From e7610325ee2f1d1f4e97e1e7a9b212e692836b5a Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 4 Feb 2020 17:37:34 +0100
Subject: first stable version that uses OpenSAML 3.x

---
 .../idp/impl/builder/Pvp2AssertionBuilder.java     | 68 +++++++++++-----------
 1 file changed, 35 insertions(+), 33 deletions(-)

(limited to 'eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java')

diff --git a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java
index 922e7efe..b7b18f0f 100644
--- a/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_idp/src/main/java/at/gv/egiz/eaaf/modules/pvp2/idp/impl/builder/Pvp2AssertionBuilder.java
@@ -24,6 +24,8 @@ import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
 
+import javax.naming.ConfigurationException;
+
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.api.data.ILoALevelMapper;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
@@ -86,17 +88,16 @@ public class Pvp2AssertionBuilder implements PvpConstants {
   @Autowired
   private ISubjectNameIdGenerator subjectNameIdGenerator;
 
-
   /**
    * Build a PVP assertion as response for a SAML2 AttributeQuery request.
    *
    * @param issuerEntityID EnitiyID, which should be used for this IDP response
-   * @param attrQuery AttributeQuery request from Service-Provider
-   * @param attrList List of PVP response attributes
-   * @param now Current time
-   * @param validTo ValidTo time of the assertion
-   * @param qaaLevel QAA level of the authentication
-   * @param sessionIndex SAML2 SessionIndex, which should be included *
+   * @param attrQuery      AttributeQuery request from Service-Provider
+   * @param attrList       List of PVP response attributes
+   * @param now            Current time
+   * @param validTo        ValidTo time of the assertion
+   * @param qaaLevel       QAA level of the authentication
+   * @param sessionIndex   SAML2 SessionIndex, which should be included *
    * @return PVP 2.1 Assertion
    * @throws Pvp2Exception In case of an error
    */
@@ -119,18 +120,21 @@ public class Pvp2AssertionBuilder implements PvpConstants {
         validTo);
   }
 
-
   /**
    * Build a PVP 2.1 assertion as response of a SAML2 AuthnRequest.
    *
-   * @param issuerEntityID EnitiyID, which should be used for this IDP response
-   * @param pendingReq Current processed pendingRequest DAO
-   * @param authnRequest Current processed PVP AuthnRequest
-   * @param authData AuthenticationData of the user, which is already authenticated
-   * @param peerEntity SAML2 EntityDescriptor of the service-provider, which receives the response
-   * @param date TimeStamp
-   * @param assertionConsumerService SAML2 endpoint of the service-provider, which should be used
-   * @param sloInformation Single LogOut information DAO
+   * @param issuerEntityID           EnitiyID, which should be used for this IDP
+   *                                 response
+   * @param pendingReq               Current processed pendingRequest DAO
+   * @param authnRequest             Current processed PVP AuthnRequest
+   * @param authData                 AuthenticationData of the user, which is
+   *                                 already authenticated
+   * @param peerEntity               SAML2 EntityDescriptor of the
+   *                                 service-provider, which receives the response
+   * @param date                     TimeStamp
+   * @param assertionConsumerService SAML2 endpoint of the service-provider, which
+   *                                 should be used
+   * @param sloInformation           Single LogOut information DAO
    * @return PVP2 S-Profil Assertion
    * @throws Pvp2Exception In case of an error
    */
@@ -203,7 +207,6 @@ public class Pvp2AssertionBuilder implements PvpConstants {
       }
     }
 
-
     // load SPSS decriptor from service-provider metadata
     final SPSSODescriptor spSsoDescriptor = peerEntity.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
 
@@ -217,7 +220,7 @@ public class Pvp2AssertionBuilder implements PvpConstants {
 
       AttributeConsumingService attributeConsumingService = null;
       if (aIdx != null) {
-        idx = aIdx.intValue();
+        idx = aIdx;
         attributeConsumingService = spSsoDescriptor.getAttributeConsumingServices().get(idx);
 
       } else {
@@ -231,8 +234,8 @@ public class Pvp2AssertionBuilder implements PvpConstants {
       }
 
       /*
-       * TODO: maybe use first AttributeConsumingService if no is selected in request or on service
-       * is marked as default
+       * TODO: maybe use first AttributeConsumingService if no is selected in request
+       * or on service is marked as default
        *
        */
       if (attributeConsumingService == null) {
@@ -244,7 +247,6 @@ public class Pvp2AssertionBuilder implements PvpConstants {
 
       }
 
-
       if (attributeConsumingService != null) {
         final Iterator<RequestedAttribute> it =
             attributeConsumingService.getRequestAttributes().iterator();
@@ -268,7 +270,6 @@ public class Pvp2AssertionBuilder implements PvpConstants {
               throw new UnprovideableAttributeException(reqAttribut.getName());
             }
 
-
           } catch (final Pvp2Exception e) {
             log.info("Attribute generation failed! for " + reqAttribut.getFriendlyName());
             if (reqAttribut.isRequired()) {
@@ -342,10 +343,10 @@ public class Pvp2AssertionBuilder implements PvpConstants {
       subjectNameID.setFormat(nameIdFormat);
     }
 
-
     String sessionIndex = null;
 
-    // if request is a reauthentication and NameIDFormat match reuse old session information
+    // if request is a reauthentication and NameIDFormat match reuse old session
+    // information
     if (StringUtils.isNotEmpty(authData.getNameID())
         && StringUtils.isNotEmpty(authData.getNameIdFormat())
         && nameIdFormat.equals(authData.getNameIdFormat())) {
@@ -368,7 +369,8 @@ public class Pvp2AssertionBuilder implements PvpConstants {
     // set 'recipient' attribute in subjectConformationData
     subjectConfirmationData.setRecipient(assertionConsumerService.getLocation());
 
-    // set IP address of the user machine as 'Address' attribute in subjectConformationData
+    // set IP address of the user machine as 'Address' attribute in
+    // subjectConformationData
     final String usersIpAddress =
         pendingReq.getRawData(RequestImpl.DATAID_REQUESTER_IP_ADDRESS, String.class);
     if (StringUtils.isNotEmpty(usersIpAddress)) {
@@ -388,15 +390,15 @@ public class Pvp2AssertionBuilder implements PvpConstants {
   /**
    * Build generic part of PVP S-Profile Assertion.
    *
-   * @param issuer IDP EntityID
-   * @param entityID Service Provider EntityID
-   * @param date Timestamp
-   * @param authnContextClassRef SAML2 AuthnContextClassReference
-   * @param attrList List of attributes
-   * @param subjectNameID SubjectNameId
+   * @param issuer                  IDP EntityID
+   * @param entityID                Service Provider EntityID
+   * @param date                    Timestamp
+   * @param authnContextClassRef    SAML2 AuthnContextClassReference
+   * @param attrList                List of attributes
+   * @param subjectNameID           SubjectNameId
    * @param subjectConfirmationData SubjectConfirmationInformation
-   * @param sessionIndex SessionIndex
-   * @param isValidTo ValidTo Timestamp
+   * @param sessionIndex            SessionIndex
+   * @param isValidTo               ValidTo Timestamp
    * @return PVP S-Profile Assertion
    * @throws ConfigurationException In case on an error
    */
-- 
cgit v1.2.3