package at.gv.egovernment.moa.id.proxy.invoke; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.util.Vector; import javax.xml.namespace.QName; import javax.xml.rpc.Call; import javax.xml.rpc.Service; import javax.xml.rpc.ServiceFactory; import org.apache.axis.message.SOAPBodyElement; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.AuthenticationException; import at.gv.egovernment.moa.id.BuildException; import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.ServiceException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConnectionParameter; import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.data.SAMLStatus; import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser; import at.gv.egovernment.moa.id.proxy.servlet.ProxyException; import at.gv.egovernment.moa.id.util.Random; /** * Invoker of * * depending of the configuration. * * @author Paul Ivancsics * @version $Id$ */ public class GetAuthenticationDataInvoker { /** Create a new QName object for the webservice endpoint */ private static final QName SERVICE_QNAME = new QName("GetAuthenticationData"); /** invoked object for API call of MOA-ID Auth */ private static Object apiServer = null; /** invoked method for API call of MOA-ID Auth */ private static Method apiMethod = null; /** * Invokes the service passing domain model objects. * @param samlArtifact SAML artifact * @return AuthenticationData object * @throws ServiceException on any exception thrown */ /** * Get authentication data from the MOA-ID Auth component, * either via API call or via web service call. * @param samlArtifact SAML artifact to be used as a parameter * @return AuthenticationData */ public AuthenticationData getAuthenticationData(String samlArtifact) throws ConfigurationException, ProxyException, BuildException, ServiceException, ParseException, AuthenticationException { ConnectionParameter authConnParam = ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter(); if (authConnParam == null) { try { if (apiServer == null) { Class serverClass = Class.forName("at.gv.egovernment.moa.id.auth.AuthenticationServer"); Method getInstanceMethod = serverClass.getMethod("getInstance", (Class[]) null); apiServer = getInstanceMethod.invoke(null, (Object[]) null); apiMethod = serverClass.getMethod( "getAuthenticationData", new Class[] {String.class}); } AuthenticationData authData = (AuthenticationData)apiMethod.invoke(apiServer, new Object[] {samlArtifact}); return authData; } catch (InvocationTargetException ex) { Throwable targetEx = ex.getTargetException(); if (targetEx instanceof AuthenticationException) throw (AuthenticationException) targetEx; else throw new ProxyException("proxy.09", new Object[] {targetEx.toString()}); } catch (Throwable ex) { throw new ProxyException("proxy.09", new Object[] {ex.toString()}); } } else { Element samlpRequest = new SAMLRequestBuilder().build(Random.nextRandom(), samlArtifact); Element samlpResponse = getAuthenticationData(samlpRequest); SAMLResponseParser srp = new SAMLResponseParser(samlpResponse); SAMLStatus status = srp.parseStatusCode(); if (! "samlp:Success".equals(status.getStatusCode())) { // on error status throw exception String code = status.getStatusCode(); if (status.getSubStatusCode() != null && status.getSubStatusCode().length() > 0) code += "(" + status.getSubStatusCode() + ")"; throw new ServiceException("service.02", new Object[] {code, status.getStatusMessage()}); } return srp.parseAuthenticationData(); } } /** * Invokes the service passing DOM elements. * @param request request DOM element * @return response DOM element * @throws ServiceException on any exception thrown */ public Element getAuthenticationData(Element request) throws ServiceException { try { Service service = ServiceFactory.newInstance().createService(SERVICE_QNAME); Call call = service.createCall(); SOAPBodyElement body = new SOAPBodyElement(request); SOAPBodyElement[] params = new SOAPBodyElement[] {body}; Vector responses; SOAPBodyElement response; String endPoint; ConnectionParameter authConnParam = ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter(); //If the ConnectionParameter do NOT exist, we throw an exception .... if (authConnParam!=null) { endPoint = authConnParam.getUrl(); call.setTargetEndpointAddress(endPoint); responses = (Vector) call.invoke(SERVICE_QNAME, params); response = (SOAPBodyElement) responses.get(0); return response.getAsDOM(); } else { throw new ServiceException("service.01", null); } } catch (Exception ex) { throw new ServiceException("service.00", new Object[] {ex.toString()}, ex); } } }