PolicyGestioneToken.java
/*
* GovWay - A customizable API Gateway
* https://govway.org
*
* Copyright (c) 2005-2024 Link.it srl (https://link.it).
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 3, as published by
* the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package org.openspcoop2.pdd.core.token;
import java.io.Serializable;
import java.lang.reflect.InvocationTargetException;
import java.text.MessageFormat;
import java.util.List;
import java.util.Properties;
import org.apache.commons.lang.StringUtils;
import org.openspcoop2.core.config.constants.CostantiConfigurazione;
import org.openspcoop2.pdd.config.dynamic.PddPluginLoader;
import org.openspcoop2.pdd.core.token.parser.BasicDynamicDiscoveryParser;
import org.openspcoop2.pdd.core.token.parser.BasicTokenParser;
import org.openspcoop2.pdd.core.token.parser.IDynamicDiscoveryParser;
import org.openspcoop2.pdd.core.token.parser.ITokenParser;
import org.openspcoop2.pdd.core.token.parser.TipologiaClaims;
import org.openspcoop2.security.message.constants.SecurityConstants;
import org.openspcoop2.security.message.jose.JOSEUtils;
import org.openspcoop2.utils.resources.ClassLoaderUtilities;
import org.openspcoop2.utils.transport.http.HttpRequestMethod;
/**
* PolicyGestioneToken
*
* @author Poli Andrea (poli@link.it)
* @author $Author$
* @version $Rev$, $Date$
*/
public class PolicyGestioneToken extends AbstractPolicyToken implements Serializable {
/**
*
*/
private static final long serialVersionUID = 1L;
private boolean tokenOpzionale;
private boolean dynamicDiscovery;
private boolean validazioneJWT;
private boolean validazioneJWTWarningOnly;
private boolean introspection;
private boolean introspectionWarningOnly;
private boolean userInfo;
private boolean userInfoWarningOnly;
private boolean forwardToken;
public boolean isTokenOpzionale() {
return this.tokenOpzionale;
}
public void setTokenOpzionale(boolean tokenOpzionale) {
this.tokenOpzionale = tokenOpzionale;
}
public boolean isDynamicDiscovery() {
return this.dynamicDiscovery;
}
public void setDynamicDiscovery(boolean dynamicDiscovery) {
this.dynamicDiscovery = dynamicDiscovery;
}
public boolean isValidazioneJWT() {
return this.validazioneJWT;
}
public void setValidazioneJWT(boolean validazioneJWT) {
this.validazioneJWT = validazioneJWT;
}
public boolean isValidazioneJWTWarningOnly() {
return this.validazioneJWTWarningOnly;
}
public void setValidazioneJWTWarningOnly(boolean validazioneJWTWarningOnly) {
this.validazioneJWTWarningOnly = validazioneJWTWarningOnly;
}
public boolean isIntrospection() {
return this.introspection;
}
public void setIntrospection(boolean introspection) {
this.introspection = introspection;
}
public boolean isIntrospectionWarningOnly() {
return this.introspectionWarningOnly;
}
public void setIntrospectionWarningOnly(boolean introspectionWarningOnly) {
this.introspectionWarningOnly = introspectionWarningOnly;
}
public boolean isUserInfo() {
return this.userInfo;
}
public void setUserInfo(boolean userInfo) {
this.userInfo = userInfo;
}
public boolean isUserInfoWarningOnly() {
return this.userInfoWarningOnly;
}
public void setUserInfoWarningOnly(boolean userInfoWarningOnly) {
this.userInfoWarningOnly = userInfoWarningOnly;
}
public boolean isForwardToken() {
return this.forwardToken;
}
public void setForwardToken(boolean forwardToken) {
this.forwardToken = forwardToken;
}
public String getRealm() {
String realm = this.defaultProperties.getProperty(Costanti.POLICY_REALM);
if(realm==null) {
realm = this.name;
}
return realm;
}
public boolean isMessageErrorGenerateEmptyMessage() {
boolean genericError = true;
String tmp = this.defaultProperties.getProperty(Costanti.POLICY_MESSAGE_ERROR_BODY_EMPTY);
if(tmp!=null) {
genericError = Boolean.valueOf(tmp);
}
return genericError;
}
public boolean isMessageErrorGenerateGenericMessage() {
boolean genericError = true;
String tmp = this.defaultProperties.getProperty(Costanti.POLICY_MESSAGE_ERROR_GENERIC_MESSAGE);
if(tmp!=null) {
genericError = Boolean.valueOf(tmp);
}
return genericError;
}
public String getLabelAzioniGestioneToken() {
StringBuilder bf = new StringBuilder();
if(this.isValidazioneJWT() || this.isIntrospection() || this.isUserInfo()) {
bf.append("Validazione ");
