.gv.at/BAGDAD/DataAccessService"); SOAPElement requestBodyElem1 = requestBodyElem.addChildElement("bPK"); - requestBodyElem1.addTextNode(moasession.getIdentityLink().getIdentificationValue()); + requestBodyElem1.addTextNode(new BPKBuilder().buildBPK(moasession.getIdentityLink().getIdentificationValue(), "GH")); requestMessage.saveChanges(); @@ -154,26 +157,34 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { if (collection.get("IsHealthcareProfessional").equals("false")) { // the citizen is no HCP - acquiredAttribute = new PersonalAttribute("isHCP", false, new ArrayList(), "NotAvailable"); + acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, new ArrayList(), "NotAvailable"); } else { // go on and parse the data Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument(); + + // create the root element + Element root = doc.createElement("isHealthCareProfessional"); + doc.appendChild(root); Element orgname = doc.createElement("nameOfOrganisation"); - orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganization"))); - doc.appendChild(orgname); + orgname.appendChild(doc.createTextNode(collection.get("NameOfOrganisation"))); + root.appendChild(orgname); Element type = doc.createElement("HCP"); // TODO fix value mapping - if (collection.get("Type").equals("Medical Doctors")) + if (collection.get("Type").equals("Medical doctor")) type.appendChild(doc.createTextNode("D")); - doc.appendChild(type); + root.appendChild(type); Element specialization = doc.createElement("specialisation"); - // TODO fix value mapping - specialization.appendChild(doc.createTextNode(collection.get("Specialization").substring(0, 2))); - doc.appendChild(specialization); + if (collection.get("Specialization").contains("Arzt für Allgemeinmedizin")) + specialization.appendChild(doc.createTextNode("GP")); + root.appendChild(specialization); + + Element aqaa = doc.createElement("AQAA"); + aqaa.appendChild(doc.createTextNode("4")); + root.appendChild(aqaa); // get string from dom tree Source source = new DOMSource(doc); @@ -187,12 +198,18 @@ public class EHvdAttributeProviderPlugin implements AttributeProvider { ArrayList value = new ArrayList(); value.add(out.toString()); - acquiredAttribute = new PersonalAttribute("isHCP", false, value, "Available"); + acquiredAttribute = new PersonalAttribute("isHealthCareProfessional", false, value, "Available"); } // pack and return the result PersonalAttributeList result = new PersonalAttributeList(); result.add(acquiredAttribute); + + // add stork id for verification + ArrayList value = new ArrayList(); + value.add(new BPKBuilder().buildStorkbPK(moasession.getIdentityLink().getIdentificationValue(), "IT")); + result.add(new PersonalAttribute("eIdentifier", false, value, "Available")); + return result; } catch (Exception e) { -- cgit v1.2.3 From 7ce4c799eb26f65ef8826b74d0fb09a8d1f4949d Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 4 Mar 2014 17:05:01 +0100 Subject: fixed response handling --- .../id/protocols/stork2/AttributeCollector.java | 22 +++++++++++----------- .../moa/id/protocols/stork2/STORKProtocol.java | 9 +++++---- 2 files changed, 16 insertions(+), 15 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 7342a45aa..b2f5076b6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -49,8 +49,18 @@ public class AttributeCollector implements IAction { */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + // - fetch the container + String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); + DataContainer container; + try { + container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); + } catch (MOADatabaseException e) { + Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); + throw new MOAIDException("stork.11", null); + } + // read configuration parameters of OA - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL()); if (oaParam == null) throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); @@ -73,16 +83,6 @@ public class AttributeCollector implements IAction { Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); } - // - fetch the container - String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); - DataContainer container; - try { - container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); - } catch (MOADatabaseException e) { - Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); - throw new MOAIDException("stork.11", null); - } - // - insert the embedded attribute(s) into the container addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes); diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index d2f2ff663..638035008 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -71,16 +71,17 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { Logger.debug("Request content length: " + request.getContentLength()); Logger.debug("Initiating action: " + action); + MOASTORKRequest STORK2Request = new MOASTORKRequest(); + + if (AttributeCollector.class.getSimpleName().equals(action)) + return STORK2Request; + HTTPInTransport profileReq = new HttpServletRequestAdapter(request); HTTPOutTransport profileResp = new HttpServletResponseAdapter(response, request.isSecure()); - BasicSAMLMessageContext samlMessageContext = new BasicSAMLMessageContext(); samlMessageContext.setInboundMessageTransport(profileReq); - MOASTORKRequest STORK2Request = new MOASTORKRequest(); - - //extract STORK Response from HTTP Request byte[] decSamlToken; try { -- cgit v1.2.3 From d22d1372540058c1e20a49c5df23f9ba6f880089 Mon Sep 17 00:00:00 2001 From: Florian Reimair Date: Tue, 4 Mar 2014 17:05:36 +0100 Subject: fixed samlengine serializables --- .../java/eu/stork/peps/auth/commons/PersonalAttributeList.java | 7 ++++--- .../main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) (limited to 'id') diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java index 642b249d4..9a0f87488 100644 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/PersonalAttributeList.java @@ -13,6 +13,7 @@ */ package eu.stork.peps.auth.commons; +import java.io.Serializable; import java.util.ArrayList; import java.util.HashMap; import java.util.Iterator; @@ -37,7 +38,7 @@ import org.apache.log4j.Logger; */ @SuppressWarnings("PMD") public final class PersonalAttributeList extends - ConcurrentHashMap implements IPersonalAttributeList{ + ConcurrentHashMap implements IPersonalAttributeList, Serializable { /** * Logger object. @@ -53,13 +54,13 @@ public final class PersonalAttributeList extends /** * Hash with the latest fetched attribute name alias. */ - private final transient Map latestAttrAlias = + private final Map latestAttrAlias = new HashMap(); /** * Hash with mapping number of alias or the attribute name. */ - private final transient Map attrAliasNumber = + private final Map attrAliasNumber = new HashMap(); /** diff --git a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java index dd99cb8f6..cab723837 100644 --- a/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java +++ b/id/server/stork2-commons/src/main/java/eu/stork/peps/auth/commons/STORKAuthnResponse.java @@ -68,7 +68,7 @@ public final class STORKAuthnResponse implements Serializable { private String country; /** Citizen's personal attribute list. */ - private transient IPersonalAttributeList attributeList = new PersonalAttributeList(); + private IPersonalAttributeList attributeList = new PersonalAttributeList(); /** List of all assertions in response *. */ private List assertions; -- cgit v1.2.3 From cd0887a43b0b4350e736433c2b513901a2151601 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 4 Mar 2014 17:51:06 +0100 Subject: after merge, having problem --- id/ConfigWebTool/ConfigurationInterface.iml | 20 +- id/oa/moa-id-oa.iml | 4 +- id/server/auth/moa-id-auth.iml | 19 +- id/server/auth/pom.xml | 9 +- id/server/idserverlib/moa-id-lib.iml | 25 +- .../moa/id/auth/AuthenticationServer.java | 2 +- .../id/protocols/stork2/AttributeCollector.java | 9 +- id/server/moa-id-commons/moa-id-commons.iml | 7 +- id/server/moa-id-commons/pom.xml | 491 +++++++++++---------- id/server/proxy/moa-id-proxy.iml | 17 +- 10 files changed, 300 insertions(+), 303 deletions(-) (limited to 'id') diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml index 20f45337e..43790145b 100644 --- a/id/ConfigWebTool/ConfigurationInterface.iml +++ b/id/ConfigWebTool/ConfigurationInterface.iml @@ -73,8 +73,6 @@ - - @@ -121,29 +119,20 @@ + - - - - - - - - - - - - + + @@ -168,6 +157,8 @@ + + @@ -186,6 +177,7 @@ + diff --git a/id/oa/moa-id-oa.iml b/id/oa/moa-id-oa.iml index 6d9905e25..0b7bf00de 100644 --- a/id/oa/moa-id-oa.iml +++ b/id/oa/moa-id-oa.iml @@ -13,8 +13,8 @@ - - + + diff --git a/id/server/auth/moa-id-auth.iml b/id/server/auth/moa-id-auth.iml index f61dfa171..b8b4208b8 100644 --- a/id/server/auth/moa-id-auth.iml +++ b/id/server/auth/moa-id-auth.iml @@ -14,8 +14,8 @@ - - + + @@ -96,19 +96,10 @@ - + - - - - - - - - - - + @@ -134,12 +125,12 @@ - + diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml index 987ae1951..c17722df0 100644 --- a/id/server/auth/pom.xml +++ b/id/server/auth/pom.xml @@ -79,8 +79,13 @@ MOA.id.server moa-id-lib - - + + eu.stork + oasis-dss-api + 1.0.0-SNAPSHOT + + + iaik.prod iaik_jce_full diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml index cf1b34b4b..d995f23af 100644 --- a/id/server/idserverlib/moa-id-lib.iml +++ b/id/server/idserverlib/moa-id-lib.iml @@ -1,8 +1,8 @@ - - + + @@ -43,20 +43,7 @@ - - - - - - - - - - - - - - + @@ -88,12 +75,12 @@ - + @@ -111,6 +98,7 @@ + @@ -120,6 +108,7 @@ + @@ -145,6 +134,8 @@ + + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index ce5aa15c3..6f6d9611a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -125,7 +125,7 @@ import at.gv.util.xsd.srzgw.MISType; import at.gv.util.xsd.srzgw.MISType.Filters; import eu.stork.oasisdss.api.AdditionalProfiles; import eu.stork.oasisdss.api.ApiUtils; -import eu.stork.oasisdss.api.ApiUtilsException; +import eu.stork.oasisdss.api.exceptions.ApiUtilsException; import eu.stork.oasisdss.api.Profiles; import eu.stork.oasisdss.api.QualityLevels; import eu.stork.oasisdss.api.SignatureTypes; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 84831a7b5..10cdcba6c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -62,7 +62,12 @@ public class AttributeCollector implements IAction { this.httpResp = httpResp; - // find the attribute provider plugin that can handle the response + // read configuration parameters of OA + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + + // find the attribute provider plugin that can handle the response IPersonalAttributeList newAttributes = null; for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) try { @@ -167,7 +172,7 @@ public class AttributeCollector implements IAction { } catch (Exception e1) { // TODO should we return the response as is to the PEPS? Logger.error("Error putting incomplete Stork response into temporary storage", e); - throw new MOAIDException("stork.11", An Introduction to Knowledge Engineeringnull); + throw new MOAIDException("stork.11", null); } return "12345"; // TODO what to do here? diff --git a/id/server/moa-id-commons/moa-id-commons.iml b/id/server/moa-id-commons/moa-id-commons.iml index 08d15d746..8ded8b94a 100644 --- a/id/server/moa-id-commons/moa-id-commons.iml +++ b/id/server/moa-id-commons/moa-id-commons.iml @@ -26,8 +26,8 @@ - - + + @@ -71,9 +71,6 @@ - - - diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml index 9a3cf4f7c..055a67bf4 100644 --- a/id/server/moa-id-commons/pom.xml +++ b/id/server/moa-id-commons/pom.xml @@ -1,235 +1,260 @@ - - 4.0.0 - - MOA.id - moa-id - 1.9.98-SNAPSHOT - - moa-id-commons - moa-id-commons - MOA.id.server - - - - hyberjaxb - http://repository.highsource.org/maven2/releases/ - true - - - JBoss IAIK - http://nexus.iaik.tugraz.at/nexus/content/repositories/nexus/ - - - - - - - org.hibernate - hibernate-core - 4.2.1.Final - - - org.hibernate - hibernate-c3p0 - 4.2.1.Final - - - org.hibernate - hibernate-entitymanager - 4.2.1.Final - - - - org.apache.commons - commons-lang3 - 3.1 - - - MOA - moa-common - jar - + + 4.0.0 + + MOA.id + moa-id + 1.9.98-SNAPSHOT + + moa-id-commons + moa-id-commons + MOA.id.server - - - - org.hibernate.javax.persistence - hibernate-jpa-2.0-api - 1.0.1.Final - - - - org.jvnet.hyperjaxb3 - hyperjaxb3-ejb-runtime - 0.5.6 - - - org.jvnet.hyperjaxb3 - maven-hyperjaxb3-plugin - 0.5.6 - - - mysql - mysql-connector-java - 5.1.25 - - - - - install - - - - src/main/resources/config - - **/*.java - - - - target/generated-sources/xjc - - **/*.java - - - - - - - org.apache.maven.plugins - maven-compiler-plugin - - 1.5 - 1.5 - - - - org.apache.maven.plugins - maven-jar-plugin - - true - true - - false - - - - - - test-jar - - - - - - - org.jvnet.hyperjaxb3 - maven-hyperjaxb3-plugin - 0.5.6 - - - - generate - - - - - true - src/main/resources/config - src/main/resources/config - src/main/resources/config/persistence_template.xml - at.gv.egovernment.moa.id.commons.db.dao.config - - - - true - maven-compiler-plugin - 2.0.2 - - 1.5 - 1.5 - - - - - org.apache.maven.plugins - maven-javadoc-plugin - 2.5 - - UTF-8 - UTF-8 - true - false - false - true - at.gv.egovernment.moa.spss.server.*;at.gv.egovernment.moa.spss.api.impl.*;at.gv.egovernment.moa.spss.impl.* - - - pre - a - Preconditions: - - - post - a - Postconditions: - - - - http://java.sun.com/j2se/1.4/docs/api/ - http://java.sun.com/j2se/1.5.0/docs/api/ - http://logging.apache.org/log4j/docs/api/ - - 1.5 - - - - generate-javadoc - package - - jar - - - - - - - - - - org.eclipse.m2e - lifecycle-mapping - 1.0.0 - - - - - - - org.jvnet.hyperjaxb3 - - - maven-hyperjaxb3-plugin - - - [0.5.6,) - - - generate - - - - - - - - - - - - - + + + hyberjaxb + http://repository.highsource.org/maven2/releases/ + + true + + + + JBoss IAIK + http://nexus.iaik.tugraz.at/nexus/content/repositories/nexus/ + + + + + + + org.hibernate + hibernate-core + 4.2.1.Final + + + org.hibernate + hibernate-c3p0 + 4.2.1.Final + + + org.hibernate + hibernate-entitymanager + 4.2.1.Final + + + + org.apache.commons + commons-lang3 + 3.1 + + + MOA + moa-common + jar + + + + + + org.hibernate.javax.persistence + hibernate-jpa-2.0-api + 1.0.1.Final + + + + org.jvnet.hyperjaxb3 + hyperjaxb3-ejb-runtime + 0.5.6 + + + org.slf4j + slf4j-api + + + org.slf4j + slf4j-log4j12 + + + + + org.jvnet.hyperjaxb3 + maven-hyperjaxb3-plugin + 0.5.6 + + + org.slf4j + slf4j-api + + + org.slf4j + slf4j-log4j12 + + + + + mysql + mysql-connector-java + 5.1.25 + + + + + install + + + + src/main/resources/config + + **/*.java + + + + target/generated-sources/xjc + + **/*.java + + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + 1.5 + 1.5 + + + + org.apache.maven.plugins + maven-jar-plugin + + true + true + + false + + + + + + test-jar + + + + + + + org.jvnet.hyperjaxb3 + maven-hyperjaxb3-plugin + 0.5.6 + + + + generate + + + + + true + src/main/resources/config + src/main/resources/config + src/main/resources/config/persistence_template.xml + at.gv.egovernment.moa.id.commons.db.dao.config + + + + true + maven-compiler-plugin + 2.0.2 + + 1.5 + 1.5 + + + + + org.apache.maven.plugins + maven-javadoc-plugin + 2.5 + + UTF-8 + UTF-8 + true + false + false + true + + at.gv.egovernment.moa.spss.server.*;at.gv.egovernment.moa.spss.api.impl.*;at.gv.egovernment.moa.spss.impl.* + + + + pre + a + Preconditions: + + + post + a + Postconditions: + + + + http://java.sun.com/j2se/1.4/docs/api/ + http://java.sun.com/j2se/1.5.0/docs/api/ + http://logging.apache.org/log4j/docs/api/ + + 1.5 + + + + generate-javadoc + package + + jar + + + + + + + + + + org.eclipse.m2e + lifecycle-mapping + 1.0.0 + + + + + + + org.jvnet.hyperjaxb3 + + + maven-hyperjaxb3-plugin + + + [0.5.6,) + + + generate + + + + + + + + + + + + + \ No newline at end of file diff --git a/id/server/proxy/moa-id-proxy.iml b/id/server/proxy/moa-id-proxy.iml index 86fa1b292..936460e23 100644 --- a/id/server/proxy/moa-id-proxy.iml +++ b/id/server/proxy/moa-id-proxy.iml @@ -13,8 +13,8 @@ - - + + @@ -96,16 +96,7 @@ - - - - - - - - - - + @@ -131,12 +122,12 @@ - + -- cgit v1.2.3 From 7f1c5affaa9358bef6995371dc08c8f0c981a849 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 4 Mar 2014 20:06:41 +0100 Subject: resolving problems related to commons and slf4j libraries --- id/ConfigWebTool/ConfigurationInterface.iml | 10 ++++----- id/pom.xml | 32 +++++++++++++++++++++++++++++ id/server/auth/moa-id-auth.iml | 10 ++++----- id/server/idserverlib/pom.xml | 28 ++++++++++++++++++++++++- id/server/moa-id-commons/moa-id-commons.iml | 5 +++++ id/server/moa-id.iml | 4 ++-- id/server/proxy/moa-id-proxy.iml | 10 ++++----- id/templates/moa-id-templates.iml | 4 ++-- 8 files changed, 83 insertions(+), 20 deletions(-) (limited to 'id') diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml index 43790145b..742f8df89 100644 --- a/id/ConfigWebTool/ConfigurationInterface.iml +++ b/id/ConfigWebTool/ConfigurationInterface.iml @@ -58,6 +58,11 @@ + + + + + @@ -119,11 +124,6 @@ - - - - - diff --git a/id/pom.xml b/id/pom.xml index db4ee137e..bd3344638 100644 --- a/id/pom.xml +++ b/id/pom.xml @@ -24,4 +24,36 @@ UTF-8 + + + + maven-enforcer-plugin + 1.1.1 + + + enforce-banned-dependencies + + enforce + + + + + true + + + org.slf4j:1.5* + org.slf4j:1.6* + + + + + true + + + + + + + diff --git a/id/server/auth/moa-id-auth.iml b/id/server/auth/moa-id-auth.iml index b8b4208b8..043374bc0 100644 --- a/id/server/auth/moa-id-auth.iml +++ b/id/server/auth/moa-id-auth.iml @@ -53,6 +53,11 @@ + + + + + @@ -91,11 +96,6 @@ - - - - - diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml index cca543a26..82a42cb8c 100644 --- a/id/server/idserverlib/pom.xml +++ b/id/server/idserverlib/pom.xml @@ -151,7 +151,33 @@ provided - + + + + org.slf4j + slf4j-api + 1.7.5 + + + org.slf4j + slf4j-simple + 1.7.5 + + + org.slf4j + jcl-over-slf4j + 1.7.5 + + + org.slf4j + log4j-over-slf4j + 1.7.5 + + + org.slf4j + jul-to-slf4j + 1.7.5 + junit diff --git a/id/server/moa-id-commons/moa-id-commons.iml b/id/server/moa-id-commons/moa-id-commons.iml index 8ded8b94a..ef994abd3 100644 --- a/id/server/moa-id-commons/moa-id-commons.iml +++ b/id/server/moa-id-commons/moa-id-commons.iml @@ -56,6 +56,11 @@ + + + + + diff --git a/id/server/moa-id.iml b/id/server/moa-id.iml index 567359474..c418d6693 100644 --- a/id/server/moa-id.iml +++ b/id/server/moa-id.iml @@ -1,8 +1,8 @@ - - + + diff --git a/id/server/proxy/moa-id-proxy.iml b/id/server/proxy/moa-id-proxy.iml index 936460e23..e61d841ce 100644 --- a/id/server/proxy/moa-id-proxy.iml +++ b/id/server/proxy/moa-id-proxy.iml @@ -50,6 +50,11 @@ + + + + + @@ -88,11 +93,6 @@ - - - - - diff --git a/id/templates/moa-id-templates.iml b/id/templates/moa-id-templates.iml index 0ecf962d0..3b8b05541 100644 --- a/id/templates/moa-id-templates.iml +++ b/id/templates/moa-id-templates.iml @@ -13,8 +13,8 @@ - - + + -- cgit v1.2.3 From 55885d24e176c92b97af233796189c8b2cc88808 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 4 Mar 2014 20:16:23 +0100 Subject: attr --- .../moa/id/protocols/stork2/AttributeCollector.java | 15 +++++++-------- .../moa/id/protocols/stork2/MISAttributeProvider.java | 2 +- 2 files changed, 8 insertions(+), 9 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 10cdcba6c..e816725c8 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -48,9 +48,8 @@ import eu.stork.peps.auth.commons.PersonalAttribute; public class AttributeCollector implements IAction { /** - * The Constant ARTIFACT_ID. - */ - private static final String ARTIFACT_ID = "artifactId"; + /** The Constant ARTIFACT_ID. */ + private static final String ARTIFACT_ID = "artifactId"; private DataContainer container; private HttpServletResponse httpResp; @@ -62,12 +61,12 @@ public class AttributeCollector implements IAction { this.httpResp = httpResp; - // read configuration parameters of OA - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + // read configuration parameters of OA + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); - // find the attribute provider plugin that can handle the response + // find the attribute provider plugin that can handle the response IPersonalAttributeList newAttributes = null; for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) try { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java index 8cdbfd37c..ec38db513 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java @@ -26,7 +26,7 @@ public class MISAttributeProvider implements AttributeProvider { if (attributes.getName().equals("residencePermit")) { Logger.error("MIS EXCEPTION: " + attributes.getName()); - throw new ExternalAttributeRequestRequiredException(this); + //throw new ExternalAttributeRequestRequiredException(this); } return null; // -- cgit v1.2.3 From eb32824288778c0fd427dbcbf826c8d9c16596b2 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 4 Mar 2014 20:26:15 +0100 Subject: after merge ap --- id/server/moa-id-commons/moa-id-commons.iml | 1 + 1 file changed, 1 insertion(+) (limited to 'id') diff --git a/id/server/moa-id-commons/moa-id-commons.iml b/id/server/moa-id-commons/moa-id-commons.iml index ef994abd3..3bd426fc3 100644 --- a/id/server/moa-id-commons/moa-id-commons.iml +++ b/id/server/moa-id-commons/moa-id-commons.iml @@ -37,6 +37,7 @@ + -- cgit v1.2.3 From 458a579978fa4fd0718c754bb8b6ca41f82d8145 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 4 Mar 2014 20:33:36 +0100 Subject: after chaning --- .../id/protocols/stork2/AttributeCollector.java | 58 +--------------------- id/server/moa-id-commons/moa-id-commons.iml | 1 - 2 files changed, 2 insertions(+), 57 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 72dddee88..0317322ee 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -15,25 +15,6 @@ import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.logging.Logger; -<<<<<<< HEAD - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; -import eu.stork.peps.auth.commons.STORKAuthnRequest; -import eu.stork.peps.auth.commons.STORKAuthnResponse; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; -======= import eu.stork.peps.auth.commons.IPersonalAttributeList; import eu.stork.peps.auth.commons.PEPSUtil; import eu.stork.peps.auth.commons.PersonalAttribute; @@ -47,7 +28,6 @@ import org.opensaml.common.impl.SecureRandomIdentifierGenerator; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; ->>>>>>> origin/bs_3_fr /** * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins. @@ -56,7 +36,6 @@ import javax.servlet.http.HttpServletResponse; * interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes. * * TODO how do we treat mandatory and optional attributes? - * */ public class AttributeCollector implements IAction { @@ -70,8 +49,6 @@ public class AttributeCollector implements IAction { */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { -<<<<<<< HEAD -======= // - fetch the container String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); DataContainer container; @@ -82,7 +59,6 @@ public class AttributeCollector implements IAction { throw new MOAIDException("stork.11", null); } ->>>>>>> origin/bs_3_fr // read configuration parameters of OA OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(container.getRequest().getAssertionConsumerServiceURL()); if (oaParam == null) @@ -107,33 +83,20 @@ public class AttributeCollector implements IAction { Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); } -<<<<<<< HEAD - // - fetch the container - String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); - DataContainer container; - try { - container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); - } catch (MOADatabaseException e) { - Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); - throw new MOAIDException("stork.11", null); - } - -======= ->>>>>>> origin/bs_3_fr // - insert the embedded attribute(s) into the container addOrUpdateAll(container.getResponse().getPersonalAttributeList(), newAttributes); // see if we need some more attributes return processRequest(container, httpReq, httpResp, moasession, oaParam); } - + /** * Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch, * this very method creates and sends the protocol result to the asking S-PEPS. * * @param container the {@link DataContainer} representing the status of the overall query. * @return the string - * @throws MOAIDException + * @throws MOAIDException */ public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException { // check if there are attributes we need to fetch @@ -199,11 +162,7 @@ public class AttributeCollector implements IAction { AssertionStorage.getInstance().put(newArtifactId, container); // add container-key to redirect embedded within the return URL -<<<<<<< HEAD - e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/dispatcher?mod=id_stork2&action=AttributeCollector&" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); -======= e.getAp().performRedirect(AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/stork2/ResumeAuthentication?" + ARTIFACT_ID + "=" + newArtifactId, container.getRequest().getSpCountry(), request, response, oaParam); ->>>>>>> origin/bs_3_fr } catch (Exception e1) { // TODO should we return the response as is to the PEPS? @@ -222,13 +181,8 @@ public class AttributeCollector implements IAction { * @throws MOAIDException the mOAID exception */ private void generateSTORKResponse(DataContainer container) throws MOAIDException { -<<<<<<< HEAD - STORKAuthnResponse authnResponse = container.getResponse(); - STORKAuthnRequest authnRequest = container.getRequest(); -======= MOASTORKRequest request = container.getRequest(); MOASTORKResponse response = container.getResponse(); ->>>>>>> origin/bs_3_fr try { //Get SAMLEngine instance @@ -247,14 +201,6 @@ public class AttributeCollector implements IAction { } Logger.info("STORK SAML Response message succesfully generated "); -<<<<<<< HEAD - Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); - Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); - Logger.debug("authn saml encodedx: " + PEPSUtil.encodeSAMLToken(authnResponse.getTokenSaml())); - - container.setResponse(authnResponse); -======= ->>>>>>> origin/bs_3_fr } /** diff --git a/id/server/moa-id-commons/moa-id-commons.iml b/id/server/moa-id-commons/moa-id-commons.iml index 3bd426fc3..ef994abd3 100644 --- a/id/server/moa-id-commons/moa-id-commons.iml +++ b/id/server/moa-id-commons/moa-id-commons.iml @@ -37,7 +37,6 @@ - -- cgit v1.2.3 From 683209b2aabf589e1e22ed9cb7c69d6e76442bb0 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Tue, 4 Mar 2014 20:40:29 +0100 Subject: after merging, inspecting, fixing, tbc. --- .../moa/id/protocols/stork2/STORKProtocol.java | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) (limited to 'id') diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 5e9d50221..a361d5f67 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -1,6 +1,5 @@ package at.gv.egovernment.moa.id.protocols.stork2; -import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; @@ -105,20 +104,6 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); -<<<<<<< HEAD - } catch (ClassCastException e) { - Logger.error("Could not extract authenticaiton request"); - } - - - // check if a valid attr request is containerd - try { - attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken); - } catch (STORKSAMLEngineException ex) { - Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); - } catch (ClassCastException e) { - Logger.error("Could not extract attribute request"); -======= } catch(ClassCastException e) { // we do not have a authnRequest // check if a valid attr request is container @@ -127,8 +112,8 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } ->>>>>>> origin/bs_3_fr } + // if there is no authn or attr request, raise error if ((authnRequest == null) && (attrRequest == null)) { Logger.error("There is no authentication or attribute request contained."); -- cgit v1.2.3 From 58c8a91c173ce699b8014e4f81fa195bfa37d246 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 5 Mar 2014 19:28:25 +0100 Subject: land selection change --- .../moa/id/configuration/Constants.java | 17 +- .../id/configuration/data/oa/OAGeneralConfig.java | 37 +- .../configuration/struts/action/EditOAAction.java | 2619 ++++++++++---------- .../main/resources/applicationResources.properties | 3 + id/ConfigWebTool/src/main/webapp/js/common.js | 25 +- .../src/main/webapp/jsp/editOAGeneral.jsp | 43 +- .../src/main/resources/config/moaid_config_2.0.xsd | 6 +- 7 files changed, 1410 insertions(+), 1340 deletions(-) (limited to 'id') diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java index b963890af..79a966b81 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java @@ -69,7 +69,8 @@ public class Constants { public static final String BKU_HANDY = "bkuhandy"; public static final String MOA_CONFIG_BUSINESSSERVICE = "businessService"; - public static final String MOA_CONFIG_PROTOCOL_SAML1 = "id_saml1"; + public static final String MOA_CONFIG_STORKSERVICE = "storkService"; + public static final String MOA_CONFIG_PROTOCOL_SAML1 = "id_saml1"; public static final String MOA_CONFIG_PROTOCOL_PVP2 = "id_pvp2x"; public static final String MOA_CONFIG_PROTOCOL_STORK2 = "id_stork2"; @@ -82,20 +83,24 @@ public class Constants { public static final String IDENIFICATIONTYPE_FN = "FN"; public static final String IDENIFICATIONTYPE_ERSB = "ERSB"; public static final String IDENIFICATIONTYPE_ZVR = "ZVR"; - public static final String IDENIFICATIONTYPE_BASEID = "urn:publicid:gv.at:baseid+"; + public static final String IDENIFICATIONTYPE_STORK = "STORK"; + public static final String IDENIFICATIONTYPE_BASEID = "urn:publicid:gv.at:baseid+"; public static final String IDENIFICATIONTYPE_BASEID_FN = IDENIFICATIONTYPE_BASEID + "X" + IDENIFICATIONTYPE_FN; public static final String IDENIFICATIONTYPE_BASEID_ZVR = IDENIFICATIONTYPE_BASEID + "X" + IDENIFICATIONTYPE_ZVR; public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+"; - - public static final Map BUSINESSSERVICENAMES; + public static final String PREFIX_STORK = "urn:publicid:gv.at:storkid+"; + + + public static final Map BUSINESSSERVICENAMES; static { Hashtable tmp = new Hashtable(); tmp.put(IDENIFICATIONTYPE_FN, "Firmenbuchnummer"); tmp.put(IDENIFICATIONTYPE_ZVR, "Vereinsnummer"); tmp.put(IDENIFICATIONTYPE_ERSB, "ERsB Kennzahl"); - - BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp); + tmp.put(IDENIFICATIONTYPE_STORK, "STORK"); + + BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp); } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index ba58701fc..495444db1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -58,17 +58,19 @@ public class OAGeneralConfig { private String friendlyName = null; private boolean businessService = false; - - private String target = null; + private boolean storkService = false; + + private String target = null; private String target_subsector = null; private String target_admin = null; private static List targetList = null; private String targetFriendlyName = null; private boolean isAdminTarget = false; - + private String identificationNumber = null; private String identificationType = null; private static List identificationTypeList = null; + private String storkSPTargetCountry = null; private String aditionalAuthBlockText = null; @@ -159,8 +161,17 @@ public class OAGeneralConfig { businessService = true; else businessService = false; - - AuthComponentOA oaauth = dbOAConfig.getAuthComponentOA(); + + if (dbOAConfig.getType().equals(Constants.MOA_CONFIG_STORKSERVICE)) + storkService = true; + else + storkService = false; + + if (dbOAConfig.getStorkSPTargetCountry() != null) + storkSPTargetCountry = dbOAConfig.getStorkSPTargetCountry(); + + + AuthComponentOA oaauth = dbOAConfig.getAuthComponentOA(); if (oaauth != null) { BKUURLS bkuurls = oaauth.getBKUURLS(); @@ -301,6 +312,14 @@ public class OAGeneralConfig { return identificationNumber; } + public String getStorkSPTargetCountry() { + return storkSPTargetCountry; + } + + public void setStorkSPTargetCountry(String storkSPTargetCountry) { + this.storkSPTargetCountry = storkSPTargetCountry; + } + public void setIdentificationNumber(String identificationNumber) { this.identificationNumber = identificationNumber; } @@ -341,6 +360,14 @@ public class OAGeneralConfig { return businessService; } + public boolean isStorkService() { + return storkService; + } + + public void setStorkService(boolean storkService) { + this.storkService = storkService; + } + public void setBusinessService(boolean businessService) { this.businessService = businessService; } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 99bdfdc9c..4a0bf744a 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -22,1337 +22,1330 @@ *******************************************************************************/ package at.gv.egovernment.moa.id.configuration.struts.action; -import iaik.utils.URLDecoder; - -import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.math.BigInteger; -import java.security.cert.CertificateException; -import java.util.ArrayList; -import java.util.Date; -import java.util.HashMap; -import java.util.Iterator; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.log4j.Logger; -import org.apache.struts2.interceptor.ServletRequestAware; -import org.apache.struts2.interceptor.ServletResponseAware; - import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead; import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils; -import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA; -import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType; -import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS; -import at.gv.egovernment.moa.id.commons.db.dao.config.DefaultBKUs; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration; -import at.gv.egovernment.moa.id.commons.db.dao.config.MOAKeyBoxSelector; -import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASAML1; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASSO; -import at.gv.egovernment.moa.id.commons.db.dao.config.OASTORK; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication; -import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplicationType; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType; -import at.gv.egovernment.moa.id.commons.db.dao.config.TemplatesType; -import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType; -import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase; +import at.gv.egovernment.moa.id.commons.db.dao.config.*; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; import at.gv.egovernment.moa.id.configuration.Constants; import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser; import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider; import at.gv.egovernment.moa.id.configuration.data.FormularCustomization; -import at.gv.egovernment.moa.id.configuration.data.oa.OAGeneralConfig; -import at.gv.egovernment.moa.id.configuration.data.oa.OAOAuth20Config; -import at.gv.egovernment.moa.id.configuration.data.oa.OAPVP2Config; -import at.gv.egovernment.moa.id.configuration.data.oa.OASAML1Config; -import at.gv.egovernment.moa.id.configuration.data.oa.OASSOConfig; -import at.gv.egovernment.moa.id.configuration.data.oa.OASTORKConfig; +import at.gv.egovernment.moa.id.configuration.data.oa.*; import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException; import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper; import at.gv.egovernment.moa.id.configuration.helper.MailHelper; import at.gv.egovernment.moa.id.configuration.validation.FormularCustomizationValitator; import at.gv.egovernment.moa.id.configuration.validation.TargetValidator; import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper; -import at.gv.egovernment.moa.id.configuration.validation.oa.OAFileUploadValidation; -import at.gv.egovernment.moa.id.configuration.validation.oa.OAGeneralConfigValidation; -import at.gv.egovernment.moa.id.configuration.validation.oa.OAOAUTH20ConfigValidation; -import at.gv.egovernment.moa.id.configuration.validation.oa.OAPVP2ConfigValidation; -import at.gv.egovernment.moa.id.configuration.validation.oa.OASAML1ConfigValidation; -import at.gv.egovernment.moa.id.configuration.validation.oa.OASSOConfigValidation; -import at.gv.egovernment.moa.id.configuration.validation.oa.OASTORKConfigValidation; +import at.gv.egovernment.moa.id.configuration.validation.oa.*; import at.gv.egovernment.moa.id.util.FormBuildUtils; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.util.MiscUtil; - import com.opensymphony.xwork2.ActionSupport; +import iaik.utils.URLDecoder; +import org.apache.log4j.Logger; +import org.apache.struts2.interceptor.ServletRequestAware; +import org.apache.struts2.interceptor.ServletResponseAware; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import java.io.*; +import java.math.BigInteger; +import java.security.cert.CertificateException; +import java.util.*; public class EditOAAction extends ActionSupport implements ServletRequestAware, ServletResponseAware { - - private final Logger log = Logger.getLogger(EditOAAction.class); - - private static final long serialVersionUID = 1L; - - private HttpServletRequest request; - private HttpServletResponse response; - - private AuthenticatedUser authUser; - - private String oaidobj; - private boolean newOA; - private String formID; - - private boolean onlyBusinessService = false; - private boolean subTargetSet = false; - private boolean deaktivededBusinessService = false; - private boolean isMetaDataRefreshRequired = false; - - private String nextPage; - - private OAGeneralConfig generalOA = new OAGeneralConfig(); - private OAPVP2Config pvp2OA = new OAPVP2Config(); - private OASAML1Config saml1OA = new OASAML1Config(); - private OASSOConfig ssoOA = new OASSOConfig(); - private OAOAuth20Config oauth20OA = new OAOAuth20Config(); - private OASTORKConfig storkOA = new OASTORKConfig(); - private FormularCustomization formOA = new FormularCustomization(); - - private InputStream stream; - - private Map sendAssertionForm = new HashMap(); - private Map bkuSelectionForm = new HashMap(); - - // STRUTS actions - public String inital() { - HttpSession session = request.getSession(); - if (session == null) { - log.info("No http Session found."); - return Constants.STRUTS_ERROR; - } - - Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); - - authUser = (AuthenticatedUser) authUserObj; - - long oaid = -1; - - if (!ValidationHelper.validateOAID(oaidobj)) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - oaid = Long.valueOf(oaidobj); - - UserDatabase userdb = null; - OnlineApplication onlineapplication = null; - - if (authUser.isAdmin()) - onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); - - else { - userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); - return Constants.STRUTS_SUCCESS; - } - - // TODO: change to direct Database operation - List oas = userdb.getOnlineApplication(); - for (OnlineApplication oa : oas) { - if (oa.getHjid() == oaid) { - onlineapplication = oa; - break; - } - } - if (onlineapplication == null) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - } - - generalOA.parse(onlineapplication); - ssoOA.parse(onlineapplication); - saml1OA.parse(onlineapplication); - oauth20OA.parse(onlineapplication); - session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret()); - - storkOA.parse(onlineapplication); - - Map map = new HashMap(); - map.putAll(FormBuildUtils.getDefaultMap()); - formOA.parse(onlineapplication, map); - - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, map); - - List errors = pvp2OA.parse(onlineapplication); - - if (errors.size() > 0) { - for (String el : errors) - addActionError(el); - } - - subTargetSet = MiscUtil.isNotEmpty(generalOA.getTarget_subsector()); - - // set UserSpezific OA Parameters - if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); - - ConfigurationDBUtils.closeSession(); - session.setAttribute(Constants.SESSION_OAID, oaid); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - newOA = false; - - return Constants.STRUTS_OA_EDIT; - } - - public String newOA() { - log.debug("insert new Online-Application"); - - HttpSession session = request.getSession(); - if (session == null) { - log.info("No http Session found."); - return Constants.STRUTS_ERROR; - } - - session.setAttribute(Constants.SESSION_OAID, null); - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - - Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); - - authUser = (AuthenticatedUser) authUserObj; - - UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); - return Constants.STRUTS_SUCCESS; - } - - MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); - if (moaidconfig != null) { - DefaultBKUs defaultbkus = moaidconfig.getDefaultBKUs(); - if (defaultbkus != null) { - generalOA.setBkuHandyURL(defaultbkus.getHandyBKU()); - generalOA.setBkuLocalURL(defaultbkus.getLocalBKU()); - generalOA.setBkuOnlineURL(defaultbkus.getOnlineBKU()); - } - } - - // set UserSpezific OA Parameters - if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); - - ConfigurationDBUtils.closeSession(); - - newOA = true; - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - - session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); - - this.oauth20OA.generateClientSecret(); - session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret()); - - return Constants.STRUTS_OA_EDIT; - } - - public String saveOA() { - HttpSession session = request.getSession(); - if (session == null) { - log.info("No http Session found."); - return Constants.STRUTS_ERROR; - } - - Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); - authUser = (AuthenticatedUser) authUserObj; - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); - return Constants.STRUTS_SUCCESS; - } - - OnlineApplication onlineapplication = null; - List errors = new ArrayList(); - - Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); - Long oaid = (long) -1; - - if (oadbid != null) { - try { - oaid = (Long) oadbid; - if (oaid < 0 || oaid > Long.MAX_VALUE) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - - } - catch (Throwable t) { - addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); - return Constants.STRUTS_ERROR; - } - } - - // valid DBID and check entry - String oaidentifier = generalOA.getIdentifier(); - if (MiscUtil.isEmpty(oaidentifier)) { - log.info("Empty OA identifier"); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); - - } else { - - if (!ValidationHelper.validateURL(oaidentifier)) { - log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", - new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() })); - } else { - - if (oaid == -1) { - onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); - newOA = true; - if (onlineapplication != null) { - log.info("The OAIdentifier is not unique"); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); - } - - } else { - onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); - if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { - - if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) { - log.info("The OAIdentifier is not unique"); - errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); - } - } - } - } - } - - // set UserSpezific OA Parameters - if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); - - // check form - OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation(); - OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation(); - OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation(); - OASSOConfigValidation validatior_sso = new OASSOConfigValidation(); - OASTORKConfigValidation validator_stork = new OASTORKConfigValidation(); - FormularCustomizationValitator validator_form = new FormularCustomizationValitator(); - OAOAUTH20ConfigValidation validatior_oauth20 = new OAOAUTH20ConfigValidation(); - OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation(); - - errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin())); - errors.addAll(validatior_pvp2.validate(pvp2OA)); - errors.addAll(validatior_saml1.validate(saml1OA, generalOA)); - errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin())); - errors.addAll(validator_stork.validate(storkOA)); - errors.addAll(validator_form.validate(formOA)); - errors.addAll(validatior_oauth20.validate(oauth20OA)); - - //validate BKU-selection template - List templateError = valiator_fileUpload.validate(generalOA.getBkuSelectionFileUploadFileName() - , generalOA.getBkuSelectionFileUpload(), "validation.general.bkuselection", bkuSelectionForm); - if (templateError != null && templateError.size() == 0) { - if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) - session.setAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE, bkuSelectionForm); - - else - bkuSelectionForm = (Map) session.getAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); - - } else { - errors.addAll(templateError); - - } - - //validate send-assertion template - templateError = valiator_fileUpload.validate(generalOA.getSendAssertionFileUploadFileName() - , generalOA.getSendAssertionFileUpload(), "validation.general.sendassertion", sendAssertionForm); - if (templateError != null && templateError.size() == 0) { - if (sendAssertionForm != null && sendAssertionForm.size() > 0) - session.setAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE, sendAssertionForm); - - else - sendAssertionForm = (Map) session.getAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); - - } else { - errors.addAll(templateError); - - } - - - // Do not allow SSO in combination with special BKUSelection features - if (ssoOA.isUseSSO() && (formOA.isOnlyMandateAllowed() || !formOA.isShowMandateLoginButton())) { - log.warn("Special BKUSelection features can not be used in combination with SSO"); - errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.valid")); - } - - if (errors.size() > 0) { - log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors."); - for (String el : errors) - addActionError(el); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } else { - - boolean newentry = false; - - if (onlineapplication == null) { - onlineapplication = new OnlineApplication(); - newentry = true; - onlineapplication.setIsActive(false); - - if (!authUser.isAdmin()) { - onlineapplication.setIsAdminRequired(true); - - } else - isMetaDataRefreshRequired = true; - - } else { - if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(generalOA.getIdentifier())) { - - onlineapplication.setIsAdminRequired(true); - onlineapplication.setIsActive(false); - log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required."); - } - - } - - if ((onlineapplication.isIsAdminRequired() == null) - || (authUser.isAdmin() && generalOA.isActive() && onlineapplication.isIsAdminRequired())) { - - onlineapplication.setIsAdminRequired(false); - isMetaDataRefreshRequired = true; - - if (onlineapplication.getHjid() != null) userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid()); - - if (userdb != null && !userdb.isIsAdmin()) { - try { - MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(), - userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail()); - } - catch (ConfigurationException e) { - log.warn("Sending Mail to User " + userdb.getMail() + " failed", e); - } - } - } - - //save OA configuration - String error = saveOAConfigToDatabase(onlineapplication, newentry); - if (MiscUtil.isNotEmpty(error)) { - log.warn("OA configuration can not be stored!"); - addActionError(error); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - - //set metadata reload flag if reload is required - if (pvp2OA.getMetaDataURL() != null) { - - try { - if (isMetaDataRefreshRequired - || !pvp2OA.getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL()) - || pvp2OA.getFileUpload() != null - || pvp2OA.isReLoad()) { - - log.debug("Set PVP2 Metadata refresh flag."); - MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); - moaconfig.setPvp2RefreshItem(new Date()); - ConfigurationDBUtils.saveOrUpdate(moaconfig); - - } - } - catch (Throwable e) { - log.info("Found no MetadataURL in OA-Databaseconfig!", e); - } - - } - } - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - if (onlineapplication.isIsAdminRequired()) { - int numoas = 0; - int numusers = 0; - - List openOAs = ConfigurationDBRead.getAllNewOnlineApplications(); - if (openOAs != null) numoas = openOAs.size(); - - List openUsers = ConfigurationDBRead.getAllNewUsers(); - if (openUsers != null) numusers = openUsers.size(); - try { - - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", generalOA.getIdentifier(), request)); - - if (numusers > 0 || numoas > 0) MailHelper.sendAdminMail(numoas, numusers); - - } - catch (ConfigurationException e) { - log.warn("Sending Mail to Admin failed.", e); - } - - } else - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request)); - - //remove session attributes - session.setAttribute(Constants.SESSION_OAID, null); - session.removeAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); - session.removeAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); - - ConfigurationDBUtils.closeSession(); - return Constants.STRUTS_SUCCESS; - } - - public String cancleAndBackOA() { - - HttpSession session = request.getSession(); - if (session == null) { - log.info("No http Session found."); - return Constants.STRUTS_ERROR; - } - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - session.setAttribute(Constants.SESSION_RETURNAREA, null); - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - session.setAttribute(Constants.SESSION_OAID, null); - - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request)); - - ConfigurationDBUtils.closeSession(); - - return Constants.STRUTS_SUCCESS; - } - - public String deleteOA() { - HttpSession session = request.getSession(); - if (session == null) { - log.info("No http Session found."); - return Constants.STRUTS_ERROR; - } - - Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); - authUser = (AuthenticatedUser) authUserObj; - - Object formidobj = session.getAttribute(Constants.SESSION_FORMID); - if (formidobj != null && formidobj instanceof String) { - String formid = (String) formidobj; - if (!formid.equals(formID)) { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - } else { - log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() - + authUser.getGivenName() + authUser.getUserID()); - return Constants.STRUTS_ERROR; - } - session.setAttribute(Constants.SESSION_FORMID, null); - - Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); - if (nextPageAttr != null && nextPageAttr instanceof String) { - nextPage = (String) nextPageAttr; - - } else { - nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); - } - - UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { - log.info("Online-Applikation managemant disabled. Mail address is not verified."); - addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); - return Constants.STRUTS_SUCCESS; - } - - String oaidentifier = generalOA.getIdentifier(); - if (MiscUtil.isEmpty(oaidentifier)) { - log.info("Empty OA identifier"); - addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - - } else { - if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { - log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); - addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", - new Object[] { ValidationHelper.getNotValidOAIdentifierCharacters() })); - - formID = Random.nextRandom(); - session.setAttribute(Constants.SESSION_FORMID, formID); - return Constants.STRUTS_ERROR_VALIDATION; - } - } - - OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); - request.getSession().setAttribute(Constants.SESSION_OAID, null); - - try { - if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { - - MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); - moaconfig.setPvp2RefreshItem(new Date()); - ConfigurationDBUtils.saveOrUpdate(moaconfig); - - } - } - catch (Throwable e) { - log.info("Found no MetadataURL in OA-Databaseconfig!", e); - } - - if (ConfigurationDBUtils.delete(onlineapplication)) { - - if (!authUser.isAdmin()) { - UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - List useroas = user.getOnlineApplication(); - - for (OnlineApplicationType oa : useroas) { - if (oa.getHjid().equals(onlineapplication.getHjid())) { - useroas.remove(oa); - } - } - - try { - ConfigurationDBUtils.saveOrUpdate(user); - - } - catch (MOADatabaseException e) { - log.warn("User information can not be updated in database", e); - addActionError(LanguageHelper.getGUIString("error.db.oa.store", request)); - return Constants.STRUTS_ERROR; - } - } - - ConfigurationDBUtils.closeSession(); - - addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", generalOA.getIdentifier(), request)); - - return Constants.STRUTS_SUCCESS; - - } else { - ConfigurationDBUtils.closeSession(); - addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request)); - return Constants.STRUTS_SUCCESS; - } - - } - - public String bkuFramePreview() { - - String preview = null; - - HttpSession session = request.getSession(); - if (session == null) { - log.info("No http Session found."); - preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible"); - - } else { - InputStream input = null; - - try { - Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW); - if (mapobj != null && mapobj instanceof Map) { - - ConfigurationProvider config = ConfigurationProvider.getInstance(); - String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR - + ConfigurationProvider.HTMLTEMPLATE_FILE; - - File file = new File(templateURL); - input = new FileInputStream(file); - - String contextpath = config.getMOAIDInstanceURL(); - if (MiscUtil.isEmpty(contextpath)) { - log.info("NO MOA-ID instance URL configurated."); - throw new ConfigurationException("No MOA-ID instance configurated"); - } - - preview = LoginFormBuilder.getTemplate(input); - preview = preview.replace(LoginFormBuilder.CONTEXTPATH, contextpath); - - Map map = (Map) mapobj; - - request.setCharacterEncoding("UTF-8"); - - String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE); - String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE); - - if (value != null) { - String[] query = URLDecoder.decode(request.getQueryString()).split("&"); - value = query[1].substring("value=".length()); - } - - synchronized (map) { - - if (MiscUtil.isNotEmpty(module)) { - if (map.containsKey("#" + module + "#")) { - if (MiscUtil.isNotEmpty(value)) { - if (FormBuildUtils.FONTFAMILY.contains(module) || FormBuildUtils.HEADER_TEXT.contains(module) - || value.startsWith("#")) - map.put("#" + module + "#", value); - else - map.put("#" + module + "#", "#" + value); - - } else { - map.put("#" + module + "#", FormBuildUtils.getDefaultMap().get("#" + module + "#")); - } - } - } - preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map, true); - } - - } else { - preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible"); - - } - - } - catch (Exception e) { - log.warn("BKUSelection Preview can not be generated.", e); - preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible"); - - } - } - - stream = new ByteArrayInputStream(preview.getBytes()); - - return Constants.STRUTS_SUCCESS; - } - - private String saveOAConfigToDatabase(OnlineApplication dboa, boolean newentry) { - - AuthComponentOA authoa = dboa.getAuthComponentOA(); - if (authoa == null) { - authoa = new AuthComponentOA(); - dboa.setAuthComponentOA(authoa); - } - - if (authUser.isAdmin()) dboa.setIsActive(generalOA.isActive()); - - dboa.setFriendlyName(generalOA.getFriendlyName()); - dboa.setCalculateHPI(generalOA.isCalculateHPI()); - dboa.setRemoveBPKFromAuthBlock(generalOA.isHideBPKAuthBlock()); - - if (authUser.isAdmin()) - dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier())); - else { - if (newentry) dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR); - } - - dboa.setPublicURLPrefix(generalOA.getIdentifier()); - - if (generalOA.isBusinessService() || onlyBusinessService) { - - dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); - - String num = generalOA.getIdentificationNumber().replaceAll(" ", ""); - if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { - num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); - - num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); - - // num = StringUtils.leftPad(num, 7, '0'); - } - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); - - if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); - - IdentificationNumber idnumber = new IdentificationNumber(); - idnumber.setValue(Constants.PREFIX_WPBK + generalOA.getIdentificationType() + "+" + num); - idnumber.setType(Constants.BUSINESSSERVICENAMES.get(generalOA.getIdentificationType())); - - authoa.setIdentificationNumber(idnumber); - - } else { - dboa.setType(null); - - if (authUser.isAdmin()) { - if (MiscUtil.isNotEmpty(generalOA.getTarget_admin()) && generalOA.isAdminTarget()) { - dboa.setTarget(generalOA.getTarget_admin()); - dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName()); - - } else { - - String target = generalOA.getTarget(); - - if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet) - dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); - else - dboa.setTarget(target); - - String targetname = TargetValidator.getTargetFriendlyName(target); - if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname); - - } - - } else { - - if (MiscUtil.isNotEmpty(generalOA.getTarget())) { - - String target = generalOA.getTarget(); - - if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet) - dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); - - else - dboa.setTarget(target); - - String targetname = TargetValidator.getTargetFriendlyName(target); - if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname); - - } - } - } - - //store BKU-URLs - BKUURLS bkuruls = new BKUURLS(); - authoa.setBKUURLS(bkuruls); - if (authUser.isAdmin()) { - bkuruls.setHandyBKU(generalOA.getBkuHandyURL()); - bkuruls.setLocalBKU(generalOA.getBkuLocalURL()); - bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL()); - } - - TemplatesType templates = authoa.getTemplates(); - if (templates == null) { - templates = new TemplatesType(); - authoa.setTemplates(templates); - } - - //store BKU-selection and send-assertion templates - if (authUser.isAdmin()) { - - if(generalOA.isDeleteBKUTemplate()) - templates.setBKUSelectionTemplate(null); - - if (generalOA.isDeleteSendAssertionTemplate()) - templates.setSendAssertionTemplate(null); - - - if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) { - TransformsInfoType template = new TransformsInfoType(); - - Iterator interator = bkuSelectionForm.keySet().iterator(); - template.setFilename(interator.next()); - template.setTransformation(bkuSelectionForm.get( - template.getFilename())); - - templates.setBKUSelectionTemplate(template); - } - - if (sendAssertionForm != null && sendAssertionForm.size() > 0) { - TransformsInfoType template = new TransformsInfoType(); - - Iterator interator = sendAssertionForm.keySet().iterator(); - template.setFilename(interator.next()); - template.setTransformation(sendAssertionForm.get( - template.getFilename())); - - templates.setSendAssertionTemplate(template); - } - } - - - //store BKU-selection customization - BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization(); - if (bkuselectioncustom == null) { - bkuselectioncustom = new BKUSelectionCustomizationType(); - templates.setBKUSelectionCustomization(bkuselectioncustom); - } - - Mandates mandates = new Mandates(); - if (generalOA.isUseMandates()) { - mandates.setProfiles(generalOA.getMandateProfiles()); - - } else { - mandates.setProfiles(new String()); - } - - authoa.setMandates(mandates); - bkuselectioncustom.setMandateLoginButton(MiscUtil.isNotEmpty(generalOA.getMandateProfiles())); - bkuselectioncustom.setOnlyMandateLoginAllowed(formOA.isOnlyMandateAllowed()); - - if (authUser.isAdmin()) { - templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText()); - - List template = templates.getTemplate(); - if (generalOA.isLegacy()) { - - if (template == null) - template = new ArrayList(); - else - template.clear(); - - if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) { - TemplateType el = new TemplateType(); - el.setURL(generalOA.getSLTemplateURL1()); - template.add(el); - } else - template.add(new TemplateType()); - if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) { - TemplateType el = new TemplateType(); - el.setURL(generalOA.getSLTemplateURL2()); - template.add(el); - }else - template.add(new TemplateType()); - if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) { - TemplateType el = new TemplateType(); - el.setURL(generalOA.getSLTemplateURL3()); - template.add(el); - }else - template.add(new TemplateType()); - - } else { - if (template != null && template.size() > 0) template.clear(); - } - - bkuselectioncustom.setBackGroundColor(parseColor(formOA.getBackGroundColor())); - bkuselectioncustom.setFrontColor(parseColor(formOA.getFrontColor())); - - bkuselectioncustom.setHeaderBackGroundColor(parseColor(formOA.getHeader_BackGroundColor())); - bkuselectioncustom.setHeaderFrontColor(parseColor(formOA.getHeader_FrontColor())); - bkuselectioncustom.setHeaderText(formOA.getHeader_text()); - - bkuselectioncustom.setButtonBackGroundColor(parseColor(formOA.getButton_BackGroundColor())); - bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(formOA.getButton_BackGroundColorFocus())); - bkuselectioncustom.setButtonFontColor(parseColor(formOA.getButton_FrontColor())); - - if (MiscUtil.isNotEmpty(formOA.getAppletRedirectTarget())) - bkuselectioncustom.setAppletRedirectTarget(formOA.getAppletRedirectTarget()); - - bkuselectioncustom.setFontType(formOA.getFontType()); - - bkuselectioncustom.setAppletHeight(formOA.getApplet_height()); - bkuselectioncustom.setAppletWidth(formOA.getApplet_width()); - - } - - // set default transformation if it is empty - List transformsInfo = authoa.getTransformsInfo(); - if (transformsInfo == null) { - // TODO: set OA specific transformation if it is required - - } - - OAPVP2 pvp2 = authoa.getOAPVP2(); - if (pvp2 == null) { - pvp2 = new OAPVP2(); - authoa.setOAPVP2(pvp2); - } - - pvp2.setMetadataURL(pvp2OA.getMetaDataURL()); - try { - - if (pvp2OA.getFileUpload() != null) pvp2.setCertificate(pvp2OA.getCertificate()); - - } - catch (CertificateException e) { - log.info("Uploaded Certificate can not be found", e); - return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"); - } - catch (IOException e) { - log.info("Uploaded Certificate can not be parsed", e); - return LanguageHelper.getErrorString("validation.pvp2.certificate.format"); - } - - OASAML1 saml1 = authoa.getOASAML1(); - if (saml1 == null) { - saml1 = new OASAML1(); - authoa.setOASAML1(saml1); - saml1.setIsActive(false); - } - - if (authUser.isAdmin()) { - saml1.setIsActive(saml1OA.isActive()); - } - - if (saml1.isIsActive() != null && saml1.isIsActive()) { - saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock()); - saml1.setProvideCertificate(saml1OA.isProvideCertificate()); - saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData()); - saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink()); - saml1.setProvideStammzahl(saml1OA.isProvideStammZahl()); - saml1.setUseCondition(saml1OA.isUseCondition()); - saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength())); - // TODO: set sourceID - // saml1.setSourceID(""); - } - - OASSO sso = authoa.getOASSO(); - if (sso == null) { - sso = new OASSO(); - authoa.setOASSO(sso); - sso.setAuthDataFrame(true); - } - sso.setUseSSO(ssoOA.isUseSSO()); - - if (authUser.isAdmin()) sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame()); - - sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL()); - - if (oauth20OA != null) { - log.debug("Saving OAuth 2.0 configuration:"); - OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20(); - if (oaOAuth20 == null) { - oaOAuth20 = new OAOAUTH20(); - authoa.setOAOAUTH20(oaOAuth20); - } - - oaOAuth20.setOAuthClientId(generalOA.getIdentifier()); - // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret()); - oaOAuth20.setOAuthRedirectUri(oauth20OA.getRedirectUri()); - log.debug("client id: " + oauth20OA.getClientId()); - log.debug("client secret: " + oauth20OA.getClientSecret()); - log.debug("redirect uri:" + oauth20OA.getRedirectUri()); - - oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET)); - request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null); - - } - - - // fetch stork configuration from database model - OASTORK stork = authoa.getOASTORK(); - if (stork == null) { - // if there is none, create a new one with default values. - stork = new OASTORK(); - authoa.setOASTORK(stork); - stork.setStorkLogonEnabled(false); - } - // transfer the incoming data to the database model - stork.setStorkLogonEnabled(storkOA.isStorkLogonEnabled()); - stork.setQaa(storkOA.getQaa()); - stork.setOAAttributes(storkOA.getAttributes()); - stork.setVidpEnabled(storkOA.isVidpEnabled()); - stork.setAttributeProviders(storkOA.getAttributeProviderPlugins()); - - try { - if (newentry) { - ConfigurationDBUtils.save(dboa); - - if (!authUser.isAdmin()) { - UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); - - List useroas = user.getOnlineApplication(); - if (useroas == null) useroas = new ArrayList(); - - useroas.add(dboa); - ConfigurationDBUtils.saveOrUpdate(user); - } - } - - else - ConfigurationDBUtils.saveOrUpdate(dboa); - - } - catch (MOADatabaseException e) { - log.warn("Online-Application can not be stored.", e); - return LanguageHelper.getErrorString("error.db.oa.store"); - } - - return null; - } - - private String parseColor(String color) { - String value = ""; - - if (MiscUtil.isNotEmpty(color)) { - if (!color.startsWith("#")) - value = "#" + color; - else - value = color; - } - return value; - } - - private void generateUserSpecificConfigurationOptions(UserDatabase userdb) { - - if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { - String bpk = userdb.getBpk(); - if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR)) { - - onlyBusinessService = true; - generalOA.setBusinessService(true); - - } - - deaktivededBusinessService = true; - String[] split = bpk.split("\\+"); - generalOA.setIdentificationType(split[1].substring(1)); - - if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN)) - generalOA.setIdentificationNumber(at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(split[2])); - else - generalOA.setIdentificationNumber(split[2]); - - } - - } - - public String setGeneralOAConfig() { - - return Constants.STRUTS_SUCCESS; - } - - public String setSAML1OAConfig() { - - return Constants.STRUTS_SUCCESS; - } - - public String setPVP2OAConfig() { - - return Constants.STRUTS_SUCCESS; - } - - public String setSSOOAConfig() { - - return Constants.STRUTS_SUCCESS; - } - - public String setSTORKOAConfig() { - - return Constants.STRUTS_SUCCESS; - } - - // Getter and Setter - public void setServletResponse(HttpServletResponse arg0) { - this.response = arg0; - - } - - public void setServletRequest(HttpServletRequest arg0) { - this.request = arg0; - - } - - public HttpServletRequest getRequest() { - return request; - } - - public void setRequest(HttpServletRequest request) { - this.request = request; - } - - public HttpServletResponse getResponse() { - return response; - } - - public void setResponse(HttpServletResponse response) { - this.response = response; - } - - public OAGeneralConfig getGeneralOA() { - return generalOA; - } - - public void setGeneralOA(OAGeneralConfig generalOA) { - this.generalOA = generalOA; - } - - public OAPVP2Config getPvp2OA() { - return pvp2OA; - } - - public void setPvp2OA(OAPVP2Config pvp2oa) { - pvp2OA = pvp2oa; - } - - public OASAML1Config getSaml1OA() { - return saml1OA; - } - - public void setSaml1OA(OASAML1Config saml1oa) { - saml1OA = saml1oa; - } - - public OASSOConfig getSsoOA() { - return ssoOA; - } - - public void setSsoOA(OASSOConfig ssoOA) { - this.ssoOA = ssoOA; - } - - public OASTORKConfig getStorkOA() { - return storkOA; - } - - public void setStorkOA(OASTORKConfig storkOA) { - this.storkOA = storkOA; - } - - /** - * @param oaidobj - * the oaidobj to set - */ - public void setOaidobj(String oaidobj) { - this.oaidobj = oaidobj; - } - - /** - * @return the authUser - */ - public AuthenticatedUser getAuthUser() { - return authUser; - } - - /** - * @return the newOA - */ - public boolean isNewOA() { - return newOA; - } - - /** - * @param newOA - * the newOA to set - */ - public void setNewOA(boolean newOA) { - this.newOA = newOA; - } - - /** - * @return the nextPage - */ - public String getNextPage() { - return nextPage; - } - - /** - * @return the formID - */ - public String getFormID() { - return formID; - } - - /** - * @param formID - * the formID to set - */ - public void setFormID(String formID) { - this.formID = formID; - } - - /** - * @return the onlyBusinessService - */ - public boolean isOnlyBusinessService() { - return onlyBusinessService; - } - - /** - * @param onlyBusinessService - * the onlyBusinessService to set - */ - public void setOnlyBusinessService(boolean onlyBusinessService) { - this.onlyBusinessService = onlyBusinessService; - } - - /** - * @return the subTargetSet - */ - public boolean isSubTargetSet() { - return subTargetSet; - } - - /** - * @param subTargetSet - * the subTargetSet to set - */ - public void setSubTargetSet(boolean subTargetSet) { - this.subTargetSet = subTargetSet; - } - - /** - * @return the deaktivededBusinessService - */ - public boolean isDeaktivededBusinessService() { - return deaktivededBusinessService; - } - - /** - * @param deaktivededBusinessService - * the deaktivededBusinessService to set - */ - public void setDeaktivededBusinessService(boolean deaktivededBusinessService) { - this.deaktivededBusinessService = deaktivededBusinessService; - } - - /** - * @return the formOA - */ - public FormularCustomization getFormOA() { - return formOA; - } - - /** - * @param formOA - * the formOA to set - */ - public void setFormOA(FormularCustomization formOA) { - this.formOA = formOA; - } - - /** - * @return the stream - */ - public InputStream getStream() { - return stream; - } - - public OAOAuth20Config getOauth20OA() { - return oauth20OA; - } - - public void setOauth20OA(OAOAuth20Config oauth20OA) { - this.oauth20OA = oauth20OA; - } - + + private final Logger log = Logger.getLogger(EditOAAction.class); + + private static final long serialVersionUID = 1L; + + private HttpServletRequest request; + private HttpServletResponse response; + + private AuthenticatedUser authUser; + + private String oaidobj; + private boolean newOA; + private String formID; + + private boolean onlyBusinessService = false; + private boolean onlyStorkService = false; + private boolean subTargetSet = false; + private boolean deaktivededBusinessService = false; + private boolean deactivatedStorkService = false; + private boolean isMetaDataRefreshRequired = false; + + private String nextPage; + + private OAGeneralConfig generalOA = new OAGeneralConfig(); + private OAPVP2Config pvp2OA = new OAPVP2Config(); + private OASAML1Config saml1OA = new OASAML1Config(); + private OASSOConfig ssoOA = new OASSOConfig(); + private OAOAuth20Config oauth20OA = new OAOAuth20Config(); + private OASTORKConfig storkOA = new OASTORKConfig(); + private FormularCustomization formOA = new FormularCustomization(); + + private InputStream stream; + + private Map sendAssertionForm = new HashMap(); + private Map bkuSelectionForm = new HashMap(); + + // STRUTS actions + public String inital() { + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } + + Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + long oaid = -1; + + if (!ValidationHelper.validateOAID(oaidobj)) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + oaid = Long.valueOf(oaidobj); + + UserDatabase userdb = null; + OnlineApplication onlineapplication = null; + + if (authUser.isAdmin()) + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); + + else { + userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); + return Constants.STRUTS_SUCCESS; + } + + // TODO: change to direct Database operation + List oas = userdb.getOnlineApplication(); + for (OnlineApplication oa : oas) { + if (oa.getHjid() == oaid) { + onlineapplication = oa; + break; + } + } + if (onlineapplication == null) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + } + + generalOA.parse(onlineapplication); + ssoOA.parse(onlineapplication); + saml1OA.parse(onlineapplication); + oauth20OA.parse(onlineapplication); + session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret()); + + storkOA.parse(onlineapplication); + + Map map = new HashMap(); + map.putAll(FormBuildUtils.getDefaultMap()); + formOA.parse(onlineapplication, map); + + session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, map); + + List errors = pvp2OA.parse(onlineapplication); + + if (errors.size() > 0) { + for (String el : errors) + addActionError(el); + } + + subTargetSet = MiscUtil.isNotEmpty(generalOA.getTarget_subsector()); + + // set UserSpezific OA Parameters + if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); + + ConfigurationDBUtils.closeSession(); + session.setAttribute(Constants.SESSION_OAID, oaid); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + newOA = false; + + return Constants.STRUTS_OA_EDIT; + } + + public String newOA() { + log.debug("insert new Online-Application"); + + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } + + session.setAttribute(Constants.SESSION_OAID, null); + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + + Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); + + authUser = (AuthenticatedUser) authUserObj; + + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); + return Constants.STRUTS_SUCCESS; + } + + MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration(); + if (moaidconfig != null) { + DefaultBKUs defaultbkus = moaidconfig.getDefaultBKUs(); + if (defaultbkus != null) { + generalOA.setBkuHandyURL(defaultbkus.getHandyBKU()); + generalOA.setBkuLocalURL(defaultbkus.getLocalBKU()); + generalOA.setBkuOnlineURL(defaultbkus.getOnlineBKU()); + } + } + + // set UserSpezific OA Parameters + if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); + + ConfigurationDBUtils.closeSession(); + + newOA = true; + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + + session.setAttribute(Constants.SESSION_BKUFORMPREVIEW, null); + + this.oauth20OA.generateClientSecret(); + session.setAttribute(Constants.SESSION_OAUTH20SECRET, this.oauth20OA.getClientSecret()); + + return Constants.STRUTS_OA_EDIT; + } + + public String saveOA() { + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } + + Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); + authUser = (AuthenticatedUser) authUserObj; + + Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); + return Constants.STRUTS_SUCCESS; + } + + OnlineApplication onlineapplication = null; + List errors = new ArrayList(); + + Object oadbid = request.getSession().getAttribute(Constants.SESSION_OAID); + Long oaid = (long) -1; + + if (oadbid != null) { + try { + oaid = (Long) oadbid; + if (oaid < 0 || oaid > Long.MAX_VALUE) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + + } catch (Throwable t) { + addActionError(LanguageHelper.getErrorString("errors.edit.oa.oaid", request)); + return Constants.STRUTS_ERROR; + } + } + + // valid DBID and check entry + String oaidentifier = generalOA.getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); + + } else { + + if (!ValidationHelper.validateURL(oaidentifier)) { + log.warn("OnlineapplikationIdentifier is not a valid URL: " + oaidentifier); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()})); + } else { + + if (oaid == -1) { + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); + newOA = true; + if (onlineapplication != null) { + log.info("The OAIdentifier is not unique"); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); + } + + } else { + onlineapplication = ConfigurationDBRead.getOnlineApplication(oaid); + if (!oaidentifier.equals(onlineapplication.getPublicURLPrefix())) { + + if (ConfigurationDBRead.getOnlineApplication(oaidentifier) != null) { + log.info("The OAIdentifier is not unique"); + errors.add(LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")); + } + } + } + } + } + + // set UserSpezific OA Parameters + if (!authUser.isAdmin()) generateUserSpecificConfigurationOptions(userdb); + + // check form + OAGeneralConfigValidation validatior_general = new OAGeneralConfigValidation(); + OAPVP2ConfigValidation validatior_pvp2 = new OAPVP2ConfigValidation(); + OASAML1ConfigValidation validatior_saml1 = new OASAML1ConfigValidation(); + OASSOConfigValidation validatior_sso = new OASSOConfigValidation(); + OASTORKConfigValidation validator_stork = new OASTORKConfigValidation(); + FormularCustomizationValitator validator_form = new FormularCustomizationValitator(); + OAOAUTH20ConfigValidation validatior_oauth20 = new OAOAUTH20ConfigValidation(); + OAFileUploadValidation valiator_fileUpload = new OAFileUploadValidation(); + + errors.addAll(validatior_general.validate(generalOA, authUser.isAdmin())); + errors.addAll(validatior_pvp2.validate(pvp2OA)); + errors.addAll(validatior_saml1.validate(saml1OA, generalOA)); + errors.addAll(validatior_sso.validate(ssoOA, authUser.isAdmin())); + errors.addAll(validator_stork.validate(storkOA)); + errors.addAll(validator_form.validate(formOA)); + errors.addAll(validatior_oauth20.validate(oauth20OA)); + + //validate BKU-selection template + List templateError = valiator_fileUpload.validate(generalOA.getBkuSelectionFileUploadFileName() + , generalOA.getBkuSelectionFileUpload(), "validation.general.bkuselection", bkuSelectionForm); + if (templateError != null && templateError.size() == 0) { + if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) + session.setAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE, bkuSelectionForm); + + else + bkuSelectionForm = (Map) session.getAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); + + } else { + errors.addAll(templateError); + + } + + //validate send-assertion template + templateError = valiator_fileUpload.validate(generalOA.getSendAssertionFileUploadFileName() + , generalOA.getSendAssertionFileUpload(), "validation.general.sendassertion", sendAssertionForm); + if (templateError != null && templateError.size() == 0) { + if (sendAssertionForm != null && sendAssertionForm.size() > 0) + session.setAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE, sendAssertionForm); + + else + sendAssertionForm = (Map) session.getAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); + + } else { + errors.addAll(templateError); + + } + + + // Do not allow SSO in combination with special BKUSelection features + if (ssoOA.isUseSSO() && (formOA.isOnlyMandateAllowed() || !formOA.isShowMandateLoginButton())) { + log.warn("Special BKUSelection features can not be used in combination with SSO"); + errors.add(LanguageHelper.getErrorString("validation.general.bkuselection.specialfeatures.valid")); + } + + if (errors.size() > 0) { + log.info("OAConfiguration with ID " + generalOA.getIdentifier() + " has some errors."); + for (String el : errors) + addActionError(el); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + + boolean newentry = false; + + if (onlineapplication == null) { + onlineapplication = new OnlineApplication(); + newentry = true; + onlineapplication.setIsActive(false); + + if (!authUser.isAdmin()) { + onlineapplication.setIsAdminRequired(true); + + } else + isMetaDataRefreshRequired = true; + + } else { + if (!authUser.isAdmin() && !onlineapplication.getPublicURLPrefix().equals(generalOA.getIdentifier())) { + + onlineapplication.setIsAdminRequired(true); + onlineapplication.setIsActive(false); + log.info("User with ID " + authUser.getUserID() + " change OA-PublicURLPrefix. Reaktivation is required."); + } + + } + + if ((onlineapplication.isIsAdminRequired() == null) + || (authUser.isAdmin() && generalOA.isActive() && onlineapplication.isIsAdminRequired())) { + + onlineapplication.setIsAdminRequired(false); + isMetaDataRefreshRequired = true; + + if (onlineapplication.getHjid() != null) + userdb = ConfigurationDBRead.getUsersWithOADBID(onlineapplication.getHjid()); + + if (userdb != null && !userdb.isIsAdmin()) { + try { + MailHelper.sendUserOnlineApplicationActivationMail(userdb.getGivenname(), userdb.getFamilyname(), + userdb.getInstitut(), onlineapplication.getPublicURLPrefix(), userdb.getMail()); + } catch (ConfigurationException e) { + log.warn("Sending Mail to User " + userdb.getMail() + " failed", e); + } + } + } + + //save OA configuration + String error = saveOAConfigToDatabase(onlineapplication, newentry); + if (MiscUtil.isNotEmpty(error)) { + log.warn("OA configuration can not be stored!"); + addActionError(error); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + } + + //set metadata reload flag if reload is required + if (pvp2OA.getMetaDataURL() != null) { + + try { + if (isMetaDataRefreshRequired + || !pvp2OA.getMetaDataURL().equals(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL()) + || pvp2OA.getFileUpload() != null + || pvp2OA.isReLoad()) { + + log.debug("Set PVP2 Metadata refresh flag."); + MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); + moaconfig.setPvp2RefreshItem(new Date()); + ConfigurationDBUtils.saveOrUpdate(moaconfig); + + } + } catch (Throwable e) { + log.info("Found no MetadataURL in OA-Databaseconfig!", e); + } + + } + } + + Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + if (onlineapplication.isIsAdminRequired()) { + int numoas = 0; + int numusers = 0; + + List openOAs = ConfigurationDBRead.getAllNewOnlineApplications(); + if (openOAs != null) numoas = openOAs.size(); + + List openUsers = ConfigurationDBRead.getAllNewUsers(); + if (openUsers != null) numusers = openUsers.size(); + try { + + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success.admin", generalOA.getIdentifier(), request)); + + if (numusers > 0 || numoas > 0) MailHelper.sendAdminMail(numoas, numusers); + + } catch (ConfigurationException e) { + log.warn("Sending Mail to Admin failed.", e); + } + + } else + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.success", generalOA.getIdentifier(), request)); + + //remove session attributes + session.setAttribute(Constants.SESSION_OAID, null); + session.removeAttribute(Constants.SESSION_BKUSELECTIONTEMPLATE); + session.removeAttribute(Constants.SESSION_SENDASSERTIONTEMPLATE); + + ConfigurationDBUtils.closeSession(); + return Constants.STRUTS_SUCCESS; + } + + public String cancleAndBackOA() { + + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } + + Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + session.setAttribute(Constants.SESSION_RETURNAREA, null); + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + session.setAttribute(Constants.SESSION_OAID, null); + + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.cancle", generalOA.getIdentifier(), request)); + + ConfigurationDBUtils.closeSession(); + + return Constants.STRUTS_SUCCESS; + } + + public String deleteOA() { + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + return Constants.STRUTS_ERROR; + } + + Object authUserObj = session.getAttribute(Constants.SESSION_AUTH); + authUser = (AuthenticatedUser) authUserObj; + + Object formidobj = session.getAttribute(Constants.SESSION_FORMID); + if (formidobj != null && formidobj instanceof String) { + String formid = (String) formidobj; + if (!formid.equals(formID)) { + log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + } else { + log.warn("FormIDs does not match. Some suspect Form is received from user " + authUser.getFamilyName() + + authUser.getGivenName() + authUser.getUserID()); + return Constants.STRUTS_ERROR; + } + session.setAttribute(Constants.SESSION_FORMID, null); + + Object nextPageAttr = session.getAttribute(Constants.SESSION_RETURNAREA); + if (nextPageAttr != null && nextPageAttr instanceof String) { + nextPage = (String) nextPageAttr; + + } else { + nextPage = Constants.STRUTS_RETURNAREA_VALUES.main.name(); + } + + UserDatabase userdb = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + if (!authUser.isAdmin() && userdb.isIsMailAddressVerified() != null && !userdb.isIsMailAddressVerified()) { + log.info("Online-Applikation managemant disabled. Mail address is not verified."); + addActionError(LanguageHelper.getErrorString("error.editoa.mailverification")); + return Constants.STRUTS_SUCCESS; + } + + String oaidentifier = generalOA.getIdentifier(); + if (MiscUtil.isEmpty(oaidentifier)) { + log.info("Empty OA identifier"); + addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.empty")); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + + } else { + if (ValidationHelper.isValidOAIdentifier(oaidentifier)) { + log.warn("IdentificationNumber contains potentail XSS characters: " + oaidentifier); + addActionError(LanguageHelper.getErrorString("validation.general.oaidentifier.valid", + new Object[]{ValidationHelper.getNotValidOAIdentifierCharacters()})); + + formID = Random.nextRandom(); + session.setAttribute(Constants.SESSION_FORMID, formID); + return Constants.STRUTS_ERROR_VALIDATION; + } + } + + OnlineApplication onlineapplication = ConfigurationDBRead.getOnlineApplication(oaidentifier); + request.getSession().setAttribute(Constants.SESSION_OAID, null); + + try { + if (MiscUtil.isNotEmpty(onlineapplication.getAuthComponentOA().getOAPVP2().getMetadataURL())) { + + MOAIDConfiguration moaconfig = ConfigurationDBRead.getMOAIDConfiguration(); + moaconfig.setPvp2RefreshItem(new Date()); + ConfigurationDBUtils.saveOrUpdate(moaconfig); + + } + } catch (Throwable e) { + log.info("Found no MetadataURL in OA-Databaseconfig!", e); + } + + if (ConfigurationDBUtils.delete(onlineapplication)) { + + if (!authUser.isAdmin()) { + UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + List useroas = user.getOnlineApplication(); + + for (OnlineApplicationType oa : useroas) { + if (oa.getHjid().equals(onlineapplication.getHjid())) { + useroas.remove(oa); + } + } + + try { + ConfigurationDBUtils.saveOrUpdate(user); + + } catch (MOADatabaseException e) { + log.warn("User information can not be updated in database", e); + addActionError(LanguageHelper.getGUIString("error.db.oa.store", request)); + return Constants.STRUTS_ERROR; + } + } + + ConfigurationDBUtils.closeSession(); + + addActionMessage(LanguageHelper.getGUIString("webpages.oaconfig.delete.message", generalOA.getIdentifier(), request)); + + return Constants.STRUTS_SUCCESS; + + } else { + ConfigurationDBUtils.closeSession(); + addActionError(LanguageHelper.getGUIString("webpages.oaconfig.delete.error", generalOA.getIdentifier(), request)); + return Constants.STRUTS_SUCCESS; + } + + } + + public String bkuFramePreview() { + + String preview = null; + + HttpSession session = request.getSession(); + if (session == null) { + log.info("No http Session found."); + preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible"); + + } else { + InputStream input = null; + + try { + Object mapobj = session.getAttribute(Constants.SESSION_BKUFORMPREVIEW); + if (mapobj != null && mapobj instanceof Map) { + + ConfigurationProvider config = ConfigurationProvider.getInstance(); + String templateURL = config.getConfigRootDir() + ConfigurationProvider.HTMLTEMPLATE_DIR + + ConfigurationProvider.HTMLTEMPLATE_FILE; + + File file = new File(templateURL); + input = new FileInputStream(file); + + String contextpath = config.getMOAIDInstanceURL(); + if (MiscUtil.isEmpty(contextpath)) { + log.info("NO MOA-ID instance URL configurated."); + throw new ConfigurationException("No MOA-ID instance configurated"); + } + + preview = LoginFormBuilder.getTemplate(input); + preview = preview.replace(LoginFormBuilder.CONTEXTPATH, contextpath); + + Map map = (Map) mapobj; + + request.setCharacterEncoding("UTF-8"); + + String module = request.getParameter(Constants.REQUEST_FORMCUSTOM_MODULE); + String value = request.getParameter(Constants.REQUEST_FORMCUSTOM_VALUE); + + if (value != null) { + String[] query = URLDecoder.decode(request.getQueryString()).split("&"); + value = query[1].substring("value=".length()); + } + + synchronized (map) { + + if (MiscUtil.isNotEmpty(module)) { + if (map.containsKey("#" + module + "#")) { + if (MiscUtil.isNotEmpty(value)) { + if (FormBuildUtils.FONTFAMILY.contains(module) || FormBuildUtils.HEADER_TEXT.contains(module) + || value.startsWith("#")) + map.put("#" + module + "#", value); + else + map.put("#" + module + "#", "#" + value); + + } else { + map.put("#" + module + "#", FormBuildUtils.getDefaultMap().get("#" + module + "#")); + } + } + } + preview = FormBuildUtils.customiceLayoutBKUSelection(preview, true, false, map, true); + } + + } else { + preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible"); + + } + + } catch (Exception e) { + log.warn("BKUSelection Preview can not be generated.", e); + preview = LanguageHelper.getErrorString("error.bkuformpreview.notpossible"); + + } + } + + stream = new ByteArrayInputStream(preview.getBytes()); + + return Constants.STRUTS_SUCCESS; + } + + private String saveOAConfigToDatabase(OnlineApplication dboa, boolean newentry) { + + AuthComponentOA authoa = dboa.getAuthComponentOA(); + if (authoa == null) { + authoa = new AuthComponentOA(); + dboa.setAuthComponentOA(authoa); + } + + if (authUser.isAdmin()) dboa.setIsActive(generalOA.isActive()); + + dboa.setFriendlyName(generalOA.getFriendlyName()); + dboa.setCalculateHPI(generalOA.isCalculateHPI()); + dboa.setRemoveBPKFromAuthBlock(generalOA.isHideBPKAuthBlock()); + + if (authUser.isAdmin()) + dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(generalOA.getKeyBoxIdentifier())); + else { + if (newentry) dboa.setKeyBoxIdentifier(MOAKeyBoxSelector.SECURE_SIGNATURE_KEYPAIR); + } + + dboa.setPublicURLPrefix(generalOA.getIdentifier()); + + if (generalOA.isStorkService() || onlyStorkService) { + dboa.setType(Constants.MOA_CONFIG_STORKSERVICE); + dboa.setStorkSPTargetCountry(generalOA.getStorkSPTargetCountry()); + + + String num = generalOA.getIdentificationNumber().replaceAll(" ", ""); + + if (num.startsWith(Constants.IDENIFICATIONTYPE_STORK)) + num = num.substring(Constants.IDENIFICATIONTYPE_STORK.length()); + + IdentificationNumber idnumber = new IdentificationNumber(); + idnumber.setValue(Constants.PREFIX_STORK + "AT+" + generalOA.getIdentificationType() + num); + idnumber.setType(Constants.BUSINESSSERVICENAMES.get(generalOA.getIdentificationType())); + + authoa.setIdentificationNumber(idnumber); + + } else if (generalOA.isBusinessService() || onlyBusinessService) { + + dboa.setType(Constants.MOA_CONFIG_BUSINESSSERVICE); + + String num = generalOA.getIdentificationNumber().replaceAll(" ", ""); + if (num.startsWith(Constants.IDENIFICATIONTYPE_FN)) { + num = num.substring(Constants.IDENIFICATIONTYPE_FN.length()); + + num = at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(num); + + // num = StringUtils.leftPad(num, 7, '0'); + } + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ZVR)) + num = num.substring(Constants.IDENIFICATIONTYPE_ZVR.length()); + + if (num.startsWith(Constants.IDENIFICATIONTYPE_ERSB)) + num = num.substring(Constants.IDENIFICATIONTYPE_ERSB.length()); + + IdentificationNumber idnumber = new IdentificationNumber(); + idnumber.setValue(Constants.PREFIX_WPBK + generalOA.getIdentificationType() + "+" + num); + idnumber.setType(Constants.BUSINESSSERVICENAMES.get(generalOA.getIdentificationType())); + + authoa.setIdentificationNumber(idnumber); + + } else { + dboa.setType(null); + + if (authUser.isAdmin()) { + if (MiscUtil.isNotEmpty(generalOA.getTarget_admin()) && generalOA.isAdminTarget()) { + dboa.setTarget(generalOA.getTarget_admin()); + dboa.setTargetFriendlyName(generalOA.getTargetFriendlyName()); + + } else { + + String target = generalOA.getTarget(); + + if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet) + dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); + else + dboa.setTarget(target); + + String targetname = TargetValidator.getTargetFriendlyName(target); + if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname); + + } + + } else { + + if (MiscUtil.isNotEmpty(generalOA.getTarget())) { + + String target = generalOA.getTarget(); + + if (MiscUtil.isNotEmpty(generalOA.getTarget_subsector()) && subTargetSet) + dboa.setTarget(target + "-" + generalOA.getTarget_subsector()); + + else + dboa.setTarget(target); + + String targetname = TargetValidator.getTargetFriendlyName(target); + if (MiscUtil.isNotEmpty(targetname)) dboa.setTargetFriendlyName(targetname); + + } + } + } + + //store BKU-URLs + BKUURLS bkuruls = new BKUURLS(); + authoa.setBKUURLS(bkuruls); + if (authUser.isAdmin()) { + bkuruls.setHandyBKU(generalOA.getBkuHandyURL()); + bkuruls.setLocalBKU(generalOA.getBkuLocalURL()); + bkuruls.setOnlineBKU(generalOA.getBkuOnlineURL()); + } + + TemplatesType templates = authoa.getTemplates(); + if (templates == null) { + templates = new TemplatesType(); + authoa.setTemplates(templates); + } + + //store BKU-selection and send-assertion templates + if (authUser.isAdmin()) { + + if (generalOA.isDeleteBKUTemplate()) + templates.setBKUSelectionTemplate(null); + + if (generalOA.isDeleteSendAssertionTemplate()) + templates.setSendAssertionTemplate(null); + + + if (bkuSelectionForm != null && bkuSelectionForm.size() > 0) { + TransformsInfoType template = new TransformsInfoType(); + + Iterator interator = bkuSelectionForm.keySet().iterator(); + template.setFilename(interator.next()); + template.setTransformation(bkuSelectionForm.get( + template.getFilename())); + + templates.setBKUSelectionTemplate(template); + } + + if (sendAssertionForm != null && sendAssertionForm.size() > 0) { + TransformsInfoType template = new TransformsInfoType(); + + Iterator interator = sendAssertionForm.keySet().iterator(); + template.setFilename(interator.next()); + template.setTransformation(sendAssertionForm.get( + template.getFilename())); + + templates.setSendAssertionTemplate(template); + } + } + + + //store BKU-selection customization + BKUSelectionCustomizationType bkuselectioncustom = templates.getBKUSelectionCustomization(); + if (bkuselectioncustom == null) { + bkuselectioncustom = new BKUSelectionCustomizationType(); + templates.setBKUSelectionCustomization(bkuselectioncustom); + } + + Mandates mandates = new Mandates(); + if (generalOA.isUseMandates()) { + mandates.setProfiles(generalOA.getMandateProfiles()); + + } else { + mandates.setProfiles(new String()); + } + + authoa.setMandates(mandates); + bkuselectioncustom.setMandateLoginButton(MiscUtil.isNotEmpty(generalOA.getMandateProfiles())); + bkuselectioncustom.setOnlyMandateLoginAllowed(formOA.isOnlyMandateAllowed()); + + if (authUser.isAdmin()) { + templates.setAditionalAuthBlockText(generalOA.getAditionalAuthBlockText()); + + List template = templates.getTemplate(); + if (generalOA.isLegacy()) { + + if (template == null) + template = new ArrayList(); + else + template.clear(); + + if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL1())) { + TemplateType el = new TemplateType(); + el.setURL(generalOA.getSLTemplateURL1()); + template.add(el); + } else + template.add(new TemplateType()); + if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL2())) { + TemplateType el = new TemplateType(); + el.setURL(generalOA.getSLTemplateURL2()); + template.add(el); + } else + template.add(new TemplateType()); + if (MiscUtil.isNotEmpty(generalOA.getSLTemplateURL3())) { + TemplateType el = new TemplateType(); + el.setURL(generalOA.getSLTemplateURL3()); + template.add(el); + } else + template.add(new TemplateType()); + + } else { + if (template != null && template.size() > 0) template.clear(); + } + + bkuselectioncustom.setBackGroundColor(parseColor(formOA.getBackGroundColor())); + bkuselectioncustom.setFrontColor(parseColor(formOA.getFrontColor())); + + bkuselectioncustom.setHeaderBackGroundColor(parseColor(formOA.getHeader_BackGroundColor())); + bkuselectioncustom.setHeaderFrontColor(parseColor(formOA.getHeader_FrontColor())); + bkuselectioncustom.setHeaderText(formOA.getHeader_text()); + + bkuselectioncustom.setButtonBackGroundColor(parseColor(formOA.getButton_BackGroundColor())); + bkuselectioncustom.setButtonBackGroundColorFocus(parseColor(formOA.getButton_BackGroundColorFocus())); + bkuselectioncustom.setButtonFontColor(parseColor(formOA.getButton_FrontColor())); + + if (MiscUtil.isNotEmpty(formOA.getAppletRedirectTarget())) + bkuselectioncustom.setAppletRedirectTarget(formOA.getAppletRedirectTarget()); + + bkuselectioncustom.setFontType(formOA.getFontType()); + + bkuselectioncustom.setAppletHeight(formOA.getApplet_height()); + bkuselectioncustom.setAppletWidth(formOA.getApplet_width()); + + } + + // set default transformation if it is empty + List transformsInfo = authoa.getTransformsInfo(); + if (transformsInfo == null) { + // TODO: set OA specific transformation if it is required + + } + + OAPVP2 pvp2 = authoa.getOAPVP2(); + if (pvp2 == null) { + pvp2 = new OAPVP2(); + authoa.setOAPVP2(pvp2); + } + + pvp2.setMetadataURL(pvp2OA.getMetaDataURL()); + try { + + if (pvp2OA.getFileUpload() != null) pvp2.setCertificate(pvp2OA.getCertificate()); + + } catch (CertificateException e) { + log.info("Uploaded Certificate can not be found", e); + return LanguageHelper.getErrorString("validation.pvp2.certificate.notfound"); + } catch (IOException e) { + log.info("Uploaded Certificate can not be parsed", e); + return LanguageHelper.getErrorString("validation.pvp2.certificate.format"); + } + + OASAML1 saml1 = authoa.getOASAML1(); + if (saml1 == null) { + saml1 = new OASAML1(); + authoa.setOASAML1(saml1); + saml1.setIsActive(false); + } + + if (authUser.isAdmin()) { + saml1.setIsActive(saml1OA.isActive()); + } + + if (saml1.isIsActive() != null && saml1.isIsActive()) { + saml1.setProvideAUTHBlock(saml1OA.isProvideAuthBlock()); + saml1.setProvideCertificate(saml1OA.isProvideCertificate()); + saml1.setProvideFullMandatorData(saml1OA.isProvideFullMandateData()); + saml1.setProvideIdentityLink(saml1OA.isProvideIdentityLink()); + saml1.setProvideStammzahl(saml1OA.isProvideStammZahl()); + saml1.setUseCondition(saml1OA.isUseCondition()); + saml1.setConditionLength(BigInteger.valueOf(saml1OA.getConditionLength())); + // TODO: set sourceID + // saml1.setSourceID(""); + } + + OASSO sso = authoa.getOASSO(); + if (sso == null) { + sso = new OASSO(); + authoa.setOASSO(sso); + sso.setAuthDataFrame(true); + } + sso.setUseSSO(ssoOA.isUseSSO()); + + if (authUser.isAdmin()) sso.setAuthDataFrame(ssoOA.isShowAuthDataFrame()); + + sso.setSingleLogOutURL(ssoOA.getSingleLogOutURL()); + + if (oauth20OA != null) { + log.debug("Saving OAuth 2.0 configuration:"); + OAOAUTH20 oaOAuth20 = authoa.getOAOAUTH20(); + if (oaOAuth20 == null) { + oaOAuth20 = new OAOAUTH20(); + authoa.setOAOAUTH20(oaOAuth20); + } + + oaOAuth20.setOAuthClientId(generalOA.getIdentifier()); + // oaOAuth20.setOAuthClientSecret(oauth20OA.getClientSecret()); + oaOAuth20.setOAuthRedirectUri(oauth20OA.getRedirectUri()); + log.debug("client id: " + oauth20OA.getClientId()); + log.debug("client secret: " + oauth20OA.getClientSecret()); + log.debug("redirect uri:" + oauth20OA.getRedirectUri()); + + oaOAuth20.setOAuthClientSecret((String) request.getSession().getAttribute(Constants.SESSION_OAUTH20SECRET)); + request.getSession().setAttribute(Constants.SESSION_OAUTH20SECRET, null); + + } + + + // fetch stork configuration from database model + OASTORK stork = authoa.getOASTORK(); + if (stork == null) { + // if there is none, create a new one with default values. + stork = new OASTORK(); + authoa.setOASTORK(stork); + stork.setStorkLogonEnabled(false); + } + // transfer the incoming data to the database model + stork.setStorkLogonEnabled(storkOA.isStorkLogonEnabled()); + stork.setQaa(storkOA.getQaa()); + stork.setOAAttributes(storkOA.getAttributes()); + stork.setVidpEnabled(storkOA.isVidpEnabled()); + stork.setAttributeProviders(storkOA.getAttributeProviderPlugins()); + + try { + if (newentry) { + ConfigurationDBUtils.save(dboa); + + if (!authUser.isAdmin()) { + UserDatabase user = ConfigurationDBRead.getUserWithID(authUser.getUserID()); + + List useroas = user.getOnlineApplication(); + if (useroas == null) useroas = new ArrayList(); + + useroas.add(dboa); + ConfigurationDBUtils.saveOrUpdate(user); + } + } else + ConfigurationDBUtils.saveOrUpdate(dboa); + + } catch (MOADatabaseException e) { + log.warn("Online-Application can not be stored.", e); + return LanguageHelper.getErrorString("error.db.oa.store"); + } + + return null; + } + + private String parseColor(String color) { + String value = ""; + + if (MiscUtil.isNotEmpty(color)) { + if (!color.startsWith("#")) + value = "#" + color; + else + value = color; + } + return value; + } + + private void generateUserSpecificConfigurationOptions(UserDatabase userdb) { + + if (userdb.isIsMandateUser() != null && userdb.isIsMandateUser()) { + String bpk = userdb.getBpk(); + if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN) || bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_ZVR)) { + onlyBusinessService = true; + generalOA.setBusinessService(true); + } else if (bpk.startsWith(Constants.IDENIFICATIONTYPE_STORK)) { + onlyStorkService = true; + generalOA.setStorkService(true); + } + + deaktivededBusinessService = true; + deactivatedStorkService = true; + String[] split = bpk.split("\\+"); + generalOA.setIdentificationType(split[1].substring(1)); + + if (bpk.startsWith(Constants.IDENIFICATIONTYPE_BASEID_FN)) + generalOA.setIdentificationNumber(at.gv.egovernment.moa.util.StringUtils.deleteLeadingZeros(split[2])); + else + generalOA.setIdentificationNumber(split[2]); + + } + + } + + public String setGeneralOAConfig() { + + return Constants.STRUTS_SUCCESS; + } + + public String setSAML1OAConfig() { + + return Constants.STRUTS_SUCCESS; + } + + public String setPVP2OAConfig() { + + return Constants.STRUTS_SUCCESS; + } + + public String setSSOOAConfig() { + + return Constants.STRUTS_SUCCESS; + } + + public String setSTORKOAConfig() { + + return Constants.STRUTS_SUCCESS; + } + + // Getter and Setter + public void setServletResponse(HttpServletResponse arg0) { + this.response = arg0; + + } + + public void setServletRequest(HttpServletRequest arg0) { + this.request = arg0; + + } + + public HttpServletRequest getRequest() { + return request; + } + + public void setRequest(HttpServletRequest request) { + this.request = request; + } + + public HttpServletResponse getResponse() { + return response; + } + + public void setResponse(HttpServletResponse response) { + this.response = response; + } + + public OAGeneralConfig getGeneralOA() { + return generalOA; + } + + public void setGeneralOA(OAGeneralConfig generalOA) { + this.generalOA = generalOA; + } + + public OAPVP2Config getPvp2OA() { + return pvp2OA; + } + + public void setPvp2OA(OAPVP2Config pvp2oa) { + pvp2OA = pvp2oa; + } + + public OASAML1Config getSaml1OA() { + return saml1OA; + } + + public void setSaml1OA(OASAML1Config saml1oa) { + saml1OA = saml1oa; + } + + public OASSOConfig getSsoOA() { + return ssoOA; + } + + public void setSsoOA(OASSOConfig ssoOA) { + this.ssoOA = ssoOA; + } + + public OASTORKConfig getStorkOA() { + return storkOA; + } + + public void setStorkOA(OASTORKConfig storkOA) { + this.storkOA = storkOA; + } + + /** + * @param oaidobj the oaidobj to set + */ + public void setOaidobj(String oaidobj) { + this.oaidobj = oaidobj; + } + + /** + * @return the authUser + */ + public AuthenticatedUser getAuthUser() { + return authUser; + } + + /** + * @return the newOA + */ + public boolean isNewOA() { + return newOA; + } + + /** + * @param newOA the newOA to set + */ + public void setNewOA(boolean newOA) { + this.newOA = newOA; + } + + /** + * @return the nextPage + */ + public String getNextPage() { + return nextPage; + } + + /** + * @return the formID + */ + public String getFormID() { + return formID; + } + + /** + * @param formID the formID to set + */ + public void setFormID(String formID) { + this.formID = formID; + } + + /** + * @return the onlyBusinessService + */ + public boolean isOnlyBusinessService() { + return onlyBusinessService; + } + + /** + * @param onlyStorkService the onlyStorkService to set + */ + public void setOnlyStorkService(boolean onlyStorkService) { + this.onlyStorkService = onlyStorkService; + } + + /** + * @return the onlyStorkService + */ + public boolean isOnlyStorkService() { + return onlyStorkService; + } + + /** + * @param onlyBusinessService the onlyBusinessService to set + */ + public void setOnlyBusinessService(boolean onlyBusinessService) { + this.onlyBusinessService = onlyBusinessService; + } + + + /** + * @return the subTargetSet + */ + public boolean isSubTargetSet() { + return subTargetSet; + } + + /** + * @param subTargetSet the subTargetSet to set + */ + public void setSubTargetSet(boolean subTargetSet) { + this.subTargetSet = subTargetSet; + } + + /** + * @return the deaktivededBusinessService + */ + public boolean isDeaktivededBusinessService() { + return deaktivededBusinessService; + } + + /** + * @return the deactivatedStorkService + */ + public boolean isDeactivatedStorkService() { + return deactivatedStorkService; + } + + /** + * @param deactivatedStorkService the deactivatedStorkService to set + */ + + public void setDeactivatedStorkService(boolean deactivatedStorkService) { + + this.deactivatedStorkService = deactivatedStorkService; + } + + /** + * @param deaktivededBusinessService the deaktivededBusinessService to set + */ + public void setDeaktivededBusinessService(boolean deaktivededBusinessService) { + this.deaktivededBusinessService = deaktivededBusinessService; + } + + /** + * @return the formOA + */ + public FormularCustomization getFormOA() { + return formOA; + } + + /** + * @param formOA the formOA to set + */ + public void setFormOA(FormularCustomization formOA) { + this.formOA = formOA; + } + + /** + * @return the stream + */ + public InputStream getStream() { + return stream; + } + + public OAOAuth20Config getOauth20OA() { + return oauth20OA; + } + + public void setOauth20OA(OAOAuth20Config oauth20OA) { + this.oauth20OA = oauth20OA; + } + } diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties index a033205ed..5859ce477 100644 --- a/id/ConfigWebTool/src/main/resources/applicationResources.properties +++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties @@ -185,7 +185,10 @@ webpages.oaconfig.general.mandate.profiles=Profile webpages.oaconfig.general.mandate.usemandate=Vollmachten (ja/nein) webpages.oaconfig.general.friendlyname=Name der Online-Applikation webpages.oaconfig.general.isbusinessservice=Privatwirtschaftliche Applikation +webpages.oaconfig.general.isstorkservice=Stork Applikation webpages.oaconfig.general.public.header=Öffentlicher Bereich +webpages.oaconfig.general.stork.header=STORK Bereich +webpages.oaconfig.general.stork.countrycode=Landesvorwahl webpages.oaconfig.general.target.friendlyname=Bezeichnung des Bereichs (Frei w\u00E4hlbar) webpages.oaconfig.general.target.admin.checkbox=Anderen Bereich frei definieren webpages.oaconfig.general.target.admin=Bereich (Frei w\u00E4hlbar) diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js index 5fbbdafd1..7e42eaf30 100644 --- a/id/ConfigWebTool/src/main/webapp/js/common.js +++ b/id/ConfigWebTool/src/main/webapp/js/common.js @@ -22,17 +22,33 @@ *******************************************************************************/ function oaBusinessService() { if ($('#OAisbusinessservice').attr('checked') == 'checked') { - - $('#oa_config_businessservice').css('display', "block"); + $('#OAisstorkservice').attr('checked',false); + $('#oa_config_storkservice').css('display', "none"); + $('#oa_config_businessservice').css('display', "block"); $('#oa_config_publicservice').css('display', "none"); } else { - - $('#oa_config_businessservice').css('display', "none"); + $('#oa_config_storkservice').css('display', "none"); + $('#oa_config_businessservice').css('display', "none"); $('#oa_config_publicservice').css('display', "block"); } } +function oaStorkService() { + if ($('#OAisstorkservice').attr('checked') == 'checked') { + $('#OAisbusinessservice').attr('checked',false); + $('#oa_config_storkservice').css('display', "block"); + $('#oa_config_businessservice').css('display', "none"); + $('#oa_config_publicservice').css('display', "none"); + + } else { + $('#oa_config_storkservice').css('display', "none"); + $('#oa_config_businessservice').css('display', "none"); + $('#oa_config_publicservice').css('display', "block"); + + } +} + function oaSSOService() { if ($('#OAuseSSO').attr('checked') == 'checked') { @@ -199,6 +215,7 @@ function userOnLoad() { } function oaOnLoad() { oaBusinessService(); + oaStorkService(); oaSSOService(); oaLegacyService(); AdminTarget(); diff --git a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp index 1f42bf092..cf8626ae3 100644 --- a/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp +++ b/id/ConfigWebTool/src/main/webapp/jsp/editOAGeneral.jsp @@ -59,16 +59,28 @@ key="webpages.oaconfig.general.friendlyname" cssClass="textfield_long"> - - - + + + + + + + +
@@ -89,6 +101,17 @@ disabled="%{isDeaktivededBusinessService()}">
+ +
+

<%=LanguageHelper.getGUIString("webpages.oaconfig.general.stork.header", request) %>

+ + +
diff --git a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd index d20ec1c68..b2c9eb58c 100644 --- a/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd +++ b/id/server/moa-id-commons/src/main/resources/config/moaid_config_2.0.xsd @@ -11,14 +11,16 @@ - + + - + + -- cgit v1.2.3 From 19e164874ea92d51f9df12f56047d77db9683091 Mon Sep 17 00:00:00 2001 From: Bojan Suzic Date: Wed, 5 Mar 2014 20:57:05 +0100 Subject: storkid derivation pro country --- id/ConfigWebTool/ConfigurationInterface.iml | 2 +- .../id/configuration/data/oa/OAGeneralConfig.java | 8 +- .../configuration/struts/action/EditOAAction.java | 7 +- id/server/auth/moa-id-auth.iml | 2 +- id/server/idserverlib/moa-id-lib.iml | 2 +- .../moa/id/auth/AuthenticationServer.java | 3928 ++++++++++---------- .../id/auth/builder/InfoboxReadRequestBuilder.java | 197 +- .../gv/egovernment/moa/id/config/OAParameter.java | 20 +- id/server/moa-id-commons/moa-id-commons.iml | 2 +- id/server/moa-id.iml | 1 + id/server/proxy/moa-id-proxy.iml | 2 +- 11 files changed, 2079 insertions(+), 2092 deletions(-) (limited to 'id') diff --git a/id/ConfigWebTool/ConfigurationInterface.iml b/id/ConfigWebTool/ConfigurationInterface.iml index 742f8df89..f6325d7c7 100644 --- a/id/ConfigWebTool/ConfigurationInterface.iml +++ b/id/ConfigWebTool/ConfigurationInterface.iml @@ -63,6 +63,7 @@ + @@ -77,7 +78,6 @@ - diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java index 495444db1..c9f5fdde9 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java @@ -120,7 +120,8 @@ public class OAGeneralConfig { identificationTypeList = Arrays.asList( Constants.IDENIFICATIONTYPE_FN, Constants.IDENIFICATIONTYPE_ZVR, - Constants.IDENIFICATIONTYPE_ERSB); + Constants.IDENIFICATIONTYPE_ERSB, + Constants.IDENIFICATIONTYPE_STORK); } @@ -216,7 +217,10 @@ public class OAGeneralConfig { if (Constants.PREFIX_WPBK.startsWith(split[0]) && split.length >= 2) { identificationType = split[1]; identificationNumber = split[2]; - } + } else if (Constants.PREFIX_STORK.startsWith(split[0]) && split.length >= 2) { + identificationType = split[1]; // setting at as iden category ? + identificationNumber = split[2]; // setting sp country as ident type -> sp ident + } } } diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java index 4a0bf744a..370923ca1 100644 --- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java +++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/EditOAAction.java @@ -746,13 +746,8 @@ public class EditOAAction extends ActionSupport implements ServletRequestAware, dboa.setStorkSPTargetCountry(generalOA.getStorkSPTargetCountry()); - String num = generalOA.getIdentificationNumber().replaceAll(" ", ""); - - if (num.startsWith(Constants.IDENIFICATIONTYPE_STORK)) - num = num.substring(Constants.IDENIFICATIONTYPE_STORK.length()); - IdentificationNumber idnumber = new IdentificationNumber(); - idnumber.setValue(Constants.PREFIX_STORK + "AT+" + generalOA.getIdentificationType() + num); + idnumber.setValue(Constants.PREFIX_STORK + "AT+" + generalOA.getStorkSPTargetCountry()); idnumber.setType(Constants.BUSINESSSERVICENAMES.get(generalOA.getIdentificationType())); authoa.setIdentificationNumber(idnumber); diff --git a/id/server/auth/moa-id-auth.iml b/id/server/auth/moa-id-auth.iml index 043374bc0..bf76e8805 100644 --- a/id/server/auth/moa-id-auth.iml +++ b/id/server/auth/moa-id-auth.iml @@ -58,6 +58,7 @@ + @@ -96,7 +97,6 @@ - diff --git a/id/server/idserverlib/moa-id-lib.iml b/id/server/idserverlib/moa-id-lib.iml index d995f23af..91b3617ad 100644 --- a/id/server/idserverlib/moa-id-lib.iml +++ b/id/server/idserverlib/moa-id-lib.iml @@ -40,7 +40,7 @@ - + diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 6f6d9611a..01a2e5485 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -1,74 +1,9 @@ package at.gv.egovernment.moa.id.auth; -import iaik.asn1.ObjectID; -import iaik.util.logging.Log; -import iaik.x509.X509Certificate; -import iaik.x509.X509ExtensionInitException; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.StringWriter; -import java.math.BigInteger; -import java.security.NoSuchAlgorithmException; -import java.security.Principal; -import java.security.cert.CertificateException; -import java.util.ArrayList; -//import java.security.cert.CertificateFactory; -import java.util.Calendar; -import java.util.Date; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Vector; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import javax.xml.parsers.ParserConfigurationException; -import javax.xml.transform.TransformerException; - -import org.apache.commons.io.IOUtils; -import org.apache.commons.lang.StringEscapeUtils; -import org.apache.velocity.Template; -import org.apache.velocity.VelocityContext; -import org.apache.velocity.app.VelocityEngine; -import org.apache.xpath.XPathAPI; -import org.opensaml.common.IdentifierGenerator; -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; -import org.opensaml.xml.util.Base64; -import org.opensaml.xml.util.XMLHelper; -import org.w3c.dom.DOMException; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; -import org.w3c.dom.NodeList; -import org.xml.sax.SAXException; - -import at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder; -import at.gv.egovernment.moa.id.auth.builder.BPKBuilder; -import at.gv.egovernment.moa.id.auth.builder.CertInfoVerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder; -import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder; -import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder; -import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; -import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; -import at.gv.egovernment.moa.id.auth.data.IdentityLink; -import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult; -import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; -import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; -import at.gv.egovernment.moa.id.auth.exception.BKUException; -import at.gv.egovernment.moa.id.auth.exception.BuildException; -import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.exception.ParseException; -import at.gv.egovernment.moa.id.auth.exception.ServiceException; -import at.gv.egovernment.moa.id.auth.exception.ValidateException; -import at.gv.egovernment.moa.id.auth.exception.WrongParametersException; +import at.gv.egovernment.moa.id.auth.builder.*; +import at.gv.egovernment.moa.id.auth.data.*; +import at.gv.egovernment.moa.id.auth.exception.*; import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser; import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; @@ -81,13 +16,9 @@ import at.gv.egovernment.moa.id.auth.validator.IdentityLinkValidator; import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator; import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator; import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils; -//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse; -//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient; -//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants; import at.gv.egovernment.moa.id.client.SZRGWClient; import at.gv.egovernment.moa.id.client.SZRGWClientException; -import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber; import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute; import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; @@ -109,13 +40,7 @@ import at.gv.egovernment.moa.id.util.XMLUtil; import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate; import at.gv.egovernment.moa.logging.LogMsg; import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.Constants; -import at.gv.egovernment.moa.util.DOMUtils; -import at.gv.egovernment.moa.util.DateTimeUtils; -import at.gv.egovernment.moa.util.FileUtils; -import at.gv.egovernment.moa.util.MiscUtil; -import at.gv.egovernment.moa.util.StringUtils; -import at.gv.egovernment.moa.util.XPathUtils; +import at.gv.egovernment.moa.util.*; import at.gv.util.xsd.mis.MandateIdentifiers; import at.gv.util.xsd.mis.Target; import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest; @@ -123,12 +48,8 @@ import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData; import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse; import at.gv.util.xsd.srzgw.MISType; import at.gv.util.xsd.srzgw.MISType.Filters; -import eu.stork.oasisdss.api.AdditionalProfiles; -import eu.stork.oasisdss.api.ApiUtils; +import eu.stork.oasisdss.api.*; import eu.stork.oasisdss.api.exceptions.ApiUtilsException; -import eu.stork.oasisdss.api.Profiles; -import eu.stork.oasisdss.api.QualityLevels; -import eu.stork.oasisdss.api.SignatureTypes; import eu.stork.oasisdss.profile.AnyType; import eu.stork.oasisdss.profile.DocumentType; import eu.stork.oasisdss.profile.SignRequest; @@ -138,6 +59,42 @@ import eu.stork.peps.auth.commons.PersonalAttributeList; import eu.stork.peps.auth.commons.STORKAuthnRequest; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; +import iaik.asn1.ObjectID; +import iaik.util.logging.Log; +import iaik.x509.X509Certificate; +import iaik.x509.X509ExtensionInitException; +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.StringEscapeUtils; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.apache.xpath.XPathAPI; +import org.opensaml.common.IdentifierGenerator; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator; +import org.opensaml.xml.util.Base64; +import org.opensaml.xml.util.XMLHelper; +import org.w3c.dom.*; +import org.xml.sax.SAXException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.TransformerException; +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.StringWriter; +import java.math.BigInteger; +import java.security.NoSuchAlgorithmException; +import java.security.Principal; +import java.security.cert.CertificateException; +import java.util.*; + +//import java.security.cert.CertificateFactory; +//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.CreateIdentityLinkResponse; +//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClient; +//import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWClientException; /** * API for MOA ID Authentication Service.
{@link AuthenticationSession} is @@ -149,148 +106,147 @@ import eu.stork.peps.exceptions.STORKSAMLEngineException; */ public class AuthenticationServer implements MOAIDAuthConstants { - /** single instance */ - private static AuthenticationServer instance; - - /** - * time out in milliseconds used by {@link cleanup} for session store - */ - private long sessionTimeOutCreated = 15 * 60 * 1000; // default 10 minutes - private long sessionTimeOutUpdated = 10 * 60 * 1000; // default 10 minutes - /** - * time out in milliseconds used by {@link cleanup} for authentication data - * store - */ - private long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes - - /** - * Returns the single instance of AuthenticationServer. - * - * @return the single instance of AuthenticationServer - */ - public static AuthenticationServer getInstance() { - if (instance == null) - instance = new AuthenticationServer(); - return instance; - } - - /** - * Constructor for AuthenticationServer. - */ - public AuthenticationServer() { - super(); - } - - - /** - * Processes the beginning of an authentication session. - *
    - *
  • Starts an authentication session
  • - *
  • Creates an <InfoboxReadRequest>
  • - *
  • Creates an HTML form for querying the identity link from the security - * layer implementation.
    - * Form parameters include - *
      - *
    • the <InfoboxReadRequest>
    • - *
    • the data URL where the security layer implementation sends it - * response to
    • - *
    - *
- * - * @param authURL - * URL of the servlet to be used as data URL - * @param target - * "Geschäftsbereich" of the online application requested - * @param targetFriendlyName - * Friendly name of the target if the target is configured via - * configuration - * @param oaURL - * online application URL requested - * @param bkuURL - * URL of the "Bürgerkartenumgebung" to be used; may be - * null; in this case, the default location will be - * used - * @param useMandate - * Indicates if mandate is used or not - * @param templateURL - * URL providing an HTML template for the HTML form generated - * @param templateMandteURL - * URL providing an HTML template for the HTML form generated - * (for signing in mandates mode) - * @param req - * determines the protocol used - * @param sourceID - * @return HTML form - * @throws AuthenticationException - * @see GetIdentityLinkFormBuilder - * @see InfoboxReadRequestBuilder - */ - public String startAuthentication(AuthenticationSession session, HttpServletRequest req) throws WrongParametersException, - AuthenticationException, ConfigurationException, BuildException { - - if (session == null) { - throw new AuthenticationException("auth.18", new Object[] { }); - } - - //load OnlineApplication configuration - OAAuthParameter oaParam = - AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("auth.00", new Object[] { session.getPublicOAURLPrefix() }); - - //load Template - String template = null; - if (session.getTemplateURL() != null) { - try { - - template = new String(FileUtils.readURL(session.getTemplateURL())); - } catch (IOException ex) { - throw new AuthenticationException("auth.03", new Object[] { - session.getTemplateURL(), ex.toString() }, ex); - } - } - - String infoboxReadRequest = ""; - - String domainIdentifier = AuthConfigurationProvider.getInstance().getSSOTagetIdentifier().trim(); - if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) { - //do not use SSO if no Target is set - Log.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!"); - session.setSsoRequested(false); - - } - - if (session.isSsoRequested()) { - //load identityLink with SSO Target - boolean isbuisness = false; - - if (domainIdentifier.startsWith(PREFIX_WPBK)) { - - isbuisness = true; - - } else { - isbuisness = false; - - } - - //build ReadInfobox request - infoboxReadRequest = new InfoboxReadRequestBuilder().build( - isbuisness, domainIdentifier); - - } else { - //build ReadInfobox request - infoboxReadRequest = new InfoboxReadRequestBuilder().build( - oaParam.getBusinessService(), oaParam - .getIdentityLinkDomainIdentifier()); - } - - - String dataURL = new DataURLBuilder().buildDataURL( - session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, session - .getSessionID()); - - //removed in MOAID 2.0 - String pushInfobox = ""; + /** + * single instance + */ + private static AuthenticationServer instance; + + /** + * time out in milliseconds used by {@link cleanup} for session store + */ + private long sessionTimeOutCreated = 15 * 60 * 1000; // default 10 minutes + private long sessionTimeOutUpdated = 10 * 60 * 1000; // default 10 minutes + /** + * time out in milliseconds used by {@link cleanup} for authentication data + * store + */ + private long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes + + /** + * Returns the single instance of AuthenticationServer. + * + * @return the single instance of AuthenticationServer + */ + public static AuthenticationServer getInstance() { + if (instance == null) + instance = new AuthenticationServer(); + return instance; + } + + /** + * Constructor for AuthenticationServer. + */ + public AuthenticationServer() { + super(); + } + + + /** + * Processes the beginning of an authentication session. + *
    + *
  • Starts an authentication session
  • + *
  • Creates an <InfoboxReadRequest>
  • + *
  • Creates an HTML form for querying the identity link from the security + * layer implementation.
