package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.stork.VelocityProvider; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import edu.emory.mathcs.backport.java.util.Collections; import eu.stork.peps.auth.commons.*; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.apache.commons.io.IOUtils; import org.apache.velocity.Template; import org.apache.velocity.VelocityContext; import org.apache.velocity.app.VelocityEngine; import org.apache.velocity.runtime.RuntimeConstants; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.*; import java.util.ArrayList; /** * @author bsuzic * Date: 12/3/13, Time: 2:08 PM */ public class AuthenticationRequest implements IAction { /* Second request step - after authentication of the user is done and moasession obtained, process request and forward the user further to PEPS and/or other entities */ private VelocityEngine velocityEngine; public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { Logger.debug("Starting AuthenticationRequest"); //AuthenticationServer.getInstance().startSTORKAuthentication(httpReq, httpResp, moasession); Logger.debug("Http Response: " + httpResp.toString() + ", "); Logger.debug("Remote user: " + httpReq.getRemoteAddr()); Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget()); httpResp.reset(); //httpResp.addHeader("Location", "http:/www.google.com"); if (req instanceof MOASTORKAuthnRequest) { /* Logger.debug("STORK QAA 2 :" + ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getQAALevel()); StartAuthResponse startAuthResponse = getStartAuthResponse(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); HttpSession httpSession = httpReq.getSession(); httpSession.setAttribute("STORKSessionID", "12345"); httpResp.setStatus(startAuthResponse.getHttpStatusCode()); try { ServletOutputStream os = httpResp.getOutputStream(); String html = new String(startAuthResponse.getContent()); if (html.contains(""); html = html.substring(beginIndex + 9, endIndex); startAuthResponse.setContent(html.getBytes()); } Logger.info("HTML : " + html); os.write(startAuthResponse.getContent()); Logger.info("Response sent to client"); } catch (IOException e) { Logger.error("ERROR MOA"); throw new MOAIDException("error response sending", new Object[]{}); } //httpSession.setAttribute("CCC", ccc); */ } //httpResp.setStatus(200); //VPEPSInboundPostHandler // - prepare attribute list PersonalAttributeList attributeList = new PersonalAttributeList(); STORKAuthnResponse authnResponse = new STORKAuthnResponse(); authnResponse.setCountry("AT"); IPersonalAttributeList attrLst = ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getPersonalAttributeList(); Logger.info("Found number of authnreq personal attributes: " + attrLst.size()); try { for (PersonalAttribute personalAttribute : attrLst) { Logger.info("Personal authnreq attribute found: " + personalAttribute.getName() + " status: " + personalAttribute.getStatus() + " isrequired: " + personalAttribute.isRequired() + " type: " + personalAttribute.getType()); if (personalAttribute.getValue().size() > 0) { for (String value : personalAttribute.getValue()) { Logger.info(" Value found: " + value); } } } } catch (Exception e) { Logger.error("Exception, attributes: " + e.getMessage()); } try { IPersonalAttributeList moaAttrList = moasession.getStorkAttributes(); Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size()); for (PersonalAttribute personalAttribute : moaAttrList) { Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus()); if (personalAttribute.getValue().size() > 0) { for (String value : personalAttribute.getValue()) { Logger.info(" Value found: " + value); } } } } catch (Exception e) { Logger.error("Exception, attributes: " + e.getMessage()); } PersonalAttribute newAttribute = new PersonalAttribute(); newAttribute.setName("eIdentifier"); newAttribute.setValue(new ArrayList(Collections.singletonList("xxxxxxxxxxxxxxx"))); attributeList.add(newAttribute); authnResponse.setPersonalAttributeList(attributeList); try { //Get SAMLEngine instance STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); Logger.debug("Starting generation of SAML response"); authnResponse = engine.generateSTORKAuthnResponse(((MOASTORKAuthnRequest)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false); //generateSAML Token Logger.info("SAML response succesfully generated!"); }catch(STORKSAMLEngineException e){ Logger.error("Failed to generate STORK SAML Response", e); throw new MOAIDException("stork.05", null); } Logger.info("STORK SAML Response message succesfully generated "); Logger.debug("STORK response: "); Logger.debug("authn response string: " + authnResponse.toString()); String statusCodeValue = authnResponse.getStatusCode(); Logger.debug("authn status code value: " + statusCodeValue); try { Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // radi Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); } catch (IOException e) { e.printStackTrace(); } try { VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); VelocityContext context = new VelocityContext(); //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString())); //context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml())); context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.encode(context.get("SAMLResponse").toString().getBytes())); Logger.debug("Putting assertion consumer url as action: " + ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); context.put("action", ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); Logger.debug("Starting template merge"); StringWriter writer = new StringWriter(); //PrintWriter pwriter = new StringWriter(); Logger.debug("Doing template merge"); template.merge(context, writer); Logger.debug("Template merge done"); Logger.debug("Sending html content: " + writer.getBuffer().toString()); Logger.debug("Sending html content2 : " + new String(writer.getBuffer())); httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); } catch (Exception e) { Logger.error("Velocity error: " + e.getMessage()); } HttpSession httpSession = httpReq.getSession(); httpSession.setAttribute("STORKSessionID", "12345"); Logger.info("Status code again: " + authnResponse.getStatusCode()); return "12345"; // AssertionId } public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { return true; } public String getDefaultActionName() { return STORKProtocol.AUTHENTICATIONREQUEST; } private void initVelocityEngine() throws Exception { velocityEngine = new VelocityEngine(); velocityEngine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8"); velocityEngine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8"); velocityEngine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath"); velocityEngine.setProperty("classpath.resource.loader.class", "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader"); velocityEngine.init(); } }