split AuthBlock validation and MIS sessionID request into discrete task

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2015-07-20 10:31:55 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2015-07-20 10:31:55 +0200
commit: f3befac4266567d37f52970e57486af7b87b0b7f (patch)
tree: cd524d2582552f21b74e7bd81878bf4ab60ef056
parent: bf061ad4ba8803717e4f27e14fa2a8c26a95bd4b (diff)
download: moa-id-spss-f3befac4266567d37f52970e57486af7b87b0b7f.tar.gz
moa-id-spss-f3befac4266567d37f52970e57486af7b87b0b7f.tar.bz2
moa-id-spss-f3befac4266567d37f52970e57486af7b87b0b7f.zip
6 files changed, 341 insertions, 148 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
new file mode 100644
index 000000000..45b5e3a7e
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/FinalizeAuthenticationTask.java
@@ -0,0 +1,119 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
+
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
+import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.moduls.ModulUtils;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class FinalizeAuthenticationTask extends AbstractAuthServletTask {
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+	 */
+	@Override
+	public void execute(ExecutionContext executionContext,
+			HttpServletRequest request, HttpServletResponse response)
+			throws TaskExecutionException {
+		
+		try {
+			IRequest pendingReq = RequestStorage.getPendingRequest(
+					(String) executionContext.get("pendingRequestID"));	
+		
+			//get Session from context
+			String moasessionid = (String) executionContext.get(PARAM_SESSIONID);
+			AuthenticationSession session = null;				
+			if (MiscUtil.isEmpty(moasessionid)) {
+				Logger.warn("MOASessionID is empty.");
+				throw new MOAIDException("auth.18", new Object[] {});
+			}
+			
+			try {			
+				session = AuthenticationSessionStoreage.getSession(moasessionid);
+				AuthenticationSessionStoreage.changeSessionID(session);
+							
+			} catch (MOADatabaseException e) {
+				Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
+				throw new MOAIDException("init.04", new Object[] { moasessionid });
+
+			} catch (Throwable e) {
+				Logger.info("No HTTP Session found!");
+				throw new MOAIDException("auth.18", new Object[] {});
+			
+			} finally {
+				executionContext.remove(PARAM_SESSIONID);
+			
+			}
+		
+		
+			session.setAuthenticatedUsed(false);
+			session.setAuthenticated(true);
+
+
+			String oldsessionID = session.getSessionID();
+
+			//Session is implicte stored in changeSessionID!!!
+			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
+
+			Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
+			Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
+		
+			String redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), 
+					ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingReq.getRequestID()), newMOASessionID);
+				
+			response.setContentType("text/html");
+			response.setStatus(302);
+			response.addHeader("Location", redirectURL);		
+			Logger.debug("REDIRECT TO: " + redirectURL);
+			
+		} catch (MOAIDException e) {
+			throw new TaskExecutionException(e.getMessage(), e);
+			
+		} catch (Exception e) {
+			Logger.warn("FinalizeAuthenticationTask has an internal error", e);
+			throw new TaskExecutionException(e.getMessage(), e);
+			
+		}
+
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
index 8f1cd8cfe..215a7a809 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetForeignIDTask.java
@@ -163,14 +163,7 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
 
 				Logger.info("Changed MOASession " + sessionID + " to Session " + newMOASessionID);
 				Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-
-				redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(),
-						ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID),
-						newMOASessionID);
-				redirectURL = resp.encodeRedirectURL(redirectURL);
-
-				// TODO[branch]: Final step back to /dispatcher
-
+				
 				MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), 
 						pendingReq, MOAIDEventConstants.AUTHPROCESS_FOREIGN_SZRGW_RECEIVED);
 				
@@ -180,10 +173,8 @@ public class GetForeignIDTask extends AbstractAuthServletTask {
 					throw new MOAIDException("Session store error", null);
 				}
 
