PolicyAttributeAuthority.java
- /*
- * GovWay - A customizable API Gateway
- * https://govway.org
- *
- * Copyright (c) 2005-2025 Link.it srl (https://link.it).
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 3, as published by
- * the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- */
- package org.openspcoop2.pdd.core.token.attribute_authority;
- import java.io.Serializable;
- import java.util.ArrayList;
- import java.util.List;
- import java.util.Properties;
- import org.apache.commons.lang.StringUtils;
- import org.openspcoop2.core.config.constants.CostantiConfigurazione;
- import org.openspcoop2.pdd.config.dynamic.PddPluginLoader;
- import org.openspcoop2.pdd.core.token.AbstractPolicyToken;
- import org.openspcoop2.pdd.core.token.TokenException;
- import org.openspcoop2.pdd.core.token.TokenUtilities;
- import org.openspcoop2.security.message.constants.SecurityConstants;
- import org.openspcoop2.security.message.jose.JOSEUtils;
- import org.openspcoop2.utils.resources.ClassLoaderUtilities;
- import org.openspcoop2.utils.transport.http.HttpRequestMethod;
- import org.slf4j.Logger;
- /**
- * PolicyAttributeAuthority
- *
- * @author Poli Andrea (poli@link.it)
- * @author $Author$
- * @version $Rev$, $Date$
- */
- public class PolicyAttributeAuthority extends AbstractPolicyToken implements Serializable {
- /**
- *
- */
- private static final long serialVersionUID = 1L;
-
-
- public IRetrieveAttributeAuthorityResponseParser getRetrieveAttributeAuthorityResponseParser(Logger log) throws TokenException {
- IRetrieveAttributeAuthorityResponseParser parser = null;
- TipologiaResponseAttributeAuthority tipologiaResponse = TipologiaResponseAttributeAuthority.valueOf(this.defaultProperties.getProperty(Costanti.AA_RESPONSE_TYPE));
- if(TipologiaResponseAttributeAuthority.custom.equals(tipologiaResponse)) {
- String className = this.defaultProperties.getProperty(Costanti.AA_RESPONSE_PARSER_CLASS_NAME);
- if(className!=null && StringUtils.isNotEmpty(className) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(className)) {
- try {
- parser = (IRetrieveAttributeAuthorityResponseParser) ClassLoaderUtilities.newInstance(className);
- }catch(Exception e) {
- throw new TokenException(e.getMessage(),e);
- }
- }
- else {
- String tipo = this.defaultProperties.getProperty(Costanti.AA_RESPONSE_PARSER_PLUGIN_TYPE);
- if(tipo!=null && StringUtils.isNotEmpty(tipo) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(tipo)) {
- try{
- PddPluginLoader pluginLoader = PddPluginLoader.getInstance();
- parser = pluginLoader.newAttributeAuthority(tipo);
- }catch(Exception e){
- throw new TokenException(e.getMessage(),e); // descrizione errore già corretta
- }
- }
- else {
- throw new TokenException("Deve essere selezionato un plugin per la risposta");
- }
- }
- }
- else {
- String claims = this.defaultProperties.getProperty(Costanti.AA_RESPONSE_ATTRIBUTES);
- List<String> attributesClaims = new ArrayList<>();
- if(claims!=null && !"".equals(claims)) {
- if(claims.contains(",")) {
- String [] tmp = claims.split(",");
- if(tmp!=null && tmp.length>0) {
- for (int i = 0; i < tmp.length; i++) {
- String claim = tmp[i];
- if(claim!=null && !"".equals(claim)) {
- attributesClaims.add(claim.trim());
- }
- }
- }
- }
- else {
- attributesClaims.add(claims.trim());
- }
- }
- parser = new BasicRetrieveAttributeAuthorityResponseParser(this.getName(), log, tipologiaResponse, attributesClaims);
- }
- return parser;
- }
-
- public boolean isSaveErrorInCache() {
- return TokenUtilities.isEnabled(this.defaultProperties, Costanti.AA_SAVE_ERROR_IN_CACHE);
- }
-
- public String getEndpoint() {
- return this.defaultProperties.getProperty(Costanti.AA_URL);
- }
-
- public boolean isEndpointHttps() {
- return TokenUtilities.isEnabled(this.defaultProperties, Costanti.AA_AUTH_SSL_STATO)
- || isHttpsAuthentication(); // anche solo se è abilitato httpsAuthentication, di fatto è abilitato https
- }
- public boolean isHttpsAuthentication() {
- return TokenUtilities.isEnabled(this.defaultProperties, Costanti.AA_AUTH_SSL_CLIENT_STATO);
