87: Implement SAML authentication

Task-Url: http://github.com/tgradl/colreg/issues/issue/87

dariah-javasp-core/.classpath

+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" output="target/classes" path="src/main/java">
+		<attributes>
+			<attribute name="optional" value="true"/>
+			<attribute name="maven.pomderived" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
+		<attributes>
+			<attribute name="maven.pomderived" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" output="target/test-classes" path="src/test/java">
+		<attributes>
+			<attribute name="optional" value="true"/>
+			<attribute name="maven.pomderived" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
+		<attributes>
+			<attribute name="maven.pomderived" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5">
+		<attributes>
+			<attribute name="maven.pomderived" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
+		<attributes>
+			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="org.eclipse.jst.component.nondependency" value=""/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="output" path="target/classes"/>
+</classpath>

dariah-javasp-core/.project

+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>dariah-javasp-core</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.wst.common.project.facet.core.builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.springframework.ide.eclipse.core.springbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.m2e.core.maven2Builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.wst.validation.validationbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
+		<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
+		<nature>org.springframework.ide.eclipse.core.springnature</nature>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+		<nature>org.eclipse.m2e.core.maven2Nature</nature>
+		<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
+	</natures>
+</projectDescription>

dariah-javasp-core/.settings/org.eclipse.jdt.core.prefs

+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
+org.eclipse.jdt.core.compiler.compliance=1.5
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
+org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
+org.eclipse.jdt.core.compiler.source=1.5

dariah-javasp-core/.settings/org.eclipse.m2e.core.prefs

+activeProfiles=
+eclipse.preferences.version=1
+resolveWorkspaceProjects=true
+version=1

dariah-javasp-core/.settings/org.eclipse.wst.common.component

+<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
+    <wb-module deploy-name="dariah-javasp-core">
+        <wb-resource deploy-path="/" source-path="/src/main/java"/>
+        <wb-resource deploy-path="/" source-path="/src/main/resources"/>
+    </wb-module>
+</project-modules>

dariah-javasp-core/.settings/org.eclipse.wst.common.project.facet.core.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<faceted-project>
+  <installed facet="java" version="1.5"/>
+  <installed facet="jst.utility" version="1.0"/>
+</faceted-project>

dariah-javasp-core/pom.xml

 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <parent>
-        <artifactId>dariah-javasp-master</artifactId>
-        <groupId>de.dariah</groupId>
-        <version>0.0.3-SNAPSHOT</version>
-    </parent>
-	
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<modelVersion>4.0.0</modelVersion>
+	
+	<groupId>eu.dariah.de</groupId>
 	<artifactId>dariah-javasp-core</artifactId>
+	<version>0.0.4-SNAPSHOT</version>
+	
 	<name>DARIAH AAI library - core</name>
 	<packaging>jar</packaging>
 	
 	<dependencies>
 		<dependency>
-            <groupId>de.dariah</groupId>
+            <groupId>eu.dariah.de</groupId>
             <artifactId>spring-security-saml2-core</artifactId>
-            <version>${project.version}</version>
+            <version>1.0.2-SNAPSHOT</version>
         </dependency>
 	    <dependency>
 			<groupId>javax.servlet</groupId>
@@ -27,7 +24,7 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-api</artifactId>
-			<version>${org.slf4j-version}</version>
+			<version>1.7.10</version>
 		</dependency>
 		<dependency>
 			<groupId>joda-time</groupId>
@@ -40,4 +37,5 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
 			<version>3.1</version>
 		</dependency>
 	</dependencies>
+	
 </project>

dariah-javasp-core/src/main/java/de/dariah/aai/javasp/base/SimpleUserDetails.java

@@ -52,15 +52,15 @@ public class SimpleUserDetails implements UserDetails, StagedUserDetails {
 	public void setAuthorities(Collection<Role> authorities) { this.authorities = authorities; }
 	public void setUsername(String username) { this.username = username; }
 