-				resp.setContentType("text/html");
-				resp.setStatus(302);
-				resp.addHeader("Location", redirectURL);
-				Logger.debug("REDIRECT TO: " + redirectURL);
+				//put session to context 
+				executionContext.put(PARAM_SESSIONID, session.getSessionID());
 			}
 
 		} catch (MOAIDException ex) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
index 67d42e442..2931d26e2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
@@ -139,15 +139,10 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
 			AuthenticationServer.getInstance().verifyMandate(session, mandate);
 			
 			session.setMISMandate(mandate);
-			session.setAuthenticatedUsed(false);
-			session.setAuthenticated(true);
 			
 			//log mandate specific set of events
 			MOAReversionLogger.getInstance().logMandateEventSet(pendingReq, mandate);
-			
-	    	//set QAA Level four in case of card authentifcation
-	    	session.setQAALevel(PVPConstants.STORK_QAA_1_4);
-			
+						
 			String oldsessionID = session.getSessionID();
 			
 			//Session is implicite stored in changeSessionID!!!
@@ -155,19 +150,10 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
 			
 			Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
 			Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-						
-			String redirectURL = new DataURLBuilder().buildDataURL(
-					session.getAuthURL(),
-					ModulUtils.buildAuthURL(session.getModul(),
-							session.getAction(), pendingRequestID), newMOASessionID);
-			redirectURL = resp.encodeRedirectURL(redirectURL);
-			
-			// TODO[branch]: Final step back to /dispatcher
+
+			//put session to context 
+			executionContext.put(PARAM_SESSIONID, session.getSessionID());
 			
-			resp.setContentType("text/html");
-			resp.setStatus(302);
-			resp.addHeader("Location", redirectURL);
-			Logger.debug("REDIRECT TO: " + redirectURL);
 