boolean first = true;
if(this.isValidazioneJWT()) {
bf.append("JWT");
first = false;
}
if(this.isIntrospection()) {
if(!first) {
bf.append(",");
}
bf.append("Introspection");
first = false;
}
if(this.isUserInfo()) {
if(!first) {
bf.append(",");
}
bf.append("UserInfo");
/**first = false;*/
}
return bf.toString();
}
else {
return "Nessuna Validazione Attiva";
}
}
public String getAzioniGestioneToken() {
StringBuilder bf = new StringBuilder();
if(this.isValidazioneJWT() || this.isIntrospection() || this.isUserInfo()) {
boolean first = true;
if(this.isValidazioneJWT()) {
bf.append(Costanti.GESTIONE_TOKEN_VALIDATION_ACTION_JWT);
first = false;
}
if(this.isIntrospection()) {
if(!first) {
bf.append(",");
}
bf.append(Costanti.GESTIONE_TOKEN_VALIDATION_ACTION_INTROSPECTION);
first = false;
}
if(this.isUserInfo()) {
if(!first) {
bf.append(",");
}
bf.append(Costanti.GESTIONE_TOKEN_VALIDATION_ACTION_USER_INFO);
/**first = false;*/
}
return bf.toString();
}
else {
return Costanti.GESTIONE_TOKEN_VALIDATION_ACTION_NONE;
}
}
public String getTipoToken() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_TYPE);
}
public String getLabelTipoToken() {
String tokenType = this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_TYPE);
if(Costanti.POLICY_TOKEN_TYPE_OPAQUE.equals(tokenType)) {
return "Opaco";
}
else {
return tokenType.toUpperCase();
}
}
public String getTokenSource() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_SOURCE);
}
public String getTokenSourceHeaderName() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_SOURCE_CUSTOM_HEADER_NAME);
}
public String getTokenSourceUrlPropertyName() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_SOURCE_CUSTOM_URL_PROPERTY_NAME);
}
public String getLabelPosizioneToken() {
String position = this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_SOURCE);
if(Costanti.POLICY_TOKEN_SOURCE_RFC6750.equals(position)) {
return Costanti.POLICY_TOKEN_SOURCE_RFC6750_LABEL;
}
else if(Costanti.POLICY_TOKEN_SOURCE_RFC6750_HEADER.equals(position)) {
return Costanti.POLICY_TOKEN_SOURCE_RFC6750_HEADER_LABEL;
}
else if(Costanti.POLICY_TOKEN_SOURCE_RFC6750_FORM.equals(position)) {
return Costanti.POLICY_TOKEN_SOURCE_RFC6750_FORM_LABEL;
}
else if(Costanti.POLICY_TOKEN_SOURCE_RFC6750_URL.equals(position)) {
return Costanti.POLICY_TOKEN_SOURCE_RFC6750_URL_LABEL;
}
else if(Costanti.POLICY_TOKEN_SOURCE_CUSTOM_HEADER.equals(position)) {
return Costanti.POLICY_TOKEN_SOURCE_CUSTOM_HEADER_LABEL.replace(Costanti.POLICY_TOKEN_SOURCE_CUSTOM_TEMPLATE_LABEL,
this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_SOURCE_CUSTOM_HEADER_NAME));
}
else if(Costanti.POLICY_TOKEN_SOURCE_CUSTOM_URL.equals(position)) {
return Costanti.POLICY_TOKEN_SOURCE_CUSTOM_URL_LABEL.replace(Costanti.POLICY_TOKEN_SOURCE_CUSTOM_TEMPLATE_LABEL,
this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_SOURCE_CUSTOM_URL_PROPERTY_NAME));
}
return "Sconosciuto"; // non dovrebbe mai succedere, esiste la validazione
}
public boolean isEndpointHttps() {
return isEndpointHttps(true, true);
}
public boolean isEndpointHttps(boolean checkIntrospection, boolean checkUserInfo) {
// Devo considerare anche la possibilità che sia abilitato solamente con clientAuth su introspection o userinfo
boolean enabled = TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_ENDPOINT_HTTPS_STATO);
if(!enabled && checkIntrospection && TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_INTROSPECTION_AUTH_SSL_STATO)) {
enabled = true;
}
if(!enabled && checkUserInfo && TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_USER_INFO_AUTH_SSL_STATO)) {
enabled = true;
}
return enabled;
}
public String getDynamicDiscoveryEndpoint() {
return this.defaultProperties.getProperty(Costanti.POLICY_DISCOVERY_URL);
}
public TipologiaClaims getDynamicDiscoveryType() {
return TipologiaClaims.valueOf(this.defaultProperties.getProperty(Costanti.POLICY_DISCOVERY_CLAIMS_PARSER_TYPE));
}
public IDynamicDiscoveryParser getDynamicDiscoveryParser() throws TokenException, ClassNotFoundException, InstantiationException, IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException {
IDynamicDiscoveryParser parser = null;
