PolicyAttributeAuthority.java

  1. /*
  2.  * GovWay - A customizable API Gateway
  3.  * https://govway.org
  4.  *
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it).
  6.  *
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */


  20. package org.openspcoop2.pdd.core.token.attribute_authority;

  21. import java.io.Serializable;
  22. import java.util.ArrayList;
  23. import java.util.List;
  24. import java.util.Properties;

  25. import org.apache.commons.lang.StringUtils;
  26. import org.openspcoop2.core.config.constants.CostantiConfigurazione;
  27. import org.openspcoop2.pdd.config.dynamic.PddPluginLoader;
  28. import org.openspcoop2.pdd.core.token.AbstractPolicyToken;
  29. import org.openspcoop2.pdd.core.token.TokenException;
  30. import org.openspcoop2.pdd.core.token.TokenUtilities;
  31. import org.openspcoop2.security.message.constants.SecurityConstants;
  32. import org.openspcoop2.security.message.jose.JOSEUtils;
  33. import org.openspcoop2.utils.resources.ClassLoaderUtilities;
  34. import org.openspcoop2.utils.transport.http.HttpRequestMethod;
  35. import org.slf4j.Logger;

  36. /**    
  37.  * PolicyAttributeAuthority
  38.  *
  39.  * @author Poli Andrea (poli@link.it)
  40.  * @author $Author$
  41.  * @version $Rev$, $Date$
  42.  */
  43. public class PolicyAttributeAuthority extends AbstractPolicyToken implements Serializable {

  44.     /**
  45.      *
  46.      */
  47.     private static final long serialVersionUID = 1L;
  48.    
  49.    
  50.     public IRetrieveAttributeAuthorityResponseParser getRetrieveAttributeAuthorityResponseParser(Logger log) throws TokenException {
  51.         IRetrieveAttributeAuthorityResponseParser parser = null;
  52.         TipologiaResponseAttributeAuthority tipologiaResponse = TipologiaResponseAttributeAuthority.valueOf(this.defaultProperties.getProperty(Costanti.AA_RESPONSE_TYPE));
  53.         if(TipologiaResponseAttributeAuthority.custom.equals(tipologiaResponse)) {
  54.             String className = this.defaultProperties.getProperty(Costanti.AA_RESPONSE_PARSER_CLASS_NAME);
  55.             if(className!=null && StringUtils.isNotEmpty(className) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(className)) {
  56.                 try {
  57.                     parser = (IRetrieveAttributeAuthorityResponseParser) ClassLoaderUtilities.newInstance(className);
  58.                 }catch(Exception e) {
  59.                     throw new TokenException(e.getMessage(),e);
  60.                 }
  61.             }
  62.             else {
  63.                 String tipo = this.defaultProperties.getProperty(Costanti.AA_RESPONSE_PARSER_PLUGIN_TYPE);
  64.                 if(tipo!=null && StringUtils.isNotEmpty(tipo) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(tipo)) {
  65.                     try{
  66.                         PddPluginLoader pluginLoader = PddPluginLoader.getInstance();
  67.                         parser = pluginLoader.newAttributeAuthority(tipo);
  68.                     }catch(Exception e){
  69.                         throw new TokenException(e.getMessage(),e); // descrizione errore già corretta
  70.                     }
  71.                 }
  72.                 else {
  73.                     throw new TokenException("Deve essere selezionato un plugin per la risposta");
  74.                 }
  75.             }
  76.         }
  77.         else {
  78.             String claims = this.defaultProperties.getProperty(Costanti.AA_RESPONSE_ATTRIBUTES);
  79.             List<String> attributesClaims = new ArrayList<>();
  80.             if(claims!=null && !"".equals(claims)) {
  81.                 if(claims.contains(",")) {
  82.                     String [] tmp = claims.split(",");
  83.                     if(tmp!=null && tmp.length>0) {
  84.                         for (int i = 0; i < tmp.length; i++) {
  85.                             String claim = tmp[i];
  86.                             if(claim!=null && !"".equals(claim)) {
  87.                                 attributesClaims.add(claim.trim());
  88.                             }
  89.                         }
  90.                     }
  91.                 }
  92.                 else {
  93.                     attributesClaims.add(claims.trim());
  94.                 }
  95.             }
  96.             parser = new BasicRetrieveAttributeAuthorityResponseParser(this.getName(), log, tipologiaResponse, attributesClaims);
  97.         }
  98.         return parser;
  99.     }
  100.    
  101.     public boolean isSaveErrorInCache() {
  102.         return TokenUtilities.isEnabled(this.defaultProperties, Costanti.AA_SAVE_ERROR_IN_CACHE);  
  103.     }
  104.    
  105.     public String getEndpoint() {
  106.         return this.defaultProperties.getProperty(Costanti.AA_URL);
  107.     }
  108.    
  109.     public boolean isEndpointHttps() {
  110.         return TokenUtilities.isEnabled(this.defaultProperties, Costanti.AA_AUTH_SSL_STATO)
  111.                 || isHttpsAuthentication(); // anche solo se è abilitato httpsAuthentication, di fatto è abilitato https    
  112.     }
  113.     public boolean isHttpsAuthentication() {
  114.         return TokenUtilities.isEnabled(this.defaultProperties, Costanti.AA_AUTH_SSL_CLIENT_STATO);
  115.     }
  116.    
  117.     public boolean isBasicAuthentication() {
  118.         return TokenUtilities.isEnabled(this.defaultProperties, Costanti.AA_AUTH_BASIC_STATO);  
  119.     }
  120.     public String getBasicAuthenticationUsername() {
  121.         return this.defaultProperties.getProperty(Costanti.AA_AUTH_BASIC_USERNAME);
  122.     }
  123.     public String getBasicAuthenticationPassword() {
  124.         return this.defaultProperties.getProperty(Costanti.AA_AUTH_BASIC_PASSWORD);
  125.     }
  126.    
  127.     public boolean isBearerAuthentication() {
  128.         return TokenUtilities.isEnabled(this.defaultProperties, Costanti.AA_AUTH_BEARER_STATO);
  129.     }
  130.     public String getBeareAuthenticationToken() {
  131.         return this.defaultProperties.getProperty(Costanti.AA_AUTH_BEARER_TOKEN);
  132.     }
  133.    
  134.     public String getRequestPosition() {
  135.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_POSITION);
  136.     }
  137.     public boolean isRequestPositionBearer() {
  138.         return Costanti.AA_REQUEST_POSITION_VALUE_BEARER.equals(this.getRequestPosition());
  139.     }
  140.     public boolean isRequestPositionPayload() {
  141.         return Costanti.AA_REQUEST_POSITION_VALUE_PAYLOAD.equals(this.getRequestPosition());
  142.     }
  143.     public boolean isRequestPositionHeader() {
  144.         return Costanti.AA_REQUEST_POSITION_VALUE_HEADER.equals(this.getRequestPosition());
  145.     }
  146.     public boolean isRequestPositionQuery() {
  147.         return Costanti.AA_REQUEST_POSITION_VALUE_QUERY.equals(this.getRequestPosition());
  148.     }
  149.     public String getRequestPositionHeaderName() {
  150.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_POSITION_HEADER_NAME);
  151.     }
  152.     public String getRequestPositionQueryParameterName() {
  153.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_POSITION_QUERY_PARAMETER_NAME);
  154.     }

