/*
* Copyright 2003 Federal Chancellery Austria
* MOA-ID has been developed in a cooperation between BRZ, the Federal
* Chancellery Austria - ICT staff unit, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
* the European Commission - subsequent versions of the EUPL (the "Licence");
* You may not use this work except in compliance with the Licence.
* You may obtain a copy of the Licence at:
* http://www.osor.eu/eupl/
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the Licence is distributed on an "AS IS" basis,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
*
* This product combines work with different licenses. See the "NOTICE" text
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
package at.gv.egovernment.moa.id.auth.data;
import iaik.x509.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
/**
* Session data to be stored between AuthenticationServer API calls.
*
* @author Paul Ivancsics
* @version $Id$
*/
public class AuthenticationSession {
private static String TARGET_PREFIX_ = Constants.URN_PREFIX_CDID + "+";
private static String REGISTERANDORDNR_PREFIX_ = Constants.URN_PREFIX_WBPK + "+";
/**
* session ID
*/
private String sessionID;
/**
* "Geschäftsbereich" the online application belongs to; maybe null
* if the online application is a business application
*/
private String target;
/**
* Friendly name for the target, if target is configured via MOA-ID configuration
*/
private String targetFriendlyName;
/**
* Indicates if target from configuration is used or not
*/
private boolean useTargetFromConfig;
/**
* public online application URL requested
*/
private String oaURLRequested;
/**
* public online application URL prefix
*/
private String oaPublicURLPrefix;
/**
* URL of MOA ID authentication component
*/
private String authURL;
/**
* HTML template URL
*/
private String templateURL;
/**
* URL of the BKU
*/
private String bkuURL;
/**
* Use mandate
*/
private boolean useMandate;
/**
* Reference value for mandate
*/
private String mandateReferenceValue;
/**
* Authentication data for the assertion
*/
private AuthenticationData assertionAuthData;
/**
* Persondata for the assertion
*/
private String assertionPrPerson;
/**
* Authblock for the assertion
*/
private String assertionAuthBlock;
/**
* Identitylink assertion for the (MOA) assertion
*/
private String assertionIlAssertion;
/**
* Signer certificate (base64 encoded) for the assertion
*/
private String assertionSignerCertificateBase64;
/**
* bussiness service for the assertion
*/
boolean assertionBusinessService;
/**
* SessionID for MIS
*/
private String misSessionID;
/**
* identity link read from smartcard
*/
private IdentityLink identityLink;
/**
* authentication block to be signed by the user
*/
private String authBlock;
/**
* timestamp logging when authentication session has been created
*/
private Date timestampStart;
/**
* timestamp logging when identity link has been received
*/
private Date timestampIdentityLink;
/**
* Indicates whether the corresponding online application is a business
* service or not
*/
private boolean businessService;
/**
* Signer certificate of the foreign citizen
*/
private X509Certificate signerCertificate;
/**
* SAML attributes from an extended infobox validation to be appended
* to the SAML assertion delivered to the final online application.
*/
private List extendedSAMLAttributesOA;
/**
* The boolean value for either a target or a wbPK is provided as
* SAML Attribute in the SAML Assertion or not.
*/
private boolean samlAttributeGebeORwbpk;
/**
* SAML attributes from an extended infobox validation to be appended
* to the SAML assertion of the AUTHBlock.
*/
private List extendedSAMLAttributesAUTH;
/**
* The issuing time of the AUTH-Block SAML assertion.
*/
private String issueInstant;
/**
* If infobox validators are needed after signing, they can be stored in
* this list.
*/
private List infoboxValidators;
/**
* The register and number in the register parameter in case of a business
* service application.
*/
private String domainIdentifier;
/**
* This string contains all identifiers of infoboxes, the online application
* is configured to accept. The infobox identifiers are comma separated.
*/
private String pushInfobox;
/**
* Constructor for AuthenticationSession.
*
* @param id Session ID
*/
public AuthenticationSession(String id) {
sessionID = id;
setTimestampStart();
infoboxValidators = new ArrayList();
}
public X509Certificate getForeignSignerCertificate() {
return signerCertificate;
}
public void setForeignSignerCertificate(X509Certificate signerCertificate) {
this.signerCertificate = signerCertificate;
}
/**
* Returns the identityLink.
* @return IdentityLink
*/
public IdentityLink getIdentityLink() {
return identityLink;
}
/**
* Returns the sessionID.
* @return String
*/
public String getSessionID() {
return sessionID;
}
/**
* Sets the identityLink.
