Commit a974a871 authored by Tobias Assmann's avatar Tobias Assmann
Browse files

change SOAP config in poseidas, disable SSL in poseidas, start working on SOAP...

change SOAP config in poseidas, disable SSL in poseidas, start working on SOAP client in ssa_server, add xsd stuff into ssa-server needed for SOAP consumption
parent da40e03d
......@@ -3,4 +3,7 @@
ARG WILDFLY_IMAGE=jboss/wildfly:17.0.1.Final
FROM $WILDFLY_IMAGE
# we need this for consuming the eID SOAP service
COPY wsdl/* /opt/jboss/
EXPOSE 9990
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<wsdl:definitions xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:tns="http://bsi.bund.de/eID/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" name="eID"
xmlns:wsp="http://www.w3.org/ns/ws-policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
targetNamespace="http://bsi.bund.de/eID/">
<wsdl:documentation>Version 2.1.2 2017-10-25
</wsdl:documentation>
<wsdl:types>
<xsd:schema>
<xsd:import schemaLocation="TR-03130eID-Server.xsd"
namespace="http://bsi.bund.de/eID/" />
</xsd:schema>
</wsdl:types>
<wsdl:message name="useIDRequest">
<wsdl:part name="parameters" element="tns:useIDRequest" />
</wsdl:message>
<wsdl:message name="useIDResponse">
<wsdl:part name="parameters" element="tns:useIDResponse" />
</wsdl:message>
<wsdl:message name="getServerInfoResponse">
<wsdl:part name="parameters" element="tns:getServerInfoResponse" />
</wsdl:message>
<wsdl:message name="getServerInfoRequest">
<wsdl:part name="parameters" element="tns:getServerInfoRequest" />
</wsdl:message>
<wsdl:message name="getResultRequest">
<wsdl:part name="parameters" element="tns:getResultRequest" />
</wsdl:message>
<wsdl:message name="getResultResponse">
<wsdl:part name="parameters" element="tns:getResultResponse" />
</wsdl:message>
<wsdl:portType name="eID">
<wsdl:operation name="useID">
<wsdl:input message="tns:useIDRequest" />
<wsdl:output message="tns:useIDResponse" />
</wsdl:operation>
<wsdl:operation name="getServerInfo">
<wsdl:input message="tns:getServerInfoRequest" />
<wsdl:output message="tns:getServerInfoResponse" />
</wsdl:operation>
<wsdl:operation name="getResult">
<wsdl:input message="tns:getResultRequest" />
<wsdl:output message="tns:getResultResponse" />
</wsdl:operation>
</wsdl:portType>
<wsp:Policy wsu:Id="SigOnly">
<wsp:ExactlyOne>
<wsp:All>
<!-- Transport Layer Binding was removed in Version 1.5 -->
<!-- Message Level -->
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:RequireIssuerSerialReference />
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:RequireIssuerSerialReference />
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256Sha256 />
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp />
<sp:OnlySignEntireHeadersAndBody />
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10>
<sp:Policy>
<sp:MustSupportRefIssuerSerial />
</sp:Policy>
</sp:Wss10>
<sp:SignedParts>
<sp:Body />
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:binding name="eIDSOAP" type="tns:eID">
<wsp:PolicyReference URI="#SigOnly" />
<soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http" />
<wsdl:operation name="useID">
<soap:operation soapAction="http://bsi.bund.de/eID/useID" />
<wsdl:input>
<soap:body use="literal" />
</wsdl:input>
<wsdl:output>
<soap:body use="literal" />
</wsdl:output>
</wsdl:operation>
<wsdl:operation name="getServerInfo">
<soap:operation soapAction="http://bsi.bund.de/eID/getServerInfo" />
<wsdl:input>
<soap:body use="literal" />
</wsdl:input>
<wsdl:output>
<soap:body use="literal" />
</wsdl:output>
</wsdl:operation>
<wsdl:operation name="getResult">
<soap:operation soapAction="http://bsi.bund.de/eID/getResult" />
<wsdl:input>
<soap:body use="literal" />
</wsdl:input>
<wsdl:output>
<soap:body use="literal" />
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="eID">
<wsdl:port name="eIDSOAP" binding="tns:eIDSOAP">
<soap:address location="http://www.bsi.bund.de/eid/server/2.0" />
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
<?xml version="1.0" encoding="UTF-8"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:dss="urn:oasis:names:tc:dss:1.0:core:schema"
xmlns:tns="http://bsi.bund.de/eID/" xmlns:Q1="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" targetNamespace="http://bsi.bund.de/eID/"