 		} catch (MOAIDException ex) {
 			throw new TaskExecutionException(ex.getMessage(), ex);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
new file mode 100644
index 000000000..132fa927f
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
@@ -0,0 +1,200 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.internal.tasks;
+
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.GET_MIS_SESSIONID;
+import static at.gv.egovernment.moa.id.auth.MOAIDAuthConstants.PARAM_SESSIONID;
+
+import java.util.List;
+
+import javax.net.ssl.SSLSocketFactory;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
+import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.auth.exception.MISSimpleClientException;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask;
+import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.ConnectionParameter;
+import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
+import at.gv.egovernment.moa.id.util.SSLUtils;
+import at.gv.egovernment.moa.id.util.client.mis.simple.MISSessionId;
+import at.gv.egovernment.moa.id.util.client.mis.simple.MISSimpleClient;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+	 */
+	@Override
+	public void execute(ExecutionContext executionContext,
+			HttpServletRequest request, HttpServletResponse response)
+			throws TaskExecutionException {
+
+		//mandate Mode
+		try {
+			IRequest pendingReq = RequestStorage.getPendingRequest(
+					(String) executionContext.get("pendingRequestID"));	
+			
+			//get Session from context
+			String moasessionid = (String) executionContext.get(PARAM_SESSIONID);
+			AuthenticationSession session = null;				
+			if (MiscUtil.isEmpty(moasessionid)) {
+				Logger.warn("MOASessionID is empty.");
+				throw new MOAIDException("auth.18", new Object[] {});
+			}
+				
+			try {			
+				session = AuthenticationSessionStoreage.getSession(moasessionid);
+				AuthenticationSessionStoreage.changeSessionID(session);
+								
+			} catch (MOADatabaseException e) {
+				Logger.info("MOASession with SessionID=" + moasessionid + " is not found in Database");
+				throw new MOAIDException("init.04", new Object[] { moasessionid });
+
+			} catch (Throwable e) {
+				Logger.info("No HTTP Session found!");
+				throw new MOAIDException("auth.18", new Object[] {});
+				
+			} finally {
+				executionContext.remove(PARAM_SESSIONID);
+				
+			}
+
+			
+		  AuthConfiguration authConf= AuthConfigurationProviderFactory.getInstance();
+			ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter();	
+			SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProviderFactory.getInstance(), connectionParameters);
+			
+			// get identitity link as byte[]
+			Element elem = session.getIdentityLink().getSamlAssertion();
+			String s = DOMUtils.serializeNode(elem);
+			
+			//System.out.println("IDL: " + s);
+			
+			byte[] idl = s.getBytes("UTF-8");
+			
+			// redirect url
+			// build redirect(to the GetMISSessionIdSerlvet)
+			
+			//change MOASessionID before MIS request
+			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
+			
+	        String redirectURL = new DataURLBuilder().buildDataURL(
+			    session.getAuthURL(),
+			    GET_MIS_SESSIONID,
+			    newMOASessionID);
+			
+	        String oaURL = session.getOAURLRequested();
+	        OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL);
+	        List<String> profiles = oaParam.getMandateProfiles();
+
+	        if (profiles == null) {
+	      	  Logger.error("No Mandate/Profile for OA configured.");
+	      	  throw new AuthenticationException("config.21", new Object[] { GET_MIS_SESSIONID});
+	        }
+	        
+	        String oaFriendlyName = oaParam.getFriendlyName();
+	        String mandateReferenceValue = session.getMandateReferenceValue();
+	        byte[] cert = session.getEncodedSignerCertificate();
+	        byte[] authBlock = session.getAuthBlock().getBytes("UTF-8");
+	        
+	        //TODO: check in case of SSO!!!
+	        String targetType = null;  
+	        if(oaParam.getBusinessService()) {
+	        	String id = oaParam.getIdentityLinkDomainIdentifier();
+	        	if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
+	        		targetType = id;
+	        	else
+	        		targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier();
+	        	
+	        } else {
+	        	targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
+	        }
+	        
+	        MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), 
+					pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue);
+	        
+	        MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(
+	        		connectionParameters.getUrl(), 
+	        		idl, 
+	        		cert, 
+	        		oaFriendlyName, 
+	        		redirectURL, 
+	        		mandateReferenceValue, 
+	        		profiles, 
+	        		targetType,
+	        		authBlock,
+	        		sslFactory);
+	        
+	        if (misSessionID == null) {
+	      	  Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
+	      	  throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service.");
+	        }
+	        
+	        String redirectMISGUI = misSessionID.getRedirectURL();
+	        session.setMISSessionID(misSessionID.getSessiondId());
+		
+			try {
+				AuthenticationSessionStoreage.storeSession(session);
+				
+			} catch (MOADatabaseException | BuildException e) {
+				throw new MOAIDException("Session store error", null);
+				
+			}
+	        			
+			MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), 
+					pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT);
+			
+	        response.setStatus(302);
+	    	response.addHeader("Location", redirectMISGUI);
+	    	Logger.debug("REDIRECT TO: " + redirectMISGUI);
+	    	
+		} catch (Exception e ) {
+			throw new TaskExecutionException(e.getMessage(), e);
+			
+		} 
+	}
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
index fd1400ed1..25e0dd37f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
@@ -127,126 +127,17 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
 				//change MOASessionID
 			    sessionID = AuthenticationSessionStoreage.changeSessionID(session);
 				
-				String authenticatedMOASessionId = AuthenticationServer.getInstance().verifyAuthenticationBlock(pendingReq, session, createXMLSignatureResponse);
+				AuthenticationServer.getInstance().verifyAuthenticationBlock(pendingReq, session, createXMLSignatureResponse);
 				