    + * Form parameters include + *
      + *
    • the <InfoboxReadRequest>
    • + *
    • the data URL where the security layer implementation sends it + * response to
    • + *
    + *
+ * + * @param authURL URL of the servlet to be used as data URL + * @param target "Geschäftsbereich" of the online application requested + * @param targetFriendlyName Friendly name of the target if the target is configured via + * configuration + * @param oaURL online application URL requested + * @param bkuURL URL of the "Bürgerkartenumgebung" to be used; may be + * null; in this case, the default location will be + * used + * @param useMandate Indicates if mandate is used or not + * @param templateURL URL providing an HTML template for the HTML form generated + * @param templateMandteURL URL providing an HTML template for the HTML form generated + * (for signing in mandates mode) + * @param req determines the protocol used + * @param sourceID + * @return HTML form + * @throws AuthenticationException + * @see GetIdentityLinkFormBuilder + * @see InfoboxReadRequestBuilder + */ + public String startAuthentication(AuthenticationSession session, HttpServletRequest req) throws WrongParametersException, + AuthenticationException, ConfigurationException, BuildException { + + if (session == null) { + throw new AuthenticationException("auth.18", new Object[]{}); + } + + //load OnlineApplication configuration + OAAuthParameter oaParam = + AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("auth.00", new Object[]{session.getPublicOAURLPrefix()}); + + //load Template + String template = null; + if (session.getTemplateURL() != null) { + try { + + template = new String(FileUtils.readURL(session.getTemplateURL())); + } catch (IOException ex) { + throw new AuthenticationException("auth.03", new Object[]{ + session.getTemplateURL(), ex.toString()}, ex); + } + } + + String infoboxReadRequest = ""; + + String domainIdentifier = AuthConfigurationProvider.getInstance().getSSOTagetIdentifier().trim(); + if (MiscUtil.isEmpty(domainIdentifier) && session.isSsoRequested()) { + //do not use SSO if no Target is set + Log.warn("NO SSO-Target found in configuration. Single Sign-On is deaktivated!"); + session.setSsoRequested(false); + + } + + if (session.isSsoRequested()) { + //load identityLink with SSO Target + boolean isbuisness = false; + + if (domainIdentifier.startsWith(PREFIX_WPBK)) { + + isbuisness = true; + + } else { + isbuisness = false; + + } + + //build ReadInfobox request + infoboxReadRequest = new InfoboxReadRequestBuilder().build( + isbuisness, domainIdentifier); + + } else { + + if (oaParam.getStorkService()) + // build stork request + infoboxReadRequest = new InfoboxReadRequestBuilder().buildStorkReadRequest( + oaParam.getIdentityLinkDomainIdentifier()); + else + //build ReadInfobox request + infoboxReadRequest = new InfoboxReadRequestBuilder().build( + oaParam.getBusinessService(), oaParam + .getIdentityLinkDomainIdentifier()); + } + + + String dataURL = new DataURLBuilder().buildDataURL( + session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, session + .getSessionID()); + + //removed in MOAID 2.0 + String pushInfobox = ""; // VerifyInfoboxParameters verifyInfoboxParameters = oaParam // .getVerifyInfoboxParameters(); @@ -299,1787 +255,1743 @@ public class AuthenticationServer implements MOAIDAuthConstants { // session.setPushInfobox(pushInfobox); // } - //build CertInfo request - String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder() - .build(); - String certInfoDataURL = new DataURLBuilder() - .buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION, - session.getSessionID()); - - //get Applet Parameters - String appletwidth = req.getParameter(PARAM_APPLET_WIDTH); - String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH); - appletheigth = StringEscapeUtils.escapeHtml(appletheigth); - appletwidth = StringEscapeUtils.escapeHtml(appletwidth); - - String htmlForm = new GetIdentityLinkFormBuilder().build(template, - session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest, - certInfoDataURL, pushInfobox, oaParam, appletheigth, appletwidth); - - return htmlForm; - } - - /** - * Processes an <InfoboxReadResponse> sent by the - * security layer implementation.
- *
    - *
  • Validates given <InfoboxReadResponse>
  • - *
  • Parses identity link enclosed in - * <InfoboxReadResponse>
  • - *
  • Verifies identity link by calling the MOA SP component
  • - *
  • Checks certificate authority of identity link
  • - *
  • Stores identity link in the session
  • - *
  • Verifies all additional infoboxes returned from the BKU
  • - *
  • Creates an authentication block to be signed by the user
  • - *
  • Creates and returns a <CreateXMLSignatureRequest> - * containg the authentication block, meant to be returned to the security - * layer implementation
  • - *
- * - * @param sessionID - * ID of associated authentication session data - * @param infoboxReadResponseParameters - * The parameters from the response returned from the BKU - * including the <InfoboxReadResponse> - * @return String representation of the - * <CreateXMLSignatureRequest> - * @throws BKUException - */ - public String verifyIdentityLink(AuthenticationSession session, - Map infoboxReadResponseParameters) throws AuthenticationException, - BuildException, ParseException, ConfigurationException, - ValidateException, ServiceException, BKUException { - - if (session == null) - throw new AuthenticationException("auth.10", new Object[] { - REQ_VERIFY_IDENTITY_LINK, PARAM_SESSIONID }); - - String xmlInfoboxReadResponse = (String) infoboxReadResponseParameters - .get(PARAM_XMLRESPONSE); - - if (isEmpty(xmlInfoboxReadResponse)) - throw new AuthenticationException("auth.10", new Object[] { - REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE }); - - AuthConfigurationProvider authConf = AuthConfigurationProvider - .getInstance(); - - // check if an identity link was found - // Errorcode 2911 von Trustdesk BKU (nicht spezifikationskonform - // (SL1.2)) - // CharSequence se = "ErrorCode>2911".substring(0); - // boolean b = xmlInfoboxReadResponse.contains(se); - String se = "ErrorCode>2911"; - int b = xmlInfoboxReadResponse.indexOf(se); - if (b != -1) { // no identity link found - Logger - .info("Es konnte keine Personenbindung auf der Karte gefunden werden. Versuche Anmeldung als auslaendische eID."); - return null; - } - // spezifikationsgemaess (SL1.2) Errorcode - se = "ErrorCode>4002"; - // b = xmlInfoboxReadResponse.contains(se); - b = xmlInfoboxReadResponse.indexOf(se); - if (b != -1) { // Unbekannter Infoboxbezeichner - Logger - .info("Unbekannter Infoboxbezeichner. Versuche Anmeldung als auslaendische eID."); - return null; - } - - // parses the - IdentityLink identityLink = new InfoboxReadResponseParser( - xmlInfoboxReadResponse).parseIdentityLink(); - // validates the identity link - IdentityLinkValidator.getInstance().validate(identityLink); - // builds a for a call of MOA-SP - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() - .build(identityLink, authConf - .getMoaSpIdentityLinkTrustProfileID()); - - // invokes the call - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() - .verifyXMLSignature(domVerifyXMLSignatureRequest); - // parses the - VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( - domVerifyXMLSignatureResponse).parseData(); - - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - - // if OA is type is business service the manifest validation result has - // to be ignored - boolean ignoreManifestValidationResult = oaParam.getBusinessService() ? true - : false; - - // validates the - VerifyXMLSignatureResponseValidator.getInstance().validate( - verifyXMLSignatureResponse, - authConf.getIdentityLinkX509SubjectNames(), - VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, - ignoreManifestValidationResult); - - session.setIdentityLink(identityLink); - // now validate the extended infoboxes - - //Removed in MOA-ID 2.0 - //verifyInfoboxes(session, infoboxReadResponseParameters, false); - - return "found!"; - } - - /** - * Processes an <InfoboxReadResponse> sent by the - * security layer implementation.
- *
    - *
  • Validates given <InfoboxReadResponse>
  • - *
  • Parses identity link enclosed in - * <InfoboxReadResponse>
  • - *
  • Verifies identity link by calling the MOA SP component
  • - *
  • Checks certificate authority of identity link
  • - *
  • Stores identity link in the session
  • - *
  • Verifies all additional infoboxes returned from the BKU
  • - *
  • Creates an authentication block to be signed by the user
  • - *
  • Creates and returns a <CreateXMLSignatureRequest> - * containg the authentication block, meant to be returned to the security - * layer implementation
  • - *
- * - * @param sessionID - * ID of associated authentication session data - * @param infoboxReadResponseParameters - * The parameters from the response returned from the BKU - * including the <InfoboxReadResponse> - * @return String representation of the - * <CreateXMLSignatureRequest> - */ - public String verifyCertificate(AuthenticationSession session, - X509Certificate certificate) throws AuthenticationException, - BuildException, ParseException, ConfigurationException, - ValidateException, ServiceException, MOAIDException{ - - if (session == null) - throw new AuthenticationException("auth.10", new Object[] { - REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID }); - - // check if person is a Organwalter - // if true - don't show bPK in AUTH Block - try { - for (ObjectID OWid : MOAIDAuthConstants.OW_LIST) { - if (certificate.getExtension(OWid) != null) { - session.setOW(true); - } - - } - - } catch (X509ExtensionInitException e) { - Logger.warn("Certificate extension is not readable."); - session.setOW(false); - } - - AuthConfigurationProvider authConf = AuthConfigurationProvider - .getInstance(); - - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - - String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session, - authConf, oaParam); - - return returnvalue; - } - - /** - * Processes an Mandate sent by the MIS.
- *
    - *
  • Validates given Mandate
  • - *
  • Verifies Mandate by calling the MOA SP component
  • - *
  • Creates an authentication block to be signed by the user
  • - *
  • Creates and returns a <CreateXMLSignatureRequest> - * containg the authentication block, meant to be returned to the security - * layer implementation
  • - *
- * - * @param sessionID - * ID of associated authentication session data - * @param infoboxReadResponseParameters - * The parameters from the response returned from the BKU - * including the <InfoboxReadResponse> - * @return String representation of the - * <CreateXMLSignatureRequest> - */ - public void verifyMandate(AuthenticationSession session, MISMandate mandate) - throws AuthenticationException, BuildException, ParseException, - ConfigurationException, ValidateException, ServiceException { - - if (session == null) - throw new AuthenticationException("auth.10", new Object[] { - GET_MIS_SESSIONID, PARAM_SESSIONID }); - - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - - try { - // sets the extended SAML attributes for OID (Organwalter) - setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam - .getBusinessService()); - - validateExtendedSAMLAttributeForMandates(session, mandate, oaParam.getBusinessService()); - - - } catch (SAXException e) { - throw new AuthenticationException("auth.16", - new Object[] { GET_MIS_SESSIONID }, e); - } catch (IOException e) { - throw new AuthenticationException("auth.16", - new Object[] { GET_MIS_SESSIONID }, e); - } catch (ParserConfigurationException e) { - throw new AuthenticationException("auth.16", - new Object[] { GET_MIS_SESSIONID }, e); - } catch (TransformerException e) { - throw new AuthenticationException("auth.16", - new Object[] { GET_MIS_SESSIONID }, e); - } - - } - - /** - * - * @param session - * @param authConf - * @param oaParam - * @return - * @throws ConfigurationException - * @throws BuildException - * @throws ValidateException - */ - public String getCreateXMLSignatureRequestAuthBlockOrRedirect( - AuthenticationSession session, AuthConfigurationProvider authConf, - OAAuthParameter oaParam) throws ConfigurationException, - BuildException, ValidateException { - - // check for intermediate processing of the infoboxes - if (session.isValidatorInputPending()) - return "Redirect to Input Processor"; - - if (authConf == null) - authConf = AuthConfigurationProvider.getInstance(); - if (oaParam == null) - oaParam = AuthConfigurationProvider.getInstance() - .getOnlineApplicationParameter( - session.getPublicOAURLPrefix()); - - // builds the AUTH-block - String authBlock = buildAuthenticationBlock(session, oaParam); - - // builds the - List transformsInfos = oaParam.getTransformsInfos(); - if ((transformsInfos == null) || (transformsInfos.size() == 0)) { - // no OA specific transforms specified, use default ones - transformsInfos = authConf.getTransformsInfos(); - } - String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder() - .build(authBlock, oaParam.getKeyBoxIdentifier(), - transformsInfos); - return createXMLSignatureRequest; - } - - /** - * Returns an CreateXMLSignatureRequest for signing the ERnP statement.
- *
    - *
  • Creates an CreateXMLSignatureRequest to be signed by the user
  • - *
- * - * @param sessionID - * ID of associated authentication session data - * @param cert - * The certificate from the user - * @return String representation of the - * <CreateXMLSignatureRequest> - */ - public String createXMLSignatureRequestForeignID(AuthenticationSession session, - X509Certificate cert) throws AuthenticationException, - BuildException, ParseException, ConfigurationException, - ValidateException, ServiceException { - - if (session == null) - throw new AuthenticationException("auth.10", new Object[] { - REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID }); - - AuthConfigurationProvider authConf = AuthConfigurationProvider - .getInstance(); - - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() - .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - - return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam, - cert); - } - - public String getCreateXMLSignatureRequestForeigID( - AuthenticationSession session, AuthConfigurationProvider authConf, - OAAuthParameter oaParam, X509Certificate cert) - throws ConfigurationException { - - // check for intermediate processing of the infoboxes - if (session.isValidatorInputPending()) - return "Redirect to Input Processor"; - - if (authConf == null) - authConf = AuthConfigurationProvider.getInstance(); - if (oaParam == null) - oaParam = AuthConfigurationProvider.getInstance() - .getOnlineApplicationParameter( - session.getPublicOAURLPrefix()); - - Principal subject = cert.getSubjectDN(); - - String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder() - .buildForeignID(subject.toString(), oaParam, session); - return createXMLSignatureRequest; - } - - /** - * Processes an <CreateXMLSignatureResponse> sent by the - * security layer implementation.
- *
    - *
  • Validates given <CreateXMLSignatureResponse>
  • - *
  • Parses response enclosed in - * <CreateXMLSignatureResponse>
  • - *
  • Verifies signature by calling the MOA SP component
  • - *
  • Returns the signer certificate
  • - *
- * - * @param sessionID - * ID of associated authentication session data - * @param createXMLSignatureResponseParameters - * The parameters from the response returned from the BKU - * including the <CreateXMLSignatureResponse> - * @throws BKUException - */ - public X509Certificate verifyXMLSignature(String sessionID, - Map createXMLSignatureResponseParameters) - throws AuthenticationException, BuildException, ParseException, - ConfigurationException, ValidateException, ServiceException, BKUException { - - if (isEmpty(sessionID)) - throw new AuthenticationException("auth.10", new Object[] { - REQ_GET_FOREIGN_ID, PARAM_SESSIONID }); - - String xmlCreateXMLSignatureResponse = (String) createXMLSignatureResponseParameters - .get(PARAM_XMLRESPONSE); - - if (isEmpty(xmlCreateXMLSignatureResponse)) - throw new AuthenticationException("auth.10", new Object[] { - REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE }); - - AuthConfigurationProvider authConf = AuthConfigurationProvider - .getInstance(); - - // parses the - CreateXMLSignatureResponseParser p = new CreateXMLSignatureResponseParser( - xmlCreateXMLSignatureResponse); - CreateXMLSignatureResponse createXMLSignatureResponse = p - .parseResponseDsig(); - - // builds a for a call of MOA-SP - Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() - .buildDsig(createXMLSignatureResponse, authConf - .getMoaSpAuthBlockTrustProfileID()); - - // invokes the call - Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() - .verifyXMLSignature(domVerifyXMLSignatureRequest); - - // parses the - VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( - domVerifyXMLSignatureResponse).parseData(); - - return verifyXMLSignatureResponse.getX509certificate(); - - } - - /** - * Processes an <CreateXMLSignatureResponse> sent by the - * security layer implementation.
- *
    - *
  • Validates given <CreateXMLSignatureResponse>
  • - *
  • Parses response enclosed in - * <CreateXMLSignatureResponse>
  • - *
  • Verifies signature by calling the MOA SP component
  • - *
  • Returns the signer certificate
  • - *
- * - * @param sessionID - * ID of associated authentication session data - * @param readInfoboxResponseParameters - * The parameters from the response returned from the BKU - * including the <ReadInfoboxResponse> - * @throws BKUException - */ - public X509Certificate getCertificate(String sessionID, - Map readInfoboxResponseParameters) throws AuthenticationException, - BuildException, ParseException, ConfigurationException, - ValidateException, ServiceException, BKUException { - - if (isEmpty(sessionID)) - throw new AuthenticationException("auth.10", new Object[] { - REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID }); - - String xmlReadInfoboxResponse = (String) readInfoboxResponseParameters - .get(PARAM_XMLRESPONSE); - - if (isEmpty(xmlReadInfoboxResponse)) - throw new AuthenticationException("auth.10", new Object[] { - REQ_VERIFY_CERTIFICATE, PARAM_XMLRESPONSE }); - - // parses the - InfoboxReadResponseParser p = new InfoboxReadResponseParser( - xmlReadInfoboxResponse); - X509Certificate cert = p.parseCertificate(); - - return cert; - - } - - /** - * Builds an authentication block <saml:Assertion> from - * given session data. - * - * @param session - * authentication session - * - * @return <saml:Assertion> as a String - * - * @throws BuildException - * If an error occurs on serializing an extended SAML attribute - * to be appended to the AUTH-Block. - */ - private String buildAuthenticationBlock(AuthenticationSession session, - OAAuthParameter oaParam) throws BuildException { - - IdentityLink identityLink = session.getIdentityLink(); - String issuer = identityLink.getName(); - String gebDat = identityLink.getDateOfBirth(); - - String identificationValue = null; - String identificationType = null; - - //set empty AuthBlock BPK in case of OW or SSO or bpk is not requested - if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) { - identificationType = ""; - identificationValue = ""; - - } else if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { - - if (oaParam.getBusinessService()) { - - String bpkBase64 = new BPKBuilder().buildWBPK(identityLink - .getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier()); - identificationValue = bpkBase64; - - if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK + "+" )) - identificationType = oaParam.getIdentityLinkDomainIdentifier(); - else - identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier(); - - } else { - String bpkBase64 = new BPKBuilder().buildBPK(identityLink - .getIdentificationValue(), session.getTarget()); - identificationValue = bpkBase64; - identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget(); - } - - - } else { - identificationValue = identityLink.getIdentificationValue(); - identificationType = identityLink.getIdentificationType(); - - } - - String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar - .getInstance()); - session.setIssueInstant(issueInstant); - String authURL = session.getAuthURL(); - String target = session.getTarget(); - String targetFriendlyName = session.getTargetFriendlyName(); - - // Bug #485 - // (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105) - // String oaURL = session.getPublicOAURLPrefix(); - - List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); - - - if (session.isSsoRequested()) { - String oaURL = new String(); - try { - oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); - - if (MiscUtil.isNotEmpty(oaURL)) - oaURL = oaURL.replaceAll("&", "&"); - - } catch (ConfigurationException e) { - } - String authBlock = new AuthenticationBlockAssertionBuilder() - .buildAuthBlockSSO(issuer, issueInstant, authURL, target, - targetFriendlyName, identificationValue, - identificationType, oaURL, gebDat, - extendedSAMLAttributes, session, oaParam); - return authBlock; - - } else { - String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&"); - String authBlock = new AuthenticationBlockAssertionBuilder() - .buildAuthBlock(issuer, issueInstant, authURL, target, - targetFriendlyName, identificationValue, - identificationType, oaURL, gebDat, - extendedSAMLAttributes, session, oaParam); - return authBlock; - } - } - - - - /** - * Verifies the infoboxes (except of the identity link infobox) returned by - * the BKU by calling appropriate validator classes. - * - * @param session - * The actual authentication session. - * @param mandate - * The Mandate from the MIS - * - * @throws AuthenticationException - * @throws ConfigurationException - * @throws TransformerException - * @throws ParserConfigurationException - * @throws IOException - * @throws SAXException - */ - private void validateExtendedSAMLAttributeForMandates( - AuthenticationSession session, MISMandate mandate, - boolean business) - throws ValidateException, ConfigurationException, SAXException, - IOException, ParserConfigurationException, TransformerException { - - ExtendedSAMLAttribute[] extendedSAMLAttributes = addExtendedSamlAttributes( - mandate, business, false); - - int length = extendedSAMLAttributes.length; - for (int i = 0; i < length; i++) { - ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i]; - - verifySAMLAttribute(samlAttribute, i, "MISService", - "MISService"); - - } - } - - /** - * Verifies the infoboxes (except of the identity link infobox) returned by - * the BKU by calling appropriate validator classes. - * - * @param session - * The actual authentication session. - * @param mandate - * The Mandate from the MIS - * - * @throws AuthenticationException - * @throws ConfigurationException - * @throws TransformerException - * @throws ParserConfigurationException - * @throws IOException - * @throws SAXException - */ - private void setExtendedSAMLAttributeForMandatesOID( - AuthenticationSession session, MISMandate mandate, boolean business) - throws ValidateException, ConfigurationException, SAXException, - IOException, ParserConfigurationException, TransformerException { - - ExtendedSAMLAttribute[] extendedSamlAttributes = addExtendedSamlAttributesOID( - mandate, business); - - AddAdditionalSAMLAttributes(session, extendedSamlAttributes, - "MISService", "MISService"); - - } - - /** - * Adds given SAML Attributes to the current session. They will be appended - * to the final SAML Assertion or the AUTH block. If the attributes are - * already in the list, they will be replaced. - * - * @param session - * The current session - * @param extendedSAMLAttributes - * The SAML attributes to add - * @param identifier - * The infobox identifier for debug purposes - * @param friendlyNam - * The friendly name of the infobox for debug purposes - */ - private static void AddAdditionalSAMLAttributes( - AuthenticationSession session, - ExtendedSAMLAttribute[] extendedSAMLAttributes, String identifier, - String friendlyName) throws ValidateException { - if (extendedSAMLAttributes == null) - return; - List oaAttributes = session.getExtendedSAMLAttributesOA(); - if (oaAttributes == null) - oaAttributes = new Vector(); - List authAttributes = session.getExtendedSAMLAttributesAUTH(); - if (authAttributes == null) - authAttributes = new Vector(); - int length = extendedSAMLAttributes.length; - for (int i = 0; i < length; i++) { - ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i]; - - Object value = verifySAMLAttribute(samlAttribute, i, identifier, - friendlyName); - - if ((value instanceof String) || (value instanceof Element)) { - switch (samlAttribute.getAddToAUTHBlock()) { - case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY: - replaceExtendedSAMLAttribute(authAttributes, samlAttribute); - break; - case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK: - replaceExtendedSAMLAttribute(authAttributes, samlAttribute); - replaceExtendedSAMLAttribute(oaAttributes, samlAttribute); - break; - case ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK: - replaceExtendedSAMLAttribute(oaAttributes, samlAttribute); - break; - default: - Logger - .info("Invalid return value from method \"getAddToAUTHBlock()\" (" - + samlAttribute.getAddToAUTHBlock() - + ") in SAML attribute number " - + (i + 1) - + " for infobox " + identifier); - throw new ValidateException("validator.47", new Object[] { - friendlyName, String.valueOf((i + 1)) }); - } - } else { - Logger - .info("The type of SAML-Attribute number " - + (i + 1) - + " returned from " - + identifier - + "-infobox validator is not valid. Must be either \"java.Lang.String\"" - + " or \"org.w3c.dom.Element\""); - throw new ValidateException("validator.46", new Object[] { - identifier, String.valueOf((i + 1)) }); - } - } - session.setExtendedSAMLAttributesAUTH(authAttributes); - session.setExtendedSAMLAttributesOA(oaAttributes); - } - - /** - * Adds the AUTH block related SAML attributes to the validation result. - * This is needed always before the AUTH block is to be signed, because the - * name of the mandator has to be set - * - * @throws ParserConfigurationException - * @throws IOException - * @throws SAXException - * @throws TransformerException - */ - - protected static ExtendedSAMLAttribute[] addExtendedSamlAttributes( - MISMandate mandate, boolean business, boolean provideStammzahl) - throws SAXException, IOException, ParserConfigurationException, - TransformerException { - Vector extendedSamlAttributes = new Vector(); - - extendedSamlAttributes.clear(); - - // Name - Element domMandate = mandateToElement(mandate); - Element nameSpaceNode = domMandate.getOwnerDocument().createElement( - "NameSpaceNode"); - nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, - Constants.PD_NS_URI); - nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX, - SZRGWConstants.MANDATE_NS); - - Element mandator = (Element) XPathAPI.selectSingleNode(domMandate, - "//md:Mandate/md:Mandator", nameSpaceNode); - - // Mandate - extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - EXT_SAML_MANDATE_RAW, domMandate, - SZRGWConstants.MANDATE_NS, - ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); - - // (w)bpk - String wbpk = ParepUtils.extractMandatorWbpk(mandator); - if (!ParepUtils.isEmpty(wbpk)) { - if (!ParepUtils.isPhysicalPerson(mandator)) { - String idType = ParepUtils - .extractMandatorIdentificationType(mandator); - if (!ParepUtils.isEmpty(idType) - && idType.startsWith(Constants.URN_PREFIX_BASEID)) { - extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - EXT_SAML_MANDATE_CB_BASE_ID, - ParepUtils.getRegisterString(idType) + ": " + wbpk, - SZRGWConstants.MANDATE_NS, - ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); - } - } else if (business) { - extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - EXT_SAML_MANDATE_WBPK, wbpk, - SZRGWConstants.MANDATE_NS, - ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); - } - } - - ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes - .size()]; - extendedSamlAttributes.copyInto(ret); - Logger.debug("ExtendedSAML Attributes: " + ret.length); - return ret; - - } - - /** - * Adds the AUTH block related SAML attributes to the validation result. - * This is needed always before the AUTH block is to be signed, because the - * name of the mandator has to be set - * - * @throws ParserConfigurationException - * @throws IOException - * @throws SAXException - * @throws TransformerException - */ - private static ExtendedSAMLAttribute[] addExtendedSamlAttributesOID( - MISMandate mandate, boolean business) throws SAXException, - IOException, ParserConfigurationException, TransformerException { - - Vector extendedSamlAttributes = new Vector(); - - extendedSamlAttributes.clear(); - - // RepresentationType - extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - EXT_SAML_MANDATE_REPRESENTATIONTYPE, - EXT_SAML_MANDATE_REPRESENTATIONTEXT, - SZRGWConstants.MANDATE_NS, - ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); - - String oid = mandate.getProfRep(); - - if (oid != null) { - extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - EXT_SAML_MANDATE_OID, oid, - SZRGWConstants.MANDATE_NS, - ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); - String oidDescription = mandate.getTextualDescriptionOfOID(); - extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( - EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, - oidDescription, SZRGWConstants.MANDATE_NS, - ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); - - } - - ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes - .size()]; - extendedSamlAttributes.copyInto(ret); - Logger.debug("ExtendedSAML Attributes: " + ret.length); - return ret; - - } - - /** - * - * @param mandate - * @return - * @throws ParserConfigurationException - * @throws IOException - * @throws SAXException - */ - private static Element mandateToElement(MISMandate mandate) - throws SAXException, IOException, ParserConfigurationException { - ByteArrayInputStream bais = new ByteArrayInputStream(mandate - .getMandate()); - Document doc = DOMUtils.parseDocumentSimple(bais); - return doc.getDocumentElement(); - } - - protected static void replaceExtendedSAMLAttribute(List attributes, - ExtendedSAMLAttribute samlAttribute) { - if (null == attributes) { - attributes = new Vector(); - } else { - String id = samlAttribute.getName(); - int length = attributes.size(); - for (int i = 0; i < length; i++) { - ExtendedSAMLAttribute att = (ExtendedSAMLAttribute) attributes - .get(i); - if (id.equals(att.getName())) { - // replace attribute - attributes.set(i, samlAttribute); - return; - } - } - attributes.add(samlAttribute); - } - } - - /** - * Processes a <CreateXMLSignatureResponse> sent by the - * security layer implementation.