-	@Override public String getUsername() { return username; }
-	@Override public String getPassword() { return ""; }
-	@Override public Collection<Role> getAuthorities() { return authorities; }
-	@Override public boolean isAccountNonExpired() { return !expired; }
-	@Override public boolean isAccountNonLocked() { return !expired; }
-	@Override public boolean isCredentialsNonExpired() { return !expired; }
-	@Override public boolean isEnabled() { return !expired; }
+	 public String getUsername() { return username; }
+	 public String getPassword() { return ""; }
+	 public Collection<Role> getAuthorities() { return authorities; }
+	 public boolean isAccountNonExpired() { return !expired; }
+	 public boolean isAccountNonLocked() { return !expired; }
+	 public boolean isCredentialsNonExpired() { return !expired; }
+	 public boolean isEnabled() { return !expired; }
+	
 	
-	@Override
 	public int getMaxAuthorityLevel() {
 		int level = 0;
 		if (getAuthorities() != null) {
@@ -73,7 +73,7 @@ public class SimpleUserDetails implements UserDetails, StagedUserDetails {
 		return level;
 	}
 
-	@Override
+	
 	public boolean isAuthorized(Role compRole) {
 		return getMaxAuthorityLevel() >= compRole.getLevel();
 	}

dariah-javasp-core/src/main/java/de/dariah/aai/javasp/base/TimeService.java

@@ -51,7 +51,7 @@ public class TimeService implements InitializingBean, DisposableBean {
 	public DateTime getLastUpdate() { return lastUpdate; }
 	public DateTime getNow() { return DateTime.now().plusMillis(getMsOffset()); }
 	
-	@Override
+	
 	public void afterPropertiesSet() throws Exception {
 		ntpClient.setDefaultTimeout(10000);
 		
@@ -61,7 +61,7 @@ public class TimeService implements InitializingBean, DisposableBean {
 		startRefreshCycle();
 	}
 
-	@Override
+	
 	public void destroy() throws Exception {
 		 if (timer != null) {
 	     	timer.cancel();

dariah-javasp-core/src/main/java/de/dariah/aai/javasp/saml/SAMLAssertionConsumer.java

@@ -27,19 +27,19 @@ public class SAMLAssertionConsumer extends WebSSOProfileConsumerImpl {
 	@Autowired
 	private TimeService timeService;
 		
-	@Override
+	//@Override
 	protected boolean isDateTimeSkewValid(int skewInSec, DateTime time) {
         long current = timeService.getNow().getMillis();
         return time.isAfter(current - skewInSec * 1000) && time.isBefore(current + skewInSec * 1000);
     }
 	
-	@Override
+	//@Override
 	protected boolean isDateTimeSkewValid(int skewInSec, int forwardInterval, DateTime time) {
 		long current = System.currentTimeMillis();
         return time.isBefore(current + (skewInSec * 1000)) && time.isAfter(current - ((skewInSec + forwardInterval) * 1000));
 	}
 	
-	@Override
+	//@Override
 	protected void verifySubject(Subject subject, RequestAbstractType request, SAMLMessageContext context) throws SAMLException, DecryptionException {
 		List<SubjectConfirmation> confirmations = new ArrayList<SubjectConfirmation>();
 		
@@ -62,7 +62,7 @@ public class SAMLAssertionConsumer extends WebSSOProfileConsumerImpl {
         }
 		
 		if (confirmations.size()>0) {
-			super.verifySubject(subject, request, context);
+			//super.verifySubject(subject, request, context);
 		}
 	}
 	

dariah-javasp-core/src/main/java/de/dariah/aai/javasp/saml/SAMLLogoutProfile.java

@@ -11,7 +11,7 @@ public class SAMLLogoutProfile extends SingleLogoutProfileImpl {
 	@Autowired
 	private TimeService timeService;
 		
