/*******************************************************************************
* Copyright 2014 Federal Chancellery Austria
* MOA-ID has been developed in a cooperation between BRZ, the Federal
* Chancellery Austria - ICT staff unit, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
* the European Commission - subsequent versions of the EUPL (the "Licence");
* You may not use this work except in compliance with the Licence.
* You may obtain a copy of the Licence at:
* http://www.osor.eu/eupl/
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the Licence is distributed on an "AS IS" basis,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
*
* This product combines work with different licenses. See the "NOTICE" text
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
******************************************************************************/
/*
* Copyright 2003 Federal Chancellery Austria
* MOA-ID has been developed in a cooperation between BRZ, the Federal
* Chancellery Austria - ICT staff unit, and Graz University of Technology.
*
* Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
* the European Commission - subsequent versions of the EUPL (the "Licence");
* You may not use this work except in compliance with the Licence.
* You may obtain a copy of the Licence at:
* http://www.osor.eu/eupl/
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the Licence is distributed on an "AS IS" basis,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the Licence for the specific language governing permissions and
* limitations under the Licence.
*
* This product combines work with different licenses. See the "NOTICE" text
* file for details on the various modules and licenses.
* The "NOTICE" text file is part of the distribution. Any derivative works
* that you distribute must include a readable copy of the "NOTICE" text file.
*/
package at.gv.egovernment.moa.id.proxy.invoke;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.Vector;
import javax.xml.namespace.QName;
import javax.xml.rpc.Call;
import javax.xml.rpc.Service;
import javax.xml.rpc.ServiceFactory;
import org.apache.axis.message.SOAPBodyElement;
import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.exception.ServiceException;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.legacy.ConnectionParameter;
import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.id.data.SAMLStatus;
import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData;
import at.gv.egovernment.moa.id.proxy.builder.SAMLRequestBuilder;
import at.gv.egovernment.moa.id.proxy.parser.SAMLResponseParser;
import at.gv.egovernment.moa.id.proxy.servlet.ProxyException;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.logging.Logger;
/**
* Invoker of
*
* - either the GetAuthenticationData web service of MOA-ID Auth
* - or the API call {@link at.gv.egovernment.moa.id.auth.AuthenticationServer#getAuthenticationData},
*
* depending of the configuration.
*
* @author Paul Ivancsics
* @version $Id$
*/
public class GetAuthenticationDataInvoker {
/** Create a new QName object for the webservice endpoint */
private static final QName SERVICE_QNAME = new QName("GetAuthenticationData");
/** invoked object for API call of MOA-ID Auth */
private static Object apiServer = null;
/** invoked method for API call of MOA-ID Auth */
private static Method apiMethod = null;
/**
* Invokes the service passing domain model objects.
* @param samlArtifact SAML artifact
* @return AuthenticationData object
* @throws ServiceException on any exception thrown
*/
/**
* Get authentication data from the MOA-ID Auth component,
* either via API call or via web service call.
* @param samlArtifact SAML artifact to be used as a parameter
* @return AuthenticationData
* @throws MOAIDException
*/
public SAML1AuthenticationData getAuthenticationData(String samlArtifact)
throws MOAIDException {
ConnectionParameter authConnParam =
ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter();
//Removed for MOA-ID 2.x
// if (authConnParam == null) {
// try {
// if (apiServer == null) {
// Class serverClass = Class.forName("at.gv.egovernment.moa.id.auth.AuthenticationServer");
// Method getInstanceMethod = serverClass.getMethod("getInstance", (Class[]) null);
// apiServer = getInstanceMethod.invoke(null, (Object[]) null);
// apiMethod = serverClass.getMethod(
// "getAuthenticationData", new Class[] {String.class});
// }
// AuthenticationData authData = (AuthenticationData)apiMethod.invoke(apiServer, new Object[] {samlArtifact});
// return authData;
// }
// catch (InvocationTargetException ex) {
// Throwable targetEx = ex.getTargetException();
// if (targetEx instanceof AuthenticationException)
// throw (AuthenticationException) targetEx;
// else
// throw new ProxyException("proxy.09", new Object[] {targetEx.toString()});
// }
// catch (Throwable ex) {
// throw new ProxyException("proxy.09", new Object[] {ex.toString()});
// }
// }
// else {
Element samlpRequest = new SAMLRequestBuilder().build(Random.nextRandom(), samlArtifact);
Element samlpResponse = getAuthenticationData(samlpRequest);
SAMLResponseParser srp = new SAMLResponseParser(samlpResponse);
SAMLStatus status = srp.parseStatusCode();
if (! "samlp:Success".equals(status.getStatusCode())) {
if ("samlp:Responder".equals(status.getStatusCode())) {
Logger.info("MOA-ID authentication process failed.");
String code = status.getStatusCode();
if (status.getSubStatusCode() != null && status.getSubStatusCode().length() > 0)
code += "(" + status.getSubStatusCode() + ")";
throw new MOAIDException("proxy.17", new Object[] {status.getStatusMessage()});
} else {
// on error status throw exception
String code = status.getStatusCode();
if (status.getSubStatusCode() != null && status.getSubStatusCode().length() > 0)
code += "(" + status.getSubStatusCode() + ")";
throw new ServiceException("service.02", new Object[] {code, status.getStatusMessage()});
}
}
return srp.parseAuthenticationData();
// }
}
/**
* Invokes the service passing DOM elements.
* @param request request DOM element
* @return response DOM element
* @throws ServiceException on any exception thrown
*/
public Element getAuthenticationData(Element request) throws ServiceException {
try {
Service service = ServiceFactory.newInstance().createService(SERVICE_QNAME);
Call call = service.createCall();
SOAPBodyElement body =
new SOAPBodyElement(request);
SOAPBodyElement[] params = new SOAPBodyElement[] {body};
Vector responses;
SOAPBodyElement response;
String endPoint;
ConnectionParameter authConnParam =
ProxyConfigurationProvider.getInstance().getAuthComponentConnectionParameter();
//If the ConnectionParameter do NOT exist, we throw an exception ....
if (authConnParam!=null) {
endPoint = authConnParam.getUrl();
call.setTargetEndpointAddress(endPoint);
responses = (Vector) call.invoke(SERVICE_QNAME, params);
response = (SOAPBodyElement) responses.get(0);
return response.getAsDOM();
}
else
{
throw new ServiceException("service.01", null);
}
}
catch (Exception ex) {
throw new ServiceException("service.00", new Object[] {ex.toString()}, ex);
}
}
}