- *
    - *
  • Validates given <CreateXMLSignatureResponse>
  • - *
  • Parses <CreateXMLSignatureResponse> for error - * codes
  • - *
  • Parses authentication block enclosed in - * <CreateXMLSignatureResponse>
  • - *
  • Verifies authentication block by calling the MOA SP component
  • - *
  • Creates authentication data
  • - *
  • Creates a corresponding SAML artifact
  • - *
  • Stores authentication data in the authentication data store indexed - * by the SAML artifact
  • - *
  • Deletes authentication session
  • - *
  • Returns the SAML artifact, encoded BASE64
  • - *
- * - * @param sessionID - * session ID of the running authentication session - * @param xmlCreateXMLSignatureReadResponse - * String representation of the - * <CreateXMLSignatureResponse> - * @return SAML artifact needed for retrieving authentication data, encoded - * BASE64 - * @throws BKUException - */ - public String verifyAuthenticationBlock(AuthenticationSession session, - String xmlCreateXMLSignatureReadResponse) - throws AuthenticationException, BuildException, ParseException, - ConfigurationException, ServiceException, ValidateException, BKUException { - - if (session == null) - throw new AuthenticationException("auth.10", new Object[] { - REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID }); - if (isEmpty(xmlCreateXMLSignatureReadResponse)) - throw new AuthenticationException("auth.10", new Object[] { - REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE }); - - AuthConfigurationProvider authConf = AuthConfigurationProvider - .getInstance(); - // parses - CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser( - xmlCreateXMLSignatureReadResponse).parseResponse(); - - try { - String serializedAssertion = DOMUtils.serializeNode(csresp - .getSamlAssertion()); - session.setAuthBlock(serializedAssertion); - } catch (TransformerException e) { - throw new ParseException("parser.04", new Object[] { - REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE }); - } catch (IOException e) { - throw new ParseException("parser.04", new Object[] { - REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE }); - } - // validates - if (session.isSsoRequested()) - new CreateXMLSignatureResponseValidator().validateSSO(csresp, session); - else - new CreateXMLSignatureResponseValidator().validate(csresp, session); - - // builds a for a MOA-SPSS call - List vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); - String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); - Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, - vtids, tpid); - // debug output - - // invokes the call - Element domVsresp = new SignatureVerificationInvoker() - .verifyXMLSignature(domVsreq); - // debug output - - // parses the - VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser( - domVsresp).parseData(); - - if (Logger.isTraceEnabled()) { - if (domVsresp != null) { - try { - String xmlVerifyXMLSignatureResponse = DOMUtils - .serializeNode(domVsresp, true); - Logger.trace(new LogMsg(xmlCreateXMLSignatureReadResponse)); - Logger.trace(new LogMsg(xmlVerifyXMLSignatureResponse)); - } catch (Throwable t) { - t.printStackTrace(); - Logger.info(new LogMsg(t.getStackTrace())); - } - } - } - - // validates the - VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, - null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, - false); - - // Compare AuthBlock Data with information stored in session, especially - // date and time - CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp); - - // compares the public keys from the identityLink with the AuthBlock - VerifyXMLSignatureResponseValidator.getInstance().validateCertificate( - vsresp, session.getIdentityLink()); - - // post processing of the infoboxes - Iterator iter = session.getInfoboxValidatorIterator(); - boolean formpending = false; - if (iter != null) { - while (!formpending && iter.hasNext()) { - Vector infoboxValidatorVector = (Vector) iter.next(); - String identifier = (String) infoboxValidatorVector.get(0); - String friendlyName = (String) infoboxValidatorVector.get(1); - InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - .get(2); - InfoboxValidationResult infoboxValidationResult = null; - try { - infoboxValidationResult = infoboxvalidator.validate(csresp - .getSamlAssertion()); - } catch (ValidateException e) { - Logger.error("Error validating " + identifier + " infobox:" - + e.getMessage()); - throw new ValidateException("validator.44", - new Object[] { friendlyName }); - } - if (!infoboxValidationResult.isValid()) { - Logger.info("Validation of " + identifier - + " infobox failed."); - throw new ValidateException("validator.40", new Object[] { - friendlyName, - infoboxValidationResult.getErrorMessage() }); - } - String form = infoboxvalidator.getForm(); - if (ParepUtils.isEmpty(form)) { - AddAdditionalSAMLAttributes( - session, - infoboxValidationResult.getExtendedSamlAttributes(), - identifier, friendlyName); - } else { - return "Redirect to Input Processor"; - } - } - } - - session.setXMLVerifySignatureResponse(vsresp); - session.setSignerCertificate(vsresp.getX509certificate()); - vsresp.setX509certificate(null); - session.setForeigner(false); - - if (session.getUseMandate()) { - // mandate mode - return null; - - } else { - - session.setAuthenticatedUsed(false); - session.setAuthenticated(true); - - //set QAA Level four in case of card authentifcation - session.setQAALevel(PVPConstants.STORK_QAA_1_4); - - - String oldsessionID = session.getSessionID(); - - //Session is implicte stored in changeSessionID!!! - String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); - - Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID); - Logger.info("Daten angelegt zu MOASession " + newMOASessionID); - - return newMOASessionID; - } - } - - /** - * Processes a <CreateXMLSignatureResponse> sent by the - * security layer implementation.
- *
    - *
  • Validates given <CreateXMLSignatureResponse>
  • - *
  • Parses <CreateXMLSignatureResponse> for error - * codes
  • - *
  • Parses authentication block enclosed in - * <CreateXMLSignatureResponse>
  • - *
  • Verifies authentication block by calling the MOA SP component
  • - *
  • Creates authentication data
  • - *
  • Creates a corresponding SAML artifact
  • - *
  • Stores authentication data in the authentication data store indexed - * by the SAML artifact
  • - *
  • Deletes authentication session
  • - *
  • Returns the SAML artifact, encoded BASE64
  • - *
- * - * @param sessionID - * session ID of the running authentication session - * @param xmlCreateXMLSignatureReadResponse - * String representation of the - * <CreateXMLSignatureResponse> - * @return SAML artifact needed for retrieving authentication data, encoded - * BASE64 - */ - - protected Element createIdentificationBPK(Element mandatePerson, - String baseid, String target) throws BuildException { - Element identificationBpK = mandatePerson.getOwnerDocument() - .createElementNS(Constants.PD_NS_URI, "Identification"); - Element valueBpK = mandatePerson.getOwnerDocument().createElementNS( - Constants.PD_NS_URI, "Value"); - - String bpkBase64 = new BPKBuilder().buildBPK(baseid, target); - valueBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode( - bpkBase64)); - Element typeBpK = mandatePerson.getOwnerDocument().createElementNS( - Constants.PD_NS_URI, "Type"); - typeBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode( - "urn:publicid:gv.at:cdid+bpk")); - identificationBpK.appendChild(valueBpK); - identificationBpK.appendChild(typeBpK); - - return identificationBpK; - - } - - protected String getBaseId(Element mandatePerson) - throws TransformerException, IOException { - NodeList list = mandatePerson.getElementsByTagNameNS( - Constants.PD_NS_URI, "Identification"); - for (int i = 0; i < list.getLength(); i++) { - Element identification = (Element) list.item(i); - Element type = (Element) identification.getElementsByTagNameNS( - Constants.PD_NS_URI, "Type").item(0); - if (type.getTextContent().compareToIgnoreCase( - "urn:publicid:gv.at:baseid") == 0) { - Element value = (Element) identification - .getElementsByTagNameNS(Constants.PD_NS_URI, "Value") - .item(0); - return value.getTextContent(); - } - } - return null; - - } - - /** - * Gets the foreign authentication data.
- *
    - *
  • Creates authentication data
  • - *
  • Creates a corresponding SAML artifact
  • - *
  • Stores authentication data in the authentication data store indexed - * by the SAML artifact
  • - *
  • Deletes authentication session
  • - *
  • Returns the SAML artifact, encoded BASE64
  • - *
- * - * @param sessionID - * session ID of the running authentication session - * @return SAML artifact needed for retrieving authentication data, encoded - * BASE64 - */ - public String getForeignAuthenticationData(AuthenticationSession session) - throws AuthenticationException, BuildException, ParseException, - ConfigurationException, ServiceException, ValidateException { - - if (session == null) - throw new AuthenticationException("auth.10", new Object[] { - REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID }); - - // post processing of the infoboxes - Iterator iter = session.getInfoboxValidatorIterator(); - boolean formpending = false; - if (iter != null) { - while (!formpending && iter.hasNext()) { - Vector infoboxValidatorVector = (Vector) iter.next(); - String identifier = (String) infoboxValidatorVector.get(0); - String friendlyName = (String) infoboxValidatorVector.get(1); - InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector - .get(2); - InfoboxValidationResult infoboxValidationResult = null; - try { - infoboxValidationResult = infoboxvalidator.validate(session - .getIdentityLink().getSamlAssertion()); - } catch (ValidateException e) { - Logger.error("Error validating " + identifier + " infobox:" - + e.getMessage()); - throw new ValidateException("validator.44", - new Object[] { friendlyName }); - } - if (!infoboxValidationResult.isValid()) { - Logger.info("Validation of " + identifier - + " infobox failed."); - throw new ValidateException("validator.40", new Object[] { - friendlyName, - infoboxValidationResult.getErrorMessage() }); - } - String form = infoboxvalidator.getForm(); - if (ParepUtils.isEmpty(form)) { - AddAdditionalSAMLAttributes( - session, - infoboxValidationResult.getExtendedSamlAttributes(), - identifier, friendlyName); - } else { - return "Redirect to Input Processor"; - } - } - } - - VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse(); - X509Certificate cert = session.getSignerCertificate(); - vsresp.setX509certificate(cert); - - session.setAuthenticatedUsed(false); - session.setAuthenticated(true); - - - session.setXMLVerifySignatureResponse(vsresp); - session.setSignerCertificate(vsresp.getX509certificate()); - vsresp.setX509certificate(null); - session.setForeigner(true); - - //TODO: regenerate MOASession ID! - return "new Session"; - } - - /** - * Builds the AuthenticationData object together with the corresponding - * <saml:Assertion> - * - * @param session - * authentication session - * @param verifyXMLSigResp - * VerifyXMLSignatureResponse from MOA-SP - * @param useUTC uses correct UTC time format - * @param useUTC indicates that authenticated citizen is a foreigner - * @param isForeigner indicates whether Austrian (false) or foreigner (true) authenticates - * @return AuthenticationData object - * @throws ConfigurationException - * while accessing configuration data - * @throws BuildException - * while building the <saml:Assertion> - */ - public static AuthenticationData buildAuthenticationData( - AuthenticationSession session, OAAuthParameter oaParam, String target) - throws ConfigurationException, BuildException { - - IdentityLink identityLink = session.getIdentityLink(); - AuthenticationData authData = new AuthenticationData(); - - VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse(); - - boolean businessService = oaParam.getBusinessService(); - - authData.setMajorVersion(1); - authData.setMinorVersion(0); - authData.setAssertionID(Random.nextRandom()); - authData.setIssuer(session.getAuthURL()); - - authData.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar - .getInstance())); - - //baseID or wbpk in case of BusinessService without SSO or BusinessService SSO - authData.setIdentificationValue(identityLink.getIdentificationValue()); - authData.setIdentificationType(identityLink.getIdentificationType()); - - authData.setGivenName(identityLink.getGivenName()); - authData.setFamilyName(identityLink.getFamilyName()); - authData.setDateOfBirth(identityLink.getDateOfBirth()); - authData.setQualifiedCertificate(verifyXMLSigResp - .isQualifiedCertificate()); - authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); - authData.setPublicAuthorityCode(verifyXMLSigResp - .getPublicAuthorityCode()); - authData.setBkuURL(session.getBkuURL()); - - try { - - if (session.getUseMandate() && session.isOW()) { - MISMandate mandate = session.getMISMandate(); - authData.setBPK(mandate.getOWbPK()); - authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW"); - authData.setIdentityLink(identityLink); - - Logger.trace("Authenticated User is OW: " + mandate.getOWbPK()); - - } else { - - if (businessService) { - //since we have foreigner, wbPK is not calculated in BKU - if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { - - String registerAndOrdNr = oaParam.getIdentityLinkDomainIdentifier(); - - if (registerAndOrdNr.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) { - // If domainIdentifier starts with prefix - // "urn:publicid:gv.at:wbpk+"; remove this prefix - registerAndOrdNr = registerAndOrdNr - .substring(AuthenticationSession.REGISTERANDORDNR_PREFIX_.length()); - Logger.debug("Register and ordernumber prefix stripped off; resulting register string: " - + registerAndOrdNr); - } - - String wbpkBase64 = new BPKBuilder().buildWBPK(identityLink.getIdentificationValue(), registerAndOrdNr); - authData.setBPK(wbpkBase64); - authData.setBPKType( Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr); - - } else { - authData.setBPK(identityLink.getIdentificationValue()); - authData.setBPKType(identityLink.getIdentificationType()); - - } - - Logger.trace("Authenticate user with wbPK " + authData.getBPK()); - - Element idlassertion = session.getIdentityLink().getSamlAssertion(); - //set bpk/wpbk; - Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); - prIdentification.getFirstChild().setNodeValue(authData.getBPK()); - //set bkp/wpbk type - Node prIdentificationType = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_TYPE_XPATH); - prIdentificationType.getFirstChild().setNodeValue(authData.getBPKType()); - - IdentityLinkAssertionParser idlparser = new IdentityLinkAssertionParser(idlassertion); - IdentityLink idl = idlparser.parseIdentityLink(); - authData.setIdentityLink(idl); - - } else { - - if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { - // only compute bPK if online application is a public service and we have the Stammzahl - String bpkBase64 = new BPKBuilder().buildBPK(identityLink.getIdentificationValue(), target); - authData.setBPK(bpkBase64); - authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget()); - } - - Logger.trace("Authenticate user with bPK " + authData.getBPK()); - - authData.setIdentityLink(identityLink); - } - } - - return authData; - - } catch (Throwable ex) { - throw new BuildException("builder.00", new Object[] { - "AuthenticationData", ex.toString() }, ex); - } - } - - /** - * Retrieves a session from the session store. - * - * @param id - * session ID - * @return AuthenticationSession stored with given session ID, - * null if session ID unknown - */ - public static AuthenticationSession getSession(String id) - throws AuthenticationException { - - AuthenticationSession session; - try { - session = AuthenticationSessionStoreage.getSession(id); - - if (session == null) - throw new AuthenticationException("auth.02", new Object[] { id }); - return session; - - } catch (MOADatabaseException e) { - throw new AuthenticationException("parser.04", new Object[] { id }); - } - } - - /** - * Cleans up expired session and authentication data stores. - */ - public void cleanup() { - long now = new Date().getTime(); - - //clean AuthenticationSessionStore - - AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated); - - //clean AssertionStore - AssertionStorage assertionstore = AssertionStorage.getInstance(); - assertionstore.clean(now, authDataTimeOut); - - //clean ExeptionStore - DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore(); - exstore.clean(now, authDataTimeOut); - - } - - /** - * Sets the sessionTimeOut. - * - * @param seconds - * Time out of the session in seconds - */ - public void setSecondsSessionTimeOutCreated(long seconds) { - sessionTimeOutCreated = seconds * 1000; - } - - public void setSecondsSessionTimeOutUpdated(long seconds) { - sessionTimeOutUpdated = seconds * 1000; - } - - /** - * Sets the authDataTimeOut. - * - * @param seconds - * Time out for signing AuthData in seconds - */ - public void setSecondsAuthDataTimeOut(long seconds) { - authDataTimeOut = seconds * 1000; - } - - /** - * Checks a parameter. - * - * @param param - * parameter - * @return true if the parameter is null or empty - */ - private boolean isEmpty(String param) { - return param == null || param.length() == 0; - } - - /** - * Checks the correctness of SAML attributes and returns its value. - * - * @param param - * samlAttribute - * @param i - * the number of the verified attribute for messages - * @param identifier - * the infobox identifier for messages - * @param friendlyname - * the friendly name of the infobox for messages - * @return the SAML attribute value (Element or String) - */ - protected static Object verifySAMLAttribute( - ExtendedSAMLAttribute samlAttribute, int i, String identifier, - String friendlyName) throws ValidateException { - String name = samlAttribute.getName(); - - if (name == null) { - Logger.info("The name of SAML-Attribute number " + (i + 1) - + " returned from " + identifier - + "-infobox validator is null."); - throw new ValidateException("validator.45", new Object[] { - friendlyName, "Name", String.valueOf((i + 1)), "null" }); - } - if (name == "") { - Logger.info("The name of SAML-Attribute number " + (i + 1) - + " returned from " + identifier - + "-infobox validator is empty."); - throw new ValidateException("validator.45", new Object[] { - friendlyName, "Name", String.valueOf((i + 1)), "leer" }); - } - if (samlAttribute.getNameSpace() == null) { - Logger.info("The namespace of SAML-Attribute number " + (i + 1) - + " returned from " + identifier - + "-infobox validator is null."); - throw new ValidateException("validator.45", - new Object[] { friendlyName, "Namespace", - String.valueOf((i + 1)), "null" }); - } - Object value = samlAttribute.getValue(); - if (value == null) { - Logger.info("The value of SAML-Attribute number " + (i + 1) - + " returned from " + identifier - + "-infobox validator is null."); - throw new ValidateException("validator.45", new Object[] { - friendlyName, "Wert", String.valueOf((i + 1)), "null" }); - } - - return value; - } - - /** - * Does the request to the SZR-GW - * @param oaFriendlyName - * @param signature XMLDSIG signature - * @return Identity link assertion - * @throws SZRGWClientException - */ - - public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException { - - try { - AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); - ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter(); - - SZRGWClient client = new SZRGWClient(connectionParameters); - - - CreateIdentityLinkRequest request = new CreateIdentityLinkRequest(); - request.setSignature(citizenSignature.getBytes()); - - PEPSData data = new PEPSData(); - data.setDateOfBirth(PEPSDateOfBirth); - data.setFamilyname(PEPSFamilyname); - data.setFirstname(PEPSFirstname); - data.setIdentifier(PEPSIdentifier); - - data.setRepresentative(representative); - data.setRepresented(represented); - data.setMandateContent(mandateContent); - - data.setLegalPersonCanonicalRegisteredAddress(organizationAddress); - data.setLegalPersonTranslatableType(organizationType); - - if(null != mandateContent) { - MISType mis = new MISType(); - - Target targetObject = new Target(); - targetObject.setType(targetType); - targetObject.setValue(targetValue); - mis.setTarget(targetObject); - - mis.setOAFriendlyName(oaFriendlyName); - - Filters filterObject = new Filters(); - MandateIdentifiers mandateIds = new MandateIdentifiers(); - for(String current : filters.split(",")) - mandateIds.getMandateIdentifier().add(current.trim()); - filterObject.setMandateIdentifiers(mandateIds); - mis.setFilters(filterObject); - - request.setMIS(mis); - } - - Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")..."); - CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request , connectionParameters.getUrl()); - return response; - - } - catch (ConfigurationException e) { - Logger.warn(e); - Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null )); - } - - return null; - - } - - /** - * Does the request to the SZR-GW. - * - * @param signature the signature - * @return the identity link - * @throws SZRGWClientException the sZRGW client exception - * @throws ConfigurationException the configuration exception - */ - public CreateIdentityLinkResponse getIdentityLink(Element signature) throws SZRGWClientException, ConfigurationException { - return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature)); - } - - /** - * Does the request to the SZR-GW. - * - * @param PEPSIdentifier the pEPS identifier - * @param PEPSFirstname the pEPS firstname - * @param PEPSFamilyname the pEPS familyname - * @param PEPSDateOfBirth the pEPS date of birth - * @param signature XMLDSIG signature - * @return Identity link assertion - * @throws SZRGWClientException the sZRGW client exception - * @throws ConfigurationException the configuration exception - */ - public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException { - return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null, null, null, null, null); - } - - /** - * Gets the identity link. - * - * @param citizenSignature the citizen signature - * @param representative the representative - * @param represented the represented - * @param mandate the mandate - * @param organizationAddress the organization address - * @param organizationType the organization type - * @return the identity link - * @throws SZRGWClientException - */ - public CreateIdentityLinkResponse getIdentityLink(String citizenSignature, - String representative, String represented, String mandateContent, - String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException { - return getIdentityLink(null, null, null, null, null, - citizenSignature, represented, representative, mandateContent, organizationAddress, - organizationType, targetType, targetValue, oaFriendlyName, filters); - } - - /** - * SZR-GW Client interface. - * - * @param eIdentifier the e identifier - * @param givenName the given name - * @param lastName the last name - * @param dateOfBirth the date of birth - * @param citizenSignature the citizen signature - * @param representative the representative - * @param represented the represented - * @param mandate the mandate - * @return the identity link - * @throws SZRGWClientException the sZRGW client exception - */ - public CreateIdentityLinkResponse getIdentityLink(String eIdentifier, - String givenName, String lastName, String dateOfBirth, String gender, - String citizenSignature, String representative, String represented, - String mandate, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException { - return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender, - citizenSignature, representative, represented, mandate, null, - null, targetType, targetValue, oaFriendlyName, filters); - } - - /** - * Starts a MOA-ID authentication process using STORK - * @param req HttpServletRequest - * @param resp HttpServletResponse - * @param ccc Citizen country code - * @param oaURL URL of the online application - * @param target Target parameter - * @param targetFriendlyName Friendly Name of Target - * @param authURL Authentication URL - * @param sourceID SourceID parameter - * @throws MOAIDException - * @throws AuthenticationException - * @throws WrongParametersException - * @throws ConfigurationException - */ - public static void startSTORKAuthentication( - HttpServletRequest req, - HttpServletResponse resp, - AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException { - - if (moasession == null) { - throw new AuthenticationException("auth.18", new Object[] { }); - } - - //read configuration paramters of OA - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); - if (oaParam == null) - throw new AuthenticationException("auth.00", new Object[] { moasession.getPublicOAURLPrefix() }); - - //Start of STORK Processing - STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig(); - - CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc()); - - Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:"); - String destination = cpeps.getPepsURL().toExternalForm(); - Logger.debug("C-PEPS URL: " + destination); - - String acsURL = HTTPUtils.getBaseURL(req) + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN; - Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL); - - String providerName= oaParam.getFriendlyName(); - String issuerValue = HTTPUtils.getBaseURL(req); - Logger.debug("Issuer value: " + issuerValue); - - // prepare collection of required attributes - // - attributes for online application - List attributesFromConfig = oaParam.getRequestedAttributes(); - - // - prepare attribute list - PersonalAttributeList attributeList = new PersonalAttributeList(); - - // - fill container - for(OAStorkAttribute current : attributesFromConfig) { - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName(current.getName()); - - boolean globallyMandatory = false; - for(StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes()) - if(current.getName().equals(currentGlobalAttribute.getName())) { - globallyMandatory = currentGlobalAttribute.isMandatory(); - break; - } - - newAttribute.setIsRequired(current.isMandatory() || globallyMandatory); - attributeList.add(newAttribute); - } - - // add sign request - PersonalAttribute newAttribute = new PersonalAttribute(); - newAttribute.setName("signedDoc"); - List value = new ArrayList(); - value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession), - "application/xhtml+xml", - moasession.getCcc())); - newAttribute.setValue(value); - attributeList.add(newAttribute); - - - if (Logger.isDebugEnabled()) { - Logger.debug("The following attributes are requested for this OA:"); - for (OAStorkAttribute logReqAttr : attributesFromConfig) - Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.isMandatory()); - } - - //TODO: check Target in case of SSO!! - String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget(); - String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); - String spApplication = spInstitution; - String spCountry = "AT"; - - //generate AuthnRquest - STORKAuthnRequest authnRequest = new STORKAuthnRequest(); - authnRequest.setDestination(destination); - authnRequest.setAssertionConsumerServiceURL(acsURL); - authnRequest.setProviderName(providerName); - authnRequest.setIssuer(issuerValue); - authnRequest.setQaa(oaParam.getQaaLevel()); - authnRequest.setSpInstitution(spInstitution); - authnRequest.setCountry(spCountry); - authnRequest.setSpApplication(spApplication); - authnRequest.setSpSector(spSector); - authnRequest.setPersonalAttributeList(attributeList); - - authnRequest.setEIDCrossBorderShare(true); - authnRequest.setEIDCrossSectorShare(true); - authnRequest.setEIDSectorShare(true); - - authnRequest.setCitizenCountryCode(moasession.getCcc()); - - - Logger.debug("STORK AuthnRequest succesfully assembled."); - - STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing"); - try { - authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest); - } catch (STORKSAMLEngineException e) { - Logger.error("Could not sign STORK SAML AuthnRequest.", e); - throw new MOAIDException("stork.00", null); - } - - Logger.info("STORK AuthnRequest successfully signed!"); - - //validate AuthnRequest - try { - samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml()); - } catch (STORKSAMLEngineException e) { - Logger.error("STORK SAML AuthnRequest not valid.", e); - throw new MOAIDException("stork.01", null); - } - - Logger.debug("STORK AuthnRequest successfully internally validated."); - - //send - moasession.setStorkAuthnRequest(authnRequest); - HttpSession httpSession = req.getSession(); - httpSession.setAttribute("MOA-Session-ID", moasession.getSessionID()); - - - Logger.info("Preparing to send STORK AuthnRequest."); - Logger.info("prepared STORKAuthnRequest: "); - Logger.info(new String(authnRequest.getTokenSaml())); - - try { - Logger.trace("Initialize VelocityEngine..."); - - VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); - Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); - VelocityContext context = new VelocityContext(); - context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml())); - context.put("action", destination); - - StringWriter writer = new StringWriter(); - template.merge(context, writer); - - resp.getOutputStream().write(writer.toString().getBytes()); - } catch (Exception e) { - Logger.error("Error sending STORK SAML AuthnRequest.", e); - httpSession.invalidate(); - throw new MOAIDException("stork.02", new Object[] { destination }); - } - - Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination()); - } - - private static String generateDssSignRequest(String text, String mimeType, String citizenCountry) { - IdentifierGenerator idGenerator; - try { - idGenerator = new SecureRandomIdentifierGenerator(); - - DocumentType doc = new DocumentType(); - doc.setBase64XML(text.getBytes()); - doc.setID(idGenerator.generateIdentifier()); - - SignRequest request = new SignRequest(); - request.setInputDocuments(ApiUtils.createInputDocuments(doc)); - - String id = idGenerator.generateIdentifier(); - request.setRequestID(id); - request.setDocUI(id); - - request.setProfile(Profiles.XADES_BES.toString()); - request.setNumberOfSigners(BigInteger.ONE); - request.setTargetCountry(citizenCountry); - - // no, no todo. PEPS will alter this value anyhow. - request.setReturnURL("http://invalid_return"); - - AnyType required = new AnyType(); - required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString())); - required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString())); - required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG)); - required.getAny().add(ApiUtils.createIncludeObject(doc)); - request.setOptionalInputs(required); - - return IOUtils.toString(ApiUtils.marshalToInputStream(request)); - } catch (NoSuchAlgorithmException e) { - Logger.error("Cannot generate id", e); - throw new RuntimeException(e); - } catch (ApiUtilsException e) { - Logger.error("Could not create SignRequest", e); - throw new RuntimeException(e); - } catch (DOMException e) { - Logger.error("Could not create SignRequest", e); - throw new RuntimeException(e); - } catch (IOException e) { - Logger.error("Could not create SignRequest", e); - throw new RuntimeException(e); - } - } - - /** - * Extracts an X509 Certificate out of an XML signagture element - * @param signedXML XML signature element - * @return X509Certificate - * @throws CertificateException - */ - public static X509Certificate getCertificateFromXML(Element signedXML) throws CertificateException { - - NodeList nList = signedXML.getElementsByTagNameNS(Constants.DSIG_NS_URI, "X509Certificate"); - - String base64CertString = XMLUtil.getFirstTextValueFromNodeList(nList); - - if (StringUtils.isEmpty(base64CertString)) { - String msg = "XML does not contain a X509Certificate element."; - Logger.error(msg); - throw new CertificateException(msg); - } - - InputStream is = new ByteArrayInputStream(Base64.decode(base64CertString)); - - X509Certificate cert; - try { - cert = new X509Certificate(is); - return cert; - - } catch (Throwable e) { - throw new CertificateException(e); - } - } + //build CertInfo request + String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder() + .build(); + String certInfoDataURL = new DataURLBuilder() + .buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION, + session.getSessionID()); + + //get Applet Parameters + String appletwidth = req.getParameter(PARAM_APPLET_WIDTH); + String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH); + appletheigth = StringEscapeUtils.escapeHtml(appletheigth); + appletwidth = StringEscapeUtils.escapeHtml(appletwidth); + + String htmlForm = new GetIdentityLinkFormBuilder().build(template, + session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest, + certInfoDataURL, pushInfobox, oaParam, appletheigth, appletwidth); + + return htmlForm; + } + + /** + * Processes an <InfoboxReadResponse> sent by the + * security layer implementation.