  155.     public HttpRequestMethod getRequestHttpMethod() {
  156.         return HttpRequestMethod.valueOf(this.defaultProperties.getProperty(Costanti.AA_REQUEST_HTTPMETHOD));
  157.     }
  158.    
  159.     public String getRequestType() {
  160.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_TYPE);
  161.     }
  162.     public boolean isRequestJson() {
  163.         return Costanti.AA_REQUEST_TYPE_VALUE_JSON.equals(this.getRequestType());
  164.     }
  165.     public boolean isRequestJws() {
  166.         return Costanti.AA_REQUEST_TYPE_VALUE_JWS.equals(this.getRequestType());
  167.     }
  168.     public boolean isRequestCustom() {
  169.         return Costanti.AA_REQUEST_TYPE_VALUE_CUSTOM.equals(this.getRequestType());
  170.     }
  171.    
  172.     public String getRequestContentType() {
  173.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_CONTENT_TYPE);
  174.     }
  175.    
  176.     public String getRequestDynamicPayloadType() {
  177.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_DYNAMIC_PAYLOAD_TYPE);
  178.     }
  179.     public boolean isRequestDynamicPayloadJwt() {
  180.         return Costanti.AA_REQUEST_DYNAMIC_PAYLOAD_TYPE_JWT.equals(this.getRequestDynamicPayloadType());
  181.     }
  182.     public boolean isRequestDynamicPayloadTemplate() {
  183.         return Costanti.AA_REQUEST_DYNAMIC_PAYLOAD_TYPE_TEMPLATE.equals(this.getRequestDynamicPayloadType());
  184.     }
  185.     public boolean isRequestDynamicPayloadFreemarkerTemplate() {
  186.         return Costanti.AA_REQUEST_DYNAMIC_PAYLOAD_TYPE_FREEMARKER_TEMPLATE.equals(this.getRequestDynamicPayloadType());
  187.     }
  188.     public boolean isRequestDynamicPayloadVelocityTemplate() {
  189.         return Costanti.AA_REQUEST_DYNAMIC_PAYLOAD_TYPE_VELOCITY_TEMPLATE.equals(this.getRequestDynamicPayloadType());
  190.     }
  191.     public String getRequestDynamicPayload() {
  192.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_DYNAMIC_PAYLOAD);
  193.     }
  194.    
  195.     public String getRequestJwtIssuer() {
  196.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_ISSUER);
  197.     }
  198.     public String getRequestJwtSubject() {
  199.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SUBJECT);
  200.     }
  201.     public String getRequestJwtAudience() {
  202.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_AUDIENCE);
  203.     }
  204.     public Integer getJwtTtlSeconds() {
  205.         String ttl = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_EXPIRED_TTL_SECONDS);
  206.         if(ttl==null || StringUtils.isEmpty(ttl)) {
  207.             ttl = Costanti.AA_REQUEST_JWT_EXPIRED_TTL_SECONDS_DEFAULT_VALUE;
  208.         }
  209.         return Integer.valueOf(ttl);
  210.     }
  211.     public String getRequestJwtExpired() {
  212.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_EXPIRED_TTL_SECONDS);
  213.     }
  214.     public String getRequestJwtClaims() {
  215.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_CLAIMS);
  216.     }
  217.    
  218.    
  219.    
  220.     public String getRequestJwtSignAlgorithm() {
  221.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_ALGORITHM);
  222.     }
  223.     public boolean isRequestJwtSignIncludeKeyIdWithKeyAlias() {
  224.         String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_KEY_ID);
  225.         return tmp!=null && Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_KEY_ID_MODE_ALIAS.equals(tmp);
  226.     }
  227.     public boolean isRequestJwtSignIncludeKeyIdCustom() {
  228.         String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_KEY_ID);
  229.         return tmp!=null && Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_KEY_ID_MODE_CUSTOM.equals(tmp);
  230.     }
  231.     public String getRequestJwtSignIncludeKeyIdCustom() {
  232.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_KEY_ID_VALUE);
  233.     }
  234.     public boolean isRequestJwtSignIncludeX509Cert() {
  235.         String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_X509_CERT);
