fix bug in auth. protocol deactivation

2 files changed, 21 insertions, 12 deletions

diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index 9f4174bf0..e83353059 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -11,6 +11,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
@@ -21,10 +22,12 @@ import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
 import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
+import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
 import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
 import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
 import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
@@ -47,7 +50,9 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
 					PVPConstants.EID_SECTOR_FOR_IDENTIFIER_NAME,
 					PVPConstants.BPK_NAME
 			});
-		
+
+	@Autowired(required=true) AuthConfiguration moaAuthConfig;
+	
 	public String getName() { 
 		return NAME;
 	}
@@ -68,12 +73,12 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
 	
 	//OpenID Connect auth request
 	@RequestMapping(value = "/oauth2/auth", method = {RequestMethod.POST, RequestMethod.GET})
-	public void openIDConnectAuthRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException, InvalidProtocolRequestException {
-//		if (!authConfig.getAllowedProtocols().isOAUTHActive()) {
-//			Logger.info("OpenID-Connect is deaktivated!");
-//			throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
-//			
-//		}
+	public void openIDConnectAuthRequest(HttpServletRequest req, HttpServletResponse resp) throws EAAFException, IOException {
+		if (!moaAuthConfig.getAllowedProtocols().isOAUTHActive()) {
+			Logger.info("OpenID-Connect is deaktivated!");
+			throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
+			
+		}
 		
 		OAuth20AuthRequest pendingReq = applicationContext.getBean(OAuth20AuthRequest.class);
 		try {			
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 30d740a2a..20c66d7a2 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -41,11 +41,13 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
 import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
+import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
@@ -90,6 +92,8 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 					PVPConstants.EID_SOURCE_PIN_TYPE_NAME
 			});
 	
+	@Autowired(required=true) AuthConfiguration moaAuthConfig;
+	
 	public String getName() {
 		return NAME;
 	}
@@ -102,11 +106,11 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 	
 	@RequestMapping(value = "/StartAuthentication", method = {RequestMethod.POST, RequestMethod.GET})
 	public void SAML1AuthnRequest(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {		
-//		if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isSAML1Active()) {
-//			Logger.info("SAML1 is deaktivated!");
-//			throw new ProtocolNotActiveException("auth.22", new Object[] { "SAML 1" });
-//			
-//		}
+		if (!moaAuthConfig.getAllowedProtocols().isSAML1Active()) {
+			Logger.info("SAML1 is deaktivated!");
+			throw new ProtocolNotActiveException("auth.22", new Object[] { "SAML 1" });
+			
+		}
 		
 		SAML1RequestImpl pendingReq = applicationContext.getBean(SAML1RequestImpl.class);
 		pendingReq.initialize(req, authConfig);