elementFormDefault="qualified" attributeFormDefault="unqualified"
version="2.1.2 2017-10-25">
<import namespace="urn:oasis:names:tc:dss:1.0:core:schema"
schemaLocation="oasis-dss-core-schema-v1.0-os.xsd" />
<import namespace="urn:oasis:names:tc:SAML:2.0:assertion"
schemaLocation="saml-schema-assertion-2.0.xsd" />
<complexType name="SessionType">
<sequence>
<element name="ID">
<simpleType>
<restriction base="hexBinary">
<minLength value="16" />
</restriction>
</simpleType>
</element>
</sequence>
</complexType>
<element name="useIDResponse" type="tns:useIDResponseType" />
<complexType name="useIDResponseType">
<sequence>
<element name="Session" type="tns:SessionType" />
<element name="eCardServerAddress" type="anyURI" minOccurs="0" />
<element name="PSK" type="tns:PreSharedKeyType" />
<element ref="dss:Result" />
</sequence>
</complexType>
<complexType name="PersonalDataType">
<sequence>
<element name="DocumentType" type="tns:DocumentType"
minOccurs="0" />
<element name="IssuingState" type="tns:ICAOCountry"
minOccurs="0" />
<element name="DateOfExpiry" type="date" minOccurs="0" />
<element name="GivenNames" type="string" minOccurs="0" />
<element name="FamilyNames" type="string" minOccurs="0" />
<element name="ArtisticName" type="string" minOccurs="0" />
<element name="AcademicTitle" type="string" minOccurs="0" />
<element name="DateOfBirth" type="tns:GeneralDateType"
minOccurs="0" />
<element name="PlaceOfBirth" type="tns:GeneralPlaceType"
minOccurs="0" />
<element name="Nationality" type="tns:ICAOCountry" minOccurs="0" />
<element name="BirthName" type="string" minOccurs="0" />
<element name="PlaceOfResidence" type="tns:GeneralPlaceType"
minOccurs="0" />
<element name="ResidencePermitI" type="string" minOccurs="0" />
<element name="RestrictedID" type="tns:RestrictedIDType"
minOccurs="0" />
</sequence>
</complexType>
<complexType name="GeneralPlaceType">
<choice>
<element name="StructuredPlace" type="tns:PlaceType" />
<element name="FreetextPlace" type="string" />
<element name="NoPlaceInfo" type="string" />
</choice>
</complexType>
<complexType name="PlaceType">
<sequence>
<element name="Street" type="string" minOccurs="0" />
<element name="City" type="string" />
<element name="State" type="string" minOccurs="0" />
<element name="Country" type="tns:ICAOCountry" />
<element name="ZipCode" type="string" minOccurs="0" />
</sequence>
</complexType>
<simpleType name="DocumentType">
<restriction base="string">
<pattern value="[A-Z ]{2}" />
</restriction>
</simpleType>
<simpleType name="ICAOCountry">
<restriction base="string">
<pattern value="[A-Z ]{1,3}" />
</restriction>
</simpleType>
<complexType name="AgeVerificationRequestType">
<sequence>
<element name="Age">
<simpleType>
<restriction base="int">
<minInclusive value="0" />
</restriction>
</simpleType>
</element>
</sequence>
</complexType>
<complexType name="VerificationResultType">
<sequence>
<element name="FulfilsRequest" type="boolean" />
</sequence>
</complexType>
<element name="useIDRequest" type="tns:useIDRequestType" />
<complexType name="useIDRequestType">
<sequence>
<element name="UseOperations" type="tns:OperationsRequestorType" />
<element name="AgeVerificationRequest" type="tns:AgeVerificationRequestType"
minOccurs="0" />
<element name="PlaceVerificationRequest" type="tns:PlaceVerificationRequestType"
minOccurs="0" />
<element name="PSK" type="tns:PreSharedKeyType" minOccurs="0" />
<element name="DocumentHash" type="hexBinary" minOccurs="0" />
</sequence>
</complexType>
<complexType name="OperationsSelectorType">
<sequence>
<element name="DocumentType" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="IssuingState" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="DateOfExpiry" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="GivenNames" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="FamilyNames" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="ArtisticName" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="AcademicTitle" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="DateOfBirth" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="PlaceOfBirth" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="Nationality" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="BirthName" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="PlaceOfResidence" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="ResidencePermitI" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="RestrictedID" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="AgeVerification" type="tns:AttributeSelectionType"
