diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-14 06:18:47 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-14 06:18:47 +0200 |
commit | 2a073c6727d704271e17d9b682be28410f23aae7 (patch) | |
tree | c5d126bc6c116527c3b0f59e4c9c6ebcd185a2a9 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java | |
parent | e441bcf4eb1a53e1bb17df34997f17206796af72 (diff) | |
download | moa-id-spss-2a073c6727d704271e17d9b682be28410f23aae7.tar.gz moa-id-spss-2a073c6727d704271e17d9b682be28410f23aae7.tar.bz2 moa-id-spss-2a073c6727d704271e17d9b682be28410f23aae7.zip |
more refactoring staff
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java | 53 |
1 files changed, 34 insertions, 19 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index fdf806f78..efe28c900 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -43,6 +43,7 @@ import org.opensaml.ws.soap.common.SOAPException; import org.opensaml.xml.XMLObject; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; +import org.w3c.dom.DOMException; import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; @@ -50,7 +51,11 @@ import org.w3c.dom.NodeList; import at.gv.egiz.eaaf.core.api.IRequest; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder; +import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException; +import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; +import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData; import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.DynamicOABuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; @@ -68,9 +73,10 @@ import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException; import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore; -import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator; import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory; import at.gv.egovernment.moa.id.data.MISMandate; +import at.gv.egovernment.moa.id.data.MOAAuthenticationData; import at.gv.egovernment.moa.id.data.Pair; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants; import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration; @@ -89,6 +95,7 @@ import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Base64Utils; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.MiscUtil; +import at.gv.egovernment.moa.util.XPathException; import at.gv.egovernment.moa.util.XPathUtils; import at.gv.util.client.szr.SZRClient; import at.gv.util.config.EgovUtilPropertiesConfiguration; @@ -109,16 +116,24 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu @Autowired private SAMLVerificationEngineSP samlVerificationEngine; @Autowired(required=true) private MOAMetadataProvider metadataProvider; - - public IAuthData buildAuthenticationData(IRequest pendingReq, - IAuthenticationSession session) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { - return buildAuthenticationData(pendingReq, session, pendingReq.getOnlineApplicationConfiguration()); + @Override + public IAuthData buildAuthenticationData(IRequest pendingReq) throws EAAFAuthenticationException { + try { + return buildAuthenticationData(pendingReq, + new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage()), + pendingReq.getServiceProviderConfiguration(OAAuthParameterDecorator.class)); + + } catch (ConfigurationException | BuildException | WrongParametersException | DynamicOABuildException e) { + Logger.warn("Can not build authentication data from session information"); + throw new EAAFAuthenticationException("TODO", new Object[]{}, + "Can not build authentication data from session information", e); + } } - - public IAuthData buildAuthenticationData(IRequest pendingReq, + + private IAuthData buildAuthenticationData(IRequest pendingReq, IAuthenticationSession session, IOAAuthParameters oaParam) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException { - AuthenticationData authdata = null; + MOAAuthenticationData authdata = null; //only needed for SAML1 legacy support try { @@ -135,19 +150,19 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu saml1authdata.getClass().getMethod("setExtendedSAMLAttributesOA", List.class).invoke(saml1authdata, session.getExtendedSAMLAttributesOA()); } - authdata = (AuthenticationData) saml1authdata; + authdata = (MOAAuthenticationData) saml1authdata; } else { - authdata = new AuthenticationData(); + authdata = new MOAAuthenticationData(); } } catch (ClassNotFoundException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | NoSuchMethodException | java.lang.SecurityException ex) { - authdata = new AuthenticationData(); + authdata = new MOAAuthenticationData(); } - OASessionStore activeOA = authenticatedSessionStorage.searchActiveOASSOSession(session, pendingReq.getOAURL(), pendingReq.requestedModule()); + OASessionStore activeOA = authenticatedSessionStorage.searchActiveOASSOSession(session, pendingReq.getSPEntityId(), pendingReq.requestedModule()); //reuse authentication information in case of service-provider reauthentication if (activeOA != null) { authdata.setSessionIndex(activeOA.getAssertionSessionID()); @@ -254,7 +269,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu } } - private void buildAuthDataFormMOASession(AuthenticationData authData, IAuthenticationSession session, + private void buildAuthDataFormMOASession(MOAAuthenticationData authData, IAuthenticationSession session, IOAAuthParameters oaParam, IRequest protocolRequest) throws BuildException, ConfigurationException { Collection<String> includedToGenericAuthData = null; @@ -267,7 +282,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu try { //#################################################### //set general authData info's - authData.setIssuer(protocolRequest.getAuthURL()); + authData.setAuthenticationIssuer(protocolRequest.getAuthURL()); authData.setSsoSession(protocolRequest.needSingleSignOnFunctionality()); authData.setBaseIDTransferRestrication(oaParam.hasBaseIdTransferRestriction()); @@ -454,7 +469,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu includedToGenericAuthData.remove(PVPConstants.EID_ISSUING_NATION_NAME); String pvpCCCAttr = session.getGenericDataFromSession(PVPConstants.EID_ISSUING_NATION_NAME, String.class); if (MiscUtil.isNotEmpty(pvpCCCAttr)) { - authData.setCcc(pvpCCCAttr); + authData.setCiticenCountryCode(pvpCCCAttr); Logger.debug("Find PVP-Attr: " + PVPConstants.EID_ISSUING_NATION_FRIENDLY_NAME); } else { @@ -469,7 +484,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu for (Rdn rdn : ln.getRdns()) { if (rdn.getType().equalsIgnoreCase("C")) { Logger.info("C is: " + rdn.getValue()); - authData.setCcc(rdn.getValue().toString()); + authData.setCiticenCountryCode(rdn.getValue().toString()); break; } } @@ -487,7 +502,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu } } else { - authData.setCcc(COUNTRYCODE_AUSTRIA); + authData.setCiticenCountryCode(COUNTRYCODE_AUSTRIA); } } @@ -913,7 +928,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu * @throws ConfigurationException */ private Pair<String, String> getEncryptedbPKFromPVPAttribute(IAuthenticationSession session, - AuthenticationData authData, IOAAuthParameters spConfig) throws ConfigurationException { + MOAAuthenticationData authData, IOAAuthParameters spConfig) throws ConfigurationException { //set List of encrypted bPKs to authData DAO String pvpEncbPKListAttr = session.getGenericDataFromSession(PVPConstants.ENC_BPK_LIST_NAME, String.class); if (MiscUtil.isNotEmpty(pvpEncbPKListAttr)) { @@ -1067,7 +1082,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants implements IAu } - private IIdentityLink buildOAspecificIdentityLink(IOAAuthParameters oaParam, IIdentityLink idl, String bPK, String bPKType) throws MOAIDException { + private IIdentityLink buildOAspecificIdentityLink(IOAAuthParameters oaParam, IIdentityLink idl, String bPK, String bPKType) throws MOAIDException, EAAFConfigurationException, XPathException, DOMException { if (oaParam.hasBaseIdTransferRestriction()) { Element idlassertion = idl.getSamlAssertion(); //set bpk/wpbk; |