TipologiaClaims tipologiaClaims = TipologiaClaims.valueOf(this.defaultProperties.getProperty(Costanti.POLICY_DISCOVERY_CLAIMS_PARSER_TYPE));
if(TipologiaClaims.CUSTOM.equals(tipologiaClaims)) {
String className = this.defaultProperties.getProperty(Costanti.POLICY_DISCOVERY_CLAIMS_PARSER_CLASS_NAME);
if(className!=null && StringUtils.isNotEmpty(className) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(className)) {
parser = (IDynamicDiscoveryParser) ClassLoaderUtilities.newInstance(className);
}
else {
String tipo = this.defaultProperties.getProperty(Costanti.POLICY_DISCOVERY_CLAIMS_PARSER_PLUGIN_TYPE);
if(tipo!=null && StringUtils.isNotEmpty(tipo) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(tipo)) {
try{
PddPluginLoader pluginLoader = PddPluginLoader.getInstance();
parser = pluginLoader.newDynamicDiscovery(tipo);
}catch(Exception e){
throw new TokenException(e.getMessage(),e); // descrizione errore già corretta
}
}
else {
throw new TokenException("Deve essere selezionato un plugin per il parser dei claims della risposta del servizio 'Introspection'");
}
}
}
else{
parser = new BasicDynamicDiscoveryParser(tipologiaClaims, TokenUtilities.getDynamicDiscoveryClaimsMappingProperties(this.properties));
}
return parser;
}
public boolean isValidazioneJWTLocationHttp() {
String location = this.getValidazioneJWTLocation();
return location !=null &&
(location.startsWith(JOSEUtils.HTTP_PROTOCOL) || location.startsWith(JOSEUtils.HTTPS_PROTOCOL));
}
public String getValidazioneJWTLocation() {
if(this.properties!=null) {
Properties p = this.properties.get(Costanti.POLICY_VALIDAZIONE_JWS_VERIFICA_PROP_REF_ID);
if(p!=null) {
return p.getProperty(SecurityConstants.JOSE_KEYSTORE_FILE);
}
}
return null;
}
public boolean isValidazioneJWTSaveErrorInCache() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_VALIDAZIONE_SAVE_ERROR_IN_CACHE);
}
public ITokenParser getValidazioneJWTTokenParser() throws TokenException, ClassNotFoundException, InstantiationException, IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException {
ITokenParser parser = null;
TipologiaClaims tipologiaClaims = TipologiaClaims.valueOf(this.defaultProperties.getProperty(Costanti.POLICY_VALIDAZIONE_CLAIMS_PARSER_TYPE));
if(TipologiaClaims.CUSTOM.equals(tipologiaClaims)) {
String className = this.defaultProperties.getProperty(Costanti.POLICY_VALIDAZIONE_CLAIMS_PARSER_CLASS_NAME);
if(className!=null && StringUtils.isNotEmpty(className) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(className)) {
parser = (ITokenParser) ClassLoaderUtilities.newInstance(className);
}
else {
String tipo = this.defaultProperties.getProperty(Costanti.POLICY_VALIDAZIONE_CLAIMS_PARSER_PLUGIN_TYPE);
if(tipo!=null && StringUtils.isNotEmpty(tipo) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(tipo)) {
try{
PddPluginLoader pluginLoader = PddPluginLoader.getInstance();
parser = pluginLoader.newTokenValidazione(tipo);
}catch(Exception e){
throw new TokenException(e.getMessage(),e); // descrizione errore già corretta
}
}
else {
throw new TokenException("Deve essere selezionato un plugin per il parser del token JWT");
}
}
}
else{
parser = new BasicTokenParser(tipologiaClaims, TokenUtilities.getValidazioneJwtClaimsMappingProperties(this.properties));
}
return parser;
}
public String getValidazioneJWTOcspPolicy() {
return this.defaultProperties.getProperty(SecurityConstants.SIGNATURE_OCSP);
}
public String getValidazioneJWTCrl() {
return this.defaultProperties.getProperty(SecurityConstants.SIGNATURE_CRL);
}
public boolean isValidazioneJWTHeader() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_VALIDAZIONE_JWS_HEADER);
}
public List<String> getValidazioneJWTHeaderTyp() {
return TokenUtilities.getClaims(this.defaultProperties, Costanti.POLICY_VALIDAZIONE_JWS_HEADER_TYP);
}
public List<String> getValidazioneJWTHeaderCty() {
return TokenUtilities.getClaims(this.defaultProperties, Costanti.POLICY_VALIDAZIONE_JWS_HEADER_CTY);
}
public List<String> getValidazioneJWTHeaderAlg() {
return TokenUtilities.getClaims(this.defaultProperties, Costanti.POLICY_VALIDAZIONE_JWS_HEADER_ALG);
}
public String getIntrospectionEndpoint() {
return this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_URL);
}