-				if (authenticatedMOASessionId == null) { 
-					//mandate Mode
-				
-					  AuthConfiguration authConf= AuthConfigurationProviderFactory.getInstance();
-						ConnectionParameter connectionParameters = authConf.getOnlineMandatesConnectionParameter();	
-						SSLSocketFactory sslFactory = SSLUtils.getSSLSocketFactory(AuthConfigurationProviderFactory.getInstance(), connectionParameters);
-						
-						// get identitity link as byte[]
-						Element elem = session.getIdentityLink().getSamlAssertion();
-						String s = DOMUtils.serializeNode(elem);
-						
-						//System.out.println("IDL: " + s);
-						
-						byte[] idl = s.getBytes("UTF-8");
-						
-						// redirect url
-						// build redirect(to the GetMISSessionIdSerlvet)
-						
-						//change MOASessionID before MIS request
-						String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-						
-				        redirectURL =
-				              new DataURLBuilder().buildDataURL(
-				                session.getAuthURL(),
-				                GET_MIS_SESSIONID,
-				                newMOASessionID);
-						
-				        String oaURL = session.getOAURLRequested();
-				        OAAuthParameter oaParam = authConf.getOnlineApplicationParameter(oaURL);
-				        List<String> profiles = oaParam.getMandateProfiles();
-
-				        if (profiles == null) {
-				      	  Logger.error("No Mandate/Profile for OA configured.");
-				      	  throw new AuthenticationException("config.21", new Object[] { GET_MIS_SESSIONID});
-				        }
-				        
-				        String oaFriendlyName = oaParam.getFriendlyName();
-				        String mandateReferenceValue = session.getMandateReferenceValue();
-				        byte[] cert = session.getEncodedSignerCertificate();
-				        byte[] authBlock = session.getAuthBlock().getBytes("UTF-8");
-				        
-				        //TODO: check in case of SSO!!!
-				        String targetType = null;  
-				        if(oaParam.getBusinessService()) {
-				        	String id = oaParam.getIdentityLinkDomainIdentifier();
-				        	if (id.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
-				        		targetType = id;
-				        	else
-				        		targetType = AuthenticationSession.REGISTERANDORDNR_PREFIX_+session.getDomainIdentifier();
-				        	
-				        } else {
-				        	targetType = AuthenticationSession.TARGET_PREFIX_ + oaParam.getTarget();
-				        }
-				        
-				        MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), 
-								pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_SERVICE_REQUESTED, mandateReferenceValue);
-				        
-				        MISSessionId misSessionID = MISSimpleClient.sendSessionIdRequest(
-				        		connectionParameters.getUrl(), 
-				        		idl, 
-				        		cert, 
-				        		oaFriendlyName, 
-				        		redirectURL, 
-				        		mandateReferenceValue, 
-				        		profiles, 
-				        		targetType,
-				        		authBlock,
-				        		sslFactory);
-				        
-				        if (misSessionID == null) {
-				      	  Logger.error("Fehler bei Anfrage an Vollmachten Service. MIS Session ID ist null.");
-				      	  throw new MISSimpleClientException("Fehler bei Anfrage an Vollmachten Service.");
-				        }
-				        
-				        String redirectMISGUI = misSessionID.getRedirectURL();
-				        session.setMISSessionID(misSessionID.getSessiondId());
-					
-						try {
-							AuthenticationSessionStoreage.storeSession(session);
-						} catch (MOADatabaseException e) {
-							throw new MOAIDException("Session store error", null);
-						}
-				        
-						// TODO[branch]: Mandate; redirect to MIS website; website redirects back to "/GetMISSessionID"
-						
-						MOAReversionLogger.getInstance().logEvent(pendingReq.getOnlineApplicationConfiguration(), 
-								pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT);
-						
-				        resp.setStatus(302);
-				    	  resp.addHeader("Location", redirectMISGUI);
-				    	  Logger.debug("REDIRECT TO: " + redirectURL);
-				}
-				else {
-					// TODO[branch]: Final step back to /dispatcher
-					redirectURL = new DataURLBuilder().buildDataURL(session.getAuthURL(), 
-							ModulUtils.buildAuthURL(session.getModul(), session.getAction(), pendingRequestID), authenticatedMOASessionId);
-							
-					resp.setContentType("text/html");
-					resp.setStatus(302);
-				
-					resp.addHeader("Location", redirectURL);		
-					Logger.debug("REDIRECT TO: " + redirectURL);				
-					
-				}
+				//put session to context 
+				executionContext.put(PARAM_SESSIONID, session.getSessionID());
 				