- }
-
- public boolean isBasicAuthentication() {
- return TokenUtilities.isEnabled(this.defaultProperties, Costanti.AA_AUTH_BASIC_STATO);
- }
- public String getBasicAuthenticationUsername() {
- return this.defaultProperties.getProperty(Costanti.AA_AUTH_BASIC_USERNAME);
- }
- public String getBasicAuthenticationPassword() {
- return this.defaultProperties.getProperty(Costanti.AA_AUTH_BASIC_PASSWORD);
- }
-
- public boolean isBearerAuthentication() {
- return TokenUtilities.isEnabled(this.defaultProperties, Costanti.AA_AUTH_BEARER_STATO);
- }
- public String getBeareAuthenticationToken() {
- return this.defaultProperties.getProperty(Costanti.AA_AUTH_BEARER_TOKEN);
- }
-
- public String getRequestPosition() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_POSITION);
- }
- public boolean isRequestPositionBearer() {
- return Costanti.AA_REQUEST_POSITION_VALUE_BEARER.equals(this.getRequestPosition());
- }
- public boolean isRequestPositionPayload() {
- return Costanti.AA_REQUEST_POSITION_VALUE_PAYLOAD.equals(this.getRequestPosition());
- }
- public boolean isRequestPositionHeader() {
- return Costanti.AA_REQUEST_POSITION_VALUE_HEADER.equals(this.getRequestPosition());
- }
- public boolean isRequestPositionQuery() {
- return Costanti.AA_REQUEST_POSITION_VALUE_QUERY.equals(this.getRequestPosition());
- }
- public String getRequestPositionHeaderName() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_POSITION_HEADER_NAME);
- }
- public String getRequestPositionQueryParameterName() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_POSITION_QUERY_PARAMETER_NAME);
- }
- public HttpRequestMethod getRequestHttpMethod() {
- return HttpRequestMethod.valueOf(this.defaultProperties.getProperty(Costanti.AA_REQUEST_HTTPMETHOD));
- }
-
- public String getRequestType() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_TYPE);
- }
- public boolean isRequestJson() {
- return Costanti.AA_REQUEST_TYPE_VALUE_JSON.equals(this.getRequestType());
- }
- public boolean isRequestJws() {
- return Costanti.AA_REQUEST_TYPE_VALUE_JWS.equals(this.getRequestType());
- }
- public boolean isRequestCustom() {
- return Costanti.AA_REQUEST_TYPE_VALUE_CUSTOM.equals(this.getRequestType());
- }
-
- public String getRequestContentType() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_CONTENT_TYPE);
- }
-
- public String getRequestDynamicPayloadType() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_DYNAMIC_PAYLOAD_TYPE);
- }
- public boolean isRequestDynamicPayloadJwt() {
- return Costanti.AA_REQUEST_DYNAMIC_PAYLOAD_TYPE_JWT.equals(this.getRequestDynamicPayloadType());
- }
- public boolean isRequestDynamicPayloadTemplate() {
- return Costanti.AA_REQUEST_DYNAMIC_PAYLOAD_TYPE_TEMPLATE.equals(this.getRequestDynamicPayloadType());
- }
- public boolean isRequestDynamicPayloadFreemarkerTemplate() {
- return Costanti.AA_REQUEST_DYNAMIC_PAYLOAD_TYPE_FREEMARKER_TEMPLATE.equals(this.getRequestDynamicPayloadType());
- }
- public boolean isRequestDynamicPayloadVelocityTemplate() {
- return Costanti.AA_REQUEST_DYNAMIC_PAYLOAD_TYPE_VELOCITY_TEMPLATE.equals(this.getRequestDynamicPayloadType());
- }
- public String getRequestDynamicPayload() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_DYNAMIC_PAYLOAD);
- }
-
- public String getRequestJwtIssuer() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_ISSUER);
- }
- public String getRequestJwtSubject() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SUBJECT);
- }
- public String getRequestJwtAudience() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_AUDIENCE);
- }
- public Integer getJwtTtlSeconds() {
- String ttl = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_EXPIRED_TTL_SECONDS);
- if(ttl==null || StringUtils.isEmpty(ttl)) {
- ttl = Costanti.AA_REQUEST_JWT_EXPIRED_TTL_SECONDS_DEFAULT_VALUE;
- }
- return Integer.valueOf(ttl);
- }
- public String getRequestJwtExpired() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_EXPIRED_TTL_SECONDS);
- }
- public String getRequestJwtClaims() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_CLAIMS);
