1 files changed, 35 insertions, 24 deletions

diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
index 1e42ac9c..2e30dcd9 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/AbstractPvp2XProtocol.java
@@ -44,6 +44,7 @@ import org.opensaml.xmlsec.signature.SignableXMLObject;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.Assert;
 
 import at.gv.egiz.components.eventlog.api.EventConstants;
 import at.gv.egiz.eaaf.core.api.IRequest;
@@ -78,6 +79,7 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
 import at.gv.egiz.eaaf.modules.pvp2.impl.validation.EaafUriCompare;
 import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
 import at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine;
+import lombok.Setter;
 
 public abstract class AbstractPvp2XProtocol extends AbstractController implements IModulInfo {
   private static final Logger log = LoggerFactory.getLogger(AbstractPvp2XProtocol.class);
@@ -88,12 +90,16 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
   @Autowired(required = true)
   protected IPvp2BasicConfiguration pvpBasicConfiguration;
   @Autowired(required = true)
-  protected IPvp2MetadataProvider metadataProvider;
-  @Autowired(required = true)
   protected SamlVerificationEngine samlVerificationEngine;
   @Autowired(required = false)
   protected List<IAuthnRequestPostProcessor> authRequestPostProcessors;
 
+  /**
+   * SAML2 metadata provider that should be used in this component.
+   */
+  @Setter
+  protected IPvp2MetadataProvider metadataProvider;
+  
   private IPvp2CredentialProvider pvpIdpCredentials;
 
   /**
@@ -124,7 +130,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
     final StatusCode statusCode = Saml2Utils.createSamlObject(StatusCode.class);
     final StatusMessage statusMessage = Saml2Utils.createSamlObject(StatusMessage.class);
 
-    String moaError = null;
+    String internalErrorCode = null;
 
     if (e instanceof NoPassivAuthenticationException) {
       statusCode.setValue(StatusCode.NO_PASSIVE);
@@ -144,30 +150,37 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
       final String statusMessageValue = ex.getStatusMessageValue();
       if (statusMessageValue != null) {
         statusMessage.setMessage(StringEscapeUtils.escapeXml(statusMessageValue));
+        
       }
-      moaError = statusMessager.mapInternalErrorToExternalError(ex.getErrorId());
+      
+      internalErrorCode = ex.getErrorId();
 
     } else {
       statusCode.setValue(StatusCode.RESPONDER);
       statusMessage.setMessage(StringEscapeUtils.escapeXml(e.getLocalizedMessage()));
-      moaError = statusMessager.getResponseErrorCode(e);
+      internalErrorCode = statusMessager.getResponseErrorCode(e);
+      
     }
 
-    if (StringUtils.isNotEmpty(moaError)) {
-      final StatusCode moaStatusCode = Saml2Utils.createSamlObject(StatusCode.class);
-      moaStatusCode.setValue(moaError);
-      statusCode.setStatusCode(moaStatusCode);
+    //set external sub-statusCode if one was selected
+    if (StringUtils.isNotEmpty(internalErrorCode)) {
+      final StatusCode externalStatusCode = Saml2Utils.createSamlObject(StatusCode.class);
+      externalStatusCode.setValue(
+          statusMessager.mapInternalErrorToExternalError(internalErrorCode));
+      statusCode.setStatusCode(externalStatusCode);
+      
     }
 
-    status.setStatusCode(statusCode);
+    //set status-message if availabe    
     if (statusMessage.getMessage() != null) {
       status.setStatusMessage(statusMessage);
-    }
-    samlResponse.setStatus(status);
-    final String remoteSessionID = Saml2Utils.getSecureIdentifier();
-    samlResponse.setID(remoteSessionID);
-
+      
+    }    
+    status.setStatusCode(statusCode);    
+    samlResponse.setStatus(status);    
+    samlResponse.setID(Saml2Utils.getSecureIdentifier());
     samlResponse.setIssueInstant(Instant.now());
+    
     final Issuer nissuer = Saml2Utils.createSamlObject(Issuer.class);
     nissuer.setValue(pvpBasicConfiguration.getIdpEntityId(pvpRequest.getAuthUrl()));
     nissuer.setFormat(NameIDType.ENTITY);
@@ -176,13 +189,13 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
     IEncoder encoder = null;
 
     if (pvpRequest.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
-      encoder = applicationContext.getBean("PVPRedirectBinding", RedirectBinding.class);
+      encoder = applicationContext.getBean("PvpRedirectBinding", RedirectBinding.class);
 
     } else if (pvpRequest.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
-      encoder = applicationContext.getBean("PVPPOSTBinding", PostBinding.class);
+      encoder = applicationContext.getBean("PvpPostBinding", PostBinding.class);
 
     } else if (pvpRequest.getBinding().equals(SAMLConstants.SAML2_SOAP11_BINDING_URI)) {
-      encoder = applicationContext.getBean("PVPSOAPBinding", SoapBinding.class);
+      encoder = applicationContext.getBean("PvpSoapBinding", SoapBinding.class);
     }
 
     if (encoder == null) {
@@ -263,7 +276,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
             pendingReq.getUniqueTransactionIdentifier());
       }
 
-      throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
+      throw new InvalidProtocolRequestException("pvp2.21", new Object[] {e.getMessage()});
 
     } catch (final Pvp2Exception e) {
       final String samlRequest = req.getParameter(HTTP_PARAM_SAMLREQ);
@@ -337,7 +350,7 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
             pendingReq.getUniqueTransactionIdentifier());
       }
 
-      throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
+      throw new InvalidProtocolRequestException("pvp2.21", new Object[] {e.getMessage()});
 
     } catch (final Pvp2Exception e) {
       final String samlRequest = req.getParameter(HTTP_PARAM_SAMLREQ);
@@ -555,11 +568,9 @@ public abstract class AbstractPvp2XProtocol extends AbstractController implement
 
   @PostConstruct
   private void verifyInitialization() {
-    if (pvpIdpCredentials == null) {
-      log.error("No SAML2 credentialProvider injected!");
-      throw new RuntimeException("No SAML2 credentialProvider injected!");
+    Assert.notNull(metadataProvider, "No SAML2 MetadataProvider injected!");
+    Assert.notNull(pvpIdpCredentials, "No SAML2 credentialProvider injected!");
 
-    }
   }
 
 }