/* * Copyright 2014 Federal Chancellery Austria * MOA-ID has been developed in a cooperation between BRZ, the Federal * Chancellery Austria - ICT staff unit, and Graz University of Technology. * * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by * the European Commission - subsequent versions of the EUPL (the "Licence"); * You may not use this work except in compliance with the Licence. * You may obtain a copy of the Licence at: * http://www.osor.eu/eupl/ * * Unless required by applicable law or agreed to in writing, software * distributed under the Licence is distributed on an "AS IS" basis, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the Licence for the specific language governing permissions and * limitations under the Licence. * * This product combines work with different licenses. See the "NOTICE" text * file for details on the various modules and licenses. * The "NOTICE" text file is part of the distribution. Any derivative works * that you distribute must include a readable copy of the "NOTICE" text file. */ package at.gv.egovernment.moa.id.storage; import java.util.Date; import java.util.List; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface; import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionAttributeExtractorExeption; import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor; import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession; import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore; import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException; /** * @author tlenz * */ public interface IAuthenticationSessionStoreage { /** * Create a new MOA SSO-Session object in database * The SSO session object get populated with eID information from pending request * * @param target Pending Request which is associated with this MOASession * @return MOASession object * @throws MOADatabaseException MOASession storage operation FAILED * @throws BuildException MOASession encryption FAILED */ public AuthenticationSession createInternalSSOSession(IRequest target) throws MOADatabaseException, BuildException; /** * Get a MOASession with sessionID * * @param internalSsoSessionID Internal MOA SSO-Session identifier * @return MOASession, or null if no session exists with this ID * @throws MOADatabaseException MOASession load operation FAILED */ public AuthenticationSession getInternalSSOSession(String internalSsoSessionID) throws MOADatabaseException; /** * Get the session-data extension-object for a MOASession * * @param internalSsoSessionID Internal MOA SSO-Session identifier * @return AuthenticationSessionExtensions, or null if no session exists with this ID or extensionobject is null * @throws MOADatabaseException MOASession load operation FAILED */ public AuthenticationSessionExtensions getAuthenticationSessionExtensions(String internalSsoSessionID) throws MOADatabaseException; /** * Store a session-data extension-object to MOASession * * @param internalSsoSessionID Internal MOA SSO-Session identifier * @param sessionExtensions AuthenticationSessionExtensions object * @throws MOADatabaseException MOASession storage operation FAILED */ public void setAuthenticationSessionExtensions(String internalSsoSessionID, AuthenticationSessionExtensions sessionExtensions) throws MOADatabaseException; /** * Delete a MOASession * * @param internalSsoSessionID Internal MOA SSO-Session identifier * @throws MOADatabaseException MOASession delete operation FAILED */ public void destroyInternalSSOSession(String internalSsoSessionID) throws MOADatabaseException; /** * Set the isAuthenticated flag to MOASession * * @param internalSsoSessionID Internal MOA SSO-Session identifier * @param isAuthenticated Is authenticated flag (true/false) */ public void setAuthenticated(String internalSsoSessionID, boolean isAuthenticated); /** * Find the internal SSO session identifier of an active Single Sign-On session * * @param externelSSOId external Single Sign-On sessionID * @return internal SSO-Session identifier * @throws MOADatabaseException */ public String getInternalSSOSessionWithSSOID(String externelSSOId) throws MOADatabaseException; /** * Check if a MOASession is an active Single Sign-On session * * @param sessionID SessionID which corresponds to a MOASession * @return true, if the MOASession is a SSO session, otherwise false * @throws MOADatabaseException MOASession load operation FAILED */ public boolean isSSOSession(String sessionID) throws MOADatabaseException; /** * @param SSOId * @return */ public AuthenticatedSessionStore isValidSessionWithSSOID(String SSOId); /** * Add Single Sign-On processing information to a MOASession. * This processing information is required to execute a Single Log-Out process * * @param moaSessionID SessionID which corresponds to a MOASession * @param SSOSessionID Single Sign-On sessionID * @param SLOInfo Data object with Single LogOut information * @param protocolRequest Protocol-request object of the authentication request * @throws AuthenticationException Single Sign-On information store operation FAILED */ public void addSSOInformation(String moaSessionID, String SSOSessionID, SLOInformationInterface SLOInfo, IRequest protocolRequest) throws AuthenticationException; /** * Get all Single Sign-On authenticated Service-Provider of a MOASession * * @param ssoSessionId SSO session id * @return List of Service-Provider information */ public List getAllActiveOAFromMOASession(String ssoSessionId); /** * Get all active interfederation connections for a MOASession * * @param ssoSessionId SSO session id * @return List of Interfederation-IDP information */ public List getAllActiveIDPsFromMOASession(String ssoSessionId); /** * Search a SSO session by using already transfered authentication information * * @param oaID Service-Provider identifier, which has received the authentication information * @param userNameID UserId (bPK), which was send to this Service-Provider * @return SSO-session identifier, or null if no corresponding SSO session is found */ public String searchSSOSessionWithNameIDandOAID(String oaID, String userNameID); /** * Search a active Single Sign-On session for a specific Service-Provider * * @param moaSession MOASession data object * @param oaID Service-Provider identifier, which has received the authentication information * @param protocolType Authentication protocol, which was used for SSO from this Service-Provider * @return Internal Single Sign-On information for this Service-Provider */ public OASessionStore searchActiveOASSOSession(IAuthenticationSession moaSession, String oaID, String protocolType); /** * Search a active MOASession with a userID * * @param nameID UserID (bPK) * @return MOASession, or null if no corresponding MOASession is found */ public IAuthenticationSession getSessionWithUserNameID(String nameID); /** * Search an active federation IDP which could be used for federated Single Sign-On * * @param sessionID SessionID which corresponds to a MOASession * @return Information of the federated IDP, or null if no active federated IDP is found */ public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String sessionID); /** * Get information to an active federated IDP of MOASession * * @param sessionID SessionID which corresponds to a MOASession * @param idpID Unique identifier of the federated IDP * @return Information of the federated IDP, or null if no active federated IDP is found */ public InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASessionIDPID(String sessionID, String idpID); /** * Add information of the federated IDP to MOASession * * @param req Pending request of the service-provider request, never null * @param idpEntityID The SAML2 EntityID of the federated IDP, never null * @param extractor AssertionAttributeExtractor which holds the SAML2 response of the federated IDP, never null * @throws MOADatabaseException * @throws AssertionAttributeExtractorExeption * @throws BuildException * @throws EAAFConfigurationException */ public void addFederatedSessionInformation(IRequest req, String idpEntityID, AssertionAttributeExtractor extractor) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException, EAAFConfigurationException; /** * Search an active federation IDP which could be used for federated Single Sign-On by using an AttributeQuery * * @param moaSessionID ID of a active MOASession * @return Information of the federated IDP, or null if no active federated IDP is found */ public InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(String moaSessionID); /** * Remove an active federation IDP from MOASession * * @param entityID Unique identifier of the federated IDP * @param pedingRequestID * @return true if the federated IDP could be remove, otherwise false */ @Deprecated public boolean removeInterfederetedSession(String entityID, String pedingRequestID); /** * Clean all MOASessions which has a timeOut * * @param now Current Time * @param authDataTimeOutCreated timeOut after MOASession is created [ms] * @param authDataTimeOutUpdated timeOut after MOASession is updated last time [ms] */ public void clean(Date now, long authDataTimeOutCreated, long authDataTimeOutUpdated); /** * @param session * @param oaurl * @param requestedModule */ public void markOAWithAttributeQueryUsedFlag(IAuthenticationSession session, String oaurl, String requestedModule); /** * @param nextIDPInformation */ public void deleteIdpInformation(InterfederationSessionStore nextIDPInformation); /** * @param nextIDPInformation */ public void persistIdpInformation(InterfederationSessionStore nextIDPInformation); /** * @param ssoId * @return */ public OldSSOSessionIDStore checkSSOTokenAlreadyUsed(String ssoId); }