- }
-
-
-
- public String getRequestJwtSignAlgorithm() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_ALGORITHM);
- }
- public boolean isRequestJwtSignIncludeKeyIdWithKeyAlias() {
- String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_KEY_ID);
- return tmp!=null && Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_KEY_ID_MODE_ALIAS.equals(tmp);
- }
- public boolean isRequestJwtSignIncludeKeyIdCustom() {
- String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_KEY_ID);
- return tmp!=null && Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_KEY_ID_MODE_CUSTOM.equals(tmp);
- }
- public String getRequestJwtSignIncludeKeyIdCustom() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_KEY_ID_VALUE);
- }
- public boolean isRequestJwtSignIncludeX509Cert() {
- String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_X509_CERT);
- return tmp!=null && Boolean.valueOf(tmp);
- }
- public String getRequestJwtSignIncludeX509URL() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_X509_URL);
- }
- public boolean isRequestJwtSignIncludeX509CertSha1() {
- String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_X509_SHA1);
- return tmp!=null && Boolean.valueOf(tmp);
- }
- public boolean isRequestJwtSignIncludeX509CertSha256() {
- String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_INCLUDE_X509_SHA256);
- return tmp!=null && Boolean.valueOf(tmp);
- }
- public boolean isRequestJwtSignJoseContentType() {
- String tmp = this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_JOSE_CONTENT_TYPE);
- return tmp!=null && Boolean.valueOf(tmp);
- }
- public String getRequestJwtSignJoseType() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_JOSE_TYPE);
- }
-
- public String getRequestJwtSignKeystoreType() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_TYPE);
- }
- public String getRequestJwtSignKeystoreFile() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_FILE);
- }
- public String getRequestJwtSignKeystoreFilePublicKey() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_FILE_PUBLIC);
- }
- public String getRequestJwtSignKeystoreFileAlgorithm() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_FILE_ALGORITHM);
- }
- public String getRequestJwtSignKeystorePassword() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_PASSWORD);
- }
- public String getRequestJwtSignKeystoreByokPolicy() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEYSTORE_BYOK_POLICY);
- }
- public String getRequestJwtSignKeyAlias() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEY_ALIAS);
- }
- public String getRequestJwtSignKeyPassword() {
- return this.defaultProperties.getProperty(Costanti.AA_REQUEST_JWT_SIGN_KEY_PASSWORD);
- }
-
- public String getResponseType() {
- return this.defaultProperties.getProperty(Costanti.AA_RESPONSE_TYPE);
- }
- public boolean isResponseJson() {
- return Costanti.AA_RESPONSE_TYPE_VALUE_JSON.equals(this.getResponseType());
- }
- public boolean isResponseJws() {
- return Costanti.AA_RESPONSE_TYPE_VALUE_JWS.equals(this.getResponseType());
- }
- public boolean isResponseCustom() {
- return Costanti.AA_RESPONSE_TYPE_VALUE_CUSTOM.equals(this.getResponseType());
- }
-
- public boolean isResponseJwsLocationHttp() {
- String location = this.getResponseJwsLocation();
- return location !=null &&
- (location.startsWith(JOSEUtils.HTTP_PROTOCOL) || location.startsWith(JOSEUtils.HTTPS_PROTOCOL));
- }
- public String getResponseJwsLocation() {
- if(this.properties!=null) {
- Properties p = this.properties.get(Costanti.POLICY_VALIDAZIONE_JWS_VERIFICA_PROP_REF_ID);
- if(p!=null) {
- return p.getProperty(SecurityConstants.JOSE_KEYSTORE_FILE);
- }
- }
- return null;
- }
-
- public String getResponseJwsOcspPolicy() {
- return this.defaultProperties.getProperty(SecurityConstants.SIGNATURE_OCSP);
- }
- public String getResponseJwsCrl() {
- return this.defaultProperties.getProperty(SecurityConstants.SIGNATURE_CRL);
- }
-
- public String getResponseAudience() {
- return this.defaultProperties.getProperty(Costanti.AA_RESPONSE_AUDIENCE);
- }
-
- }