aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-11-24 17:19:27 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-11-24 17:19:27 +0100
commit9ebec8cfa0e56467314bbd983d87640411b12ce3 (patch)
treebf0067100d3ef03613659f538a13d117f430a68d
parentf02943b7b4257bb9f16bd2e9f9d9dfb5a2f17944 (diff)
downloadmoa-id-spss-9ebec8cfa0e56467314bbd983d87640411b12ce3.tar.gz
moa-id-spss-9ebec8cfa0e56467314bbd983d87640411b12ce3.tar.bz2
moa-id-spss-9ebec8cfa0e56467314bbd983d87640411b12ce3.zip
rebuild SAML1 target parameter functionality for legacy applications
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java27
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java17
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java11
4 files changed, 39 insertions, 20 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 731925c1b..5fb4d6be8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -215,7 +215,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
} else {
//build AuthenticationData from MOASession
- buildAuthDataFormMOASession(authdata, session, oaParam);
+ buildAuthDataFormMOASession(authdata, session, oaParam, protocolRequest);
}
@@ -323,7 +323,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
}
//parse response information to authData
- buildAuthDataFormInterfederationResponse(authdata, session, extractor, oaParam);
+ buildAuthDataFormInterfederationResponse(authdata, session, extractor, oaParam, req);
} catch (SOAPException e) {
throw new BuildException("builder.06", null, e);
@@ -350,7 +350,8 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
AuthenticationData authData,
AuthenticationSession session,
AssertionAttributeExtractor extractor,
- IOAAuthParameters oaParam)
+ IOAAuthParameters oaParam,
+ IRequest req)
throws BuildException, AssertionAttributeExtractorExeption {
Logger.debug("Build AuthData from assertion starts ....");
@@ -536,7 +537,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
}
//build OA specific bPK/wbPK information
- buildOAspecificbPK(oaParam, authData,
+ buildOAspecificbPK(req, oaParam, authData,
authData.getIdentificationValue(),
authData.getIdentificationType());
@@ -544,7 +545,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
if (MiscUtil.isEmpty(authData.getBPK())) {
Logger.debug("Calcutlate bPK from baseID");
- buildOAspecificbPK(oaParam, authData,
+ buildOAspecificbPK(req, oaParam, authData,
authData.getIdentificationValue(),
authData.getIdentificationType());
@@ -845,7 +846,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
}
private static void buildAuthDataFormMOASession(AuthenticationData authData, AuthenticationSession session,
- IOAAuthParameters oaParam) throws BuildException, ConfigurationException {
+ IOAAuthParameters oaParam, IRequest protocolRequest) throws BuildException, ConfigurationException {
IdentityLink identityLink = session.getIdentityLink();
@@ -959,7 +960,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
Logger.trace("Authenticated User is OW: " + mandate.getOWbPK());
} else {
- buildOAspecificbPK(oaParam, authData,
+ buildOAspecificbPK(protocolRequest, oaParam, authData,
identityLink.getIdentificationValue(),
identityLink.getIdentificationType());
@@ -1003,7 +1004,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
}
- private static void buildOAspecificbPK(IOAAuthParameters oaParam, AuthenticationData authData, String baseID, String baseIDType) throws BuildException {
+ private static void buildOAspecificbPK(IRequest protocolRequest, IOAAuthParameters oaParam, AuthenticationData authData, String baseID, String baseIDType) throws BuildException {
if (oaParam.getBusinessService()) {
//since we have foreigner, wbPK is not calculated in BKU
@@ -1024,9 +1025,15 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
if (baseIDType.equals(Constants.URN_PREFIX_BASEID)) {
// only compute bPK if online application is a public service and we have the Stammzahl
- String bpkBase64 = new BPKBuilder().buildBPK(baseID, oaParam.getTarget());
+ String target = null;
+ if (protocolRequest instanceof SAML1RequestImpl)
+ target = protocolRequest.getTarget();
+ else
+ target = oaParam.getTarget();
+
+ String bpkBase64 = new BPKBuilder().buildBPK(baseID, target);
authData.setBPK(bpkBase64);
- authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget());
+ authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + target);
}
Logger.trace("Authenticate user with bPK " + authData.getBPK());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index 2ef8ab5ec..99a7dce89 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -45,6 +45,9 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TemplateType;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
+import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.logging.Logger;
@@ -116,11 +119,15 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
else {
- //load Parameters from config
- String target = oaParam.getTarget();
-
-
-
+ //get Target from config or from request in case of SAML 1
+ String target = null;
+ IRequest pendingReq = RequestStorage.getPendingRequest(pendingRequestID);
+ if (MiscUtil.isNotEmpty(pendingReq.getTarget()) &&
+ pendingReq.requestedModule().equals(SAML1Protocol.PATH))
+ target = pendingReq.getTarget();
+ else
+ target = oaParam.getTarget();
+
String bkuURL = oaParam.getBKUURL(bkuid);
if (MiscUtil.isEmpty(bkuURL)) {
Logger.info("No OA specific BKU defined. Use BKU from default configuration");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 67f780b3a..4cdd1db01 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -83,7 +83,7 @@ public class GetArtifactAction implements IAction {
String url = AuthConfigurationProvider.getInstance().getPublicURLPrefix() + "/RedirectServlet";
url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8"));
if (!oaParam.getBusinessService())
- url = addURLParameter(url, PARAM_TARGET, URLEncoder.encode(oaParam.getTarget(), "UTF-8"));
+ url = addURLParameter(url, PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8"));
url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
url = httpResp.encodeRedirectURL(url);
@@ -95,7 +95,7 @@ public class GetArtifactAction implements IAction {
String redirectURL = oaURL;
if (!oaParam.getBusinessService()) {
redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
- URLEncoder.encode(oaParam.getTarget(), "UTF-8"));
+ URLEncoder.encode(req.getTarget(), "UTF-8"));
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 8f7f17e2e..9934c339d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -132,7 +132,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
if (!ParamValidatorUtils.isValidOA(oaURL))
throw new WrongParametersException("StartAuthentication", PARAM_OA,
"auth.12");
-
+
config.setOAURL(oaURL);
Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL);
@@ -156,8 +156,13 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
new Object[] { null });
}
- config.setSourceID(sourceID);
- config.setTarget(oaParam.getTarget());
+ config.setSourceID(sourceID);
+ if (MiscUtil.isNotEmpty(target))
+ config.setTarget(target);
+
+ else
+ config.setTarget(oaParam.getTarget());
+
return config;
}