///******************************************************************************* // * Copyright 2014 Federal Chancellery Austria // * MOA-ID has been developed in a cooperation between BRZ, the Federal // * Chancellery Austria - ICT staff unit, and Graz University of Technology. // * // * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by // * the European Commission - subsequent versions of the EUPL (the "Licence"); // * You may not use this work except in compliance with the Licence. // * You may obtain a copy of the Licence at: // * http://www.osor.eu/eupl/ // * // * Unless required by applicable law or agreed to in writing, software // * distributed under the Licence is distributed on an "AS IS" basis, // * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // * See the Licence for the specific language governing permissions and // * limitations under the Licence. // * // * This product combines work with different licenses. See the "NOTICE" text // * file for details on the various modules and licenses. // * The "NOTICE" text file is part of the distribution. Any derivative works // * that you distribute must include a readable copy of the "NOTICE" text file. // *******************************************************************************/ //package at.gv.egovernment.moa.id.protocols.pvp2x.verification; // //import java.io.UnsupportedEncodingException; // //import org.opensaml.saml2.core.RequestAbstractType; //import org.opensaml.security.SAMLSignatureProfileValidator; //import org.opensaml.xml.validation.ValidationException; //import org.w3c.dom.Element; // //import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder; //import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse; //import at.gv.egovernment.moa.id.auth.exception.BuildException; //import at.gv.egovernment.moa.id.auth.exception.MOAIDException; //import at.gv.egovernment.moa.id.auth.exception.ParseException; //import at.gv.egovernment.moa.id.auth.exception.ServiceException; //import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker; //import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser; //import at.gv.egovernment.moa.id.config.ConfigurationException; //import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; //import at.gv.egovernment.moa.id.util.XMLUtil; //import at.gv.egovernment.moa.logging.Logger; // //public class SAMLVerifierMOASP implements ISAMLVerifier { // // // //TODO: implement via metadata validator .... // public void verifyRequest(RequestAbstractType request) // throws MOAIDException { // // validate Signature // try { // if (request.isSigned()) { // // String trustProfileID = AuthConfigurationProviderFactory.getInstance() // .getStorkConfig().getSignatureVerificationParameter() // .getTrustProfileID(); // // Logger.trace("Starting validation of Signature references"); // try { // SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator(); // sigValidator.validate(request.getSignature()); // } catch (ValidationException e) { // Logger.error("Validation of XML Signature refrences failed: " // + e.getMessage()); // throw new SecurityException(e); // } // Logger.debug("XML Signature references are OK."); // // Logger.debug("Invoking MOA-SP with TrustProfileID: " // + trustProfileID); // // // builds a for a call of MOA-SP // Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder() // .build(XMLUtil.printXML(request.getDOM()).getBytes("UTF-8"), // trustProfileID); // // Logger.trace("VerifyXMLSignatureRequest for MOA-SP succesfully built"); // // Logger.trace("Calling MOA-SP"); // // invokes the call // Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker() // .verifyXMLSignature(domVerifyXMLSignatureRequest); // // // parses the // VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( // domVerifyXMLSignatureResponse).parseData(); // // Logger.trace("Received VerifyXMLSignatureResponse from MOA-SP"); // // if (verifyXMLSignatureResponse.getSignatureCheckCode() != 0) { // String msg = "Signature of SAMLResponse not valid"; // Logger.error(msg); // throw new SecurityException(msg); // } // // Logger.debug("Signature of SAML response successfully verified"); // // if (verifyXMLSignatureResponse.getCertificateCheckCode() != 0) { // String msg = "Certificate of SAMLResponse not valid"; // Logger.error(msg); // throw new SecurityException(msg); // } // // Logger.debug("Signing certificate of SAML response succesfully verified"); // // } else { // String msg = "SAML Object is not signed."; // throw new SecurityException(msg); // } // // } catch (ConfigurationException e) { // String msg = "Unable to load STORK configuration for STORK SAML Response signature verification."; // Logger.error(msg, e); // throw new SecurityException(msg, e); // } catch (ParseException e) { // String msg = "Unable to parse VerifyXMLSignature Request or Response."; // Logger.error(msg, e); // throw new SecurityException(msg, e); // } catch (BuildException e) { // String msg = "Unable to parse VerifyXMLSignature Request or Response."; // Logger.error(msg, e); // throw new SecurityException(msg, e); // } catch (ServiceException e) { // String msg = "Unable to invoke MOA-SP."; // Logger.error(msg, e); // throw new SecurityException(msg, e); // } catch (UnsupportedEncodingException e) { // String msg = "Unsupported Encoding."; // Logger.error(msg, e); // throw new SecurityException(msg, e); // } // // } // //}