aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-03-23 15:16:19 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-03-23 15:16:19 +0100
commitdb813d7524890a60bbd13f60c9c448dc1ef6cfd6 (patch)
treea6ca0298c64970343c7841347c30a97d611136df
parentb107abdc2655e62c5d11219f2b90a8e0a85bda91 (diff)
downloadmoa-id-spss-db813d7524890a60bbd13f60c9c448dc1ef6cfd6.tar.gz
moa-id-spss-db813d7524890a60bbd13f60c9c448dc1ef6cfd6.tar.bz2
moa-id-spss-db813d7524890a60bbd13f60c9c448dc1ef6cfd6.zip
add additional parameters to ELGA mandate-service client implementation
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java16
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java16
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPAuthnRequestBuilderConfiguruation.java18
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPMetadataBuilderConfiguration.java14
-rw-r--r--id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java9
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java7
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java26
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java103
-rw-r--r--id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java16
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthMetadataConfiguration.java19
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthnRequestBuilderConfiguration.java17
12 files changed, 245 insertions, 22 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java
index ba5c19de7..01ef4a43d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java
@@ -38,6 +38,8 @@ import org.opensaml.saml2.core.NameIDPolicy;
import org.opensaml.saml2.core.NameIDType;
import org.opensaml.saml2.core.RequestedAuthnContext;
import org.opensaml.saml2.core.Subject;
+import org.opensaml.saml2.core.SubjectConfirmation;
+import org.opensaml.saml2.core.SubjectConfirmationData;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.SingleSignOnService;
import org.opensaml.ws.message.encoder.MessageEncodingException;
@@ -175,6 +177,20 @@ public class PVPAuthnRequestBuilder {
subjectNameID.setFormat(NameID.TRANSIENT);
reqSubject.setNameID(subjectNameID);
+
+ if (config.getSubjectConformationDate() != null) {
+ SubjectConfirmation subjectConformation = SAML2Utils.createSAMLObject(SubjectConfirmation.class);
+ SubjectConfirmationData subjectConformDate = SAML2Utils.createSAMLObject(SubjectConfirmationData.class);
+ subjectConformation.setSubjectConfirmationData(subjectConformDate);
+ reqSubject.getSubjectConfirmations().add(subjectConformation );
+
+ if (config.getSubjectConformationMethode() != null)
+ subjectConformation.setMethod(config.getSubjectConformationMethode());
+
+ subjectConformDate.setDOM(config.getSubjectConformationDate());
+
+ }
+
authReq.setSubject(reqSubject );
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java
index 62e3b9620..ab96e4df7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPMetadataBuilder.java
@@ -214,8 +214,8 @@ public class PVPMetadataBuilder {
private RoleDescriptor generateSPMetadata(IPVPMetadataBuilderConfiguration config) throws CredentialsNotAvailableException, SecurityException, ConfigurationException {
SPSSODescriptor spSSODescriptor = SAML2Utils.createSAMLObject(SPSSODescriptor.class);
spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
- spSSODescriptor.setAuthnRequestsSigned(true);
- spSSODescriptor.setWantAssertionsSigned(false);
+ spSSODescriptor.setAuthnRequestsSigned(config.wantAuthnRequestSigned());
+ spSSODescriptor.setWantAssertionsSigned(config.wantAssertionSigned());
KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
@@ -367,7 +367,7 @@ public class PVPMetadataBuilder {
idpSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
//set ass default value, because PVP 2.x specification defines this feature as MUST
- idpSSODescriptor.setWantAuthnRequestsSigned(true);
+ idpSSODescriptor.setWantAuthnRequestsSigned(config.wantAuthnRequestSigned());
// add WebSSO descriptor for POST-Binding
if (MiscUtil.isNotEmpty(config.getIDPWebSSOPostBindingURL())) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java
index 5bb1131a6..c0fb5bf5b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java
@@ -300,4 +300,20 @@ public class IDPPVPMetadataConfiguration implements IPVPMetadataBuilderConfigura
return "MOA-ID-Auth";
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAssertionSigned()
+ */
+ @Override
+ public boolean wantAssertionSigned() {
+ return false;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAuthnRequestSigned()