public boolean isIntrospectionSaveErrorInCache() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_INTROSPECTION_SAVE_ERROR_IN_CACHE);
}
public HttpRequestMethod getIntrospectionHttpMethod() {
return HttpRequestMethod.valueOf(this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_HTTP_METHOD));
}
public TipoTokenRequest getIntrospectionTipoTokenRequest() {
return TipoTokenRequest.valueOf(this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_REQUEST_TOKEN_POSITION));
}
public String getIntrospectionTipoTokenRequestHeaderName() {
return this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_REQUEST_TOKEN_POSITION_HEADER_NAME);
}
public String getIntrospectionTipoTokenRequestUrlPropertyName() {
return this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_REQUEST_TOKEN_POSITION_URL_PROPERTY_NAME);
}
public String getIntrospectionTipoTokenRequestFormPropertyName() {
return this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_REQUEST_TOKEN_POSITION_FORM_PROPERTY_NAME);
}
public String getIntrospectionContentType() {
return this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_CONTENT_TYPE);
}
public ITokenParser getIntrospectionTokenParser() throws TokenException, ClassNotFoundException, InstantiationException, IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException {
ITokenParser parser = null;
TipologiaClaims tipologiaClaims = TipologiaClaims.valueOf(this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_CLAIMS_PARSER_TYPE));
if(TipologiaClaims.CUSTOM.equals(tipologiaClaims)) {
String className = this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_CLAIMS_PARSER_CLASS_NAME);
if(className!=null && StringUtils.isNotEmpty(className) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(className)) {
parser = (ITokenParser) ClassLoaderUtilities.newInstance(className);
}
else {
String tipo = this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_CLAIMS_PARSER_PLUGIN_TYPE);
if(tipo!=null && StringUtils.isNotEmpty(tipo) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(tipo)) {
try{
PddPluginLoader pluginLoader = PddPluginLoader.getInstance();
parser = pluginLoader.newTokenValidazione(tipo);
}catch(Exception e){
throw new TokenException(e.getMessage(),e); // descrizione errore già corretta
}
}
else {
throw new TokenException("Deve essere selezionato un plugin per il parser dei claims della risposta del servizio 'Introspection'");
}
}
}
else{
parser = new BasicTokenParser(tipologiaClaims, TokenUtilities.getIntrospectionClaimsMappingProperties(this.properties));
}
return parser;
}
public boolean isIntrospectionBasicAuthentication() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_INTROSPECTION_AUTH_BASIC_STATO);
}
public String getIntrospectionBasicAuthenticationUsername() {
return this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_AUTH_BASIC_USERNAME);
}
public String getIntrospectionBasicAuthenticationPassword() {
return this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_AUTH_BASIC_PASSWORD);
}
public boolean isIntrospectionBearerAuthentication() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_INTROSPECTION_AUTH_BEARER_STATO);
}
public String getIntrospectionBeareAuthenticationToken() {
return this.defaultProperties.getProperty(Costanti.POLICY_INTROSPECTION_AUTH_BEARER_TOKEN);
}
public boolean isIntrospectionHttpsAuthentication() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_INTROSPECTION_AUTH_SSL_STATO);
}
public String getUserInfoEndpoint() {
return this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_URL);
}
public boolean isUserInfoSaveErrorInCache() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_USER_INFO_SAVE_ERROR_IN_CACHE);
}
public HttpRequestMethod getUserInfoHttpMethod() {
return HttpRequestMethod.valueOf(this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_HTTP_METHOD));
}
public TipoTokenRequest getUserInfoTipoTokenRequest() {
return TipoTokenRequest.valueOf(this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_REQUEST_TOKEN_POSITION));
}
public String getUserInfoTipoTokenRequestHeaderName() {
return this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_REQUEST_TOKEN_POSITION_HEADER_NAME);
}
public String getUserInfoTipoTokenRequestUrlPropertyName() {