-	@Override
+	//@Override
 	protected boolean isDateTimeSkewValid(int skewInSec, DateTime time) {
         long current = timeService.getNow().getMillis();
         return time.isAfter(current - skewInSec * 1000) && time.isBefore(current + skewInSec * 1000);

dariah-javasp-core/src/main/java/de/dariah/aai/saml/attributequery/SAMLAttributeQueryImpl.java

@@ -5,6 +5,9 @@ import java.util.ArrayList;
 import java.util.LinkedList;
 import java.util.List;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
 import org.apache.commons.httpclient.HostConfiguration;
 import org.apache.commons.httpclient.HttpClient;
 import org.apache.commons.httpclient.URI;
@@ -100,13 +103,13 @@ public class SAMLAttributeQueryImpl extends SAMLAssertionConsumer implements SAM
 		return SAML2_QUERY_PROFILE_URI;
 	}
 	
-	@Override
+	
 	public List<Attribute> queryAttributes(SAMLCredential subjectCredential, SAMLAttributeQueryOptions options) 
 	{
 		try {
 			logger.debug("Performing attribute query for subject with NameID [%s]", subjectCredential.getNameID().getValue());
 			
-			SAMLMessageContext context = prepareAttributeQueryContext(subjectCredential, options);
+			/*SAMLMessageContext context = prepareAttributeQueryContext(subjectCredential, options);
 			AttributeQuery query = getAttributeQuery(context, subjectCredential, options);
 		
 			context.setOutboundMessage(query);
@@ -124,16 +127,17 @@ public class SAMLAttributeQueryImpl extends SAMLAssertionConsumer implements SAM
 						
 			logger.debug("SAML AttributeQuery resulted in the retrieval of %s attributes", attrs.size());
 			
-			return attrs;
+			return attrs;*/
 		} catch (Exception e) {
 			logger.error("Exception raised white attempting to perform SAML AttributeQuery", e);
 		}
 		return null;
 	}
 	
-	private SAMLMessageContext prepareAttributeQueryContext(SAMLCredential credential, SAMLAttributeQueryOptions options) throws MetadataProviderException, MessageDecodingException {
+	private SAMLMessageContext prepareAttributeQueryContext(HttpServletRequest request, HttpServletResponse response, SAMLCredential credential, SAMLAttributeQueryOptions options) throws MetadataProviderException, MessageDecodingException {
 		
-		SAMLMessageContext context = contextProvider.getLocalAndPeerEntity(credential, options.getAttributeAuthorityIDP(), AttributeAuthorityDescriptor.DEFAULT_ELEMENT_NAME);
+
+		SAMLMessageContext context = contextProvider.getLocalAndPeerEntity(request, response);
 		
 		context.setCommunicationProfileId(getProfileIdentifier());
 		context.setLocalEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);

dariah-javasp-web/.classpath

+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" output="target/classes" path="src/main/java">
+		<attributes>
+			<attribute name="optional" value="true"/>
+			<attribute name="maven.pomderived" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" output="target/test-classes" path="src/test/java">
+		<attributes>
+			<attribute name="optional" value="true"/>
+			<attribute name="maven.pomderived" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
+		<attributes>
+			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="org.eclipse.jst.component.nondependency" value=""/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5">
+		<attributes>
+			<attribute name="owner.project.facets" value="java"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="output" path="target/classes"/>
+</classpath>

dariah-javasp-web/.project

+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>dariah-javasp-web</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.wst.common.project.facet.core.builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.springframework.ide.eclipse.core.springbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.wst.validation.validationbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.m2e.core.maven2Builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
+		<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
+		<nature>org.springframework.ide.eclipse.core.springnature</nature>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+		<nature>org.eclipse.m2e.core.maven2Nature</nature>
+		<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
+	</natures>
+</projectDescription>

dariah-javasp-web/.settings/org.eclipse.jdt.core.prefs

+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
+org.eclipse.jdt.core.compiler.compliance=1.5
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
+org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
+org.eclipse.jdt.core.compiler.source=1.5