+ */
+ @Override
+ public boolean wantAuthnRequestSigned() {
+ return true;
+ }
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPAuthnRequestBuilderConfiguruation.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPAuthnRequestBuilderConfiguruation.java
index 6e1798ed1..814a2387d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPAuthnRequestBuilderConfiguruation.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPAuthnRequestBuilderConfiguruation.java
@@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.config;
import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.xml.security.credential.Credential;
+import org.w3c.dom.Element;
/**
* @author tlenz
@@ -136,11 +137,26 @@ public interface IPVPAuthnRequestBuilderConfiguruation {
public String getSubjectNameIDFormat();
/**
- * Define a SP specific SAMK2 requestID
+ * Define a SP specific SAML2 requestID
*
* @return requestID, or null if the requestID should be generated automatically
*/
public String getRequestID();
+ /**
+ * Defines the 'method' attribute in 'SubjectConformation' element
+ *
+ * @return method, or null if no method should set
+ */
+ public String getSubjectConformationMethode();
+
+ /**
+ * Define the information, which should be added as 'subjectConformationDate'
+ * in 'SubjectConformation' element
+ *
+ * @return subjectConformation information or null if no subjectConformation should be set
+ */
+ public Element getSubjectConformationDate();
+
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPMetadataBuilderConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPMetadataBuilderConfiguration.java
index 56274535b..3a8404cae 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPMetadataBuilderConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IPVPMetadataBuilderConfiguration.java
@@ -221,4 +221,18 @@ public interface IPVPMetadataBuilderConfiguration {
* @return a List of SAML2 nameID types
*/
public List<String> getSPAllowedNameITTypes();
+
+ /**
+ * Set the 'wantAssertionSigned' attribute in SP metadata
+ *
+ * @return
+ */
+ public boolean wantAssertionSigned();
+
+ /**
+ * Set the 'wantAuthnRequestSigned' attribute
+ *
+ * @return
+ */
+ public boolean wantAuthnRequestSigned();
}
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
index 55f4f44d4..557b83487 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EidasMetaDataRequest.java
@@ -104,13 +104,14 @@ public class EidasMetaDataRequest implements IAction {
generator.setConfigParams(mcp);
generator.initialize(engine);
mcp.setEntityID(metadata_url);
-
- generator.addSPRole();
+
String returnUrl = sp_return_url;
mcp.setAssertionConsumerUrl(returnUrl);
-
- generator.addIDPRole();
mcp.setAssuranceLevel("http://eidas.europa.eu/LoA/substantial"); // TODO make configurable
+
+ generator.addSPRole();
+ generator.addIDPRole();
+
metadata = generator.generateMetadata();
return metadata;
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java
index 60dd95338..7ca4590bb 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthConstants.java
@@ -98,6 +98,13 @@ public class ELGAMandatesAuthConstants {
public static final String CONFIG_DEFAULT_QAA_STORK_LEVEL = "http://www.stork.gov.eu/1.0/citizenQAALevel/4";
public static final String CONFIG_DEFAULT_QAA_SECCLASS_LEVEL = "http://www.ref.gv.at/ns/names/agiz/pvp/secclass/0-3";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE = "rc";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE_URI = "http://egiz.gv.at/namespace/subjectconformationdate/elga";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_ROOT = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":Representative";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_FAMILYNAME = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":FamilyName";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_GIVENNAME = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":GivenName";
+ public static final String SUBJECTCONFORMATIONDATE_ELEMENT_DATEOFBIRTH = SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE + ":DateOfBirth";
+
public static List<String> getRequiredAttributeNames() {
List<String> list = new ArrayList<String>();
for (Pair<String, String> el : REQUIRED_PVP_ATTRIBUTES)
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java
index 22cb22c6d..5743590f9 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesMetadataConfiguration.java
@@ -223,7 +223,8 @@ public class ELGAMandatesMetadataConfiguration implements IPVPMetadataBuilderCon