return this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_REQUEST_TOKEN_POSITION_URL_PROPERTY_NAME);
}
public String getUserInfoTipoTokenRequestFormPropertyName() {
return this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_REQUEST_TOKEN_POSITION_FORM_PROPERTY_NAME);
}
public String getUserInfoContentType() {
return this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_CONTENT_TYPE);
}
public ITokenParser getUserInfoTokenParser() throws TokenException, ClassNotFoundException, InstantiationException, IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException {
ITokenParser parser = null;
TipologiaClaims tipologiaClaims = TipologiaClaims.valueOf(this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_CLAIMS_PARSER_TYPE));
if(TipologiaClaims.CUSTOM.equals(tipologiaClaims)) {
String className = this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_CLAIMS_PARSER_CLASS_NAME);
if(className!=null && StringUtils.isNotEmpty(className) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(className)) {
parser = (ITokenParser) ClassLoaderUtilities.newInstance(className);
}
else {
String tipo = this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_CLAIMS_PARSER_PLUGIN_TYPE);
if(tipo!=null && StringUtils.isNotEmpty(tipo) && !CostantiConfigurazione.POLICY_ID_NON_DEFINITA.equals(tipo)) {
try{
PddPluginLoader pluginLoader = PddPluginLoader.getInstance();
parser = pluginLoader.newTokenValidazione(tipo);
}catch(Exception e){
throw new TokenException(e.getMessage(),e); // descrizione errore già corretta
}
}
else {
throw new TokenException("Deve essere selezionato un plugin per il parser dei claims della risposta del servizio 'UserInfo'");
}
}
}
else{
parser = new BasicTokenParser(tipologiaClaims, TokenUtilities.getUserInfoClaimsMappingProperties(this.properties));
}
return parser;
}
public boolean isUserInfoBasicAuthentication() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_USER_INFO_AUTH_BASIC_STATO);
}
public String getUserInfoBasicAuthenticationUsername() {
return this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_AUTH_BASIC_USERNAME);
}
public String getUserInfoBasicAuthenticationPassword() {
return this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_AUTH_BASIC_PASSWORD);
}
public boolean isUserInfoBearerAuthentication() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_USER_INFO_AUTH_BEARER_STATO);
}
public String getUserInfoBeareAuthenticationToken() {
return this.defaultProperties.getProperty(Costanti.POLICY_USER_INFO_AUTH_BEARER_TOKEN);
}
public boolean isUserInfoHttpsAuthentication() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_USER_INFO_AUTH_SSL_STATO);
}
public boolean isForwardTokenTrasparente() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_TOKEN_FORWARD_TRASPARENTE_STATO);
}
public String getForwardTokenTrasparenteMode() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_TRASPARENTE_MODE);
}
public String getForwardTokenTrasparenteModeCustomHeader() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_CUSTOM_HEADER_NAME);
}
public String getForwardTokenTrasparenteModeCustomUrl() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_CUSTOM_URL_PARAMETER_NAME);
}
public boolean isForwardTokenInformazioniRaccolte() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_STATO);
}
public String getForwardTokenInformazioniRaccolteMode() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE);
}
public boolean isForwardTokenInformazioniRaccolteEncodeBase64() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_ENCODE_BASE64);
}
public boolean isForwardTokenInformazioniRaccolteValidazioneJWT() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_VALIDAZIONE_JWT);
}
public String getForwardTokenInformazioniRaccolteValidazioneJWTMode() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_VALIDAZIONE_JWT_MODE);
}
public String getForwardTokenInformazioniRaccolteValidazioneJWTModeHeaderName() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_VALIDAZIONE_JWT_MODE_HEADER_NAME);
}
public String getForwardTokenInformazioniRaccolteValidazioneJWTModeQueryParameterName() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_VALIDAZIONE_JWT_MODE_URL_PARAMETER_NAME);
}
