/******************************************************************************* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. ******************************************************************************/ /* * Copyright 2003 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ package at.gv.egovernment.moa.id.proxy.invoke; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; import java.util.Vector; import javax.xml.namespace.QName; import javax.xml.rpc.Call; import javax.xml.rpc.Service; import javax.xml.rpc.ServiceFactory; import org.apache.axis.message.SOAPBodyElement; import org.w3c.dom.Element; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ParseException; import at.gv.egovernment.moa.id.auth.exception.ServiceException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.legacy.ConnectionParameter; import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.data.SAMLStatus; import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData; import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder; import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser; import at.gv.egovernment.moa.id.proxy.servlet.ProxyException; import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; /** * Invoker of * * depending of the configuration. * * @author Paul Ivancsics * @version $Id$ */ public class GetAuthenticationDataInvoker { /** Create a new QName object for the webservice endpoint */ private static final QName SERVICE_QNAME = new QName("GetAuthenticationData"); /** invoked object for API call of MOA-ID Auth */ private static Object apiServer = null; /** invoked method for API call of MOA-ID Auth */ private static Method apiMethod = null; /** * Invokes the service passing domain model objects. * @param samlArtifact SAML artifact * @return AuthenticationData object * @throws ServiceException on any exception thrown */ /** * Get authentication data from the MOA-ID Auth component, * either via API call or via web service call. * @param samlArtifact SAML artifact to be used as a parameter * @return AuthenticationData * @throws MOAIDException */ public SAML1AuthenticationData getAuthenticationData(String samlArtifact) throws MOAIDException { ConnectionParameter authConnParam = ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter(); //Removed for MOA-ID 2.x // if (authConnParam == null) { // try { // if (apiServer == null) { // Class serverClass = Class.forName("at.gv.egovernment.moa.id.auth.AuthenticationServer"); // Method getInstanceMethod = serverClass.getMethod("getInstance", (Class[]) null); // apiServer = getInstanceMethod.invoke(null, (Object[]) null); // apiMethod = serverClass.getMethod( // "getAuthenticationData", new Class[] {String.class}); // } // AuthenticationData authData = (AuthenticationData)apiMethod.invoke(apiServer, new Object[] {samlArtifact}); // return authData; // } // catch (InvocationTargetException ex) { // Throwable targetEx = ex.getTargetException(); // if (targetEx instanceof AuthenticationException) // throw (AuthenticationException) targetEx; // else // throw new ProxyException("proxy.09", new Object[] {targetEx.toString()}); // } // catch (Throwable ex) { // throw new ProxyException("proxy.09", new Object[] {ex.toString()}); // } // } // else { Element samlpRequest = new SAMLRequestBuilder().build(Random.nextRandom(), samlArtifact); Element samlpResponse = getAuthenticationData(samlpRequest); SAMLResponseParser srp = new SAMLResponseParser(samlpResponse); SAMLStatus status = srp.parseStatusCode(); if (! "samlp:Success".equals(status.getStatusCode())) { if ("samlp:Responder".equals(status.getStatusCode())) { Logger.info("MOA-ID authentication process failed."); String code = status.getStatusCode(); if (status.getSubStatusCode() != null && status.getSubStatusCode().length() > 0) code += "(" + status.getSubStatusCode() + ")"; throw new MOAIDException("proxy.17", new Object[] {status.getStatusMessage()}); } else { // on error status throw exception String code = status.getStatusCode(); if (status.getSubStatusCode() != null && status.getSubStatusCode().length() > 0) code += "(" + status.getSubStatusCode() + ")"; throw new ServiceException("service.02", new Object[] {code, status.getStatusMessage()}); } } return srp.parseAuthenticationData(); // } } /** * Invokes the service passing DOM elements. * @param request request DOM element * @return response DOM element * @throws ServiceException on any exception thrown */ public Element getAuthenticationData(Element request) throws ServiceException { try { Service service = ServiceFactory.newInstance().createService(SERVICE_QNAME); Call call = service.createCall(); SOAPBodyElement body = new SOAPBodyElement(request); SOAPBodyElement[] params = new SOAPBodyElement[] {body}; Vector responses; SOAPBodyElement response; String endPoint; ConnectionParameter authConnParam = ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter(); //If the ConnectionParameter do NOT exist, we throw an exception .... if (authConnParam!=null) { endPoint = authConnParam.getUrl(); call.setTargetEndpointAddress(endPoint); responses = (Vector) call.invoke(SERVICE_QNAME, params); response = (SOAPBodyElement) responses.get(0); return response.getAsDOM(); } else { throw new ServiceException("service.01", null); } } catch (Exception ex) { throw new ServiceException("service.00", new Object[] {ex.toString()}, ex); } } }