updated for wbPK

git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@398 d688527b-c9ab-4aba-bd8d-4036d912da1d

1 files changed, 52 insertions, 13 deletions

diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
index eaf9aa0ae..cdb660010 100644
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
+++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
@@ -26,19 +26,23 @@ public class AuthenticationDataAssertionBuilder implements Constants {
     " MajorVersion=''1'' MinorVersion=''0'' AssertionID=''{0}'' Issuer=''{1}'' IssueInstant=''{2}''>" + NL +
 	  "	<saml:AttributeStatement>" + NL + 
 	  "		<saml:Subject>" + NL +
-	  "			<saml:NameIdentifier NameQualifier=''urn:publicid:gv.at:cdid+bPK''>{3}</saml:NameIdentifier>" + NL +
+	  "			<saml:NameIdentifier NameQualifier=''{3}''>{4}</saml:NameIdentifier>" + NL +
 	  "     <saml:SubjectConfirmation>" + NL +
 	  "       <saml:ConfirmationMethod>" + MOA_NS_URI + "cm</saml:ConfirmationMethod>" + NL +
-	  "       <saml:SubjectConfirmationData>{4}{5}</saml:SubjectConfirmationData>" + NL +
+	  "       <saml:SubjectConfirmationData>{5}{6}</saml:SubjectConfirmationData>" + NL +
 	  "     </saml:SubjectConfirmation>" + NL +
 	  "		</saml:Subject>" + NL +
 	  "		<saml:Attribute AttributeName=''PersonData'' AttributeNamespace=''" + PD_NS_URI + "''>" + NL +
-	  "			<saml:AttributeValue>{6}</saml:AttributeValue>" + NL +
+	  "			<saml:AttributeValue>{7}</saml:AttributeValue>" + NL +
 	  "		</saml:Attribute>" + NL +
 	  "		<saml:Attribute AttributeName=''isQualifiedCertificate'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL +
-	  "			<saml:AttributeValue>{7}</saml:AttributeValue>" + NL +
+	  "			<saml:AttributeValue>{8}</saml:AttributeValue>" + NL +
 	  "		</saml:Attribute>" + NL +
-	  "{8}" + 
+    "   <saml:Attribute AttributeName=''bkuURL'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL +
+    "     <saml:AttributeValue>{9}</saml:AttributeValue>" + NL +
+    "   </saml:Attribute>" + NL +
+	  "{10}" + 
+    "{11}" +
 	  "	</saml:AttributeStatement>" + NL +
 	  "</saml:Assertion>";
 	/**
@@ -49,6 +53,11 @@ public class AuthenticationDataAssertionBuilder implements Constants {
 	  "		<saml:Attribute AttributeName=''isPublicAuthority'' AttributeNamespace=''urn:oid:1.2.40.0.10.1.1.1''>" + NL +
 	  "			<saml:AttributeValue>{0}</saml:AttributeValue>" + NL +
 	  "		</saml:Attribute>" + NL;
+  
+  private static final String SIGNER_CERTIFICATE_ATT = 
+    "   <saml:Attribute AttributeName=''SignerCertificate'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL +
+    "     <saml:AttributeValue>{0}</saml:AttributeValue>" + NL +
+    "   </saml:Attribute>" + NL;
 	  
   /**
    * Constructor for AuthenticationDataAssertionBuilder.
@@ -67,6 +76,12 @@ public class AuthenticationDataAssertionBuilder implements Constants {
    * 				 <code>lt;saml:SubjectConfirmationData&gt;</code> element; may include
    * 				 the <code>"Stammzahl"</code> or not; may be empty
    * @param xmlIdentityLink the IdentityLink
+   * @param signerCertificateBase64 Base64 encoded certificate of the signer. Maybe
+   *         an empty string if the signer certificate should not be provided. 
+   *         Will be ignored if the <code>businessService</code> parameter is
+   *         set to <code>false</code>.
+   * @param businessService <code>true</code> if the online application is a
+   *                        business service, otherwise <code>false</code>
    * @return the <code>&lt;saml:Assertion&gt;</code>
    * @throws BuildException if an error occurs during the build process
    */
@@ -74,7 +89,10 @@ public class AuthenticationDataAssertionBuilder implements Constants {
   	AuthenticationData authData, 
   	String xmlPersonData, 
   	String xmlAuthBlock, 
-  	String xmlIdentityLink) throws BuildException {
+  	String xmlIdentityLink,
+    String bkuURL,
+    String signerCertificateBase64,
+    boolean businessService) throws BuildException {
   		
   	String isQualifiedCertificate = authData.isQualifiedCertificate() ? "true" : "false";
   	String publicAuthorityAttribute = "";
@@ -85,17 +103,38 @@ public class AuthenticationDataAssertionBuilder implements Constants {
   		publicAuthorityAttribute = MessageFormat.format(
   			PUBLIC_AUTHORITY_ATT, new Object[] { publicAuthorityIdentification });
   	}
-
+    
+    
+    String signerCertificateAttribute = "";
+    if (signerCertificateBase64 != "") {
+      signerCertificateAttribute = MessageFormat.format(
+        SIGNER_CERTIFICATE_ATT, new Object[] { signerCertificateBase64 });
+    } 
+    
+    String pkType;
+    String pkValue;
+    if (businessService) {
+      pkType = authData.getIdentificationType();
+      pkValue = authData.getWPBK();
+           
+    } else {
+      pkType = URN_PREFIX_BPK;
+      pkValue = authData.getPBK();
+    }
+    
   	String assertion = MessageFormat.format(AUTH_DATA, new Object[] {
-  		authData.getAssertionID(),
+  		authData.getAssertionID(), 
   		authData.getIssuer(), 
   		authData.getIssueInstant(), 
-  		authData.getPBK(), 
-  		removeXMLDeclaration(xmlAuthBlock),
-  		removeXMLDeclaration(xmlIdentityLink),
+      pkType,
+  		pkValue, 
+  		removeXMLDeclaration(xmlAuthBlock), 
+  		removeXMLDeclaration(xmlIdentityLink), 
   		removeXMLDeclaration(xmlPersonData), 
-  		isQualifiedCertificate, 
-  		publicAuthorityAttribute});
+  		isQualifiedCertificate,
+      bkuURL,
+  		publicAuthorityAttribute,
+      signerCertificateAttribute}); 
     return assertion;
   }