package at.gv.egovernment.moa.id.proxy;
import at.gv.egovernment.moa.id.config.proxy.OAConfiguration;
import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Base64Utils;
import java.io.IOException;
import java.util.*;
import org.apache.xerces.parsers.DOMParser;
import org.w3c.dom.*;
// Referenced classes of package at.gv.egovernment.moa.id.proxy:
//
// TODO MOA-ID test full functionality
public class XMLLoginParameterResolverPlainData
implements LoginParameterResolver
{
private String configuration;
/**
* inner class used to store mapped parameters
*/
class LPRParams {
/**
* getter method for parameter Enabled.
* Parameter Enabled decides if mapped parameters should be used by XMLLoginParameterResolver
*/
public boolean getEnabled() {
return enabled.booleanValue();
}
/**
* getter method for parameter UN (username)
* @return Parameter UN or null
not set.
*/
public String getUN() {
return UN;
}
/**
* getter method for parameter UN (username)
* @return Parameter UN or null
not set.
*/
public String getPlainUN() {
return UN;
}
/**
* getter method for parameter PW (password)
* @return Parameter PW or null
not set.
*/
public String getPW() {
return PW;
}
/**
* getter method for generic parameter Param1
* @return Parameter Param1 or null
not set.
*/
public String getParam1() {
return Param1;
}
/**
* getter method for generic parameter Param2
* @return Parameter Param2 or null
not set.
*/
public String getParam2() {
return Param2;
}
/**
* getter method for generic parameter Param3
* @return Parameter Param3 or null
not set.
*/
public String getParam3() {
return Param3;
}
/**
* Returns a string representation of LPRParams
*
* @return a String
representation of this object.
* @see XMLLoginParameterResolver.LPRParams
*/
public String toString() {
return "Enabled: "
+ enabled.toString()
+ "UN: '"
+ UN
+ "' PW: '"
+ PW
+ "' Param1: '"
+ Param1
+ "' Param2: '"
+ Param2
+ "' Param3: '"
+ Param3
+ "'\n";
}
//private member variables used to store the parameters
private Boolean enabled = null;
private String UN = null;
private String PW = null;
private String Param1 = null;
private String Param2 = null;
private String Param3 = null;
/**
* Constructs a newly allocated XMLLoginParameterResolver.LPRParams
object.
*
* @param enabled enable user mapping to parameter set for the parameter set.
* @param UN username used in HTTP 401 - BasicAuthentication
* @param PW password used in HTTP 401 - BasicAuthentication
* @param Param1 generic parameter1 used in HeaderAuthentication and ParameterAuthentication
* @param Param2 generic parameter2 used in HeaderAuthentication and ParameterAuthentication
* @param Param3 generic parameter3 used in HeaderAuthentication and ParameterAuthentication
**/
LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3) {
this.enabled = new Boolean(enabled);
this.UN = UN;
this.PW = PW;
this.Param1 = Param1;
this.Param1 = Param2;
this.Param1 = Param3;
}
/**
* Constructs a newly allocated XMLLoginParameterResolver.LPRParams
object.
*
* @param enabled enable user mapping to parameter set for the parameter set.
* @param UN username used in HTTP 401 - BasicAuthentication
* @param PW password used in HTTP 401 - BasicAuthentication
**/
LPRParams(boolean enabled, String UN, String PW) {
this(enabled, UN, PW, null, null, null);
}
}
//TODO document
public XMLLoginParameterResolverPlainData()
{
bPKMap = new HashMap();
namedMap = new HashMap();
}
//TODO document
public Map getAuthenticationHeaders(OAConfiguration oaConf, AuthenticationData authData, String clientIPAddress, boolean businessService, String publicURLPrefix) throws NotAllowedException
{
Map result = new HashMap();
if(oaConf.getAuthType().equals("basic"))
{
String famName = resolveValue(MOAFamilyName, authData, clientIPAddress);
String givenName = resolveValue(MOAGivenName, authData, clientIPAddress);
String dateOfBirth = resolveValue(MOADateOfBirth, authData, clientIPAddress);
String bPK ="";
String wType= "";
if (businessService) {
bPK = resolveValue(MOAWBPK, authData, clientIPAddress);
wType = "w";
} else {
bPK = resolveValue(MOABPK, authData, clientIPAddress);
}
String userid = "";
String password = "";
String param1 = "";
String param2 = "";
String param3 = "";
LPRParams params = null;
boolean userFound = false;
//first step: search for (w)bPK entry in user list
Logger.debug("XMLLoginParameterResolverPlainData: search for automatic login data for "+ wType + "bPK:" + bPK);
