update demo-SP for IDA testing

2 files changed, 38 insertions, 20 deletions

diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
index e36a880ba..df58fbc7a 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
@@ -41,6 +41,7 @@ import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
 import org.opensaml.saml2.binding.decoding.HTTPRedirectDeflateDecoder;
 import org.opensaml.saml2.binding.security.SAML2AuthnRequestsSignedRule;
 import org.opensaml.saml2.binding.security.SAML2HTTPRedirectDeflateSignatureRule;
+import org.opensaml.saml2.core.Assertion;
 import org.opensaml.saml2.core.Attribute;
 import org.opensaml.saml2.core.AttributeStatement;
 import org.opensaml.saml2.core.EncryptedAssertion;
@@ -229,21 +230,20 @@ public class DemoApplication extends HttpServlet {
 					Decrypter samlDecrypter =
 							new Decrypter(null, skicr, encryptedKeyResolver);
 					
-					for (EncryptedAssertion encAssertion : encryAssertionList) {							
-						saml2assertions.add(samlDecrypter.decrypt(encAssertion));
-
-					}
+					for (EncryptedAssertion encAssertion : encryAssertionList) {
+					  Assertion decryptedAssertion = samlDecrypter.decrypt(encAssertion);
+					  samlResponse.getAssertions().add(decryptedAssertion);						
+						log.debug("Decrypted Assertion: " + DOMUtils.serializeNode(SAML2Utils.asDOMDocument(decryptedAssertion)));
+						
+					}				
 					
 					log.debug("Assertion decryption finished. ");
 					
 				} else {
-					saml2assertions = samlResponse.getAssertions();
+				  log.debug("Assertiojn is not encryted. Use it as it is");
 			
 				}
-				
-				samlResponse.getAssertions().clear();
-				samlResponse.getAssertions().addAll(saml2assertions);
-				
+														
 				//set assertion
 				org.w3c.dom.Document doc = SAML2Utils.asDOMDocument(samlResponse);
 				String assertion = DOMUtils.serializeNode(doc);				
@@ -254,7 +254,9 @@ public class DemoApplication extends HttpServlet {
 				String familyName = null;
 				String birthday = null;
 				
-				for (org.opensaml.saml2.core.Assertion saml2assertion : saml2assertions) {
+				log.debug("Find #" + samlResponse.getAssertions().size() + " assertions after decryption");
+				
+				for (org.opensaml.saml2.core.Assertion saml2assertion : samlResponse.getAssertions()) {
 					
 					try {
 						principleId = saml2assertion.getSubject().getNameID().getValue();
@@ -270,16 +272,32 @@ public class DemoApplication extends HttpServlet {
 						List<Attribute> attributes = attributeStatements.get(i).getAttributes();
 						for (int x = 0; x < attributes.size(); x++)
 						{
-							String strAttributeName = attributes.get(x).getDOM().getAttribute("Name");
+						  
+						  
+							String strAttributeName = attributes.get(x).getName();
 
-							if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME))
+							log.debug("Find attribute with name: " + strAttributeName + " and value: " 
+							    + attributes.get(x).getAttributeValues().get(0).getDOM().getNodeValue());
+							
+							if (strAttributeName.equals(PVPConstants.PRINCIPAL_NAME_NAME)) {
 								familyName = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
-							if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME))
+								
+							}
+							
+							if (strAttributeName.equals(PVPConstants.GIVEN_NAME_NAME)) {
 								givenName = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
+								
+							}
 							
 							if (strAttributeName.equals(PVPConstants.BIRTHDATE_NAME)) {
 								birthday = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
-							}								
+								
+							}
+							
+	            if (strAttributeName.equals(PVPConstants.BPK_NAME)) {
+	              principleId = attributes.get(x).getAttributeValues().get(0).getDOM().getFirstChild().getNodeValue();
+	                
+	            }
 						}
 					}						
 					request.getSession().setAttribute(Constants.SESSION_NAMEIDFORMAT,
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
index 1dcc66a56..9dc0d1d6f 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
@@ -47,19 +47,19 @@ public class AttributeListBuilder implements PVPConstants{
 		
 		
 		//select PVP2 attributes which are needed for this application
-		requestedAttributes.add(buildReqAttribute(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
+		requestedAttributes.add(buildReqAttribute(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, false));
 		requestedAttributes.add(buildReqAttribute(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
 		requestedAttributes.add(buildReqAttribute(GIVEN_NAME_NAME, GIVEN_NAME_FRIENDLY_NAME, true));
 		requestedAttributes.add(buildReqAttribute(BIRTHDATE_NAME, BIRTHDATE_FRIENDLY_NAME, false));
 		requestedAttributes.add(buildReqAttribute(BPK_NAME, BPK_FRIENDLY_NAME, true));
 		
-		requestedAttributes.add(buildReqAttribute(EID_CITIZEN_QAA_LEVEL_NAME, EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME, true));
-		requestedAttributes.add(buildReqAttribute(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, true));
-		requestedAttributes.add(buildReqAttribute(EID_SECTOR_FOR_IDENTIFIER_NAME, EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, true));
+		requestedAttributes.add(buildReqAttribute(EID_CITIZEN_QAA_LEVEL_NAME, EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, false));
+		requestedAttributes.add(buildReqAttribute(EID_SECTOR_FOR_IDENTIFIER_NAME, EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, false));
 		requestedAttributes.add(buildReqAttribute(EID_SIGNER_CERTIFICATE_NAME, EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, false));		
-		requestedAttributes.add(buildReqAttribute(EID_CCS_URL_NAME, EID_CCS_URL_FRIENDLY_NAME, true));		
+		requestedAttributes.add(buildReqAttribute(EID_CCS_URL_NAME, EID_CCS_URL_FRIENDLY_NAME, false));		
 		requestedAttributes.add(buildReqAttribute(EID_AUTH_BLOCK_NAME, EID_AUTH_BLOCK_FRIENDLY_NAME, false));		
-		requestedAttributes.add(buildReqAttribute(EID_IDENTITY_LINK_NAME, EID_IDENTITY_LINK_FRIENDLY_NAME, true));
+		requestedAttributes.add(buildReqAttribute(EID_IDENTITY_LINK_NAME, EID_IDENTITY_LINK_FRIENDLY_NAME, false));
 		
 		requestedAttributes.add(buildReqAttribute(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false));
 		requestedAttributes.add(buildReqAttribute(MANDATE_FULL_MANDATE_NAME, MANDATE_FULL_MANDATE_FRIENDLY_NAME, false));