+ *
    + *
  • Validates given <InfoboxReadResponse>
  • + *
  • Parses identity link enclosed in + * <InfoboxReadResponse>
  • + *
  • Verifies identity link by calling the MOA SP component
  • + *
  • Checks certificate authority of identity link
  • + *
  • Stores identity link in the session
  • + *
  • Verifies all additional infoboxes returned from the BKU
  • + *
  • Creates an authentication block to be signed by the user
  • + *
  • Creates and returns a <CreateXMLSignatureRequest> + * containg the authentication block, meant to be returned to the security + * layer implementation
  • + *
+ * + * @param sessionID ID of associated authentication session data + * @param infoboxReadResponseParameters The parameters from the response returned from the BKU + * including the <InfoboxReadResponse> + * @return String representation of the + * <CreateXMLSignatureRequest> + * @throws BKUException + */ + public String verifyIdentityLink(AuthenticationSession session, + Map infoboxReadResponseParameters) throws AuthenticationException, + BuildException, ParseException, ConfigurationException, + ValidateException, ServiceException, BKUException { + + if (session == null) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_VERIFY_IDENTITY_LINK, PARAM_SESSIONID}); + + String xmlInfoboxReadResponse = (String) infoboxReadResponseParameters + .get(PARAM_XMLRESPONSE); + + if (isEmpty(xmlInfoboxReadResponse)) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE}); + + AuthConfigurationProvider authConf = AuthConfigurationProvider + .getInstance(); + + // check if an identity link was found + // Errorcode 2911 von Trustdesk BKU (nicht spezifikationskonform + // (SL1.2)) + // CharSequence se = "ErrorCode>2911".substring(0); + // boolean b = xmlInfoboxReadResponse.contains(se); + String se = "ErrorCode>2911"; + int b = xmlInfoboxReadResponse.indexOf(se); + if (b != -1) { // no identity link found + Logger + .info("Es konnte keine Personenbindung auf der Karte gefunden werden. Versuche Anmeldung als auslaendische eID."); + return null; + } + // spezifikationsgemaess (SL1.2) Errorcode + se = "ErrorCode>4002"; + // b = xmlInfoboxReadResponse.contains(se); + b = xmlInfoboxReadResponse.indexOf(se); + if (b != -1) { // Unbekannter Infoboxbezeichner + Logger + .info("Unbekannter Infoboxbezeichner. Versuche Anmeldung als auslaendische eID."); + return null; + } + + // parses the + IdentityLink identityLink = new InfoboxReadResponseParser( + xmlInfoboxReadResponse).parseIdentityLink(); + // validates the identity link + IdentityLinkValidator.getInstance().validate(identityLink); + // builds a for a call of MOA-SP + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() + .build(identityLink, authConf + .getMoaSpIdentityLinkTrustProfileID()); + + // invokes the call + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() + .verifyXMLSignature(domVerifyXMLSignatureRequest); + // parses the + VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( + domVerifyXMLSignatureResponse).parseData(); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + + // if OA is type is business service the manifest validation result has + // to be ignored + boolean ignoreManifestValidationResult = (oaParam.getBusinessService() || oaParam.getStorkService()) ? true + : false; + + // validates the + VerifyXMLSignatureResponseValidator.getInstance().validate( + verifyXMLSignatureResponse, + authConf.getIdentityLinkX509SubjectNames(), + VerifyXMLSignatureResponseValidator.CHECK_IDENTITY_LINK, + ignoreManifestValidationResult); + + session.setIdentityLink(identityLink); + // now validate the extended infoboxes + + //Removed in MOA-ID 2.0 + //verifyInfoboxes(session, infoboxReadResponseParameters, false); + + return "found!"; + } + + /** + * Processes an <InfoboxReadResponse> sent by the + * security layer implementation.
+ *
    + *
  • Validates given <InfoboxReadResponse>
  • + *
  • Parses identity link enclosed in + * <InfoboxReadResponse>
  • + *
  • Verifies identity link by calling the MOA SP component
  • + *
  • Checks certificate authority of identity link
  • + *
  • Stores identity link in the session
  • + *
  • Verifies all additional infoboxes returned from the BKU
  • + *
  • Creates an authentication block to be signed by the user
  • + *
  • Creates and returns a <CreateXMLSignatureRequest> + * containg the authentication block, meant to be returned to the security + * layer implementation
  • + *
+ * + * @param sessionID ID of associated authentication session data + * @param infoboxReadResponseParameters The parameters from the response returned from the BKU + * including the <InfoboxReadResponse> + * @return String representation of the + * <CreateXMLSignatureRequest> + */ + public String verifyCertificate(AuthenticationSession session, + X509Certificate certificate) throws AuthenticationException, + BuildException, ParseException, ConfigurationException, + ValidateException, ServiceException, MOAIDException { + + if (session == null) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID}); + + // check if person is a Organwalter + // if true - don't show bPK in AUTH Block + try { + for (ObjectID OWid : MOAIDAuthConstants.OW_LIST) { + if (certificate.getExtension(OWid) != null) { + session.setOW(true); + } + + } + + } catch (X509ExtensionInitException e) { + Logger.warn("Certificate extension is not readable."); + session.setOW(false); + } + + AuthConfigurationProvider authConf = AuthConfigurationProvider + .getInstance(); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + + String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session, + authConf, oaParam); + + return returnvalue; + } + + /** + * Processes an Mandate sent by the MIS.
+ *
    + *
  • Validates given Mandate
  • + *
  • Verifies Mandate by calling the MOA SP component
  • + *
  • Creates an authentication block to be signed by the user
  • + *
  • Creates and returns a <CreateXMLSignatureRequest> + * containg the authentication block, meant to be returned to the security + * layer implementation
  • + *
+ * + * @param sessionID ID of associated authentication session data + * @param infoboxReadResponseParameters The parameters from the response returned from the BKU + * including the <InfoboxReadResponse> + * @return String representation of the + * <CreateXMLSignatureRequest> + */ + public void verifyMandate(AuthenticationSession session, MISMandate mandate) + throws AuthenticationException, BuildException, ParseException, + ConfigurationException, ValidateException, ServiceException { + + if (session == null) + throw new AuthenticationException("auth.10", new Object[]{ + GET_MIS_SESSIONID, PARAM_SESSIONID}); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + + try { + // sets the extended SAML attributes for OID (Organwalter) + setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam + .getBusinessService()); + + validateExtendedSAMLAttributeForMandates(session, mandate, oaParam.getBusinessService()); + + + } catch (SAXException e) { + throw new AuthenticationException("auth.16", + new Object[]{GET_MIS_SESSIONID}, e); + } catch (IOException e) { + throw new AuthenticationException("auth.16", + new Object[]{GET_MIS_SESSIONID}, e); + } catch (ParserConfigurationException e) { + throw new AuthenticationException("auth.16", + new Object[]{GET_MIS_SESSIONID}, e); + } catch (TransformerException e) { + throw new AuthenticationException("auth.16", + new Object[]{GET_MIS_SESSIONID}, e); + } + + } + + /** + * @param session + * @param authConf + * @param oaParam + * @return + * @throws ConfigurationException + * @throws BuildException + * @throws ValidateException + */ + public String getCreateXMLSignatureRequestAuthBlockOrRedirect( + AuthenticationSession session, AuthConfigurationProvider authConf, + OAAuthParameter oaParam) throws ConfigurationException, + BuildException, ValidateException { + + // check for intermediate processing of the infoboxes + if (session.isValidatorInputPending()) + return "Redirect to Input Processor"; + + if (authConf == null) + authConf = AuthConfigurationProvider.getInstance(); + if (oaParam == null) + oaParam = AuthConfigurationProvider.getInstance() + .getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + + // builds the AUTH-block + String authBlock = buildAuthenticationBlock(session, oaParam); + + // builds the + List transformsInfos = oaParam.getTransformsInfos(); + if ((transformsInfos == null) || (transformsInfos.size() == 0)) { + // no OA specific transforms specified, use default ones + transformsInfos = authConf.getTransformsInfos(); + } + String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder() + .build(authBlock, oaParam.getKeyBoxIdentifier(), + transformsInfos); + return createXMLSignatureRequest; + } + + /** + * Returns an CreateXMLSignatureRequest for signing the ERnP statement.
+ *
    + *
  • Creates an CreateXMLSignatureRequest to be signed by the user
  • + *
+ * + * @param sessionID ID of associated authentication session data + * @param cert The certificate from the user + * @return String representation of the + * <CreateXMLSignatureRequest> + */ + public String createXMLSignatureRequestForeignID(AuthenticationSession session, + X509Certificate cert) throws AuthenticationException, + BuildException, ParseException, ConfigurationException, + ValidateException, ServiceException { + + if (session == null) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID}); + + AuthConfigurationProvider authConf = AuthConfigurationProvider + .getInstance(); + + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() + .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + + return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam, + cert); + } + + public String getCreateXMLSignatureRequestForeigID( + AuthenticationSession session, AuthConfigurationProvider authConf, + OAAuthParameter oaParam, X509Certificate cert) + throws ConfigurationException { + + // check for intermediate processing of the infoboxes + if (session.isValidatorInputPending()) + return "Redirect to Input Processor"; + + if (authConf == null) + authConf = AuthConfigurationProvider.getInstance(); + if (oaParam == null) + oaParam = AuthConfigurationProvider.getInstance() + .getOnlineApplicationParameter( + session.getPublicOAURLPrefix()); + + Principal subject = cert.getSubjectDN(); + + String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder() + .buildForeignID(subject.toString(), oaParam, session); + return createXMLSignatureRequest; + } + + /** + * Processes an <CreateXMLSignatureResponse> sent by the + * security layer implementation.
+ *
    + *
  • Validates given <CreateXMLSignatureResponse>
  • + *
  • Parses response enclosed in + * <CreateXMLSignatureResponse>
  • + *
  • Verifies signature by calling the MOA SP component
  • + *
  • Returns the signer certificate
  • + *
+ * + * @param sessionID ID of associated authentication session data + * @param createXMLSignatureResponseParameters The parameters from the response returned from the BKU + * including the <CreateXMLSignatureResponse> + * @throws BKUException + */ + public X509Certificate verifyXMLSignature(String sessionID, + Map createXMLSignatureResponseParameters) + throws AuthenticationException, BuildException, ParseException, + ConfigurationException, ValidateException, ServiceException, BKUException { + + if (isEmpty(sessionID)) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_GET_FOREIGN_ID, PARAM_SESSIONID}); + + String xmlCreateXMLSignatureResponse = (String) createXMLSignatureResponseParameters + .get(PARAM_XMLRESPONSE); + + if (isEmpty(xmlCreateXMLSignatureResponse)) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE}); + + AuthConfigurationProvider authConf = AuthConfigurationProvider + .getInstance(); + + // parses the + CreateXMLSignatureResponseParser p = new CreateXMLSignatureResponseParser( + xmlCreateXMLSignatureResponse); + CreateXMLSignatureResponse createXMLSignatureResponse = p + .parseResponseDsig(); + + // builds a for a call of MOA-SP + Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() + .buildDsig(createXMLSignatureResponse, authConf + .getMoaSpAuthBlockTrustProfileID()); + + // invokes the call + Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() + .verifyXMLSignature(domVerifyXMLSignatureRequest); + + // parses the + VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( + domVerifyXMLSignatureResponse).parseData(); + + return verifyXMLSignatureResponse.getX509certificate(); + + } + + /** + * Processes an <CreateXMLSignatureResponse> sent by the + * security layer implementation.
+ *
    + *
  • Validates given <CreateXMLSignatureResponse>
  • + *
  • Parses response enclosed in + * <CreateXMLSignatureResponse>
  • + *
  • Verifies signature by calling the MOA SP component
  • + *
  • Returns the signer certificate
  • + *
+ * + * @param sessionID ID of associated authentication session data + * @param readInfoboxResponseParameters The parameters from the response returned from the BKU + * including the <ReadInfoboxResponse> + * @throws BKUException + */ + public X509Certificate getCertificate(String sessionID, + Map readInfoboxResponseParameters) throws AuthenticationException, + BuildException, ParseException, ConfigurationException, + ValidateException, ServiceException, BKUException { + + if (isEmpty(sessionID)) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID}); + + String xmlReadInfoboxResponse = (String) readInfoboxResponseParameters + .get(PARAM_XMLRESPONSE); + + if (isEmpty(xmlReadInfoboxResponse)) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_VERIFY_CERTIFICATE, PARAM_XMLRESPONSE}); + + // parses the + InfoboxReadResponseParser p = new InfoboxReadResponseParser( + xmlReadInfoboxResponse); + X509Certificate cert = p.parseCertificate(); + + return cert; + + } + + /** + * Builds an authentication block <saml:Assertion> from + * given session data. + * + * @param session authentication session + * @return <saml:Assertion> as a String + * @throws BuildException If an error occurs on serializing an extended SAML attribute + * to be appended to the AUTH-Block. + */ + private String buildAuthenticationBlock(AuthenticationSession session, + OAAuthParameter oaParam) throws BuildException { + + IdentityLink identityLink = session.getIdentityLink(); + String issuer = identityLink.getName(); + String gebDat = identityLink.getDateOfBirth(); + + String identificationValue = null; + String identificationType = null; + + //set empty AuthBlock BPK in case of OW or SSO or bpk is not requested + if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) { + identificationType = ""; + identificationValue = ""; + + } else if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { + + if (oaParam.getBusinessService()) { + + String bpkBase64 = new BPKBuilder().buildWBPK(identityLink + .getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier()); + identificationValue = bpkBase64; + + if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK + "+")) + identificationType = oaParam.getIdentityLinkDomainIdentifier(); + else + identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier(); + + } else { + String bpkBase64 = new BPKBuilder().buildBPK(identityLink + .getIdentificationValue(), session.getTarget()); + identificationValue = bpkBase64; + identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget(); + } + + + } else { + identificationValue = identityLink.getIdentificationValue(); + identificationType = identityLink.getIdentificationType(); + + } + + String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar + .getInstance()); + session.setIssueInstant(issueInstant); + String authURL = session.getAuthURL(); + String target = session.getTarget(); + String targetFriendlyName = session.getTargetFriendlyName(); + + // Bug #485 + // (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105) + // String oaURL = session.getPublicOAURLPrefix(); + + List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); + + + if (session.isSsoRequested()) { + String oaURL = new String(); + try { + oaURL = AuthConfigurationProvider.getInstance().getPublicURLPrefix(); + + if (MiscUtil.isNotEmpty(oaURL)) + oaURL = oaURL.replaceAll("&", "&"); + + } catch (ConfigurationException e) { + } + String authBlock = new AuthenticationBlockAssertionBuilder() + .buildAuthBlockSSO(issuer, issueInstant, authURL, target, + targetFriendlyName, identificationValue, + identificationType, oaURL, gebDat, + extendedSAMLAttributes, session, oaParam); + return authBlock; + + } else { + String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&"); + String authBlock = new AuthenticationBlockAssertionBuilder() + .buildAuthBlock(issuer, issueInstant, authURL, target, + targetFriendlyName, identificationValue, + identificationType, oaURL, gebDat, + extendedSAMLAttributes, session, oaParam); + return authBlock; + } + } + + + /** + * Verifies the infoboxes (except of the identity link infobox) returned by + * the BKU by calling appropriate validator classes. + * + * @param session The actual authentication session. + * @param mandate The Mandate from the MIS + * @throws AuthenticationException + * @throws ConfigurationException + * @throws TransformerException + * @throws ParserConfigurationException + * @throws IOException + * @throws SAXException + */ + private void validateExtendedSAMLAttributeForMandates( + AuthenticationSession session, MISMandate mandate, + boolean business) + throws ValidateException, ConfigurationException, SAXException, + IOException, ParserConfigurationException, TransformerException { + + ExtendedSAMLAttribute[] extendedSAMLAttributes = addExtendedSamlAttributes( + mandate, business, false); + + int length = extendedSAMLAttributes.length; + for (int i = 0; i < length; i++) { + ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i]; + + verifySAMLAttribute(samlAttribute, i, "MISService", + "MISService"); + + } + } + + /** + * Verifies the infoboxes (except of the identity link infobox) returned by + * the BKU by calling appropriate validator classes. + * + * @param session The actual authentication session. + * @param mandate The Mandate from the MIS + * @throws AuthenticationException + * @throws ConfigurationException + * @throws TransformerException + * @throws ParserConfigurationException + * @throws IOException + * @throws SAXException + */ + private void setExtendedSAMLAttributeForMandatesOID( + AuthenticationSession session, MISMandate mandate, boolean business) + throws ValidateException, ConfigurationException, SAXException, + IOException, ParserConfigurationException, TransformerException { + + ExtendedSAMLAttribute[] extendedSamlAttributes = addExtendedSamlAttributesOID( + mandate, business); + + AddAdditionalSAMLAttributes(session, extendedSamlAttributes, + "MISService", "MISService"); + + } + + /** + * Adds given SAML Attributes to the current session. They will be appended + * to the final SAML Assertion or the AUTH block. If the attributes are + * already in the list, they will be replaced. + * + * @param session The current session + * @param extendedSAMLAttributes The SAML attributes to add + * @param identifier The infobox identifier for debug purposes + * @param friendlyNam The friendly name of the infobox for debug purposes + */ + private static void AddAdditionalSAMLAttributes( + AuthenticationSession session, + ExtendedSAMLAttribute[] extendedSAMLAttributes, String identifier, + String friendlyName) throws ValidateException { + if (extendedSAMLAttributes == null) + return; + List oaAttributes = session.getExtendedSAMLAttributesOA(); + if (oaAttributes == null) + oaAttributes = new Vector(); + List authAttributes = session.getExtendedSAMLAttributesAUTH(); + if (authAttributes == null) + authAttributes = new Vector(); + int length = extendedSAMLAttributes.length; + for (int i = 0; i < length; i++) { + ExtendedSAMLAttribute samlAttribute = extendedSAMLAttributes[i]; + + Object value = verifySAMLAttribute(samlAttribute, i, identifier, + friendlyName); + + if ((value instanceof String) || (value instanceof Element)) { + switch (samlAttribute.getAddToAUTHBlock()) { + case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY: + replaceExtendedSAMLAttribute(authAttributes, samlAttribute); + break; + case ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK: + replaceExtendedSAMLAttribute(authAttributes, samlAttribute); + replaceExtendedSAMLAttribute(oaAttributes, samlAttribute); + break; + case ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK: + replaceExtendedSAMLAttribute(oaAttributes, samlAttribute); + break; + default: + Logger + .info("Invalid return value from method \"getAddToAUTHBlock()\" (" + + samlAttribute.getAddToAUTHBlock() + + ") in SAML attribute number " + + (i + 1) + + " for infobox " + identifier); + throw new ValidateException("validator.47", new Object[]{ + friendlyName, String.valueOf((i + 1))}); + } + } else { + Logger + .info("The type of SAML-Attribute number " + + (i + 1) + + " returned from " + + identifier + + "-infobox validator is not valid. Must be either \"java.Lang.String\"" + + " or \"org.w3c.dom.Element\""); + throw new ValidateException("validator.46", new Object[]{ + identifier, String.valueOf((i + 1))}); + } + } + session.setExtendedSAMLAttributesAUTH(authAttributes); + session.setExtendedSAMLAttributesOA(oaAttributes); + } + + /** + * Adds the AUTH block related SAML attributes to the validation result. + * This is needed always before the AUTH block is to be signed, because the + * name of the mandator has to be set + * + * @throws ParserConfigurationException + * @throws IOException + * @throws SAXException + * @throws TransformerException + */ + + protected static ExtendedSAMLAttribute[] addExtendedSamlAttributes( + MISMandate mandate, boolean business, boolean provideStammzahl) + throws SAXException, IOException, ParserConfigurationException, + TransformerException { + Vector extendedSamlAttributes = new Vector(); + + extendedSamlAttributes.clear(); + + // Name + Element domMandate = mandateToElement(mandate); + Element nameSpaceNode = domMandate.getOwnerDocument().createElement( + "NameSpaceNode"); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.PD_POSTFIX, + Constants.PD_NS_URI); + nameSpaceNode.setAttribute("xmlns" + SZRGWConstants.MANDATE_POSTFIX, + SZRGWConstants.MANDATE_NS); + + Element mandator = (Element) XPathAPI.selectSingleNode(domMandate, + "//md:Mandate/md:Mandator", nameSpaceNode); + + // Mandate + extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( + EXT_SAML_MANDATE_RAW, domMandate, + SZRGWConstants.MANDATE_NS, + ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); + + // (w)bpk + String wbpk = ParepUtils.extractMandatorWbpk(mandator); + if (!ParepUtils.isEmpty(wbpk)) { + if (!ParepUtils.isPhysicalPerson(mandator)) { + String idType = ParepUtils + .extractMandatorIdentificationType(mandator); + if (!ParepUtils.isEmpty(idType) + && idType.startsWith(Constants.URN_PREFIX_BASEID)) { + extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( + EXT_SAML_MANDATE_CB_BASE_ID, + ParepUtils.getRegisterString(idType) + ": " + wbpk, + SZRGWConstants.MANDATE_NS, + ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); + } + } else if (business) { + extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( + EXT_SAML_MANDATE_WBPK, wbpk, + SZRGWConstants.MANDATE_NS, + ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); + } + } + + ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes + .size()]; + extendedSamlAttributes.copyInto(ret); + Logger.debug("ExtendedSAML Attributes: " + ret.length); + return ret; + + } + + /** + * Adds the AUTH block related SAML attributes to the validation result. + * This is needed always before the AUTH block is to be signed, because the + * name of the mandator has to be set + * + * @throws ParserConfigurationException + * @throws IOException + * @throws SAXException + * @throws TransformerException + */ + private static ExtendedSAMLAttribute[] addExtendedSamlAttributesOID( + MISMandate mandate, boolean business) throws SAXException, + IOException, ParserConfigurationException, TransformerException { + + Vector extendedSamlAttributes = new Vector(); + + extendedSamlAttributes.clear(); + + // RepresentationType + extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( + EXT_SAML_MANDATE_REPRESENTATIONTYPE, + EXT_SAML_MANDATE_REPRESENTATIONTEXT, + SZRGWConstants.MANDATE_NS, + ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); + + String oid = mandate.getProfRep(); + + if (oid != null) { + extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( + EXT_SAML_MANDATE_OID, oid, + SZRGWConstants.MANDATE_NS, + ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); + String oidDescription = mandate.getTextualDescriptionOfOID(); + extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( + EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, + oidDescription, SZRGWConstants.MANDATE_NS, + ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); + + } + + ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes + .size()]; + extendedSamlAttributes.copyInto(ret); + Logger.debug("ExtendedSAML Attributes: " + ret.length); + return ret; + + } + + /** + * @param mandate + * @return + * @throws ParserConfigurationException + * @throws IOException + * @throws SAXException + */ + private static Element mandateToElement(MISMandate mandate) + throws SAXException, IOException, ParserConfigurationException { + ByteArrayInputStream bais = new ByteArrayInputStream(mandate + .getMandate()); + Document doc = DOMUtils.parseDocumentSimple(bais); + return doc.getDocumentElement(); + } + + protected static void replaceExtendedSAMLAttribute(List attributes, + ExtendedSAMLAttribute samlAttribute) { + if (null == attributes) { + attributes = new Vector(); + } else { + String id = samlAttribute.getName(); + int length = attributes.size(); + for (int i = 0; i < length; i++) { + ExtendedSAMLAttribute att = (ExtendedSAMLAttribute) attributes + .get(i); + if (id.equals(att.getName())) { + // replace attribute + attributes.set(i, samlAttribute); + return; + } + } + attributes.add(samlAttribute); + } + } + + /** + * Processes a <CreateXMLSignatureResponse> sent by the + * security layer implementation.
+ *
    + *
  • Validates given <CreateXMLSignatureResponse>
  • + *
  • Parses <CreateXMLSignatureResponse> for error + * codes
  • + *
  • Parses authentication block enclosed in + * <CreateXMLSignatureResponse>
  • + *
  • Verifies authentication block by calling the MOA SP component
  • + *
  • Creates authentication data
  • + *
  • Creates a corresponding SAML artifact
  • + *
  • Stores authentication data in the authentication data store indexed + * by the SAML artifact
  • + *
  • Deletes authentication session
  • + *
  • Returns the SAML artifact, encoded BASE64
  • + *
+ * + * @param sessionID session ID of the running authentication session + * @param xmlCreateXMLSignatureReadResponse String representation of the + * <CreateXMLSignatureResponse> + * @return SAML artifact needed for retrieving authentication data, encoded + * BASE64 + * @throws BKUException + */ + public String verifyAuthenticationBlock(AuthenticationSession session, + String xmlCreateXMLSignatureReadResponse) + throws AuthenticationException, BuildException, ParseException, + ConfigurationException, ServiceException, ValidateException, BKUException { + + if (session == null) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID}); + if (isEmpty(xmlCreateXMLSignatureReadResponse)) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE}); + + AuthConfigurationProvider authConf = AuthConfigurationProvider + .getInstance(); + // parses + CreateXMLSignatureResponse csresp = new CreateXMLSignatureResponseParser( + xmlCreateXMLSignatureReadResponse).parseResponse(); + + try { + String serializedAssertion = DOMUtils.serializeNode(csresp + .getSamlAssertion()); + session.setAuthBlock(serializedAssertion); + } catch (TransformerException e) { + throw new ParseException("parser.04", new Object[]{ + REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE}); + } catch (IOException e) { + throw new ParseException("parser.04", new Object[]{ + REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE}); + } + // validates + if (session.isSsoRequested()) + new CreateXMLSignatureResponseValidator().validateSSO(csresp, session); + else + new CreateXMLSignatureResponseValidator().validate(csresp, session); + + // builds a for a MOA-SPSS call + List vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); + String tpid = authConf.getMoaSpAuthBlockTrustProfileID(); + Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, + vtids, tpid); + // debug output + + // invokes the call + Element domVsresp = new SignatureVerificationInvoker() + .verifyXMLSignature(domVsreq); + // debug output + + // parses the + VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser( + domVsresp).parseData(); + + if (Logger.isTraceEnabled()) { + if (domVsresp != null) { + try { + String xmlVerifyXMLSignatureResponse = DOMUtils + .serializeNode(domVsresp, true); + Logger.trace(new LogMsg(xmlCreateXMLSignatureReadResponse)); + Logger.trace(new LogMsg(xmlVerifyXMLSignatureResponse)); + } catch (Throwable t) { + t.printStackTrace(); + Logger.info(new LogMsg(t.getStackTrace())); + } + } + } + + // validates the + VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, + null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, + false); + + // Compare AuthBlock Data with information stored in session, especially + // date and time + CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp); + + // compares the public keys from the identityLink with the AuthBlock + VerifyXMLSignatureResponseValidator.getInstance().validateCertificate( + vsresp, session.getIdentityLink()); + + // post processing of the infoboxes + Iterator iter = session.getInfoboxValidatorIterator(); + boolean formpending = false; + if (iter != null) { + while (!formpending && iter.hasNext()) { + Vector infoboxValidatorVector = (Vector) iter.next(); + String identifier = (String) infoboxValidatorVector.get(0); + String friendlyName = (String) infoboxValidatorVector.get(1); + InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector + .get(2); + InfoboxValidationResult infoboxValidationResult = null; + try { + infoboxValidationResult = infoboxvalidator.validate(csresp + .getSamlAssertion()); + } catch (ValidateException e) { + Logger.error("Error validating " + identifier + " infobox:" + + e.getMessage()); + throw new ValidateException("validator.44", + new Object[]{friendlyName}); + } + if (!infoboxValidationResult.isValid()) { + Logger.info("Validation of " + identifier + + " infobox failed."); + throw new ValidateException("validator.40", new Object[]{ + friendlyName, + infoboxValidationResult.getErrorMessage()}); + } + String form = infoboxvalidator.getForm(); + if (ParepUtils.isEmpty(form)) { + AddAdditionalSAMLAttributes( + session, + infoboxValidationResult.getExtendedSamlAttributes(), + identifier, friendlyName); + } else { + return "Redirect to Input Processor"; + } + } + } + + session.setXMLVerifySignatureResponse(vsresp); + session.setSignerCertificate(vsresp.getX509certificate()); + vsresp.setX509certificate(null); + session.setForeigner(false); + + if (session.getUseMandate()) { + // mandate mode + return null; + + } else { + + session.setAuthenticatedUsed(false); + session.setAuthenticated(true); + + //set QAA Level four in case of card authentifcation + session.setQAALevel(PVPConstants.STORK_QAA_1_4); + + + String oldsessionID = session.getSessionID(); + + //Session is implicte stored in changeSessionID!!! + String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session); + + Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID); + Logger.info("Daten angelegt zu MOASession " + newMOASessionID); + + return newMOASessionID; + } + } + + /** + * Processes a <CreateXMLSignatureResponse> sent by the + * security layer implementation.
+ *
    + *
  • Validates given <CreateXMLSignatureResponse>
  • + *
  • Parses <CreateXMLSignatureResponse> for error + * codes
  • + *
  • Parses authentication block enclosed in + * <CreateXMLSignatureResponse>
  • + *
  • Verifies authentication block by calling the MOA SP component
  • + *
  • Creates authentication data
  • + *
  • Creates a corresponding SAML artifact
  • + *
  • Stores authentication data in the authentication data store indexed + * by the SAML artifact
  • + *
  • Deletes authentication session
  • + *
  • Returns the SAML artifact, encoded BASE64
  • + *
+ * + * @param sessionID session ID of the running authentication session + * @param xmlCreateXMLSignatureReadResponse String representation of the + * <CreateXMLSignatureResponse> + * @return SAML artifact needed for retrieving authentication data, encoded + * BASE64 + */ + + protected Element createIdentificationBPK(Element mandatePerson, + String baseid, String target) throws BuildException { + Element identificationBpK = mandatePerson.getOwnerDocument() + .createElementNS(Constants.PD_NS_URI, "Identification"); + Element valueBpK = mandatePerson.getOwnerDocument().createElementNS( + Constants.PD_NS_URI, "Value"); + + String bpkBase64 = new BPKBuilder().buildBPK(baseid, target); + valueBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode( + bpkBase64)); + Element typeBpK = mandatePerson.getOwnerDocument().createElementNS( + Constants.PD_NS_URI, "Type"); + typeBpK.appendChild(mandatePerson.getOwnerDocument().createTextNode( + "urn:publicid:gv.at:cdid+bpk")); + identificationBpK.appendChild(valueBpK); + identificationBpK.appendChild(typeBpK); + + return identificationBpK; + + } + + protected String getBaseId(Element mandatePerson) + throws TransformerException, IOException { + NodeList list = mandatePerson.getElementsByTagNameNS( + Constants.PD_NS_URI, "Identification"); + for (int i = 0; i < list.getLength(); i++) { + Element identification = (Element) list.item(i); + Element type = (Element) identification.getElementsByTagNameNS( + Constants.PD_NS_URI, "Type").item(0); + if (type.getTextContent().compareToIgnoreCase( + "urn:publicid:gv.at:baseid") == 0) { + Element value = (Element) identification + .getElementsByTagNameNS(Constants.PD_NS_URI, "Value") + .item(0); + return value.getTextContent(); + } + } + return null; + + } + + /** + * Gets the foreign authentication data.