* @param identityLink The identityLink to set
*/
public void setIdentityLink(IdentityLink identityLink) {
this.identityLink = identityLink;
}
/**
* Sets the sessionID.
* @param sessionId The sessionID to set
*/
public void setSessionID(String sessionId) {
this.sessionID = sessionId;
}
/**
* Returns the oaURLRequested.
* @return String
*/
public String getOAURLRequested() {
return oaURLRequested;
}
/**
* Returns the oaURLRequested.
* @return String
*/
public String getPublicOAURLPrefix() {
return oaPublicURLPrefix;
}
/**
* Returns the BKU URL.
* @return String
*/
public String getBkuURL() {
return bkuURL;
}
/**
* Returns the target.
* @return String
*/
public String getTarget() {
return target;
}
/**
* Returns the target friendly name.
* @return String
*/
public String getTargetFriendlyName() {
return targetFriendlyName;
}
/**
* Sets the oaURLRequested.
* @param oaURLRequested The oaURLRequested to set
*/
public void setOAURLRequested(String oaURLRequested) {
this.oaURLRequested = oaURLRequested;
}
/**
* Sets the oaPublicURLPrefix
* @param oaPublicURLPrefix The oaPublicURLPrefix to set
*/
public void setPublicOAURLPrefix(String oaPublicURLPrefix) {
this.oaPublicURLPrefix = oaPublicURLPrefix;
}
/**
* Sets the bkuURL
* @param bkuURL The BKU URL to set
*/
public void setBkuURL(String bkuURL) {
this.bkuURL = bkuURL;
}
/**
* Sets the target. If the target includes the target prefix, the prefix will be stripped off.
* @param target The target to set
*/
public void setTarget(String target) {
if (target != null && target.startsWith(TARGET_PREFIX_))
{
// If target starts with prefix "urn:publicid:gv.at:cdid+"; remove prefix
this.target = target.substring(TARGET_PREFIX_.length());
Logger.debug("Target prefix stripped off; resulting target: " + this.target);
}
else
{
this.target = target;
}
}
/**
* Sets the target. If the target includes the target prefix, the prefix will be stripped off.
* @param target The target to set
*/
public void setTargetFriendlyName(String targetFriendlyName) {
this.targetFriendlyName = targetFriendlyName;
}
/**
* Returns the authURL.
* @return String
*/
public String getAuthURL() {
return authURL;
}
/**
* Sets the authURL.
* @param authURL The authURL to set
*/
public void setAuthURL(String authURL) {
this.authURL = authURL;
}
/**
* Returns the authBlock.
* @return String
*/
public String getAuthBlock() {
return authBlock;
}
/**
* Sets the authBlock.
* @param authBlock The authBlock to set
*/
public void setAuthBlock(String authBlock) {
this.authBlock = authBlock;
}
/**
* Returns the timestampIdentityLink.
* @return Date
*/
public Date getTimestampIdentityLink() {
return timestampIdentityLink;
}
/**
* Returns the businessService.
* @return true if the corresponding online application is
* a business application, otherwise false
*/
public boolean getBusinessService() {
return businessService;
}
/**
* Sets the businessService variable.
* @param businessService the value for setting the businessService variable.
*/
public void setBusinessService(boolean businessService) {
this.businessService = businessService;
}
/**
* Returns the timestampStart.
* @return Date
*/
public Date getTimestampStart() {
return timestampStart;
}
/**
* Sets the current date as timestampIdentityLink.
*/
public void setTimestampIdentityLink() {
timestampIdentityLink = new Date();
}
/**
* Sets the current date as timestampStart.
*/
public void setTimestampStart() {
timestampStart = new Date();
}
/**
* @return template URL
*/
public String getTemplateURL() {
return templateURL;
}
/**
* @param string the template URL
*/
public void setTemplateURL(String string) {
templateURL = string;
}
/**
* Returns the SAML Attributes to be appended to the AUTHBlock. Maybe null.
*
* @return The SAML Attributes to be appended to the AUTHBlock. Maybe null.
*/
public List getExtendedSAMLAttributesAUTH() {
return extendedSAMLAttributesAUTH;
}
/**
* Sets the SAML Attributes to be appended to the AUTHBlock.
*
* @param extendedSAMLAttributesAUTH The SAML Attributes to be appended to the AUTHBlock.
*/
public void setExtendedSAMLAttributesAUTH(
List extendedSAMLAttributesAUTH) {
this.extendedSAMLAttributesAUTH = extendedSAMLAttributesAUTH;
}
/**
* Returns the SAML Attributes to be appended to the SAML assertion
* delivered to the online application. Maybe null.
