diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2017-02-23 08:13:11 +0100 | 
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2017-02-23 08:13:11 +0100 | 
| commit | 44184c19d53146dcd84e2ddd704ff78aa539d511 (patch) | |
| tree | 8f4d46e419674925d973c6ea851637004ca1e0ad | |
| parent | f6acad73155af58b75709077d8dee67dab0be47e (diff) | |
| download | moa-id-spss-44184c19d53146dcd84e2ddd704ff78aa539d511.tar.gz moa-id-spss-44184c19d53146dcd84e2ddd704ff78aa539d511.tar.bz2 moa-id-spss-44184c19d53146dcd84e2ddd704ff78aa539d511.zip | |
update eIDAS SP metadata, because SP needs persistent identifiers only
| -rw-r--r-- | id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java | 17 | 
1 files changed, 12 insertions, 5 deletions
| diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java index 9d397074b..7b159c73d 100644 --- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java +++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/MOAeIDASMetadataGenerator.java @@ -208,7 +208,12 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator {          if (!StringUtils.isEmpty(params.getAssertionConsumerUrl())) {              addAssertionConsumerService();          } -        fillNameIDFormat(spSSODescriptor); +         +        //FIX: Austrian eIDAS node SP only needs persistent identifiers +        NameIDFormat persistentFormat = +                (NameIDFormat) BuilderFactoryUtil.buildXmlObject(NameIDFormat.DEFAULT_ELEMENT_NAME); +        persistentFormat.setFormat(SamlNameIdFormat.PERSISTENT.getNameIdFormat()); +        spSSODescriptor.getNameIDFormats().add(persistentFormat);          /**FIXME:           * 	Double signing of SPSSODescribtor is not required @@ -221,8 +226,8 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator {          entityDescriptor.getRoleDescriptors().add(spSSODescriptor);      } - -    private void fillNameIDFormat(SSODescriptor ssoDescriptor) throws EIDASSAMLEngineException { +     +    private void fillIDPNameIDFormat(SSODescriptor ssoDescriptor) throws EIDASSAMLEngineException {          NameIDFormat persistentFormat =                  (NameIDFormat) BuilderFactoryUtil.buildXmlObject(NameIDFormat.DEFAULT_ELEMENT_NAME);          persistentFormat.setFormat(SamlNameIdFormat.PERSISTENT.getNameIdFormat()); @@ -269,7 +274,9 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator {                      .add(getKeyDescriptor(keyInfoGeneratorFactory, params.getEncryptionCredential(), UsageType.ENCRYPTION));          }          idpSSODescriptor.addSupportedProtocol(params.getIdpSamlProtocol()); -        fillNameIDFormat(idpSSODescriptor); +         +        //Austrian eIDAS node IDP can provided persistent, transient, and unspecified identifiers +        fillIDPNameIDFormat(idpSSODescriptor);          if (params.getIdpEngine() != null) { @@ -298,7 +305,7 @@ public class MOAeIDASMetadataGenerator extends MetadataGenerator {      } -    /*TODO: Only a work-around to add eIDAS attributes, which could be provided from MOA-ID, to IDP metadata +    /* FIX: Work-around to add eIDAS attributes, which could be provided from MOA-ID, to IDP metadata       * If we restrict the eIDAS Engine attribute definitions then also additional incoming attributes can not processed any more.       */      public ImmutableSortedSet<AttributeDefinition<?>> getAllSupportedAttributes() { | 