*/
@Override
public String getSPSLOPostBindingURL() {
- return authURL + ELGAMandatesAuthConstants.ENDPOINT_POST;
+ //return authURL + ELGAMandatesAuthConstants.ENDPOINT_POST;
+ return null;
}
/* (non-Javadoc)
@@ -231,7 +232,8 @@ public class ELGAMandatesMetadataConfiguration implements IPVPMetadataBuilderCon
*/
@Override
public String getSPSLORedirectBindingURL() {
- return authURL + ELGAMandatesAuthConstants.ENDPOINT_REDIRECT;
+ //return authURL + ELGAMandatesAuthConstants.ENDPOINT_REDIRECT;
+ return null;
}
/* (non-Javadoc)
@@ -288,4 +290,24 @@ public class ELGAMandatesMetadataConfiguration implements IPVPMetadataBuilderCon
public String getSPNameForLogging() {
return ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING;
}
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAssertionSigned()
+ */
+ @Override
+ public boolean wantAssertionSigned() {
+ return true;
+
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAuthnRequestSigned()
+ */
+ @Override
+ public boolean wantAuthnRequestSigned() {
+ return true;
+
+ }
}
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java
index 320c4fdc6..60025075f 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/config/ELGAMandatesRequestBuilderConfiguration.java
@@ -22,13 +22,26 @@
*/
package at.gv.egovernment.moa.id.auth.modules.elgamandates.config;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.opensaml.Configuration;
import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml2.core.NameID;
+import org.opensaml.saml2.core.SubjectConfirmation;
+import org.opensaml.saml2.core.SubjectConfirmationData;
import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.security.credential.Credential;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
+import at.gv.egovernment.moa.logging.Logger;
/**
* @author tlenz
@@ -36,14 +49,15 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderCo
*/
public class ELGAMandatesRequestBuilderConfiguration implements IPVPAuthnRequestBuilderConfiguruation {
- private boolean isPassive;
- private String SPEntityID;
- private String QAA_Level;
- private EntityDescriptor idpEntity;
- private Credential signCred;
- private String subjectNameID;
- private String subjectNameIDQualifier;
- private String requestID;
+ private boolean isPassive = false;
+ private String SPEntityID = null;
+ private String QAA_Level = null;
+ private EntityDescriptor idpEntity = null;
+ private Credential signCred = null;
+ private String subjectNameID = null;
+ private String subjectNameIDQualifier = null;
+ private String requestID = null;
+ private Element subjectConformationDate = null;
/* (non-Javadoc)
@@ -216,8 +230,77 @@ public class ELGAMandatesRequestBuilderConfiguration implements IPVPAuthnRequest
public void setSubjectNameIDQualifier(String subjectNameIDQualifier) {
this.subjectNameIDQualifier = subjectNameIDQualifier;
}
-
-
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectConformationMethode()
+ */
+ @Override
+ public String getSubjectConformationMethode() {
+ return SubjectConfirmation.METHOD_BEARER;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectConformationDate()
+ */
+ @Override
+ public Element getSubjectConformationDate() {
+ return subjectConformationDate;
+ }
+
+ /**
+ * @param subjectConformationDate the subjectConformationDate to set
+ */
+ public void setSubjectConformationDate(String givenName, String familyName, String dateOfBirth) {
+ try {
+ SubjectConfirmationData subjectConformDate = SAML2Utils.createSAMLObject(SubjectConfirmationData.class);
+
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ DocumentBuilder builder = dbf.newDocumentBuilder();
+ Document doc = builder.newDocument();
+
+ Marshaller out = Configuration.getMarshallerFactory()
+ .getMarshaller(subjectConformDate);
+ out.marshall(subjectConformDate, doc);
+
+ //build root element
+ Element rootDom = doc.createElementNS(
+ ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE_URI,
+ ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_ROOT);
+ rootDom.setPrefix(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE);
+ rootDom.setAttributeNS("http://www.w3.org/2000/xmlns/",
+ "xmlns:" + ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE,
+ ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE_URI);
+
+ //build personal information
+ Element familyNameDom = doc.createElement(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_FAMILYNAME);
+ //familyNameDom.setPrefix(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE);