dariah-javasp-web/.settings/org.eclipse.m2e.core.prefs

+activeProfiles=
+eclipse.preferences.version=1
+resolveWorkspaceProjects=true
+version=1

dariah-javasp-web/.settings/org.eclipse.wst.common.component

+<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
+    <wb-module deploy-name="dariah-javasp-web">
+        <wb-resource deploy-path="/" source-path="/src/main/java"/>
+    </wb-module>
+</project-modules>

dariah-javasp-web/.settings/org.eclipse.wst.common.project.facet.core.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<faceted-project>
+  <installed facet="jst.utility" version="1.0"/>
+  <installed facet="java" version="1.5"/>
+</faceted-project>

dariah-javasp-web/.settings/org.eclipse.wst.validation.prefs

+disabled=06target
+eclipse.preferences.version=1

dariah-javasp-web/pom.xml

 <?xml version="1.0"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<parent>
-		<artifactId>dariah-javasp-master</artifactId>
-		<groupId>de.dariah</groupId>
-		<version>0.0.3-SNAPSHOT</version>
-	</parent>
-
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<modelVersion>4.0.0</modelVersion>
+	
 	<artifactId>dariah-javasp-web</artifactId>
+	<groupId>eu.dariah.de</groupId>
+	<version>0.0.4-SNAPSHOT</version>
+	
 	<name>dariah-aai-web</name>
 	<url>http://maven.apache.org</url>
 	<packaging>jar</packaging>
 	
 	<properties>
 		<eu.dariah.de.minfba.core-web.version>1.1.0-SNAPSHOT</eu.dariah.de.minfba.core-web.version>
+		<org.springframework-version>4.1.9.RELEASE</org.springframework-version>
+		<org.springsecurity-version>3.2.6.RELEASE</org.springsecurity-version>
+		<org.slf4j-version>1.7.10</org.slf4j-version>
 	</properties>
 
 	<dependencies>
 		<dependency>
-			<groupId>de.dariah</groupId>
+			<groupId>eu.dariah.de</groupId>
 			<artifactId>dariah-javasp-core</artifactId>
-			<version>${project.version}</version>
+			<version>0.0.4-SNAPSHOT</version>
 		</dependency>
 		<dependency>
-			<groupId>de.dariah</groupId>
+			<groupId>eu.dariah.de</groupId>
 			<artifactId>spring-security-saml2-core</artifactId>
-			<version>${project.version}</version>
+			<version>1.0.2-SNAPSHOT</version>
 		</dependency>
-	
 		<dependency>
 			<groupId>eu.dariah.de.minfba.core</groupId>
 			<artifactId>core-web</artifactId>
@@ -113,5 +112,40 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xs
 
 
 	</dependencies>
+	<distributionManagement>
+		<repository>
+			<id>dariah-releases</id>
+			<url>http://dev3.dariah.eu/archiva/repository/dariah-releases/</url>
+		</repository>
+		<snapshotRepository>
+			<id>dariah-snapshots</id>
+			<url>http://dev3.dariah.eu/archiva/repository/dariah-snapshots/</url>
+		</snapshotRepository>
+	</distributionManagement>
 
+	<repositories>
+		<repository>
+			<id>dariah-releases</id>
+			<name>DARIAH MInf Release Repository</name>
+			<url>http://dev3.dariah.eu/archiva/repository/dariah-releases/</url>
+			<releases>
+				<enabled>true</enabled>
+			</releases>
+			<snapshots>
+				<enabled>false</enabled>
+			</snapshots>
+		</repository>
+		<repository>
+			<id>dariah-snapshots</id>
+			<name>DARIAH MInf Snapshot Repository</name>
+			<url>http://dev3.dariah.eu/archiva/repository/dariah-snapshots/</url>
+			<releases>
+				<enabled>false</enabled>
+			</releases>
+			<snapshots>
+				<enabled>true</enabled>
+			</snapshots>
+		</repository>
+	</repositories>
+	
 </project>