+ *
    + *
  • Creates authentication data
  • + *
  • Creates a corresponding SAML artifact
  • + *
  • Stores authentication data in the authentication data store indexed + * by the SAML artifact
  • + *
  • Deletes authentication session
  • + *
  • Returns the SAML artifact, encoded BASE64
  • + *
+ * + * @param sessionID session ID of the running authentication session + * @return SAML artifact needed for retrieving authentication data, encoded + * BASE64 + */ + public String getForeignAuthenticationData(AuthenticationSession session) + throws AuthenticationException, BuildException, ParseException, + ConfigurationException, ServiceException, ValidateException { + + if (session == null) + throw new AuthenticationException("auth.10", new Object[]{ + REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID}); + + // post processing of the infoboxes + Iterator iter = session.getInfoboxValidatorIterator(); + boolean formpending = false; + if (iter != null) { + while (!formpending && iter.hasNext()) { + Vector infoboxValidatorVector = (Vector) iter.next(); + String identifier = (String) infoboxValidatorVector.get(0); + String friendlyName = (String) infoboxValidatorVector.get(1); + InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector + .get(2); + InfoboxValidationResult infoboxValidationResult = null; + try { + infoboxValidationResult = infoboxvalidator.validate(session + .getIdentityLink().getSamlAssertion()); + } catch (ValidateException e) { + Logger.error("Error validating " + identifier + " infobox:" + + e.getMessage()); + throw new ValidateException("validator.44", + new Object[]{friendlyName}); + } + if (!infoboxValidationResult.isValid()) { + Logger.info("Validation of " + identifier + + " infobox failed."); + throw new ValidateException("validator.40", new Object[]{ + friendlyName, + infoboxValidationResult.getErrorMessage()}); + } + String form = infoboxvalidator.getForm(); + if (ParepUtils.isEmpty(form)) { + AddAdditionalSAMLAttributes( + session, + infoboxValidationResult.getExtendedSamlAttributes(), + identifier, friendlyName); + } else { + return "Redirect to Input Processor"; + } + } + } + + VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse(); + X509Certificate cert = session.getSignerCertificate(); + vsresp.setX509certificate(cert); + + session.setAuthenticatedUsed(false); + session.setAuthenticated(true); + + + session.setXMLVerifySignatureResponse(vsresp); + session.setSignerCertificate(vsresp.getX509certificate()); + vsresp.setX509certificate(null); + session.setForeigner(true); + + //TODO: regenerate MOASession ID! + return "new Session"; + } + + /** + * Builds the AuthenticationData object together with the corresponding + * <saml:Assertion> + * + * @param session authentication session + * @param verifyXMLSigResp VerifyXMLSignatureResponse from MOA-SP + * @param useUTC uses correct UTC time format + * @param useUTC indicates that authenticated citizen is a foreigner + * @param isForeigner indicates whether Austrian (false) or foreigner (true) authenticates + * @return AuthenticationData object + * @throws ConfigurationException while accessing configuration data + * @throws BuildException while building the <saml:Assertion> + */ + public static AuthenticationData buildAuthenticationData( + AuthenticationSession session, OAAuthParameter oaParam, String target) + throws ConfigurationException, BuildException { + + IdentityLink identityLink = session.getIdentityLink(); + AuthenticationData authData = new AuthenticationData(); + + VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse(); + + boolean businessService = oaParam.getBusinessService(); + + authData.setMajorVersion(1); + authData.setMinorVersion(0); + authData.setAssertionID(Random.nextRandom()); + authData.setIssuer(session.getAuthURL()); + + authData.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar + .getInstance())); + + //baseID or wbpk in case of BusinessService without SSO or BusinessService SSO + authData.setIdentificationValue(identityLink.getIdentificationValue()); + authData.setIdentificationType(identityLink.getIdentificationType()); + + authData.setGivenName(identityLink.getGivenName()); + authData.setFamilyName(identityLink.getFamilyName()); + authData.setDateOfBirth(identityLink.getDateOfBirth()); + authData.setQualifiedCertificate(verifyXMLSigResp + .isQualifiedCertificate()); + authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority()); + authData.setPublicAuthorityCode(verifyXMLSigResp + .getPublicAuthorityCode()); + authData.setBkuURL(session.getBkuURL()); + + try { + + if (session.getUseMandate() && session.isOW()) { + MISMandate mandate = session.getMISMandate(); + authData.setBPK(mandate.getOWbPK()); + authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW"); + authData.setIdentityLink(identityLink); + + Logger.trace("Authenticated User is OW: " + mandate.getOWbPK()); + + } else { + + if (businessService) { + //since we have foreigner, wbPK is not calculated in BKU + if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { + + String registerAndOrdNr = oaParam.getIdentityLinkDomainIdentifier(); + + if (registerAndOrdNr.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) { + // If domainIdentifier starts with prefix + // "urn:publicid:gv.at:wbpk+"; remove this prefix + registerAndOrdNr = registerAndOrdNr + .substring(AuthenticationSession.REGISTERANDORDNR_PREFIX_.length()); + Logger.debug("Register and ordernumber prefix stripped off; resulting register string: " + + registerAndOrdNr); + } + + String wbpkBase64 = new BPKBuilder().buildWBPK(identityLink.getIdentificationValue(), registerAndOrdNr); + authData.setBPK(wbpkBase64); + authData.setBPKType(Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr); + + } else { + authData.setBPK(identityLink.getIdentificationValue()); + authData.setBPKType(identityLink.getIdentificationType()); + + } + + Logger.trace("Authenticate user with wbPK " + authData.getBPK()); + + Element idlassertion = session.getIdentityLink().getSamlAssertion(); + //set bpk/wpbk; + Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); + prIdentification.getFirstChild().setNodeValue(authData.getBPK()); + //set bkp/wpbk type + Node prIdentificationType = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_TYPE_XPATH); + prIdentificationType.getFirstChild().setNodeValue(authData.getBPKType()); + + IdentityLinkAssertionParser idlparser = new IdentityLinkAssertionParser(idlassertion); + IdentityLink idl = idlparser.parseIdentityLink(); + authData.setIdentityLink(idl); + + } else { + + if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { + // only compute bPK if online application is a public service and we have the Stammzahl + String bpkBase64 = new BPKBuilder().buildBPK(identityLink.getIdentificationValue(), target); + authData.setBPK(bpkBase64); + authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget()); + } + + Logger.trace("Authenticate user with bPK " + authData.getBPK()); + + authData.setIdentityLink(identityLink); + } + } + + return authData; + + } catch (Throwable ex) { + throw new BuildException("builder.00", new Object[]{ + "AuthenticationData", ex.toString()}, ex); + } + } + + /** + * Retrieves a session from the session store. + * + * @param id session ID + * @return AuthenticationSession stored with given session ID, + * null if session ID unknown + */ + public static AuthenticationSession getSession(String id) + throws AuthenticationException { + + AuthenticationSession session; + try { + session = AuthenticationSessionStoreage.getSession(id); + + if (session == null) + throw new AuthenticationException("auth.02", new Object[]{id}); + return session; + + } catch (MOADatabaseException e) { + throw new AuthenticationException("parser.04", new Object[]{id}); + } + } + + /** + * Cleans up expired session and authentication data stores. + */ + public void cleanup() { + long now = new Date().getTime(); + + //clean AuthenticationSessionStore + + AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated); + + //clean AssertionStore + AssertionStorage assertionstore = AssertionStorage.getInstance(); + assertionstore.clean(now, authDataTimeOut); + + //clean ExeptionStore + DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore(); + exstore.clean(now, authDataTimeOut); + + } + + /** + * Sets the sessionTimeOut. + * + * @param seconds Time out of the session in seconds + */ + public void setSecondsSessionTimeOutCreated(long seconds) { + sessionTimeOutCreated = seconds * 1000; + } + + public void setSecondsSessionTimeOutUpdated(long seconds) { + sessionTimeOutUpdated = seconds * 1000; + } + + /** + * Sets the authDataTimeOut. + * + * @param seconds Time out for signing AuthData in seconds + */ + public void setSecondsAuthDataTimeOut(long seconds) { + authDataTimeOut = seconds * 1000; + } + + /** + * Checks a parameter. + * + * @param param parameter + * @return true if the parameter is null or empty + */ + private boolean isEmpty(String param) { + return param == null || param.length() == 0; + } + + /** + * Checks the correctness of SAML attributes and returns its value. + * + * @param param samlAttribute + * @param i the number of the verified attribute for messages + * @param identifier the infobox identifier for messages + * @param friendlyname the friendly name of the infobox for messages + * @return the SAML attribute value (Element or String) + */ + protected static Object verifySAMLAttribute( + ExtendedSAMLAttribute samlAttribute, int i, String identifier, + String friendlyName) throws ValidateException { + String name = samlAttribute.getName(); + + if (name == null) { + Logger.info("The name of SAML-Attribute number " + (i + 1) + + " returned from " + identifier + + "-infobox validator is null."); + throw new ValidateException("validator.45", new Object[]{ + friendlyName, "Name", String.valueOf((i + 1)), "null"}); + } + if (name == "") { + Logger.info("The name of SAML-Attribute number " + (i + 1) + + " returned from " + identifier + + "-infobox validator is empty."); + throw new ValidateException("validator.45", new Object[]{ + friendlyName, "Name", String.valueOf((i + 1)), "leer"}); + } + if (samlAttribute.getNameSpace() == null) { + Logger.info("The namespace of SAML-Attribute number " + (i + 1) + + " returned from " + identifier + + "-infobox validator is null."); + throw new ValidateException("validator.45", + new Object[]{friendlyName, "Namespace", + String.valueOf((i + 1)), "null"}); + } + Object value = samlAttribute.getValue(); + if (value == null) { + Logger.info("The value of SAML-Attribute number " + (i + 1) + + " returned from " + identifier + + "-infobox validator is null."); + throw new ValidateException("validator.45", new Object[]{ + friendlyName, "Wert", String.valueOf((i + 1)), "null"}); + } + + return value; + } + + /** + * Does the request to the SZR-GW + * + * @param oaFriendlyName + * @param signature XMLDSIG signature + * @return Identity link assertion + * @throws SZRGWClientException + */ + + public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String gender, String citizenSignature, String represented, String representative, String mandateContent, String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException { + + try { + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); + ConnectionParameter connectionParameters = authConf.getForeignIDConnectionParameter(); + + SZRGWClient client = new SZRGWClient(connectionParameters); + + + CreateIdentityLinkRequest request = new CreateIdentityLinkRequest(); + request.setSignature(citizenSignature.getBytes()); + + PEPSData data = new PEPSData(); + data.setDateOfBirth(PEPSDateOfBirth); + data.setFamilyname(PEPSFamilyname); + data.setFirstname(PEPSFirstname); + data.setIdentifier(PEPSIdentifier); + + data.setRepresentative(representative); + data.setRepresented(represented); + data.setMandateContent(mandateContent); + + data.setLegalPersonCanonicalRegisteredAddress(organizationAddress); + data.setLegalPersonTranslatableType(organizationType); + + if (null != mandateContent) { + MISType mis = new MISType(); + + Target targetObject = new Target(); + targetObject.setType(targetType); + targetObject.setValue(targetValue); + mis.setTarget(targetObject); + + mis.setOAFriendlyName(oaFriendlyName); + + Filters filterObject = new Filters(); + MandateIdentifiers mandateIds = new MandateIdentifiers(); + for (String current : filters.split(",")) + mandateIds.getMandateIdentifier().add(current.trim()); + filterObject.setMandateIdentifiers(mandateIds); + mis.setFilters(filterObject); + + request.setMIS(mis); + } + + Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")..."); + CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request, connectionParameters.getUrl()); + return response; + + } catch (ConfigurationException e) { + Logger.warn(e); + Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null)); + } + + return null; + + } + + /** + * Does the request to the SZR-GW. + * + * @param signature the signature + * @return the identity link + * @throws SZRGWClientException the sZRGW client exception + * @throws ConfigurationException the configuration exception + */ + public CreateIdentityLinkResponse getIdentityLink(Element signature) throws SZRGWClientException, ConfigurationException { + return getIdentityLink(null, null, null, null, XMLHelper.nodeToString(signature)); + } + + /** + * Does the request to the SZR-GW. + * + * @param PEPSIdentifier the pEPS identifier + * @param PEPSFirstname the pEPS firstname + * @param PEPSFamilyname the pEPS familyname + * @param PEPSDateOfBirth the pEPS date of birth + * @param signature XMLDSIG signature + * @return Identity link assertion + * @throws SZRGWClientException the sZRGW client exception + * @throws ConfigurationException the configuration exception + */ + public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException { + return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, null, signature, null, null, null, null, null, null, null); + } + + /** + * Gets the identity link. + * + * @param citizenSignature the citizen signature + * @param representative the representative + * @param represented the represented + * @param mandate the mandate + * @param organizationAddress the organization address + * @param organizationType the organization type + * @return the identity link + * @throws SZRGWClientException + */ + public CreateIdentityLinkResponse getIdentityLink(String citizenSignature, + String representative, String represented, String mandateContent, + String organizationAddress, String organizationType, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException { + return getIdentityLink(null, null, null, null, null, + citizenSignature, represented, representative, mandateContent, organizationAddress, + organizationType, targetType, targetValue, oaFriendlyName, filters); + } + + /** + * SZR-GW Client interface. + * + * @param eIdentifier the e identifier + * @param givenName the given name + * @param lastName the last name + * @param dateOfBirth the date of birth + * @param citizenSignature the citizen signature + * @param representative the representative + * @param represented the represented + * @param mandate the mandate + * @return the identity link + * @throws SZRGWClientException the sZRGW client exception + */ + public CreateIdentityLinkResponse getIdentityLink(String eIdentifier, + String givenName, String lastName, String dateOfBirth, String gender, + String citizenSignature, String representative, String represented, + String mandate, String targetType, String targetValue, String oaFriendlyName, String filters) throws SZRGWClientException { + return getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, gender, + citizenSignature, representative, represented, mandate, null, + null, targetType, targetValue, oaFriendlyName, filters); + } + + /** + * Starts a MOA-ID authentication process using STORK + * + * @param req HttpServletRequest + * @param resp HttpServletResponse + * @param ccc Citizen country code + * @param oaURL URL of the online application + * @param target Target parameter + * @param targetFriendlyName Friendly Name of Target + * @param authURL Authentication URL + * @param sourceID SourceID parameter + * @throws MOAIDException + * @throws AuthenticationException + * @throws WrongParametersException + * @throws ConfigurationException + */ + public static void startSTORKAuthentication( + HttpServletRequest req, + HttpServletResponse resp, + AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException { + + if (moasession == null) { + throw new AuthenticationException("auth.18", new Object[]{}); + } + + //read configuration paramters of OA + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); + if (oaParam == null) + throw new AuthenticationException("auth.00", new Object[]{moasession.getPublicOAURLPrefix()}); + + //Start of STORK Processing + STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig(); + + CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc()); + + Logger.debug("Preparing to assemble STORK AuthnRequest with the following values:"); + String destination = cpeps.getPepsURL().toExternalForm(); + Logger.debug("C-PEPS URL: " + destination); + + String acsURL = HTTPUtils.getBaseURL(req) + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN; + Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL); + + String providerName = oaParam.getFriendlyName(); + String issuerValue = HTTPUtils.getBaseURL(req); + Logger.debug("Issuer value: " + issuerValue); + + // prepare collection of required attributes + // - attributes for online application + List attributesFromConfig = oaParam.getRequestedAttributes(); + + // - prepare attribute list + PersonalAttributeList attributeList = new PersonalAttributeList(); + + // - fill container + for (OAStorkAttribute current : attributesFromConfig) { + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName(current.getName()); + + boolean globallyMandatory = false; + for (StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes()) + if (current.getName().equals(currentGlobalAttribute.getName())) { + globallyMandatory = currentGlobalAttribute.isMandatory(); + break; + } + + newAttribute.setIsRequired(current.isMandatory() || globallyMandatory); + attributeList.add(newAttribute); + } + + // add sign request + PersonalAttribute newAttribute = new PersonalAttribute(); + newAttribute.setName("signedDoc"); + List value = new ArrayList(); + value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession), + "application/xhtml+xml", + moasession.getCcc())); + newAttribute.setValue(value); + attributeList.add(newAttribute); + + + if (Logger.isDebugEnabled()) { + Logger.debug("The following attributes are requested for this OA:"); + for (OAStorkAttribute logReqAttr : attributesFromConfig) + Logger.debug("OA specific requested attribute: " + logReqAttr.getName() + ", isRequired: " + logReqAttr.isMandatory()); + } + + //TODO: check Target in case of SSO!! + String spSector = StringUtils.isEmpty(moasession.getTarget()) ? "Business" : moasession.getTarget(); + String spInstitution = StringUtils.isEmpty(oaParam.getFriendlyName()) ? "UNKNOWN" : oaParam.getFriendlyName(); + String spApplication = spInstitution; + String spCountry = "AT"; + + //generate AuthnRquest + STORKAuthnRequest authnRequest = new STORKAuthnRequest(); + authnRequest.setDestination(destination); + authnRequest.setAssertionConsumerServiceURL(acsURL); + authnRequest.setProviderName(providerName); + authnRequest.setIssuer(issuerValue); + authnRequest.setQaa(oaParam.getQaaLevel()); + authnRequest.setSpInstitution(spInstitution); + authnRequest.setCountry(spCountry); + authnRequest.setSpApplication(spApplication); + authnRequest.setSpSector(spSector); + authnRequest.setPersonalAttributeList(attributeList); + + authnRequest.setEIDCrossBorderShare(true); + authnRequest.setEIDCrossSectorShare(true); + authnRequest.setEIDSectorShare(true); + + authnRequest.setCitizenCountryCode(moasession.getCcc()); + + + Logger.debug("STORK AuthnRequest succesfully assembled."); + + STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("outgoing"); + try { + authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest); + } catch (STORKSAMLEngineException e) { + Logger.error("Could not sign STORK SAML AuthnRequest.", e); + throw new MOAIDException("stork.00", null); + } + + Logger.info("STORK AuthnRequest successfully signed!"); + + //validate AuthnRequest + try { + samlEngine.validateSTORKAuthnRequest(authnRequest.getTokenSaml()); + } catch (STORKSAMLEngineException e) { + Logger.error("STORK SAML AuthnRequest not valid.", e); + throw new MOAIDException("stork.01", null); + } + + Logger.debug("STORK AuthnRequest successfully internally validated."); + + //send + moasession.setStorkAuthnRequest(authnRequest); + HttpSession httpSession = req.getSession(); + httpSession.setAttribute("MOA-Session-ID", moasession.getSessionID()); + + + Logger.info("Preparing to send STORK AuthnRequest."); + Logger.info("prepared STORKAuthnRequest: "); + Logger.info(new String(authnRequest.getTokenSaml())); + + try { + Logger.trace("Initialize VelocityEngine..."); + + VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); + Template template = velocityEngine.getTemplate("/resources/templates/saml2-post-binding-moa.vm"); + VelocityContext context = new VelocityContext(); + context.put("SAMLRequest", PEPSUtil.encodeSAMLToken(authnRequest.getTokenSaml())); + context.put("action", destination); + + StringWriter writer = new StringWriter(); + template.merge(context, writer); + + resp.getOutputStream().write(writer.toString().getBytes()); + } catch (Exception e) { + Logger.error("Error sending STORK SAML AuthnRequest.", e); + httpSession.invalidate(); + throw new MOAIDException("stork.02", new Object[]{destination}); + } + + Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination()); + } + + private static String generateDssSignRequest(String text, String mimeType, String citizenCountry) { + IdentifierGenerator idGenerator; + try { + idGenerator = new SecureRandomIdentifierGenerator(); + + DocumentType doc = new DocumentType(); + doc.setBase64XML(text.getBytes()); + doc.setID(idGenerator.generateIdentifier()); + + SignRequest request = new SignRequest(); + request.setInputDocuments(ApiUtils.createInputDocuments(doc)); + + String id = idGenerator.generateIdentifier(); + request.setRequestID(id); + request.setDocUI(id); + + request.setProfile(Profiles.XADES_BES.toString()); + request.setNumberOfSigners(BigInteger.ONE); + request.setTargetCountry(citizenCountry); + + // no, no todo. PEPS will alter this value anyhow. + request.setReturnURL("http://invalid_return"); + + AnyType required = new AnyType(); + required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString())); + required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString())); + required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG)); + required.getAny().add(ApiUtils.createIncludeObject(doc)); + request.setOptionalInputs(required); + + return IOUtils.toString(ApiUtils.marshalToInputStream(request)); + } catch (NoSuchAlgorithmException e) { + Logger.error("Cannot generate id", e); + throw new RuntimeException(e); + } catch (ApiUtilsException e) { + Logger.error("Could not create SignRequest", e); + throw new RuntimeException(e); + } catch (DOMException e) { + Logger.error("Could not create SignRequest", e); + throw new RuntimeException(e); + } catch (IOException e) { + Logger.error("Could not create SignRequest", e); + throw new RuntimeException(e); + } + } + + /** + * Extracts an X509 Certificate out of an XML signagture element + * + * @param signedXML XML signature element + * @return X509Certificate + * @throws CertificateException + */ + public static X509Certificate getCertificateFromXML(Element signedXML) throws CertificateException { + + NodeList nList = signedXML.getElementsByTagNameNS(Constants.DSIG_NS_URI, "X509Certificate"); + + String base64CertString = XMLUtil.getFirstTextValueFromNodeList(nList); + + if (StringUtils.isEmpty(base64CertString)) { + String msg = "XML does not contain a X509Certificate element."; + Logger.error(msg); + throw new CertificateException(msg); + } + + InputStream is = new ByteArrayInputStream(Base64.decode(base64CertString)); + + X509Certificate cert; + try { + cert = new X509Certificate(is); + return cert; + + } catch (Throwable e) { + throw new CertificateException(e); + } + } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java index 828fc78ab..ba347c9e5 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java @@ -2,19 +2,19 @@ * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. - * + * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. - * + * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works @@ -51,82 +51,143 @@ import at.gv.egovernment.moa.util.Constants; /** * Builder for the <InfoboxReadRequest> structure * used for requesting the identity link from the security layer implementation. - * + * * @author Paul Ivancsics * @version $Id$ */ public class InfoboxReadRequestBuilder implements Constants { - /** - * Constructor for InfoboxReadRequestBuilder. - */ - public InfoboxReadRequestBuilder() { - } - - - /** - * Builds an <InfoboxReadRequest>. - * - * @param slVersion12 specifies whether the Security Layer version is - * version 1.2 or not - * @param businessService specifies whether the online application is a - * business service or not - * @param identityLinkDomainIdentifier the identification number of the business - * company; maybe null if the OA - * is a public service; must not be null - * if the OA is a business service - * - * @return <InfoboxReadRequest> as String - */ - public String build(boolean businessService, String identityLinkDomainIdentifier) { - - String slPrefix; - String slNsDeclaration; - + /** + * Constructor for InfoboxReadRequestBuilder. + */ + public InfoboxReadRequestBuilder() { + } + + + /** + * Builds an <InfoboxReadRequest>. + * + * @param slVersion12 specifies whether the Security Layer version is + * version 1.2 or not + * @param businessService specifies whether the online application is a + * business service or not + * @param identityLinkDomainIdentifier the identification number of the business + * company; maybe null if the OA + * is a public service; must not be null + * if the OA is a business service + * @return <InfoboxReadRequest> as String + */ + public String build(boolean businessService, String identityLinkDomainIdentifier) { + + String slPrefix; + String slNsDeclaration; + // if (slVersion12) { - slPrefix = SL12_PREFIX; - slNsDeclaration = SL12_NS_URI; + slPrefix = SL12_PREFIX; + slNsDeclaration = SL12_NS_URI; // } else { // slPrefix = SL10_PREFIX; // slNsDeclaration = SL10_NS_URI; // } - - StringBuffer sb = new StringBuffer(""); - sb.append("<"); - sb.append(slPrefix); - sb.append(":InfoboxReadRequest xmlns:"); - sb.append(slPrefix); - sb.append("=\""); - sb.append(slNsDeclaration); - sb.append("\">"); - sb.append("<"); - sb.append(slPrefix); - sb.append(":InfoboxIdentifier>IdentityLink"); - sb.append("<"); - sb.append(slPrefix); - sb.append(":BinaryFileParameters ContentIsXMLEntity=\"true\"/>"); - if (businessService) { - sb.append("<"); - sb.append(slPrefix); - sb.append(":BoxSpecificParameters>"); - sb.append("<"); - sb.append(slPrefix); - sb.append(":IdentityLinkDomainIdentifier>"); - sb.append(identityLinkDomainIdentifier); - sb.append(""); - sb.append(""); + + StringBuffer sb = new StringBuffer(""); + sb.append("<"); + sb.append(slPrefix); + sb.append(":InfoboxReadRequest xmlns:"); + sb.append(slPrefix); + sb.append("=\""); + sb.append(slNsDeclaration); + sb.append("\">"); + sb.append("<"); + sb.append(slPrefix); + sb.append(":InfoboxIdentifier>IdentityLink"); + sb.append("<"); + sb.append(slPrefix); + sb.append(":BinaryFileParameters ContentIsXMLEntity=\"true\"/>"); + if (businessService) { + sb.append("<"); + sb.append(slPrefix); + sb.append(":BoxSpecificParameters>"); + sb.append("<"); + sb.append(slPrefix); + sb.append(":IdentityLinkDomainIdentifier>"); + sb.append(identityLinkDomainIdentifier); + sb.append(""); + sb.append(""); + } + sb.append(""); + + return sb.toString(); + + } + + + /** + * Builds an <InfoboxReadRequest>. + * + * @param slVersion12 specifies whether the Security Layer version is + * version 1.2 or not + * @param businessService specifies whether the online application is a + * business service or not + * @param identityLinkDomainIdentifier the identification number of the business + * company; maybe null if the OA + * is a public service; must not be null + * if the OA is a business service + * @return <InfoboxReadRequest> as String + * + */ + public String buildStorkReadRequest(String identityLinkDomainIdentifier) { + + String slPrefix; + String slNsDeclaration; + + slPrefix = SL12_PREFIX; + slNsDeclaration = SL12_NS_URI; + + StringBuffer sb = new StringBuffer(""); + sb.append("<"); + sb.append(slPrefix); + sb.append(":InfoboxReadRequest xmlns:"); + sb.append(slPrefix); + sb.append("=\""); + sb.append(slNsDeclaration); + sb.append("\">"); + sb.append("<"); + sb.append(slPrefix); + sb.append(":InfoboxIdentifier>IdentityLink"); + sb.append("<"); + sb.append(slPrefix); + sb.append(":BinaryFileParameters ContentIsXMLEntity=\"true\"/>"); + + // append box parameters - necessary for stork? + sb.append("<"); + sb.append(slPrefix); + sb.append(":BoxSpecificParameters>"); + sb.append("<"); + sb.append(slPrefix); + sb.append(":IdentityLinkDomainIdentifier>"); + sb.append(identityLinkDomainIdentifier); + sb.append(""); + sb.append(""); + // end appending box parameters + + sb.append(""); + + return sb.toString(); + } - sb.append(""); - - return sb.toString(); - - } } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java index 7e21c6667..2d0a0e367 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java @@ -55,7 +55,12 @@ public class OAParameter { this.businessService = true; else this.businessService = false; - + + if (this.oaType.equals("storkService")) + this.storkService = true; + else + this.storkService = false; + this.publicURLPrefix = oa.getPublicURLPrefix(); this.friendlyName = oa.getFriendlyName(); @@ -81,8 +86,15 @@ public class OAParameter { * if value of {@link #oaType} is "businessService" */ private boolean businessService; - - /** + + /** + * specifies whether the online application is a stork application or not (true + * if value of {@link #oaType} is "storkService" + */ + private boolean storkService; + + + /** * public URL prefix of the online application */ private String publicURLPrefix; @@ -139,5 +151,7 @@ public class OAParameter { public OAOAUTH20 getoAuth20Config() { return oAuth20Config; } + + public boolean getStorkService() { return storkService; } } diff --git a/id/server/moa-id-commons/moa-id-commons.iml b/id/server/moa-id-commons/moa-id-commons.iml index ef994abd3..aeb4ad88c 100644 --- a/id/server/moa-id-commons/moa-id-commons.iml +++ b/id/server/moa-id-commons/moa-id-commons.iml @@ -61,6 +61,7 @@ + @@ -75,7 +76,6 @@ - diff --git a/id/server/moa-id.iml b/id/server/moa-id.iml index c418d6693..6e02e5944 100644 --- a/id/server/moa-id.iml +++ b/id/server/moa-id.iml @@ -8,6 +8,7 @@ + diff --git a/id/server/proxy/moa-id-proxy.iml b/id/server/proxy/moa-id-proxy.iml index e61d841ce..279d544b1 100644 --- a/id/server/proxy/moa-id-proxy.iml +++ b/id/server/proxy/moa-id-proxy.iml @@ -55,6 +55,7 @@ + @@ -93,7 +94,6 @@ - -- cgit v1.2.3