package at.gv.egovernment.moa.id.commons; import java.util.Arrays; import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters; import iaik.asn1.ObjectID; /** * Constants used throughout moa-id-auth component. * * @author Paul Ivancsics * @version $Id$ */ public class MOAIDAuthConstants extends MOAIDConstants{ /** servlet parameter "Target" */ public static final String PARAM_TARGET = "Target"; /** servlet parameter "useMandate" */ public static final String PARAM_USEMANDATE = "useMandate"; public static final String PARAM_USEMISMANDATE = "useMISMandate"; public static final String PARAM_USEELGAMANDATE = "useELGAMandate"; /** servlet parameter "OA" */ public static final String PARAM_OA = "OA"; /** servlet parameter "bkuURI" */ public static final String PARAM_BKU = "bkuURI"; public static final String PARAM_MODUL = "MODUL"; public static final String PARAM_ACTION = "ACTION"; public static final String PARAM_SSO = "SSO"; public static final String INTERFEDERATION_IDP = "interIDP"; public static final String PARAM_SLOSTATUS = "status"; public static final String PARAM_SLORESTART = "restart"; public static final String SLOSTATUS_SUCCESS = "success"; public static final String SLOSTATUS_ERROR = "error"; /** servlet parameter "sourceID" */ public static final String PARAM_SOURCEID = "sourceID"; /** servlet parameter "BKUSelectionTemplate" */ public static final String PARAM_BKUTEMPLATE = "BKUSelectionTemplate"; /** servlet parameter "CCC (Citizen Country Code)" */ public static final String PARAM_CCC = "CCC"; /** servlet parameter "BKUSelectionTemplate" */ public static final String PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE = "InputProcessorSignTemplate"; /** default BKU URL */ public static final String DEFAULT_BKU = "http://localhost:3495/http-security-layer-request"; /** default BKU URL for https connections*/ public static final String DEFAULT_BKU_HTTPS = "https://127.0.0.1:3496/https-security-layer-request"; /** servlet parameter "returnURI" */ public static final String PARAM_RETURN = "returnURI"; /** servlet parameter "Template" */ public static final String PARAM_TEMPLATE = "Template"; /** servlet parameter "MOASessionID" */ public static final String PARAM_SESSIONID = "MOASessionID"; /** servlet parameter "XMLResponse" */ public static final String PARAM_XMLRESPONSE = "XMLResponse"; /** servlet parameter "SAMLArtifact" */ public static final String PARAM_SAMLARTIFACT = "SAMLArtifact"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.StartAuthenticationServlet} is mapped to */ public static final String REQ_START_AUTHENTICATION = "StartAuthentication"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet} is mapped to */ public static final String REQ_VERIFY_IDENTITY_LINK = "VerifyIdentityLink"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet} is mapped to */ public static final String REQ_GET_FOREIGN_ID = "GetForeignID"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet} is mapped to */ public static final String REQ_VERIFY_CERTIFICATE = "VerifyCertificate"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet} is mapped to */ public static final String GET_MIS_SESSIONID = "GetMISSessionID"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet} is mapped to */ public static final String REQ_PROCESS_VALIDATOR_INPUT = "ProcessInput"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet} is mapped to */ public static final String REQ_VERIFY_AUTH_BLOCK = "VerifyAuthBlock"; /** Logging hierarchy used for controlling debug output of XML structures to files */ public static final String DEBUG_OUTPUT_HIERARCHY = "moa.id.auth"; /** Header Name for controlling the caching mechanism of the browser */ public static final String HEADER_EXPIRES = "Expires"; /** Header Value for controlling the caching mechanism of the browser */ public static final String HEADER_VALUE_EXPIRES = "Sat, 6 May 1995 12:00:00 GMT"; /** Header Name for controlling the caching mechanism of the browser */ public static final String HEADER_PRAGMA = "Pragma"; /** Header Value for controlling the caching mechanism of the browser */ public static final String HEADER_VALUE_PRAGMA = "no-cache"; /** Header Name for controlling the caching mechanism of the browser */ public static final String HEADER_CACHE_CONTROL = "Cache-control"; /** Header Value for controlling the caching mechanism of the browser */ public static final String HEADER_VALUE_CACHE_CONTROL = "no-store, no-cache, must-revalidate"; /** Header Value for controlling the caching mechanism of the browser */ public static final String HEADER_VALUE_CACHE_CONTROL_IE = "post-check=0, pre-check=0"; /** * the identity link signer X509Subject names of those identity link signer certificates * not including the identity link signer OID. The authorisation for signing the identity * link must be checked by