*
* @return The SAML Attributes to be appended to the SAML assertion
* delivered to the online application
*/
public List getExtendedSAMLAttributesOA() {
return extendedSAMLAttributesOA;
}
/**
* Sets the SAML Attributes to be appended to the SAML assertion
* delivered to the online application.
*
* @param extendedSAMLAttributesOA The SAML Attributes to be appended to the SAML
* assertion delivered to the online application.
*/
public void setExtendedSAMLAttributesOA(
List extendedSAMLAttributesOA) {
this.extendedSAMLAttributesOA = extendedSAMLAttributesOA;
}
/**
* Returns the boolean value for either a target or a wbPK is
* provided as SAML Attribute in the SAML Assertion or not.
*
* @return true either a target or a wbPK is provided as SAML Attribute
* in the SAML Assertion or false if not.
*/
public boolean getSAMLAttributeGebeORwbpk() {
return this.samlAttributeGebeORwbpk;
}
/**
* Sets the boolean value for either a target or a wbPK is
* provided as SAML Attribute in the SAML Assertion or not.
*
* @param samlAttributeGebeORwbpk The boolean for value either a target or
* wbPK is provided as SAML Attribute in the SAML Assertion or not.
*/
public void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk) {
this.samlAttributeGebeORwbpk = samlAttributeGebeORwbpk;
}
/**
* Returns the issuing time of the AUTH-Block SAML assertion.
*
* @return The issuing time of the AUTH-Block SAML assertion.
*/
public String getIssueInstant() {
return issueInstant;
}
/**
* Sets the issuing time of the AUTH-Block SAML assertion.
*
* @param issueInstant The issueInstant to set.
*/
public void setIssueInstant(String issueInstant) {
this.issueInstant = issueInstant;
}
/**
* Returns the iterator to the stored infobox validators.
* @return Iterator
*/
public Iterator getInfoboxValidatorIterator() {
if (infoboxValidators==null) return null;
return infoboxValidators.iterator();
}
/**
* Adds an infobox validator class to the stored infobox validators.
* @param infoboxIdentifier the identifier of the infobox the validator belongs to
* @param infoboxFriendlyName the friendly name of the infobox
* @param infoboxValidator the infobox validator to add
*/
public Iterator addInfoboxValidator(String infoboxIdentifier, String infoboxFriendlyName, InfoboxValidator infoboxValidator) {
if (infoboxValidators==null) infoboxValidators = new ArrayList();
Vector v = new Vector(3);
v.add(infoboxIdentifier);
v.add(infoboxFriendlyName);
v.add(infoboxValidator);
infoboxValidators.add(v);
return infoboxValidators.iterator();
}
/**
* Tests for pending input events of the infobox validators.
* @return true if a validator has a form to show
*/
public boolean isValidatorInputPending() {
boolean result = false;
Iterator iter = getInfoboxValidatorIterator();
if (iter != null) {
while (!result && iter.hasNext()) {
Vector infoboxValidatorVector = (Vector) iter.next();
InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector.get(2);
if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) result=true;
}
}
return result;
}
/**
* Returns the first pending infobox validator.
* @return the infobox validator class
*/
public InfoboxValidator getFirstPendingValidator() {
Iterator iter = getInfoboxValidatorIterator();
if (iter != null) {
while (iter.hasNext()) {
Vector infoboxValidatorVector = (Vector) iter.next();
InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector.get(2);
String form = infoboxvalidator.getForm();
if (!ParepUtils.isEmpty(form)) return infoboxvalidator;
}
}
return null;
}
/**
* Returns the input form of the first pending infobox validator input processor.
* @return the form to show
*/
public String getFirstValidatorInputForm() {
Iterator iter = getInfoboxValidatorIterator();
if (iter != null) {
while (iter.hasNext()) {
Vector infoboxValidatorVector = (Vector) iter.next();
InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector.get(2);
String form = infoboxvalidator.getForm();
if (!ParepUtils.isEmpty(form)) return form;
}
}
return null;
}
/**
* Returns domain identifier (the register and number in the register parameter).
* null in the case of not a business service.
*
* @return the domainIdentifier
*/
public String getDomainIdentifier() {
return domainIdentifier;
}
/**
* Sets the register and number in the register parameter if the application
* is a business service.
* If the domain identifier includes the registerAndOrdNr prefix, the prefix
* will be stripped off.