+ familyNameDom.setTextContent(familyName);
+
+ Element givenNameDom = doc.createElement(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_GIVENNAME);
+ //givenNameDom.setPrefix(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE);
+ givenNameDom.setTextContent(givenName);
+
+ Element dateOfBirthDom = doc.createElement(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_DATEOFBIRTH);
+ //dateOfBirthDom.setPrefix(ELGAMandatesAuthConstants.SUBJECTCONFORMATIONDATE_ELEMENT_NAMESPACE);
+ dateOfBirthDom.setTextContent(dateOfBirth);
+
+ //add information to root element
+ doc.getFirstChild().appendChild(rootDom);
+ rootDom.appendChild(givenNameDom);
+ rootDom.appendChild(familyNameDom);
+ rootDom.appendChild(dateOfBirthDom);
+
+ this.subjectConformationDate = doc.getDocumentElement();
+
+ } catch (ParserConfigurationException | MarshallingException e) {
+ Logger.error("Can not generate 'SubjectConformationDate' for "
+ + ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING);
+
+ }
+
+
+ }
+
}
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
index 5d98eb46e..6a7858575 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
@@ -122,7 +122,15 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
}
}
-
+
+ //check if identityLink exists in moaSession DAO
+ if (moasession.getIdentityLink() == null) {
+ Logger.error("Connect ELGA Mandate-Service FAILED -> NO identityLink in moaSession DAO");
+ throw new MOAIDException("service.10",
+ new Object[]{ELGAMandatesAuthConstants.MODULE_NAME_FOR_LOGGING, "NO identityLink in moaSession DAO."});
+
+ }
+
String sourcePinType = moasession.getIdentityLink().getIdentificationType();
String sourcePinValue = moasession.getIdentityLink().getIdentificationValue();
if (sourcePinType.startsWith(Constants.URN_PREFIX_BASEID)) {
@@ -152,6 +160,12 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
PVPTargetConfiguration.DATAID_INTERFEDERATION_REQUESTID,
authnReqConfig.getRequestID());
+ //set SubjectConformationDate
+ authnReqConfig.setSubjectConformationDate(
+ moasession.getIdentityLink().getGivenName(),
+ moasession.getIdentityLink().getFamilyName(),
+ moasession.getIdentityLink().getDateOfBirth());
+
//store pending-request
requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthMetadataConfiguration.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthMetadataConfiguration.java
index 0cee2dde3..c3d5e8032 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthMetadataConfiguration.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthMetadataConfiguration.java
@@ -263,7 +263,6 @@ public class FederatedAuthMetadataConfiguration implements IPVPMetadataBuilderCo
*/
@Override
public List<RequestedAttribute> getSPRequiredAttributes() {
- // TODO Auto-generated method stub
return null;
}
@@ -287,4 +286,22 @@ public class FederatedAuthMetadataConfiguration implements IPVPMetadataBuilderCo
return FederatedAuthConstants.MODULE_NAME_FOR_LOGGING;
}
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAssertionSigned()
+ */
+ @Override
+ public boolean wantAssertionSigned() {
+ return false;
+ }
+
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPMetadataBuilderConfiguration#wantAuthnRequestSigned()
+ */
+ @Override
+ public boolean wantAuthnRequestSigned() {
+ return true;
+ }
+
}
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthnRequestBuilderConfiguration.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthnRequestBuilderConfiguration.java
index 19eae06d7..000590923 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthnRequestBuilderConfiguration.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/config/FederatedAuthnRequestBuilderConfiguration.java
@@ -26,6 +26,7 @@ import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml2.core.NameID;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.xml.security.credential.Credential;
+import org.w3c.dom.Element;
import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation;
@@ -190,5 +191,21 @@ public class FederatedAuthnRequestBuilderConfiguration implements IPVPAuthnReque
return null;
}
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectConformationMethode()
+ */
+ @Override
+ public String getSubjectConformationMethode() {
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see at.gv.egovernment.moa.id.protocols.pvp2x.config.IPVPAuthnRequestBuilderConfiguruation#getSubjectConformationDate()
+ */
+ @Override
+ public Element getSubjectConformationDate() {
+ return null;
+ }
+
}