using their issuer names. After february 19th 2007 the OID of * the certificate will be used fo checking the authorisation for signing identity links. */ public static final String[] IDENTITY_LINK_SIGNERS_WITHOUT_OID = new String[] {"T=Dr.,CN=Nikolaus Schwab,O=BM f. Inneres i.A. des gf. Mitgieds der Datenschutzkommission", "T=Dr.,CN=Nikolaus Schwab,O=BM f. Inneres i.A. des gf. Mitglieds der Datenschutzkommission"}; /** the number of the certifcate extension "Eigenschaft zur Ausstellung von Personenbindungen" */ public static final String IDENTITY_LINK_SIGNER_OID_NUMBER = "1.2.40.0.10.1.7.1"; /** * the OID of the identity link signer certificate (Eigenschaft zur Ausstellung von Personenbindungen); * used for checking the authorisation for signing the identity link for identity links signed after february 19th 2007 */ public static final ObjectID IDENTITY_LINK_SIGNER_OID = new ObjectID(IDENTITY_LINK_SIGNER_OID_NUMBER); /** the number of the certifcate extension for party representatives */ public static final String PARTY_REPRESENTATION_OID_NUMBER = "1.2.40.0.10.3"; // /** the number of the certifcate extension for party organ representatives */ // public static final String PARTY_ORGAN_REPRESENTATION_OID_NUMBER = PARTY_REPRESENTATION_OID_NUMBER + ".10"; /** OW */ public static final String OW_ORGANWALTER = PARTY_REPRESENTATION_OID_NUMBER + ".4"; /** List of OWs */ public static final List OW_LIST = Arrays.asList( new ObjectID(OW_ORGANWALTER)); public static final List REQ_BKU_TYPES = Arrays.asList( IOAAuthParameters.HANDYBKU, IOAAuthParameters.LOCALBKU, IOAAuthParameters.THIRDBKU, IOAAuthParameters.ONLINEBKU); public static final List LEGACYPARAMETERWHITELIST = Arrays.asList(PARAM_TARGET, PARAM_BKU, PARAM_OA, PARAM_TEMPLATE, PARAM_USEMANDATE, PARAM_CCC, PARAM_SOURCEID); public final static String EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION = "OIDTextualDescription"; public final static String EXT_SAML_MANDATE_OID = "OID"; public final static String EXT_SAML_MANDATE_RAW = "Mandate"; public final static String EXT_SAML_MANDATE_NAME = "MandatorName"; public final static String EXT_SAML_MANDATE_DOB = "MandatorDateOfBirth"; public final static String EXT_SAML_MANDATE_WBPK = "MandatorWbpk"; public final static String EXT_SAML_MANDATE_REPRESENTATIONTYPE = "RepresentationType"; public final static String EXT_SAML_MANDATE_REPRESENTATIONTEXT = "Vollmachtsvertreter"; public final static String EXT_SAML_MANDATE_CB_BASE_ID = "MandatorDomainIdentifier"; public static final String PARAM_APPLET_HEIGTH = "heigth"; public static final String PARAM_APPLET_WIDTH = "width"; public static final Map COUNTRYCODE_XX_TO_NAME = Collections.unmodifiableMap(new HashMap() { private static final long serialVersionUID = 1L; { put("AT", "Other Countries");//"Workaround for PEPS Simulator" put("BE", "België/Belgique"); //put("CH", "Schweiz"); put("EE", "Eesti"); put("ES", "España"); put("FI", "Suomi"); put("IS", "Ísland"); put("IT", "Italia"); put("LI", "Liechtenstein"); put("LT", "Lithuania"); put("LU", "Luxemburg"); put("PT", "Portugal"); put("SE", "Sverige"); put("SI", "Slovenija"); } }); public static final String COUNTRYCODE_AUSTRIA = "AT"; public static final String REGEX_PATTERN_TARGET = "^[A-Za-z]{2}(-.*)?$"; //AuthnRequest IssueInstant validation public static final int TIME_JITTER = 5; //all 5 minutes time jitter //General MOASession data-store keys //public static final String MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE = "holderofkey_cert"; //Process context keys public static final String PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH = "interfederationAuthentication"; public static final String PROCESSCONTEXT_REQUIRELOCALAUTHENTICATION = "requireLocalAuthentication"; public static final String PROCESSCONTEXT_PERFORM_BKUSELECTION = "performBKUSelection"; public static final String PROCESSCONTEXT_ISLEGACYREQUEST = "isLegacyRequest"; //public static final String PROCESSCONTEXT_UNIQUE_OA_IDENTFIER = "uniqueSPId"; //public static final String PROCESSCONTEXT_SSL_CLIENT_CERTIFICATE = MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE; //General protocol-request data-store keys public static final String AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE = "authProces_SecurityLayerTemplate"; @Deprecated public static final String AUTHPROCESS_DATA_TARGET = "authProces_Target"; @Deprecated public static final String AUTHPROCESS_DATA_TARGETFRIENDLYNAME = "authProces_TargetFriendlyName"; public static final String DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP = "useMinimalFrontChannelResponse"; public static final String DATAID_INTERFEDERATION_NAMEID = "federatedNameID"; public static final String DATAID_INTERFEDERATION_QAALEVEL = "federatedQAALevel"; public static final String DATAID_INTERFEDERATION_REQUESTID = "authnReqID"; }