params = (LPRParams)bPKMap.get(bPK);
if(params == null)
Logger.debug("XMLLoginParameterResolverPlainData: params for "+ wType + "bPK: " + bPK + " not found in file!");
else
if(params.getEnabled())
{ //if user is enabled: get related parameters
Logger.debug("XMLLoginParameterResolverPlainData: "+ wType + "bPK: " + bPK + " found in list; user is enabled");
Logger.debug("XMLLoginParameterResolverPlainData: using: " + params.toString());
userid = params.getUN();
password = params.getPW();
param1 = params.getParam1();
param2 = params.getParam2();
param3 = params.getParam3();
userFound = true;
} else
{
Logger.info("XMLLoginParameterResolverPlainData: "+ wType + "bPK: " + bPK + " found in list; user is NOT enabled");
}
if(!userFound) //secound step: search for name entry in user list
{
Logger.debug("XMLLoginParameterResolverPlainData: search for automatic login data for SurName:" + famName + " GivenName: " + givenName + " DateOfBirth: " + dateOfBirth);
params = (LPRParams)namedMap.get(famName + "," + givenName + "," + dateOfBirth);
if(params == null) {
Logger.debug("XMLLoginParameterResolverPlainData: params for Surname: " + famName + " GivenName: " + givenName + " DateOfBirth: " + dateOfBirth + " not found in file!");
//try also with wildcard ("*") birthdate
params = (LPRParams)namedMap.get(famName + "," + givenName + "," + "*");
if(params != null) Logger.debug("XMLLoginParameterResolverPlainData: params for Surname: " + famName + " GivenName: " + givenName + " DateOfBirth: " + "*" + " found!");
}
if(null != params && params.getEnabled())
{
Logger.debug("XMLLoginParameterResolverPlainData: SurName:" + famName + " GivenName: " + givenName + " DateOfBirth: " + dateOfBirth + " found in file; user is enabled");
Logger.debug("XMLLoginParameterResolverPlainData: using: " + params.toString());
userid = params.getUN();
password = params.getPW();
param1 = params.getParam1();
param2 = params.getParam2();
param3 = params.getParam3();
userFound = true;
}
}
if(!userFound) //if user is not found then throw NotAllowedException exception
{
//TODO MOA-ID proov this with testcases!
Logger.info("XMLLoginParameterResolverPlainData: Person is not allowed No automatic login");
throw new NotAllowedException("XMLLoginParameterResolverPlainData: Person is not allowed No automatic login ", new Object[] { });
}
try //if user was found: generate Authorization header entry with associated credemtials
{
String userIDPassword = userid + ":" + password;
String credentials = Base64Utils.encode(userIDPassword.getBytes());
Logger.debug("XMLLoginParameterResolverPlainData: calculated credentials: " + credentials);
result.put("Authorization", "Basic " + credentials);
}
catch(IOException ignore) { }
} else
if(oaConf.getAuthType().equals("header"))
{
String key;
String resolvedValue;
for(Iterator iter = oaConf.getHeaderAuthMapping().keySet().iterator(); iter.hasNext(); result.put(key, resolvedValue))
{
key = (String)iter.next();
String predicate = (String)oaConf.getHeaderAuthMapping().get(key);
resolvedValue = resolveValue(predicate, authData, clientIPAddress);
}
}
return result;
}
public Map getAuthenticationParameters(OAConfiguration oaConf, AuthenticationData authData, String clientIPAddress, boolean businessService)
{
Map result = new HashMap();
if(oaConf.getAuthType().equals("param"))
{
String key;
String resolvedValue;
for(Iterator iter = oaConf.getParamAuthMapping().keySet().iterator(); iter.hasNext(); result.put(key, resolvedValue))
{
key = (String)iter.next();
String predicate = (String)oaConf.getParamAuthMapping().get(key);
resolvedValue = resolveValue(predicate, authData, clientIPAddress);
}
}
return result;
}
private static String resolveValue(String predicate, AuthenticationData authData, String clientIPAddress)
{
if(predicate.equals(MOAGivenName))
return authData.getGivenName();
if(predicate.equals(MOAFamilyName))
return authData.getFamilyName();
if(predicate.equals(MOADateOfBirth))
return authData.getDateOfBirth();
if(predicate.equals(MOABPK))
return authData.getBPK();
if(predicate.equals(MOAWBPK))
return authData.getWBPK();
if(predicate.equals(MOAPublicAuthority))
if(authData.isPublicAuthority())
return "true";
else
return "false";
if(predicate.equals(MOABKZ))
return authData.getPublicAuthorityCode();
if(predicate.equals(MOAQualifiedCertificate))
if(authData.isQualifiedCertificate())