public boolean isForwardTokenInformazioniRaccolteIntrospection() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_INTROSPECTION);
}
public String getForwardTokenInformazioniRaccolteIntrospectionMode() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_INTROSPECTION_MODE);
}
public String getForwardTokenInformazioniRaccolteIntrospectionModeHeaderName() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_INTROSPECTION_MODE_HEADER_NAME);
}
public String getForwardTokenInformazioniRaccolteIntrospectionModeQueryParameterName() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_INTROSPECTION_MODE_URL_PARAMETER_NAME);
}
public boolean isForwardTokenInformazioniRaccolteUserInfo() {
return TokenUtilities.isEnabled(this.defaultProperties, Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_USER_INFO);
}
public String getForwardTokenInformazioniRaccolteUserInfoMode() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_USER_INFO_MODE);
}
public String getForwardTokenInformazioniRaccolteUserInfoModeHeaderName() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_USER_INFO_MODE_HEADER_NAME);
}
public String getForwardTokenInformazioniRaccolteUserInfoModeQueryParameterName() {
return this.defaultProperties.getProperty(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_USER_INFO_MODE_URL_PARAMETER_NAME);
}
public String getAzioniForwardToken() {
StringBuilder bf = new StringBuilder();
if(this.isForwardToken()) {
boolean first = true;
if(this.isForwardTokenTrasparente()) {
String mode = this.getForwardTokenTrasparenteMode();
addPolicyTokenForwardTrasparente(mode, bf);
first = false;
}
if(this.isForwardTokenInformazioniRaccolte()) {
if(!first) {
bf.append(",");
}
String mode = this.getForwardTokenInformazioniRaccolteMode();
addPolicyTokenForwardInfoRaccolte(mode, bf);
/**first = false;*/
}
return bf.toString();
}
else {
return "Disabilitato";
}
}
private void addPolicyTokenForwardTrasparente(String mode, StringBuilder bf) {
if(Costanti.POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_AS_RECEIVED.equals(mode)) {
bf.append(Costanti.LABEL_POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_AS_RECEIVED_ORIGINALE);
}
else if(Costanti.POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_RFC6750_HEADER.equals(mode)) {
bf.append(Costanti.LABEL_POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_RFC6750_HEADER);
}
else if(Costanti.POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_RFC6750_URL.equals(mode)) {
bf.append(Costanti.LABEL_POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_RFC6750_URL);
}
else if(Costanti.POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_CUSTOM_HEADER.equals(mode)) {
bf.append(MessageFormat.format(Costanti.LABEL_POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_CUSTOM_HEADER,getForwardTokenTrasparenteModeCustomHeader()));
}
else if(Costanti.POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_CUSTOM_URL.equals(mode)) {
bf.append(MessageFormat.format(Costanti.LABEL_POLICY_TOKEN_FORWARD_TRASPARENTE_MODE_CUSTOM_URL,getForwardTokenTrasparenteModeCustomUrl()));
}
else {
bf.append("Originale '"+mode+"'");
}
}
private void addPolicyTokenForwardInfoRaccolte(String mode, StringBuilder bf) {
if(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_OP2_HEADERS.equals(mode)) {
bf.append(Costanti.LABEL_POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_OP2_HEADERS);
}
else if(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_OP2_JSON.equals(mode)) {
bf.append(Costanti.LABEL_POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_OP2_JSON);
}
else if(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_OP2_JWS.equals(mode)) {
bf.append(Costanti.LABEL_POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_OP2_JWS);
}
else if(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_JWS.equals(mode)) {
bf.append(Costanti.LABEL_POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_JWS);
}
else if(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_JWE.equals(mode)) {
bf.append(Costanti.LABEL_POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_JWE);
}
else if(Costanti.POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_JSON.equals(mode)) {
bf.append(Costanti.LABEL_POLICY_TOKEN_FORWARD_INFO_RACCOLTE_MODE_JSON);
}
else {
bf.append(mode);
}
}
}