package at.gv.egovernment.moa.id.proxy; import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import java.io.IOException; import java.util.*; import org.apache.xerces.parsers.DOMParser; import org.w3c.dom.*; // Referenced classes of package at.gv.egovernment.moa.id.proxy: // // TODO MOA-ID test full functionality public class XMLLoginParameterResolverPlainData implements LoginParameterResolver { private String configuration; /** * inner class used to store mapped parameters */ class LPRParams { /** * getter method for parameter Enabled. * Parameter Enabled decides if mapped parameters should be used by XMLLoginParameterResolver */ public boolean getEnabled() { return enabled.booleanValue(); } /** * getter method for parameter UN (username) * @return Parameter UN or null not set. */ public String getUN() { return UN; } /** * getter method for parameter UN (username) * @return Parameter UN or null not set. */ public String getPlainUN() { return UN; } /** * getter method for parameter PW (password) * @return Parameter PW or null not set. */ public String getPW() { return PW; } /** * getter method for generic parameter Param1 * @return Parameter Param1 or null not set. */ public String getParam1() { return Param1; } /** * getter method for generic parameter Param2 * @return Parameter Param2 or null not set. */ public String getParam2() { return Param2; } /** * getter method for generic parameter Param3 * @return Parameter Param3 or null not set. */ public String getParam3() { return Param3; } /** * Returns a string representation of LPRParams * * @return a String representation of this object. * @see XMLLoginParameterResolver.LPRParams */ public String toString() { return "Enabled: " + enabled.toString() + "UN: '" + UN + "' PW: '" + PW + "' Param1: '" + Param1 + "' Param2: '" + Param2 + "' Param3: '" + Param3 + "'\n"; } //private member variables used to store the parameters private Boolean enabled = null; private String UN = null; private String PW = null; private String Param1 = null; private String Param2 = null; private String Param3 = null; /** * Constructs a newly allocated XMLLoginParameterResolver.LPRParams object. * * @param enabled enable user mapping to parameter set for the parameter set. * @param UN username used in HTTP 401 - BasicAuthentication * @param PW password used in HTTP 401 - BasicAuthentication * @param Param1 generic parameter1 used in HeaderAuthentication and ParameterAuthentication * @param Param2 generic parameter2 used in HeaderAuthentication and ParameterAuthentication * @param Param3 generic parameter3 used in HeaderAuthentication and ParameterAuthentication **/ LPRParams(boolean enabled, String UN, String PW, String Param1, String Param2, String Param3) { this.enabled = new Boolean(enabled); this.UN = UN; this.PW = PW; this.Param1 = Param1; this.Param1 = Param2; this.Param1 = Param3; } /** * Constructs a newly allocated XMLLoginParameterResolver.LPRParams object. * * @param enabled enable user mapping to parameter set for the parameter set. * @param UN username used in HTTP 401 - BasicAuthentication * @param PW password used in HTTP 401 - BasicAuthentication **/ LPRParams(boolean enabled, String UN, String PW) { this(enabled, UN, PW, null, null, null); } } public XMLLoginParameterResolverPlainData() { bPKMap = new HashMap(); namedMap = new HashMap(); } public Map getAuthenticationHeaders(OAConfiguration oaConf, AuthenticationData authData, String clientIPAddress) { Map result = new HashMap(); if(oaConf.getAuthType().equals("basic")) { String famName = resolveValue("MOAFamilyName", authData, clientIPAddress); String givenName = resolveValue("MOAGivenName", authData, clientIPAddress); String bPK = resolveValue("MOABPK", authData, clientIPAddress); String userid = ""; String password = ""; String param1 = ""; String param2 = ""; String param3 = ""; LPRParams params = null; boolean userFound = false; Logger.debug("XMLLoginParameterResolverPlainData: search for automatic login data for bPK:" + bPK); params = (LPRParams)bPKMap.get(bPK); if(params == null) Logger.debug("XMLLoginParameterResolverPlainData: params for bPK: " + bPK + " not found!"); else if(params.getEnabled()) { Logger.debug("XMLLoginParameterResolverPlainData: bPK: " + bPK + "found in list; user is enabled"); Logger.debug("XMLLoginParameterResolverPlainData: using: " + params.toString()); userid = params.getUN(); password = params.getPW(); param1 = params.getParam1(); param2 = params.getParam2(); param3 = params.getParam3(); userFound = true; } else { Logger.info("XMLLoginParameterResolverPlainData: bPK: " + bPK + "found in list; user is NOT enabled"); } if(!userFound) { Logger.debug("XMLLoginParameterResolverPlainData: search for automatic login data for SurName:" + famName + " GivenName: " + givenName); params = (LPRParams)namedMap.get(famName + "," + givenName); if(params == null) Logger.debug("XMLLoginParameterResolverPlainData: params for Surname: " + famName + " GivenName: " + givenName + " not found!"); else if(params.getEnabled()) { Logger.debug("XMLLoginParameterResolverPlainData: SurName:" + famName + " GivenName: " + givenName + "found in list; user is enabled"); Logger.debug("XMLLoginParameterResolverPlainData: using: " + params.toString()); userid = params.getUN(); password = params.getPW(); param1 = params.getParam1(); param2 = params.getParam2(); param3 = params.getParam3(); userFound = true; } else { Logger.info("XMLLoginParameterResolverPlainData: SurName:" + famName + " GivenName: " + givenName + "found in list; user is NOT enabled"); } } if(!userFound) { Logger.info("XMLLoginParameterResolverPlainData: Person is not allowed No automatic login"); return result; } try { String userIDPassword = userid + ":" + password; String credentials = Base64Utils.encode(userIDPassword.getBytes()); Logger.debug("XMLLoginParameterResolverPlainData: calculated credentials: " + credentials); result.put("Authorization", "Basic " + credentials); } catch(IOException ignore) { } } else if(oaConf.getAuthType().equals("header")) { String key; String resolvedValue; for(Iterator iter = oaConf.getHeaderAuthMapping().keySet().iterator(); iter.hasNext(); result.put(key, resolvedValue)) { key = (String)iter.next(); String predicate = (String)oaConf.getHeaderAuthMapping().get(key); resolvedValue = resolveValue(predicate, authData, clientIPAddress); } } return result; } public Map getAuthenticationParameters(OAConfiguration oaConf, AuthenticationData authData, String clientIPAddress) { Map result = new HashMap(); if(oaConf.getAuthType().equals("param")) { String key; String resolvedValue; for(Iterator iter = oaConf.getParamAuthMapping().keySet().iterator(); iter.hasNext(); result.put(key, resolvedValue)) { key = (String)iter.next(); String predicate = (String)oaConf.getParamAuthMapping().get(key); resolvedValue = resolveValue(predicate, authData, clientIPAddress); } } return result; } private static String resolveValue(String predicate, AuthenticationData authData, String clientIPAddress) { if(predicate.equals("MOAGivenName")) return authData.getGivenName(); if(predicate.equals("MOAFamilyName")) return authData.getFamilyName(); if(predicate.equals("MOADateOfBirth")) return authData.getDateOfBirth(); if(predicate.equals("MOABPK")) return authData.getPBK(); if(predicate.equals("MOAPublicAuthority")) if(authData.isPublicAuthority()) return "true"; else return "false"; if(predicate.equals("MOABKZ")) return authData.getPublicAuthorityCode(); if(predicate.equals("MOAQualifiedCertificate")) if(authData.isQualifiedCertificate()) return "true"; else return "false"; if(predicate.equals("MOAStammzahl")) return authData.getIdentificationValue(); if (predicate.equals(MOAIdentificationValueType)) return authData.getIdentificationType(); if(predicate.equals("MOAIPAddress")) return