/*******************************************************************************
* Copyright 2014 Federal Chancellery Austria
* MOA-ID has been developed in a cooperation between BRZ, the Federal
* Chancellery Austria - ICT staff unit, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
* the European Commission - subsequent versions of the EUPL (the "Licence");
* You may not use this work except in compliance with the Licence.
* You may obtain a copy of the Licence at:
* http://www.osor.eu/eupl/
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the Licence is distributed on an "AS IS" basis,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
*
* This product combines work with different licenses. See the "NOTICE" text
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
******************************************************************************/
/*
* Copyright 2003 Federal Chancellery Austria
* MOA-ID has been developed in a cooperation between BRZ, the Federal
* Chancellery Austria - ICT staff unit, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
* the European Commission - subsequent versions of the EUPL (the "Licence");
* You may not use this work except in compliance with the Licence.
* You may obtain a copy of the Licence at:
* http://www.osor.eu/eupl/
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the Licence is distributed on an "AS IS" basis,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
*
* This product combines work with different licenses. See the "NOTICE" text
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
package at.gv.egovernment.moa.id.auth.invoke;
import javax.xml.namespace.QName;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.auth.exception.ServiceException;
import at.gv.egovernment.moa.id.commons.api.ConnectionParameterInterface;
import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.api.SignatureVerificationService;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
import at.gv.egovernment.moaspss.logging.Logger;
/**
* Invoker of the SignatureVerification
web service of MOA-SPSS.
* Either invokes the web service, or calls the corresponding API, depending on configuration data.
*
* @author Stefan Knirsch
* @version $Id$
*/
public class SignatureVerificationInvoker {
private static SignatureVerificationInvoker instance = null;
private SignatureVerificationService svs = null;
/** This QName Object identifies the SignatureVerification endpoint of the web service */
private static final QName SERVICE_QNAME = new QName("SignatureVerification");
public static SignatureVerificationInvoker getInstance() {
if (instance == null) {
instance = new SignatureVerificationInvoker();
}
return instance;
}
private SignatureVerificationInvoker() {
// try {
// AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
// ConnectionParameterInterface authConnParam = authConfigProvider.getMoaSpConnectionParameter();
// if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
//
//
// } else {
svs = SignatureVerificationService.getInstance();
// }
// } catch (ConfigurationException e) {
// // TODO Auto-generated catch block
// e.printStackTrace();
// }
}
public VerifyCMSSignatureResponse verifyCMSSignature(VerifyCMSSignatureRequest cmsSigVerifyReq) throws ServiceException {
try {
return svs.verifyCMSSignature(cmsSigVerifyReq);
} catch (MOAException e) {
Logger.warn("CMS signature verification has an error.", e);
throw new ServiceException("service.03", new Object[] { e.toString()}, e);
}
}
/**
* Method verifyXMLSignature.
* @param request to be sent
* @return Element with the answer
* @throws ServiceException if an error occurs
*/
public Element verifyXMLSignature(Element request) throws ServiceException {
return doCall(SERVICE_QNAME, request);
}
/**
* Method doCall.
* @param serviceName the name of the service
* @param request the request to be sent
* @return Element the answer
* @throws ServiceException if an error occurs
*/
protected Element doCall(QName serviceName, Element request) throws ServiceException {
ConnectionParameterInterface authConnParam = null;
try {
// AuthConfiguration authConfigProvider = AuthConfigurationProviderFactory.getInstance();
// authConnParam = authConfigProvider.getMoaSpConnectionParameter();
// //If the ConnectionParameter do NOT exist, we try to get the api to work....
// if (authConnParam != null && MiscUtil.isNotEmpty(authConnParam.getUrl())) {
//
// throw new ServiceException("service.00", new Object[]{"MOA-SP connection via Web-Service is not allowed any more!!!!!!"});
//// Service service = ServiceFactory.newInstance().createService(serviceName);
//// Call call = service.createCall();
//// SOAPBodyElement body = new SOAPBodyElement(request);
//// SOAPBodyElement[] params = new SOAPBodyElement[] { body };
//// Vector responses;
//// SOAPBodyElement response;
////
//// Logger.debug("Connecting using auth url: " + authConnParam.getUrl() + ", service " + serviceName.getNamespaceURI() + " : " + serviceName.getLocalPart() + " : "+ serviceName.getPrefix());
//// call.setTargetEndpointAddress(authConnParam.getUrl());
//// responses = (Vector) call.invoke(serviceName, params);
//// Logger.debug("Got responses: " + responses.size()); // TODO handle axis 302 response when incorrect service url is used
//// response = (SOAPBodyElement) responses.get(0);
//// return response.getAsDOM();
// }
// else {
VerifyXMLSignatureRequest vsrequest = new VerifyXMLSignatureRequestParser().parse(request);
VerifyXMLSignatureResponse vsresponse = svs.verifyXMLSignature(vsrequest);
Document result = new VerifyXMLSignatureResponseBuilder(true).build(vsresponse);
//Logger.setHierarchy("moa.id.auth");
return result.getDocumentElement();
// }
}
catch (Exception ex) {
if (authConnParam != null) {
throw new ServiceException("service.00", new Object[] { ex.toString()}, ex);
} else {
throw new ServiceException("service.03", new Object[] { ex.toString()}, ex);
}
}
}
}