return "true";
else
return "false";
if(predicate.equals(MOAStammzahl))
return authData.getIdentificationValue();
if (predicate.equals(MOAIdentificationValueType))
return authData.getIdentificationType();
if(predicate.equals(MOAIPAddress))
return clientIPAddress;
else
return null;
}
private Document readXMLFile(String fileName) throws LoginParameterResolverException
{
Logger.info("XMLLoginParameterResolverPlainData: Loading MOA-OA configuration " + fileName);
DOMParser parser = new DOMParser();
try
{
parser.setFeature("http://xml.org/sax/features/validation", true);
parser.setFeature("http://apache.org/xml/features/validation/schema", true);
parser.parse(fileName);
return parser.getDocument();
}
catch(Exception e)
{
String msg = e.toString();
throw new LoginParameterResolverException("proxy.13", new Object[] {": XMLLoginParameterResolverPlainData: Error parsing file " + fileName, "detail problem: " + msg});
}
}
private void buildInfo(Document doc, boolean businessService)
{
Element root = doc.getDocumentElement();
NodeList idList = root.getElementsByTagName("Identity");
NodeList paramList = root.getElementsByTagName("Parameters");
String wType ="";
if (businessService) wType = "w";
for(int i = 0; i < idList.getLength(); i++)
Logger.debug("XMLLoginParameterResolverPlainData: LocalName idList: " + idList.item(i).getLocalName());
for(int i = 0; i < paramList.getLength(); i++)
Logger.debug("XMLLoginParameterResolverPlainData: LocalName paramList: " + paramList.item(i).getLocalName());
for(int i = 0; i < idList.getLength(); i++)
{
Element tmpElem = (Element)idList.item(i);
NodeList tmpList = tmpElem.getElementsByTagName("NamedIdentity");
for(int j = 0; j < tmpList.getLength(); j++)
Logger.debug("XMLLoginParameterResolverPlainData: LocalName tmp: " + tmpList.item(j).getLocalName());
if(1 == tmpList.getLength())
{
tmpElem = (Element)tmpList.item(0);
String tmpStr = tmpElem.getAttribute("SurName") + "," + tmpElem.getAttribute("GivenName") + "," + tmpElem.getAttribute("BirthDate");
boolean tmpBool = false;
if(tmpElem.getFirstChild() != null && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
tmpBool = true;
Logger.debug("XMLLoginParameterResolverPlainData: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
tmpElem = (Element)paramList.item(i);
Logger.debug("XMLLoginParameterResolverPlainData: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW"));
namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW")));
} else
{
tmpList = tmpElem.getElementsByTagName(wType + "bPKIdentity");
if(1 == tmpList.getLength())
{
tmpElem = (Element)tmpList.item(0);
String tmpStr = tmpElem.getAttribute(wType + "bPK");
boolean tmpBool = false;
if(tmpElem.getFirstChild() != null && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0)
tmpBool = true;
Logger.debug("XMLLoginParameterResolverPlainData: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString());
tmpElem = (Element)paramList.item(i);
Logger.debug("XMLLoginParameterResolverPlainData: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW") + " attribute Param1: " + tmpElem.getAttribute("Param1"));
bPKMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW")));
} else
{
Logger.warn("XMLLoginParameterResolverPlainData: wrong format or incorrect mode; no NamedIdentity or " + wType + "bPKIdentity found");
}
}
}
Logger.debug("namedMap:" + namedMap.toString());
Logger.debug(wType + "bPKMap:" + bPKMap.toString());
}
//public static final String XSD_DOCELEM = "MOAIdentities";
//public static final String XSD_IDELEM = "Identity";
//public static final String XSD_NAMEDIDELEM = "NamedIdentity";
//public static final String XSD_BPKIDELEM = "bPKIdentity";
//public static final String XSD_PARAMELEM = "Parameters";
//public static final String XML_LPR_CONFIG_PROPERTY_NAME1 = "moa.id.xmllpr1.configuration";
private Map bPKMap;
private Map namedMap;
public void configure(String configuration, Boolean businessService) throws LoginParameterResolverException {
Logger.info("XMLLoginParameterResolverPlainData: initialization string: " + configuration);
this.configuration = configuration;
String fileName = configuration;
if(fileName == null) {
fileName = "file:conf/moa-id/Identities.xml";
Logger.info("XMLLoginParameterResolverPlainData: used file name string: " + fileName);
}
Document doc = readXMLFile(fileName);
buildInfo(doc, businessService.booleanValue() );
}
}