 			}
 	    
 			catch (MOAIDException ex) {
 				throw new TaskExecutionException(ex.getMessage(), ex);
 				
-			} catch (GeneralSecurityException e) {
-				throw new TaskExecutionException(e.getMessage(), e);
-				
-			} catch (PKIException e) {
-				throw new TaskExecutionException(e.getMessage(), e);
-				
-			} catch (TransformerException e) {
-				throw new TaskExecutionException(e.getMessage(), e);
+			
 				
 		    } catch (Exception e) {
 		    	Logger.error("AuthBlockValidation has an interal Error.", e);
diff --git a/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml
index 3860ddef4..31f8f68b6 100644
--- a/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml
+++ b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml
@@ -9,9 +9,11 @@
 	<pd:Task id="verifyIdentityLink"        class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyIdentityLinkTask"        async="true" />
 	<pd:Task id="verifyAuthBlock"           class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyAuthenticationBlockTask" async="true" />
 	<pd:Task id="verifyCertificate"         class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyCertificateTask"         async="true" />
-	<pd:Task id="getMISSessionID"           class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask"           async="true" />
+	<pd:Task id="getMISMandate"           class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask"           async="true" />
 	<pd:Task id="certificateReadRequest"    class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CertificateReadRequestTask" />
 	<pd:Task id="prepareAuthBlockSignature" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareAuthBlockSignatureTask" />
+	<pd:Task id="prepareGetMISMandate" 			class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareGetMISMandateTask" />
+	<pd:Task id="finalizeAuthentication" 		class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.FinalizeAuthenticationTask" />
 	<pd:Task id="getForeignID"              class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetForeignIDTask"              async="true" />
 
 	<!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. -->
@@ -33,12 +35,16 @@
 	<pd:Transition from="verifyCertificate"         to="verifyAuthBlock" conditionExpression="ctx['useMandate']" />
 	<pd:Transition from="verifyCertificate"         to="getForeignID" />
 	
-	<pd:Transition from="verifyAuthBlock"           to="getMISSessionID" conditionExpression="ctx['useMandate']" />
-	<pd:Transition from="verifyAuthBlock"           to="end" />
+	<pd:Transition from="verifyAuthBlock"           to="prepareGetMISMandate" conditionExpression="ctx['useMandate']" />
+	<pd:Transition from="verifyAuthBlock"           to="finalizeAuthentication" />
 	
-	<pd:Transition from="getMISSessionID"           to="end" />
-	<pd:Transition from="getForeignID"              to="end" />
+	<pd:Transition from="prepareGetMISMandate"      to="getMISMandate" />
+		
+	<pd:Transition from="getMISMandate"           	to="finalizeAuthentication" />
+	<pd:Transition from="getForeignID"              to="finalizeAuthentication" />
 	
+	<pd:Transition from="finalizeAuthentication"    to="end" />
+		
 	<pd:EndEvent id="end" />
 
 </pd:ProcessDefinition>
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2015-07-20 10:31:55 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2015-07-20 10:31:55 +0200
commit	f3befac4266567d37f52970e57486af7b87b0b7f (patch)
tree	cd524d2582552f21b74e7bd81878bf4ab60ef056
parent	bf061ad4ba8803717e4f27e14fa2a8c26a95bd4b (diff)
download	moa-id-spss-f3befac4266567d37f52970e57486af7b87b0b7f.tar.gz moa-id-spss-f3befac4266567d37f52970e57486af7b87b0b7f.tar.bz2 moa-id-spss-f3befac4266567d37f52970e57486af7b87b0b7f.zip