at.gv.egovernment.moa.id.protocols.pvp2x.AttributQueryAction.java Source code

Java tutorial

  1. HOME
  2. Java
  3. at.gv.egovernment.moa.id.protocols.pvp2x.AttributQueryAction.java

Introduction

Here is the source code for at.gv.egovernment.moa.id.protocols.pvp2x.AttributQueryAction.java

Source

/*
 * Copyright 2014 Federal Chancellery Austria
 * MOA-ID has been developed in a cooperation between BRZ, the Federal
 * Chancellery Austria - ICT staff unit, and Graz University of Technology.
 *
 * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
 * the European Commission - subsequent versions of the EUPL (the "Licence");
 * You may not use this work except in compliance with the Licence.
 * You may obtain a copy of the Licence at:
 * http://www.osor.eu/eupl/
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the Licence is distributed on an "AS IS" basis,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the Licence for the specific language governing permissions and
 * limitations under the Licence.
 *
 * This product combines work with different licenses. See the "NOTICE" text
 * file for details on the various modules and licenses.
 * The "NOTICE" text file is part of the distribution. Any derivative works
 * that you distribute must include a readable copy of the "NOTICE" text file.
 */
package at.gv.egovernment.moa.id.protocols.pvp2x;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.joda.time.DateTime;
import org.opensaml.saml2.core.Assertion;
import org.opensaml.saml2.core.Attribute;
import org.opensaml.saml2.core.AttributeQuery;
import org.opensaml.saml2.core.Response;
import org.opensaml.ws.message.encoder.MessageEncodingException;
import org.opensaml.xml.security.SecurityException;

import java.util.Arrays;

import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationInterface;
import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.SoapBinding;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AuthResponseBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.logging.Logger;

/**
 * @author tlenz
 *
 */
public class AttributQueryAction implements IAction {

    private final static List<String> DEFAULTSTORKATTRIBUTES = Arrays
            .asList(new String[] { PVPConstants.EID_STORK_TOKEN_NAME });

    private final static List<String> DEFAULTMANDATEATTRIBUTES = Arrays.asList(
            new String[] { PVPConstants.MANDATE_FULL_MANDATE_NAME, PVPConstants.MANDATE_PROF_REP_OID_NAME });

    /* (non-Javadoc)
     * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.data.IAuthData)
     */
    @Override
    public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq,
            HttpServletResponse httpResp, IAuthData authData) throws MOAIDException {

        if (req instanceof PVPTargetConfiguration
                && ((PVPTargetConfiguration) req).getRequest() instanceof MOARequest
                && ((MOARequest) ((PVPTargetConfiguration) req).getRequest())
                        .getSamlRequest() instanceof AttributeQuery) {

            AttributeQuery attrQuery = (AttributeQuery) ((MOARequest) ((PVPTargetConfiguration) req).getRequest())
                    .getSamlRequest();

            //load moaSession
            String nameID = attrQuery.getSubject().getNameID().getValue();

            AuthenticationSession session = AuthenticationSessionStoreage.getSessionWithUserNameID(nameID);
            if (session == null) {
                Logger.warn("AttributeQuery nameID does not match to an active single sign-on session.");
                throw new AttributQueryException(
                        "AttributeQuery nameID does not match to an active single sign-on session.", null);

            }

            DateTime date = new DateTime();

            //generate authData
            authData = AuthenticationDataBuilder.buildAuthenticationData(req, session, attrQuery.getAttributes());

            //add default attributes in case of mandates or STORK is in use
            List<String> attrList = addDefaultAttributes(attrQuery, authData);

            //build PVP 2.1 assertion
            Assertion assertion = PVP2AssertionBuilder.buildAssertion(attrQuery, attrList, authData, date,
                    authData.getSessionIndex());

            //build PVP 2.1 response
            Response authResponse = AuthResponseBuilder.buildResponse(attrQuery, date, assertion);

            try {
                SoapBinding decoder = new SoapBinding();
                decoder.encodeRespone(httpReq, httpResp, authResponse, null, null);
                return null;

            } catch (MessageEncodingException e) {
                Logger.error("Message Encoding exception", e);
                throw new MOAIDException("pvp2.01", null, e);

            } catch (SecurityException e) {
                Logger.error("Security exception", e);
                throw new MOAIDException("pvp2.01", null, e);

            }

        } else {
            Logger.error("Process AttributeQueryAction but request is NOT of type AttributQuery.");
            throw new MOAIDException("pvp2.13", null);

        }
    }

    /* (non-Javadoc)
     * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
     */
    @Override
    public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
        return false;
    }

    /* (non-Javadoc)
     * @see at.gv.egovernment.moa.id.moduls.IAction#getDefaultActionName()
     */
    @Override
    public String getDefaultActionName() {
        return PVP2XProtocol.ATTRIBUTEQUERY;
    }

    private List<String> addDefaultAttributes(AttributeQuery query, IAuthData authData) {

        List<String> reqAttributs = new ArrayList<String>();

        for (Attribute attr : query.getAttributes()) {
            reqAttributs.add(attr.getName());

        }

        //add default STORK attributes if it is a STORK authentication
        if (authData.isForeigner() && !reqAttributs.containsAll(DEFAULTSTORKATTRIBUTES)) {
            for (String el : DEFAULTSTORKATTRIBUTES) {
                if (!reqAttributs.contains(el))
                    reqAttributs.add(el);
            }
        }

        //add default mandate attributes if it is a authentication with mandates
        if (authData.isUseMandate() && !reqAttributs.containsAll(DEFAULTMANDATEATTRIBUTES)) {
            for (String el : DEFAULTMANDATEATTRIBUTES) {
                if (!reqAttributs.contains(el))
                    reqAttributs.add(el);
            }
        }

        return reqAttributs;
    }
}