From 0e60708e5915eb858d5931c45f807329bd365c11 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Sun, 9 Jan 2022 21:30:56 +0100
Subject: chore(SAML2): update implementation to remove usage of deprecated
 openSAML4.x API

---
 .../pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java       | 8 ++++----
 .../egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java   | 4 ++--
 .../modules/pvp2/impl/verification/SamlVerificationEngine.java    | 4 ++--
 3 files changed, 8 insertions(+), 8 deletions(-)

(limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules')

diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
index 3d9125fe..6e718385 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
@@ -22,15 +22,15 @@ package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
 import java.util.Collection;
 import java.util.List;
 
-import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-
 import org.opensaml.saml.saml2.core.Attribute;
 import org.opensaml.saml.saml2.metadata.ContactPerson;
 import org.opensaml.saml.saml2.metadata.Organization;
 import org.opensaml.saml.saml2.metadata.RequestedAttribute;
 import org.opensaml.security.credential.Credential;
 
+import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+
 /**
  * PVP Metadata builder configuration.
  *
@@ -43,7 +43,7 @@ public interface IPvpMetadataBuilderConfiguration {
    * Defines a unique name for this PVP Service-provider, which is used for
    * logging.
    *
-   * @return
+   * @return Name of this SAML2 SP
    */
   String getSpNameForLogging();
 
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
index 05a7360b..da3db0a8 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
@@ -237,7 +237,7 @@ public class PvpMetadataBuilder {
     } else {
       for (final String format : config.getSpAllowedNameIdTypes()) {
         final NameIDFormat nameIdFormat = Saml2Utils.createSamlObject(NameIDFormat.class);
-        nameIdFormat.setFormat(format);
+        nameIdFormat.setURI(format);
         spSsoDescriptor.getNameIDFormats().add(nameIdFormat);
 
       }
@@ -424,7 +424,7 @@ public class PvpMetadataBuilder {
     // set providable nameID formats
     for (final String format : config.getIdpPossibleNameIdTypes()) {
       final NameIDFormat nameIdFormat = Saml2Utils.createSamlObject(NameIDFormat.class);
-      nameIdFormat.setFormat(format);
+      nameIdFormat.setURI(format);
       idpSsoDescriptor.getNameIDFormats().add(nameIdFormat);
 
     }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
index 2257eba9..60800eb2 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
@@ -325,7 +325,7 @@ public class SamlVerificationEngine {
         } else {
           for (final AudienceRestriction el : audienceRest) {
             for (final Audience audience : el.getAudiences()) {
-              if (!urlCompare(spEntityId, audience.getAudienceURI())) {
+              if (!urlCompare(spEntityId, audience.getURI())) {
                 log.info("Assertion with ID:{} 'AudienceRestriction' is not valid.",
                     saml2assertion.getID());
                 isAssertionValid = false;
@@ -520,7 +520,7 @@ public class SamlVerificationEngine {
               samlResp.getIssuer().getValue(),
               samlResp.getStatus().getStatusCode().getValue(),
               samlResp.getStatus().getStatusMessage() != null
-                ? samlResp.getStatus().getStatusMessage().getMessage()
+                ? samlResp.getStatus().getStatusMessage().getValue()
                     : " no status message" });
 
     }
-- 
cgit v1.2.3