*
* @param domainIdentifier the domain identifier to set
*/
public void setDomainIdentifier(String domainIdentifier) {
if (domainIdentifier != null && domainIdentifier.startsWith(REGISTERANDORDNR_PREFIX_))
{
// If domainIdentifier starts with prefix "urn:publicid:gv.at:wbpk+"; remove this prefix
this.domainIdentifier = domainIdentifier.substring(REGISTERANDORDNR_PREFIX_.length());
Logger.debug("Register and ordernumber prefix stripped off; resulting register string: " + this.domainIdentifier);
}
else
{
this.domainIdentifier = domainIdentifier;
}
}
/**
* Gets all identifiers of infoboxes, the online application
* is configured to accept. The infobox identifiers are comma separated.
*
* @return the string containing infobox identifiers
*/
public String getPushInfobox() {
if (pushInfobox==null) return "";
return pushInfobox;
}
/**
* @param pushInfobox the infobox identifiers to set (comma separated)
*/
public void setPushInfobox(String pushInfobox) {
this.pushInfobox = pushInfobox;
}
/**
*
* @param useMandate indicates if mandate is used or not
*/
public void setUseMandate(String useMandate) {
if (useMandate.compareToIgnoreCase("true") == 0)
this.useMandate = true;
else
this.useMandate = false;
}
/**
* Returns if mandate is used or not
* @return
*/
public boolean getUseMandate() {
return this.useMandate;
}
/**
*
* @param useTargetFromConfig indicates if target from config is used or not
*/
public void setUseTargetFromConfig(boolean useTargetFromConfig) {
this.useTargetFromConfig = useTargetFromConfig;
}
/**
* Returns if target is used from mandate or not
* @return
*/
public boolean getUseTargetFromConfig() {
return this.useTargetFromConfig;
}
/**
*
* @param misSessionID indicates the MIS session ID
*/
public void setMISSessionID(String misSessionID) {
this.misSessionID = misSessionID;
}
/**
* Returns the MIS session ID
* @return
*/
public String getMISSessionID() {
return this.misSessionID;
}
/**
* @return the assertionAuthData
*/
public AuthenticationData getAssertionAuthData() {
return assertionAuthData;
}
/**
* @param assertionAuthData the assertionAuthData to set
*/
public void setAssertionAuthData(AuthenticationData assertionAuthData) {
this.assertionAuthData = assertionAuthData;
}
/**
* @return the assertionPrPerson
*/
public String getAssertionPrPerson() {
return assertionPrPerson;
}
/**
* @param assertionPrPerson the assertionPrPerson to set
*/
public void setAssertionPrPerson(String assertionPrPerson) {
this.assertionPrPerson = assertionPrPerson;
}
/**
* @return the assertionAuthBlock
*/
public String getAssertionAuthBlock() {
return assertionAuthBlock;
}
/**
* @param assertionAuthBlock the assertionAuthBlock to set
*/
public void setAssertionAuthBlock(String assertionAuthBlock) {
this.assertionAuthBlock = assertionAuthBlock;
}
/**
* @return the assertionIlAssertion
*/
public String getAssertionIlAssertion() {
return assertionIlAssertion;
}
/**
* @param assertionIlAssertion the assertionIlAssertion to set
*/
public void setAssertionIlAssertion(String assertionIlAssertion) {
this.assertionIlAssertion = assertionIlAssertion;
}
/**
* @return the assertionSignerCertificateBase64
*/
public String getAssertionSignerCertificateBase64() {
return assertionSignerCertificateBase64;
}
/**
* @param assertionSignerCertificateBase64 the assertionSignerCertificateBase64 to set
*/
public void setAssertionSignerCertificateBase64(String assertionSignerCertificateBase64) {
this.assertionSignerCertificateBase64 = assertionSignerCertificateBase64;
}
/**
* @return the assertionBusinessService
*/
public boolean getAssertionBusinessService() {
return assertionBusinessService;
}
/**
* @param assertionBusinessService the assertionBusinessService to set
*/
public void setAssertionBusinessService(boolean assertionBusinessService) {
this.assertionBusinessService = assertionBusinessService;
}
/**
* @return the mandateReferenceValue
*/
public String getMandateReferenceValue() {
return mandateReferenceValue;
}
/**
* @param mandateReferenceValue the mandateReferenceValue to set
*/
public void setMandateReferenceValue(String mandateReferenceValue) {
this.mandateReferenceValue = mandateReferenceValue;
}
}