package at.gv.egovernment.moa.id.proxy.parser; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.util.BoolUtils; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; import at.gv.egovernment.moa.util.XPathUtils; /** * Parser for the <saml:Assertion> returned by the * GetAuthenticationData web service. * @author Paul Ivancsics * @version $Id$ */ public class AuthenticationDataAssertionParser implements Constants { /** Prefix for SAML-Xpath-expressions */ private static String SAML = SAML_PREFIX + ":"; /** Prefix for PersonData-Xpath-expressions */ private static String PR = PD_PREFIX + ":"; /** Prefix for Attribute MajorVersion in an Xpath-expression */ private static String MAJOR_VERSION_XPATH = "@MajorVersion"; /** Prefix for Attribute MinorVersion in an Xpath-expression */ private static String MINOR_VERSION_XPATH = "@MinorVersion"; /** Prefix for Attribute AssertionID in an Xpath-expression */ private static String ASSERTION_ID_XPATH = "@AssertionID"; /** Prefix for Attribute Issuer in an Xpath-expression */ private static String ISSUER_XPATH = "@Issuer"; /** Prefix for Attribute IssueInstant in an Xpath-expression */ private static String ISSUE_INSTANT_XPATH = "@IssueInstant"; /** Prefix for Element AttributeStatement in an Xpath-expression */ private static String ATTRIBUTESTATEMENT_XPATH = SAML + "AttributeStatement/"; /** Prefix for Element NameIdentifier in an Xpath-expression */ private static String BPK_XPATH = ATTRIBUTESTATEMENT_XPATH + SAML + "Subject/" + SAML + "NameIdentifier"; /** Prefix for Element Person in an Xpath-expression */ private static String PERSONDATA_XPATH = ATTRIBUTESTATEMENT_XPATH + SAML + "Attribute[@AttributeName=\"PersonData\"]/" + SAML + "AttributeValue/" + PR + "Person/"; /** Prefix for Element Value in an Xpath-expression */ private static String IDENTIFICATION_VALUE_XPATH = PERSONDATA_XPATH + PR + "Identification/" + PR + "Value"; private static String IDENTIFICATION_TYPE_XPATH = PERSONDATA_XPATH + PR + "Identification/" + PR + "Type"; /** Prefix for Element GivenName in an Xpath-expression */ private static String GIVEN_NAME_XPATH = PERSONDATA_XPATH + PR + "Name/" + PR + "GivenName"; /** Prefix for Element FamilyName in an Xpath-expression */ private static String FAMILY_NAME_XPATH = PERSONDATA_XPATH + PR + "Name/" + PR + "FamilyName"; /** Prefix for Element DateOfBirth in an Xpath-expression */ private static String DATE_OF_BIRTH_XPATH = PERSONDATA_XPATH + PR + "DateOfBirth"; /** Prefix for Element AttributeValue in an Xpath-expression */ private static String IS_QUALIFIED_CERT_XPATH = ATTRIBUTESTATEMENT_XPATH + SAML + "Attribute[@AttributeName=\"isQualifiedCertificate\"]/" + SAML + "AttributeValue"; /** Prefix for Element AttributeValue in an Xpath-expression */ private static String PUBLIC_AUTHORITY_XPATH = ATTRIBUTESTATEMENT_XPATH + SAML + "Attribute[@AttributeName=\"isPublicAuthority\"]/" + SAML + "AttributeValue"; /** Element samlAssertion represents the SAML:Assertion */ private Element samlAssertion; /** * Constructor * @param samlAssertion samlpResponse the <samlp:Response> as a DOM element */ public AuthenticationDataAssertionParser(Element samlAssertion) { this.samlAssertion = samlAssertion; } /** * Parses the <saml:Assertion>. * @return AuthenticationData object * @throws ParseException on any error */ public AuthenticationData parseAuthenticationData() throws ParseException { try { AuthenticationData authData = new AuthenticationData(); //ÄNDERN: NUR der Identification-Teil authData.setSamlAssertion(DOMUtils.serializeNode(samlAssertion)); authData.setMajorVersion(new Integer( XPathUtils.getAttributeValue(samlAssertion, MAJOR_VERSION_XPATH, "-1")).intValue()); authData.setMinorVersion(new Integer( XPathUtils.getAttributeValue(samlAssertion, MINOR_VERSION_XPATH, "-1")).intValue()); authData.setAssertionID( XPathUtils.getAttributeValue(samlAssertion, ASSERTION_ID_XPATH, "")); authData.setIssuer( XPathUtils.getAttributeValue(samlAssertion, ISSUER_XPATH, "")); authData.setIssueInstant( XPathUtils.getAttributeValue(samlAssertion, ISSUE_INSTANT_XPATH, "")); authData.setPBK( XPathUtils.getElementValue(samlAssertion, BPK_XPATH, "")); authData.setIdentificationValue( XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_VALUE_XPATH, "")); authData.setIdentificationType( XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_TYPE_XPATH, "")); authData.setGivenName( XPathUtils.getElementValue(samlAssertion, GIVEN_NAME_XPATH, "")); authData.setFamilyName( XPathUtils.getElementValue(samlAssertion, FAMILY_NAME_XPATH, "")); authData.setDateOfBirth( XPathUtils.getElementValue(samlAssertion, DATE_OF_BIRTH_XPATH, "")); authData.setQualifiedCertificate(BoolUtils.valueOf( XPathUtils.getElementValue(samlAssertion, IS_QUALIFIED_CERT_XPATH, ""))); String publicAuthority = XPathUtils.getElementValue(samlAssertion, PUBLIC_AUTHORITY_XPATH, null); if (publicAuthority == null) { authData.setPublicAuthority(false); authData.setPublicAuthorityCode(""); } else { authData.setPublicAuthority(true); if (! publicAuthority.equalsIgnoreCase("true")) authData.setPublicAuthorityCode(publicAuthority); } return authData; } catch (Throwable t) { throw new ParseException("parser.01", new Object[] { t.toString() }, t); } } }