package at.gv.egovernment.moa.id.protocols.stork2; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import eu.stork.peps.auth.commons.*; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.HashMap; /** * Stork 2 Protocol Support * * @author bsuzic */ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { public static final String NAME = STORKProtocol.class.getName(); public static final String PATH = "id_stork2"; public static final String AUTHENTICATIONREQUEST = "AuthenticationRequest"; public static final String ATTRIBUTE_COLLECTOR = "AttributeCollector"; public static final String MANDATERETRIEVALREQUEST = "MandateRetrievalRequest"; private static HashMap actions = new HashMap(); static { actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest()); actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector()); } public String getName() { return NAME; } public String getPath() { return PATH; } public IAction getAction(String action) { return actions.get(action); } public STORKProtocol() { super(); } /* First request step - send it to BKU selection for user authentication. After the user credentials and other info are obtained, in the second step the request will be processed and the user redirected */ public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action) throws MOAIDException { Logger.setHierarchy("moa.id.protocols.stork2"); Logger.debug("Starting preprocessing"); Logger.debug("Request method: " + request.getMethod()); Logger.debug("Request content length: " + request.getContentLength()); Logger.debug("Initiating action: " + action); MOASTORKRequest STORK2Request = new MOASTORKRequest(); if (AttributeCollector.class.getSimpleName().equals(action)) return STORK2Request; //extract STORK Response from HTTP Request byte[] decSamlToken; try { decSamlToken = PEPSUtil.decodeSAMLToken(request.getParameter("SAMLRequest")); } catch (NullPointerException e) { Logger.error("Unable to retrieve STORK Request", e); throw new MOAIDException("stork.04", null); } //Get SAMLEngine instance STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); STORKAuthnRequest authnRequest = null; STORKAttrQueryRequest attrRequest = null; // check if valid authn request is contained try { authnRequest = engine.validateSTORKAuthnRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } catch(ClassCastException e) { // we do not have a authnRequest // check if a valid attr request is container try { attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken); } catch (STORKSAMLEngineException ex) { Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage()); } } // if there is no authn or attr request, raise error if ((authnRequest == null) && (attrRequest == null)) { Logger.error("There is no authentication or attribute request contained."); throw new MOAIDException("stork.14", null); } STORK2Request.setSTORKAuthnRequest(authnRequest); STORK2Request.setSTORKAttrRequest(attrRequest); return STORK2Request; } public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) { return null; } public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest) throws Throwable { return false; } public boolean validate(HttpServletRequest request, HttpServletResponse response, IRequest pending) { return false; } }