diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-04-18 12:48:33 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2014-04-18 12:48:33 +0200 |
commit | 7ae642ec1857d0c796ba21ffcd6b5466285c92af (patch) | |
tree | d61c207651989e8cb2033a9a542c30cfff82a7c1 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder | |
parent | a184de09bda4327441c214aa84d77e57500b28ca (diff) | |
download | moa-id-spss-7ae642ec1857d0c796ba21ffcd6b5466285c92af.tar.gz moa-id-spss-7ae642ec1857d0c796ba21ffcd6b5466285c92af.tar.bz2 moa-id-spss-7ae642ec1857d0c796ba21ffcd6b5466285c92af.zip |
create methodes to parse interfederated assertions into authData
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java | 49 |
1 files changed, 43 insertions, 6 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java index 00528f7a1..1e0089a53 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java @@ -38,6 +38,8 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.data.IAuthData; import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption; +import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor; import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData; import at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; @@ -72,12 +74,6 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() .getOnlineApplicationParameter(oaID); - - - /* TODO: Support Mandate MODE! - * Insert functionality to translate mandates in case of SSO - */ - AuthenticationData authdata = null; if (protocolRequest instanceof SAML1RequestImpl) { @@ -95,6 +91,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { if (protocolRequest.getInterfederationResponse() != null) { //get attributes from interfederated IDP + buildAuthDataFromInterfederationResponse(authdata, session, oaParam, protocolRequest); } else { @@ -106,6 +103,40 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { return authdata; } + /** + * @param authdata + * @param session + * @param oaParam + */ + private static void buildAuthDataFromInterfederationResponse( + AuthenticationData authdata, AuthenticationSession session, + OAAuthParameter oaParam, IRequest req) { + + try { + AssertionAttributeExtractor extract = + new AssertionAttributeExtractor(req.getInterfederationResponse().getResponse()); + + if (oaParam.isInderfederationIDP()) { + //only set minimal response attributes + authdata.setQAALevel(extract.getQAALevel()); + authdata.setBPK(extract.getNameID()); + + } else { + //IDP response to service provider + // --> collect attributes by using BackChannel communication + + //TODO: get protocol specific requested attributes + + + + } + + } catch (AssertionAttributeExtractorExeption e) { + Logger.error("Build authData from interfederated PVP2.1 assertion FAILED.", e); + + } + } + private static void buildAuthDataFormMOASession(AuthenticationData authData, AuthenticationSession session, OAAuthParameter oaParam) throws BuildException { @@ -147,6 +178,12 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants { authData.setSsoSession(AuthenticationSessionStoreage.isSSOSession(session.getSessionID())); + + /* TODO: Support SSO Mandate MODE! + * Insert functionality to translate mandates in case of SSO + */ + + MISMandate mandate = session.getMISMandate(); authData.setMISMandate(mandate); authData.setUseMandate(session.getUseMandate()); |