package eu.dnetlib.enabling.aas.service; import java.util.ArrayList; import java.util.List; import javax.jws.WebService; import org.apache.commons.lang.NotImplementedException; import eu.dnetlib.enabling.aas.DNetAAError; import eu.dnetlib.enabling.aas.DNetAuthenticateRequest; import eu.dnetlib.enabling.aas.DNetAuthenticateResponse; import eu.dnetlib.enabling.aas.DNetAuthorizeRequest; import eu.dnetlib.enabling.aas.DNetAuthorizeResponse; import eu.dnetlib.enabling.aas.IAAService; import eu.dnetlib.enabling.aas.retrievers.ISLookupAttributeRetrieverConstants; import eu.dnetlib.enabling.aas.rmi.A2Error; import eu.dnetlib.enabling.aas.rmi.A2Response; import eu.dnetlib.enabling.aas.rmi.A2Service; import eu.dnetlib.enabling.aas.rmi.AuthenticateRequest; import eu.dnetlib.enabling.aas.rmi.AuthenticateResp; import eu.dnetlib.enabling.aas.rmi.AuthorizeRequest; import eu.dnetlib.enabling.aas.rmi.AuthorizeResp; import eu.dnetlib.enabling.aas.rmi.InvalidateRequest; import eu.dnetlib.enabling.aas.rmi.InvalidateResp; import eu.dnetlib.enabling.aas.xacml.ctx.ActionType; import eu.dnetlib.enabling.aas.xacml.ctx.AttributeType; import eu.dnetlib.enabling.aas.xacml.ctx.AttributeValueType; import eu.dnetlib.enabling.aas.xacml.ctx.RequestType; import eu.dnetlib.enabling.aas.xacml.ctx.ResourceType; import eu.dnetlib.enabling.aas.xacml.ctx.ResultType; import eu.dnetlib.enabling.aas.xacml.ctx.SubjectType; import eu.dnetlib.enabling.aas.xacml.ctx.DecisionType.DECISION; import eu.dnetlib.enabling.aas.xacml.profile.saml.XACMLAuthzDecisionQueryType; /** * {@link A2Service} from icm-enabling-api facade adapting * AAS2 frontend to AAS1 frontend. * * @author mhorst * */ @WebService(serviceName="A2Service", endpointInterface="eu.dnetlib.enabling.aas.rmi.A2Service", targetNamespace="http://rmi.aas.enabling.dnetlib.eu/") public class A2ServiceAdapter implements A2Service { public final static String SUBJECT_ATTRIBUTE_ID = "urn:oasis:names:tc:xacml:1.0:subject:subject-id"; public final static String RESOURCE_ATTRIBUTE_ID = "urn:oasis:names:tc:xacml:1.0:resource:resource-id"; public final static String ACTION_ATTRIBUTE_ID = "urn:oasis:names:tc:xacml:1.0:action:action-id"; public final static String ATTRIBUTE_TYPE_STRING = "http://www.w3.org/2001/XMLSchema#string"; public final static String DEFAULT_RESOURCE_ATTRIBUTE_TYPE = ATTRIBUTE_TYPE_STRING; public final static String DEFAULT_ACTION_ATTRIBUTE_TYPE = ATTRIBUTE_TYPE_STRING; public final static String DEFAULT_SUBJECT_ATTRIBUTE_TYPE = ATTRIBUTE_TYPE_STRING; /** * AAS2 encapsulated service. */ private IAAService aaService; /* (non-Javadoc) * @see eu.dnetlib.enabling.aas.rmi.A2Service#authenticate(eu.dnetlib.enabling.aas.rmi.AuthenticateRequest) */ @Override public AuthenticateResp authenticate(AuthenticateRequest request) { return adaptAuthnResponse(aaService.authenticate( adaptAuthnRequest(request))); } /** * Adapts authentication request. * @param internalReq * @return adapted request */ protected DNetAuthenticateRequest adaptAuthnRequest( AuthenticateRequest internalReq) { if (internalReq==null) return null; DNetAuthenticateRequest dnetRequest = new DNetAuthenticateRequest(); XACMLAuthzDecisionQueryType authzQuery = new XACMLAuthzDecisionQueryType(); dnetRequest.setAuthnQuery(authzQuery); RequestType xacmlRequest = new RequestType(); authzQuery.setRequest(xacmlRequest); // authentication - predefined action AttributeType actionAttr = new AttributeType(); actionAttr.setAttributeID(ACTION_ATTRIBUTE_ID); actionAttr.setDataType(DEFAULT_ACTION_ATTRIBUTE_TYPE); actionAttr.setAttributeValues(new AttributeValueType[] { new AttributeValueType("authentication")}); xacmlRequest.setAction(new ActionType(new AttributeType[] {actionAttr})); // handling principals if (internalReq.getPrincipals()!=null) { List subjectList = new ArrayList(); for (int i=0; i0) { for (int i=0; i0) { type = internalReq.getResource().getType(); } else { type = DEFAULT_RESOURCE_ATTRIBUTE_TYPE; } AttributeType resourceAttr = new AttributeType(); resourceAttr.setAttributeID(resourceId); resourceAttr.setDataType(type); resourceAttr.setAttributeValues(new AttributeValueType[] { new AttributeValueType(internalReq.getResource().getText()) }); xacmlRequest.setResources(new ResourceType[] { new ResourceType(new AttributeType[] {resourceAttr}) }); } if (internalReq.getAction()!=null) { String actionId = ACTION_ATTRIBUTE_ID; String type; if (internalReq.getAction().getType() != null && internalReq.getAction().getType().length()>0) { type = internalReq.getAction().getType(); } else { type = DEFAULT_ACTION_ATTRIBUTE_TYPE; } AttributeType actionAttr = new AttributeType(); actionAttr.setAttributeID(actionId); actionAttr.setDataType(type); actionAttr.setAttributeValues(new AttributeValueType[] { new AttributeValueType(internalReq.getAction().getText())}); xacmlRequest.setAction(new ActionType(new AttributeType[] {actionAttr})); } return dnetRequest; } /** * Adapts authorization response. * @param internalResp * @return adapted response */ protected AuthorizeResp adaptAuthzResponse( DNetAuthorizeResponse internalResp) { if (internalResp==null) return null; AuthorizeResp authzResp = new AuthorizeResp(); processResult(internalResp.getResult(), authzResp); if (internalResp.getErrors()!=null && internalResp.getErrors().length>0) { for (int i=0; i