clientIPAddress; else return null; } private Document readXMLFile(String fileName) { Logger.info("XMLLoginParameterResolverPlainData: Loading MOA-OA configuration " + fileName); DOMParser parser = new DOMParser(); try { parser.setFeature("http://xml.org/sax/features/validation", true); parser.setFeature("http://apache.org/xml/features/validation/schema", true); parser.parse(fileName); return parser.getDocument(); } catch(Exception e) { String msg = e.toString(); Logger.error("XMLLoginParameterResolverPlainData: Error parsing file" + fileName + "\n" + msg); return null; } } private void buildInfo(Document doc) { Element root = doc.getDocumentElement(); NodeList idList = root.getElementsByTagName("Identity"); NodeList paramList = root.getElementsByTagName("Parameters"); for(int i = 0; i < idList.getLength(); i++) Logger.debug("XMLLoginParameterResolverPlainData: LocalName idList: " + idList.item(i).getLocalName()); for(int i = 0; i < paramList.getLength(); i++) Logger.debug("XMLLoginParameterResolverPlainData: LocalName paramList: " + paramList.item(i).getLocalName()); for(int i = 0; i < idList.getLength(); i++) { Element tmpElem = (Element)idList.item(i); NodeList tmpList = tmpElem.getElementsByTagName("NamedIdentity"); for(int j = 0; j < tmpList.getLength(); j++) Logger.debug("XMLLoginParameterResolverPlainData: LocalName tmp: " + tmpList.item(j).getLocalName()); if(1 == tmpList.getLength()) { tmpElem = (Element)tmpList.item(0); String tmpStr = tmpElem.getAttribute("SurName") + "," + tmpElem.getAttribute("GivenName"); boolean tmpBool = false; if(tmpElem.getFirstChild() != null && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0) tmpBool = true; Logger.debug("XMLLoginParameterResolverPlainData: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString()); tmpElem = (Element)paramList.item(i); Logger.debug("XMLLoginParameterResolverPlainData: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW")); namedMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW"))); } else { tmpList = tmpElem.getElementsByTagName("bPKIdentity"); if(1 == tmpList.getLength()) { tmpElem = (Element)tmpList.item(0); String tmpStr = tmpElem.getAttribute("bPK"); boolean tmpBool = false; if(tmpElem.getFirstChild() != null && "1".compareTo(tmpElem.getFirstChild().getNodeValue()) == 0) tmpBool = true; Logger.debug("XMLLoginParameterResolverPlainData: tmpStr: " + tmpStr + " value: " + (new Boolean(tmpBool)).toString()); tmpElem = (Element)paramList.item(i); Logger.debug("XMLLoginParameterResolverPlainData: attribute UN: " + tmpElem.getAttribute("UN") + " attribute PW: " + tmpElem.getAttribute("PW") + " attribute Param1: " + tmpElem.getAttribute("Param1")); bPKMap.put(tmpStr, new LPRParams(tmpBool, tmpElem.getAttribute("UN"), tmpElem.getAttribute("PW"))); } else { Logger.warn("XMLLoginParameterResolverPlainData: wrong format no NamedIdentity or bPKIdentity found"); } } } Logger.debug("namedMap:" + namedMap.toString()); Logger.debug("bPKMap:" + bPKMap.toString()); } public static final String XSD_DOCELEM = "MOAIdentities"; public static final String XSD_IDELEM = "Identity"; public static final String XSD_NAMEDIDELEM = "NamedIdentity"; public static final String XSD_BPKIDELEM = "bPKIdentity"; public static final String XSD_PARAMELEM = "Parameters"; public static final String XML_LPR_CONFIG_PROPERTY_NAME1 = "moa.id.xmllpr1.configuration"; private Map bPKMap; private Map namedMap; public void configure(String configuration) throws LoginParameterResolverException { Logger.info("XMLLoginParameterResolverPlainData: initialization string: " + configuration); this.configuration = configuration; String fileName = configuration; if(fileName == null) { fileName = "file:conf/moa-id/Identities.xml"; Logger.info("XMLLoginParameterResolverPlainData: used file name string: " + fileName); } Document doc = readXMLFile(fileName); buildInfo(doc); } }