default="PROHIBITED" />
<element name="PlaceVerification" type="tns:AttributeSelectionType"
default="PROHIBITED" />
</sequence>
</complexType>
<complexType name="PlaceVerificationRequestType">
<sequence>
<element name="CommunityID">
<simpleType>
<restriction base="string">
<pattern
value="[0][0-9]{3}([0-9]{2}([0][0-9]([0-9]{2}([0][0-9]{3})?)?)?)?" />
</restriction>
</simpleType>
</element>
</sequence>
</complexType>
<element name="getServerInfoResponse" type="tns:getServerInfoResponseType" />
<complexType name="getServerInfoResponseType">
<sequence>
<element name="ServerVersion" type="tns:VersionType" />
<element name="DocumentVerificationRights" type="tns:OperationsSelectorType" />
</sequence>
</complexType>
<complexType name="VersionType">
<sequence>
<element name="VersionString" type="string" />
<element name="Major" type="int" />
<element name="Minor" type="int" />
<element name="Bugfix" type="int" minOccurs="0" />
</sequence>
</complexType>
<element name="getServerInfoRequest" type="tns:nullType" />
<complexType name="nullType">
<sequence />
</complexType>
<element name="getResultRequest" type="tns:getResultRequestType" />
<complexType name="getResultRequestType">
<sequence>
<element name="Session" type="tns:SessionType" />
<element name="RequestCounter" type="int" />
</sequence>
</complexType>
<element name="getResultResponse" type="tns:getResultResponseType" />
<complexType name="getResultResponseType">
<sequence>
<element name="PersonalData" type="tns:PersonalDataType"
minOccurs="0" />
<element name="FulfilsAgeVerification" type="tns:VerificationResultType"
minOccurs="0" />
<element name="FulfilsPlaceVerification" type="tns:VerificationResultType"
minOccurs="0" />
<element name="OperationsAllowedByUser" type="tns:OperationsResponderType"
minOccurs="0" />
<element ref="dss:Result" />
</sequence>
</complexType>
<complexType name="PreSharedKeyType">
<sequence>
<element name="ID">
<simpleType>
<restriction base="string">
<minLength value="16" />
</restriction>
</simpleType>
</element>
<element name="Key">
<simpleType>
<restriction base="hexBinary">
<minLength value="16" />
</restriction>
</simpleType>
</element>
</sequence>
</complexType>
<!-- New types for eID-WSDL (after version 1.3) -->
<complexType name="GeneralDateType">
<sequence>
<element name="DateString">
<simpleType>
<restriction base="string">
<whiteSpace value="preserve" />
<pattern value="[0-9 ]{8}" />
</restriction>
</simpleType>
</element>
<element name="DateValue" type="date" minOccurs="0" />
</sequence>
</complexType>
<complexType name="RestrictedIDType">
<sequence>
<element name="ID" type="hexBinary" />
<element name="ID2" type="hexBinary" minOccurs="0" />
</sequence>
</complexType>
<simpleType name="AttributeSelectionType">
<restriction base="string">
<enumeration value="ALLOWED" />
<enumeration value="PROHIBITED" />
</restriction>
</simpleType>
<!-- Additional types for SAML attributes -->
<complexType name="PlaceVerificationResultType">
<sequence>
<element name="Request" type="tns:PlaceVerificationRequestType" />
<element name="Result" type="tns:VerificationResultType" />
</sequence>
</complexType>
<complexType name="AgeVerificationResultType">
<sequence>
<element name="Request" type="tns:AgeVerificationRequestType" />
<element name="Result" type="tns:VerificationResultType" />
</sequence>
</complexType>
<complexType name="DocumentValidityResultType">
<sequence>
<element name="ReferenceDate" type="date" />
<element name="Status" type="string" />
</sequence>
<attribute name="Version" type="positiveInteger" use="required" />
<anyAttribute namespace="##any" processContents="lax" />
</complexType>
<!-- Additional types used in SAML AuthnRequest -->
<element name="EncryptedAuthnRequestExtension" type="saml:EncryptedElementType">
<annotation>
<documentation>
This element MUST contain an encrypted version of an
AuthnRequestExtension element within its xenc:EncryptedData
sub-element.
