diff options
select mandate based on eIDAS Proxy-Service request information
Diffstat (limited to 'eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java')
-rw-r--r-- | eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java | 113 |
1 files changed, 63 insertions, 50 deletions
diff --git a/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java b/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java index 5d184cc8..805bbc42 100644 --- a/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java +++ b/eidas_modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java @@ -96,10 +96,6 @@ public class ProxyServiceAuthenticationAction implements IAction { lightRespBuilder.levelOfAssurance(authData.getEidasQaaLevel()); lightRespBuilder.attributes(buildAttributesFromAuthData(authData)); - // put request into shared cache - final BinaryLightToken token = putResponseInCommunicationCache(lightRespBuilder.build()); - final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token); - // set SLO response object of EAAF framework final SloInformationImpl sloInformation = new SloInformationImpl(); sloInformation.setProtocolType(pendingReq.requestedModule()); @@ -107,7 +103,7 @@ public class ProxyServiceAuthenticationAction implements IAction { .setSpEntityID(pendingReq.getServiceProviderConfiguration().getUniqueIdentifier()); // forward to eIDAS Proxy-Service - forwardToEidasProxy(pendingReq, httpReq, httpResp, tokenBase64); + forwardToEidasProxy(pendingReq, httpReq, httpResp, lightRespBuilder.build()); return sloInformation; @@ -136,6 +132,68 @@ public class ProxyServiceAuthenticationAction implements IAction { } + + /** + * Forward eIDAS Light response to eIDAS node. + * + * @param pendingReq Current pending request. + * @param httpReq Current HTTP request + * @param httpResp Current HTTP response + * @param lightResponse eIDAS LightResponse + * @throws EaafConfigurationException In case of a configuration error + * @throws IOException In case of a general error + * @throws GuiBuildException In case of a GUI rendering error, if http POST binding is used + * @throws ServletException In case of a general error + */ + public void forwardToEidasProxy(IRequest pendingReq, HttpServletRequest httpReq, + HttpServletResponse httpResp, LightResponse lightResponse) throws EaafConfigurationException, IOException, + GuiBuildException, ServletException { + + // put request into shared cache + final BinaryLightToken token = putResponseInCommunicationCache(lightResponse); + final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token); + + // select forward URL regarding the selected environment + final String forwardUrl = basicConfig.getBasicConfiguration( + MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_NODE_FORWARD_URL); + + if (StringUtils.isEmpty(forwardUrl)) { + log.warn("NO ForwardURL defined in configuration. Can NOT forward to eIDAS node! Process stops"); + throw new EaafConfigurationException("config.08", + new Object[] { MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_NODE_FORWARD_URL }); + + } + log.debug("ForwardURL: " + forwardUrl + " selected to forward eIDAS request"); + + if (basicConfig.getBasicConfiguration( + Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD, + Constants.FORWARD_METHOD_GET).equals(Constants.FORWARD_METHOD_GET)) { + + log.debug("Use http-redirect for eIDAS node forwarding ... "); + // send redirect + final UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(forwardUrl); + redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64); + httpResp.sendRedirect(redirectUrl.build().encode().toString()); + + } else { + log.debug("Use http-post for eIDAS node forwarding ... "); + final StaticGuiBuilderConfiguration config = new StaticGuiBuilderConfiguration( + basicConfig, + pendingReq, + Constants.TEMPLATE_POST_FORWARD_NAME, + null, + resourceLoader); + + config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_ENDPOINT, forwardUrl); + config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_NAME, + EidasParameterKeys.TOKEN.toString()); + config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_VALUE, + tokenBase64); + + guiBuilder.build(httpReq, httpResp, config, "Forward to eIDASNode form"); + + } + } @PostConstruct private void checkConfiguration() { @@ -264,50 +322,5 @@ public class ProxyServiceAuthenticationAction implements IAction { return binaryLightToken; } - private void forwardToEidasProxy(IRequest pendingReq, HttpServletRequest httpReq, - HttpServletResponse httpResp, String tokenBase64) throws EaafConfigurationException, IOException, - GuiBuildException { - // select forward URL regarding the selected environment - final String forwardUrl = basicConfig.getBasicConfiguration( - MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_NODE_FORWARD_URL); - - if (StringUtils.isEmpty(forwardUrl)) { - log.warn("NO ForwardURL defined in configuration. Can NOT forward to eIDAS node! Process stops"); - throw new EaafConfigurationException("config.08", - new Object[] { MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_NODE_FORWARD_URL }); - - } - log.debug("ForwardURL: " + forwardUrl + " selected to forward eIDAS request"); - - if (basicConfig.getBasicConfiguration( - Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD, - Constants.FORWARD_METHOD_GET).equals(Constants.FORWARD_METHOD_GET)) { - - log.debug("Use http-redirect for eIDAS node forwarding ... "); - // send redirect - final UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(forwardUrl); - redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64); - httpResp.sendRedirect(redirectUrl.build().encode().toString()); - - } else { - log.debug("Use http-post for eIDAS node forwarding ... "); - final StaticGuiBuilderConfiguration config = new StaticGuiBuilderConfiguration( - basicConfig, - pendingReq, - Constants.TEMPLATE_POST_FORWARD_NAME, - null, - resourceLoader); - - config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_ENDPOINT, forwardUrl); - config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_NAME, - EidasParameterKeys.TOKEN.toString()); - config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_VALUE, - tokenBase64); - - guiBuilder.build(httpReq, httpResp, config, "Forward to eIDASNode form"); - - } - - } } |