diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-07-19 11:50:19 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-07-19 11:50:19 +0200 |
commit | 71da4a9bc7e2ff79b2fb4cf8903d15fd75372859 (patch) | |
tree | a2a5841c65ebb4bda12d703378fc41b3cec69fb4 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java | |
parent | 49acb697426d3c313ad047449ea62ac1bf3f4fd0 (diff) | |
download | moa-id-spss-71da4a9bc7e2ff79b2fb4cf8903d15fd75372859.tar.gz moa-id-spss-71da4a9bc7e2ff79b2fb4cf8903d15fd75372859.tar.bz2 moa-id-spss-71da4a9bc7e2ff79b2fb4cf8903d15fd75372859.zip |
SSO and Configuration updated
TODO:
--PVP2 from configuration
--UseIFrame for OAs
--SSO with mandates
--Resign IdentityLink
--Encrypted MOASession in Database
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java | 125 |
1 files changed, 108 insertions, 17 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java index fb45e517d..abb33203c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java @@ -59,6 +59,7 @@ import at.gv.egovernment.moa.id.util.Random; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.MiscUtil; import at.gv.egovernment.moa.util.StringUtils; /** @@ -120,6 +121,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion * The number of SAML attributes included in this AUTH-Block (without the extended SAML attributes). */ public static final int NUM_OF_SAML_ATTRIBUTES = 4; + public static final int NUM_OF_SAML_ATTRIBUTES_SSO = 3; /** * Constructor for AuthenticationBlockAssertionBuilder. @@ -168,23 +170,14 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion String oaURL, String gebDat, List extendedSAMLAttributes, - AuthenticationSession session) + AuthenticationSession session, + OAAuthParameter oaParam) throws BuildException { session.setSAMLAttributeGebeORwbpk(true); String gebeORwbpk = ""; String wbpkNSDeclaration = ""; - - //reading OA parameters - OAAuthParameter oaParam; - try { - oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( - session.getPublicOAURLPrefix()); - } catch (ConfigurationException e) { - Logger.error("Error on building AUTH-Block: " + e.getMessage()); - throw new BuildException("builder.00", new Object[] { "AUTH-Block", e.toString()}); - } - + if (target == null) { // OA is a business application if (!Constants.URN_PREFIX_HPI.equals(identityLinkType)) { @@ -216,7 +209,6 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion //no business service, adding bPK - System.out.println("identityLinkValue: " + identityLinkValue); if (identityLinkValue != null) { Element bpkSamlValueElement; try { @@ -264,9 +256,15 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion extendedSAMLAttributes.add(oaFriendlyNameAttribute); - //TODO: load special text from OAconfig - //String text = "Hiermit bestätige ich, #NAME#, die Übernahme sämtlicher eingelangter Zustellstücke zum #DATE# um #TIME#."; String text = ""; + try { + OAAuthParameter oaparam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + if (MiscUtil.isNotEmpty(text = oaparam.getAditionalAuthBlockText())) + Logger.info("Use addional AuthBlock Text from OA=" + oaparam.getPublicURLPrefix()); + } catch (ConfigurationException e) { + Logger.warn("Addional AuthBlock Text can not loaded from OA!", e); + } + String specialText = MessageFormat.format(SPECIAL_TEXT_ATTRIBUTE, @@ -406,9 +404,14 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion extendedSAMLAttributes.add(oaFriendlyNameAttribute); //..BZ - //TODO: load special text from OAconfig - //String text = "Hiermit bestätige ich, #NAME#, die Übernahme sämtlicher eingelangter Zustellstücke zum #DATE# um #TIME#."; String text = ""; + try { + OAAuthParameter oaparam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix()); + if (MiscUtil.isNotEmpty(text = oaparam.getAditionalAuthBlockText())) + Logger.info("Use addional AuthBlock Text from OA=" + oaparam.getPublicURLPrefix()); + } catch (ConfigurationException e) { + Logger.warn("Addional AuthBlock Text can not loaded from OA!", e); + } String specialText = MessageFormat.format(SPECIAL_TEXT_ATTRIBUTE, new Object[] { generateSpecialText(text, issuer, issueInstant) }); @@ -464,4 +467,92 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion return null; } + public String buildAuthBlockSSO( + String issuer, + String issueInstant, + String authURL, + String target, + String targetFriendlyName, + String identityLinkValue, + String identityLinkType, + String oaURL, + String gebDat, + List extendedSAMLAttributes, + AuthenticationSession session, + OAAuthParameter oaParam) + throws BuildException + { + session.setSAMLAttributeGebeORwbpk(true); + String gebeORwbpk = ""; + String wbpkNSDeclaration = ""; + + if (target != null) { + + boolean useMandate = session.getUseMandate(); + if (useMandate) { + String mandateReferenceValue = Random.nextRandom(); + // remove leading "-" + if (mandateReferenceValue.startsWith("-")) + mandateReferenceValue = mandateReferenceValue.substring(1); + + session.setMandateReferenceValue(mandateReferenceValue); + + ExtendedSAMLAttribute mandateReferenceValueAttribute = + new ExtendedSAMLAttributeImpl("mandateReferenceValue", mandateReferenceValue, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK); + + extendedSAMLAttributes.add(mandateReferenceValueAttribute); + } + } + + //adding friendly name of OA + String friendlyname; + try { + friendlyname = AuthConfigurationProvider.getInstance().getSSOFriendlyName(); + + ExtendedSAMLAttribute oaFriendlyNameAttribute = + new ExtendedSAMLAttributeImpl("oaFriendlyName", friendlyname, Constants.MOA_NS_URI, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY); + + extendedSAMLAttributes.add(oaFriendlyNameAttribute); + + + String text = AuthConfigurationProvider.getInstance().getSSOSpecialText(); + + if (MiscUtil.isEmpty(text)) + text=""; + String specialText = MessageFormat.format(SPECIAL_TEXT_ATTRIBUTE, + new Object[] { generateSpecialText(text, issuer, issueInstant) }); + + + + + String assertion; + + assertion = MessageFormat.format( + AUTH_BLOCK, new Object[] { + wbpkNSDeclaration, + issuer, + issueInstant, + authURL, + gebeORwbpk, + oaURL, + gebDat, + specialText, + buildExtendedSAMLAttributes(extendedSAMLAttributes)}); + + return assertion; + + } catch (ParseException e) { + Logger.error("Error on building AUTH-Block: " + e.getMessage()); + throw new BuildException("builder.00", new Object[] { "AUTH-Block", e.toString()}); + + } catch (ConfigurationException e) { + Logger.error("Error on building AUTH-Block: " + e.getMessage()); + throw new BuildException("builder.00", new Object[] { "AUTH-Block", e.toString()}); + } + + + + } + + } |