</documentation>
</annotation>
</element>
<element name="AuthnRequestExtension" type="tns:AuthnRequestExtensionType" />
<complexType name="AuthnRequestExtensionType">
<sequence>
<element name="RequestedAttributes" type="tns:RequestedAttributesType" />
</sequence>
<attribute name="Version" type="positiveInteger" use="required" />
<anyAttribute namespace="##any" processContents="lax" />
</complexType>
<complexType name="RequestedAttributesType">
<sequence>
<element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded" />
</sequence>
</complexType>
<!-- New defined Attribute since Version 1.5 -->
<attribute name="RequiredAttribute" type="boolean" default="true" />
<!-- New defined Types and Attributes since Version 2.0 -->
<!-- No more Unions since 2.0.1 -->
<simpleType name="AttributeRequestType">
<restriction base="string">
<enumeration value="REQUIRED" />
<enumeration value="ALLOWED" />
<enumeration value="PROHIBITED" />
</restriction>
</simpleType>
<simpleType name="AttributeResponseType">
<restriction base="string">
<enumeration value="NOTONCHIP" />
<enumeration value="ALLOWED" />
<enumeration value="PROHIBITED" />
</restriction>
</simpleType>
<attribute name="AttributeNotOnChip" type="boolean" default="false" />
<complexType name="OperationsRequestorType">
<sequence>
<element name="DocumentType" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="IssuingState" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="DateOfExpiry" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="GivenNames" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="FamilyNames" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="ArtisticName" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="AcademicTitle" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="DateOfBirth" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="PlaceOfBirth" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="Nationality" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="BirthName" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="PlaceOfResidence" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="ResidencePermitI" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="RestrictedID" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="AgeVerification" type="tns:AttributeRequestType"
default="PROHIBITED" />
<element name="PlaceVerification" type="tns:AttributeRequestType"
default="PROHIBITED" />
</sequence>
</complexType>
<complexType name="OperationsResponderType">
<sequence>
<element name="DocumentType" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="IssuingState" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="DateOfExpiry" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="GivenNames" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="FamilyNames" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="ArtisticName" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="AcademicTitle" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="DateOfBirth" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="PlaceOfBirth" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="Nationality" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="BirthName" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="PlaceOfResidence" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="ResidencePermitI" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="RestrictedID" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="AgeVerification" type="tns:AttributeResponseType"
default="PROHIBITED" />
<element name="PlaceVerification" type="tns:AttributeResponseType"
default="PROHIBITED" />
</sequence>
</complexType>
<!-- Additional types used in SAML AuthnReques according to eIDAS since Version 2.1.0 -->
<simpleType name="UseEidasType">
<restriction base="boolean"></restriction>
</simpleType>
<simpleType name="LevelOfAssuranceType">
<restriction base="string">
<enumeration value="http://eidas.europa.eu/LoA/low" />
<enumeration value="http://eidas.europa.eu/LoA/substantial" />
<enumeration value="http://eidas.europa.eu/LoA/high" />
</restriction>
</simpleType>
<simpleType name="SendingMemberStateType">
<restriction base="string">
<pattern value="[A-Z]{2}"></pattern>
</restriction>
</simpleType>
<simpleType name="ICAOSex">
<restriction base="string">
<enumeration value="M" />
<enumeration value="F" />
<enumeration value=" " />
</restriction>
</simpleType>
<complexType name="EidasExtensionType">
<sequence>
<element name="LevelOfAssurance" type="tns:LevelOfAssuranceType"
default="http://eidas.europa.eu/LoA/high" minOccurs="0"/>
<element name="SendingMemberState" type="tns:SendingMemberStateType" minOccurs="0"/>
</sequence>
</complexType>
</schema>
<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:dss="urn:oasis:names:tc:dss:1.0:core:schema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" targetNamespace="urn:oasis:names:tc:dss:1.0:core:schema" elementFormDefault="qualified" attributeFormDefault="unqualified">
<xs:annotation>
<xs:documentation xml:lang="en">This Schema defines the Digital Signature Service Core Protocols, Elements, and Bindings Committee Specification version 1.0 release 1</xs:documentation>
</xs:annotation>
<xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
<xs:import namespace="urn:oasis:names:tc:SAML:1.0:assertion" schemaLocation="oasis-sstc-saml-schema-assertion-1.1.xsd"/>
<xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/>
<xs:complexType name="AnyType">
<xs:sequence>
<xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="InternationalStringType">
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute ref="xml:lang" use="required"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:element name="InputDocuments">
<xs:complexType>
<xs:sequence>
<xs:choice maxOccurs="unbounded">
<xs:element ref="dss:Document"/>
<xs:element ref="dss:TransformedData"/>
<xs:element ref="dss:DocumentHash"/>
<xs:element name="Other" type="dss:AnyType"/>
</xs:choice>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:complexType name="DocumentBaseType" abstract="true">
<xs:attribute name="ID" type="xs:ID" use="optional"/>
<xs:attribute name="RefURI" type="xs:anyURI" use="optional"/>