diff options
author | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2016-01-14 17:26:07 +0100 |
---|---|---|
committer | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2016-01-14 17:26:07 +0100 |
commit | b8b01a93311156704c9c003e3128c544a5e2ba48 (patch) | |
tree | 18e5fb734217d1d34105c18c5febf486d3a0c936 | |
parent | 1d65e35ef38e8a7405ec25def325080b7da2ab4d (diff) | |
download | moa-id-spss-b8b01a93311156704c9c003e3128c544a5e2ba48.tar.gz moa-id-spss-b8b01a93311156704c9c003e3128c544a5e2ba48.tar.bz2 moa-id-spss-b8b01a93311156704c9c003e3128c544a5e2ba48.zip |
moa learned how to trigger an authentication after receiving an eidas request
2 files changed, 26 insertions, 25 deletions
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java index 6a13cba60..3144d08e8 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/AuthenticationRequest.java @@ -48,8 +48,7 @@ public class AuthenticationRequest implements IAction { @Override public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { - // TODO Auto-generated method stub - return false; + return true; } @Override diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java index 01052c698..3e2122315 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java @@ -23,29 +23,19 @@ package at.gv.egovernment.moa.id.protocols.eidas; import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; -import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.MOAIDException; -import at.gv.egovernment.moa.id.auth.modules.eidas.utils.MOAPersonalAttributeList; import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; -import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.moduls.IAction; import at.gv.egovernment.moa.id.moduls.IModulInfo; import at.gv.egovernment.moa.id.moduls.IRequest; -import at.gv.egovernment.moa.id.moduls.RequestStorage; -import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.MiscUtil; import eu.eidas.auth.commons.EIDASAuthnRequest; -import eu.eidas.auth.commons.EIDASAuthnResponse; import eu.eidas.auth.commons.EIDASUtil; import eu.eidas.auth.engine.EIDASSAMLEngine; -import eu.stork.peps.auth.commons.*; -import eu.stork.peps.auth.engine.STORKSAMLEngine; -import eu.stork.peps.exceptions.STORKSAMLEngineException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -92,31 +82,43 @@ public class EIDASProtocol extends MOAIDAuthConstants implements IModulInfo { */ public IRequest preProcess(HttpServletRequest request, HttpServletResponse response, String action, String sessionId, String transactionId) throws MOAIDException { - + Logger.info("received an eIDaS request"); - + //get SAML Response and decode it String base64SamlToken = request.getParameter("SAMLRequest"); if (MiscUtil.isEmpty(base64SamlToken)) { Logger.warn("No eIDAS SAMLRequest found in http request."); throw new MOAIDException("HTTP request includes no eIDAS SAML-Request element.", null); - } byte[] decSamlToken = EIDASUtil.decodeSAMLToken(base64SamlToken); - + try { - //get eIDAS SAML-engine - EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); - - //validate SAML token - EIDASAuthnRequest samlReq = engine.validateEIDASAuthnRequest(decSamlToken); + //get eIDAS SAML-engine + EIDASSAMLEngine engine = SAMLEngineUtils.createSAMLEngine(); + + //validate SAML token + EIDASAuthnRequest samlReq = engine.validateEIDASAuthnRequest(decSamlToken); + + // memorize important stuff + EIDASRequest result = new EIDASRequest(); + // - memorize requested attributes + // TODO memorize requested attributes + + // - memorize OA url + result.setOAURL("https://demo.a-sit.at/EidasNode"); // TODO use metadata url? + + // - memorize OA config + OAAuthParameter oaConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(result.getOAURL()); + if (oaConfig == null) + throw new AuthenticationException("stork.12", new Object[]{result.getOAURL()}); + result.setOnlineApplicationConfiguration(oaConfig); - + return result; } catch(Exception e) { - + Logger.error("error in preprocessing step", e); + throw new MOAIDException("error in preprocessing step", null); } - - return null; } public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) { |