  236.         return tmp!=null && Boolean.valueOf(tmp);
  237.     }
  238.     public String getRequestJwtSignIncludeX509URL() {
  239.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_X509_URL);
  240.     }
  241.     public boolean isRequestJwtSignIncludeX509CertSha1() {
  242.         String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_X509_SHA1);
  243.         return tmp!=null && Boolean.valueOf(tmp);
  244.     }
  245.     public boolean isRequestJwtSignIncludeX509CertSha256() {
  246.         String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_X509_SHA256);
  247.         return tmp!=null && Boolean.valueOf(tmp);
  248.     }
  249.     public boolean isRequestJwtSignJoseContentType() {
  250.         String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_JOSE_CONTENT_TYPE);
  251.         return tmp!=null && Boolean.valueOf(tmp);
  252.     }
  253.     public String getRequestJwtSignJoseType() {
  254.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_JOSE_TYPE);
  255.     }
  256.    
  257.     public String getRequestJwtSignKeystoreType() {
  258.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_TYPE);
  259.     }
  260.     public String getRequestJwtSignKeystoreFile() {
  261.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_FILE);
  262.     }
  263.     public String getRequestJwtSignKeystoreFilePublicKey() {
  264.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_FILE_PUBLIC);
  265.     }
  266.     public String getRequestJwtSignKeystoreFileAlgorithm() {
  267.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_FILE_ALGORITHM);
  268.     }
  269.     public String getRequestJwtSignKeystorePassword() {
  270.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_PASSWORD);
  271.     }
  272.     public String getRequestJwtSignKeystoreByokPolicy() {
  273.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_BYOK_POLICY);
  274.     }
  275.     public String getRequestJwtSignKeyAlias() {
  276.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEY_ALIAS);
  277.     }
  278.     public String getRequestJwtSignKeyPassword() {
  279.         return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEY_PASSWORD);
  280.     }
  281.    
  282.     public String getResponseType() {
  283.         return this.defaultProperties.getProperty(Costanti.AA_RESPONSE_TYPE);
  284.     }
  285.     public boolean isResponseJson() {
  286.         return Costanti.AA_RESPONSE_TYPE_VALUE_JSON.equals(this.getResponseType());
  287.     }
  288.     public boolean isResponseJws() {
  289.         return Costanti.AA_RESPONSE_TYPE_VALUE_JWS.equals(this.getResponseType());
  290.     }
  291.     public boolean isResponseCustom() {
  292.         return Costanti.AA_RESPONSE_TYPE_VALUE_CUSTOM.equals(this.getResponseType());
  293.     }
  294.    
  295.     public boolean isResponseJwsLocationHttp() {
  296.         String location = this.getResponseJwsLocation();
  297.         return location !=null &&
  298.                 (location.startsWith(JOSEUtils.HTTP_PROTOCOL) || location.startsWith(JOSEUtils.HTTPS_PROTOCOL));
  299.     }
  300.     public String getResponseJwsLocation() {
  301.         if(this.properties!=null) {
  302.             Properties p = this.properties.get(Costanti.POLICY_VALIDAZIONE_JWS_VERIFICA_PROP_REF_ID);
  303.             if(p!=null) {
  304.                 return p.getProperty(SecurityConstants.JOSE_KEYSTORE_FILE);
  305.             }
  306.         }
  307.         return null;
  308.     }
  309.    
  310.     public String getResponseJwsOcspPolicy() {
  311.         return this.defaultProperties.getProperty(SecurityConstants.SIGNATURE_OCSP);
  312.     }
  313.     public String getResponseJwsCrl() {
  314.         return this.defaultProperties.getProperty(SecurityConstants.SIGNATURE_CRL);
  315.     }
  316.    
  317.     public String getResponseAudience() {
  318.         return this.defaultProperties.getProperty(Costanti.AA_RESPONSE_AUDIENCE);
  319.     }
  320.    
  321. }