package at.gv.egovernment.moa.id.proxy.parser;
import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.ParseException;
import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.util.BoolUtils;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.XPathUtils;
/**
* Parser for the <saml:Assertion> returned by the
* GetAuthenticationData web service.
* @author Paul Ivancsics
* @version $Id$
*/
public class AuthenticationDataAssertionParser implements Constants {
/** Prefix for SAML-Xpath-expressions */
private static String SAML = SAML_PREFIX + ":";
/** Prefix for PersonData-Xpath-expressions */
private static String PR = PD_PREFIX + ":";
/** Prefix for Attribute MajorVersion in an Xpath-expression */
private static String MAJOR_VERSION_XPATH =
"@MajorVersion";
/** Prefix for Attribute MinorVersion in an Xpath-expression */
private static String MINOR_VERSION_XPATH =
"@MinorVersion";
/** Prefix for Attribute AssertionID in an Xpath-expression */
private static String ASSERTION_ID_XPATH =
"@AssertionID";
/** Prefix for Attribute Issuer in an Xpath-expression */
private static String ISSUER_XPATH =
"@Issuer";
/** Prefix for Attribute IssueInstant in an Xpath-expression */
private static String ISSUE_INSTANT_XPATH =
"@IssueInstant";
/** Prefix for Element AttributeStatement in an Xpath-expression */
private static String ATTRIBUTESTATEMENT_XPATH =
SAML + "AttributeStatement/";
/** Prefix for Element NameIdentifier in an Xpath-expression */
private static String PK_XPATH =
ATTRIBUTESTATEMENT_XPATH +
SAML + "Subject/" +
SAML + "NameIdentifier";
private static String NAME_QUALIFIER_XPATH =
PK_XPATH + "/@NameQualifier";
/** Prefix for Element Person in an Xpath-expression */
private static String PERSONDATA_XPATH =
ATTRIBUTESTATEMENT_XPATH +
SAML + "Attribute[@AttributeName=\"PersonData\"]/" +
SAML + "AttributeValue/" +
PR + "Person/";
/** Prefix for Element Value in an Xpath-expression */
private static String IDENTIFICATION_VALUE_XPATH =
PERSONDATA_XPATH +
PR + "Identification/" +
PR + "Value";
private static String IDENTIFICATION_TYPE_XPATH =
PERSONDATA_XPATH +
PR + "Identification/" +
PR + "Type";
/** Prefix for Element GivenName in an Xpath-expression */
private static String GIVEN_NAME_XPATH =
PERSONDATA_XPATH +
PR + "Name/" +
PR + "GivenName";
/** Prefix for Element FamilyName in an Xpath-expression */
private static String FAMILY_NAME_XPATH =
PERSONDATA_XPATH +
PR + "Name/" +
PR + "FamilyName";
/** Prefix for Element DateOfBirth in an Xpath-expression */
private static String DATE_OF_BIRTH_XPATH =
PERSONDATA_XPATH +
PR + "DateOfBirth";
/** Prefix for Element AttributeValue in an Xpath-expression */
private static String IS_QUALIFIED_CERT_XPATH =
ATTRIBUTESTATEMENT_XPATH +
SAML + "Attribute[@AttributeName=\"isQualifiedCertificate\"]/" +
SAML + "AttributeValue";
/** Prefix for Element AttributeValue in an Xpath-expression */
private static String PUBLIC_AUTHORITY_XPATH =
ATTRIBUTESTATEMENT_XPATH +
SAML + "Attribute[@AttributeName=\"isPublicAuthority\"]/" +
SAML + "AttributeValue";
/** Element samlAssertion represents the SAML:Assertion */
private Element samlAssertion;
/**
* Constructor
* @param samlAssertion samlpResponse the <samlp:Response> as a DOM element
*/
public AuthenticationDataAssertionParser(Element samlAssertion) {
this.samlAssertion = samlAssertion;
}
/**
* Parses the <saml:Assertion>.
* @return AuthenticationData object
* @throws ParseException on any error
*/
public AuthenticationData parseAuthenticationData()
throws ParseException {
try {
AuthenticationData authData = new AuthenticationData();
//ÄNDERN: NUR der Identification-Teil
authData.setSamlAssertion(DOMUtils.serializeNode(samlAssertion));
authData.setMajorVersion(new Integer(
XPathUtils.getAttributeValue(samlAssertion, MAJOR_VERSION_XPATH, "-1")).intValue());
authData.setMinorVersion(new Integer(
XPathUtils.getAttributeValue(samlAssertion, MINOR_VERSION_XPATH, "-1")).intValue());
authData.setAssertionID(
XPathUtils.getAttributeValue(samlAssertion, ASSERTION_ID_XPATH, ""));
authData.setIssuer(
XPathUtils.getAttributeValue(samlAssertion, ISSUER_XPATH, ""));
authData.setIssueInstant(
XPathUtils.getAttributeValue(samlAssertion, ISSUE_INSTANT_XPATH, ""));
String pkValue = XPathUtils.getElementValue(samlAssertion, PK_XPATH, "");
if (XPathUtils.getAttributeValue(samlAssertion, NAME_QUALIFIER_XPATH, "").equalsIgnoreCase(URN_PREFIX_BPK)) {
authData.setBPK(pkValue);
} else {
authData.setWBPK(pkValue);
}
authData.setIdentificationValue(
XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_VALUE_XPATH, ""));
authData.setIdentificationType(
XPathUtils.getElementValue(samlAssertion, IDENTIFICATION_TYPE_XPATH, ""));
authData.setGivenName(
XPathUtils.getElementValue(samlAssertion, GIVEN_NAME_XPATH, ""));
authData.setFamilyName(
XPathUtils.getElementValue(samlAssertion, FAMILY_NAME_XPATH, ""));
authData.setDateOfBirth(
XPathUtils.getElementValue(samlAssertion, DATE_OF_BIRTH_XPATH, ""));
authData.setQualifiedCertificate(BoolUtils.valueOf(
XPathUtils.getElementValue(samlAssertion, IS_QUALIFIED_CERT_XPATH, "")));
String publicAuthority =
XPathUtils.getElementValue(samlAssertion, PUBLIC_AUTHORITY_XPATH, null);
if (publicAuthority == null) {
authData.setPublicAuthority(false);
authData.setPublicAuthorityCode("");
}
else {
authData.setPublicAuthority(true);
if (! publicAuthority.equalsIgnoreCase("true"))
authData.setPublicAuthorityCode(publicAuthority);
}
return authData;
}
catch (Throwable t) {
throw new ParseException("parser.01", new Object[] { t.toString() }, t);
}
}
}