some bug fixes

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-07-13 15:48:17 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-07-13 15:48:17 +0200
commit: 158d41705d0f8c67a858e84bda8d2c16377cf288 (patch)
tree: 8b75f57ff92112e0922f055b595f1800f3bf40af /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth
parent: 017ecef03e90c176e040de1c39836f1a81d66b73 (diff)
download: moa-id-spss-158d41705d0f8c67a858e84bda8d2c16377cf288.tar.gz
moa-id-spss-158d41705d0f8c67a858e84bda8d2c16377cf288.tar.bz2
moa-id-spss-158d41705d0f8c67a858e84bda8d2c16377cf288.zip
6 files changed, 32 insertions, 28 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index a13455972..2c14af463 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -129,12 +129,12 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 	public IAuthData buildAuthenticationData(IRequest pendingReq) throws EAAFAuthenticationException {
 		try {
 			return buildAuthenticationData(pendingReq, 
-					new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage()),
+					pendingReq.getSessionData(AuthenticationSessionWrapper.class),
 					pendingReq.getServiceProviderConfiguration(OAAuthParameterDecorator.class));
 			
 		} catch (ConfigurationException | BuildException | WrongParametersException | DynamicOABuildException | EAAFBuilderException e) {
 			Logger.warn("Can not build authentication data from session information");
-			throw new EAAFAuthenticationException("TODO", new Object[]{}, e);
+			throw new EAAFAuthenticationException("builder.11", new Object[]{}, e);
 			
 		}
 		
@@ -186,14 +186,14 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 		if (oaParam.isSTORKPVPGateway())
 			oaParam = DynamicOAAuthParameterBuilder.buildFromAuthnRequest(oaParam, pendingReq);
 				
-		Boolean isMinimalFrontChannelResp = pendingReq.getGenericData(
+		Boolean isMinimalFrontChannelResp = pendingReq.getRawData(
 				MOAIDAuthConstants.DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP, Boolean.class);
 		if (isMinimalFrontChannelResp != null && isMinimalFrontChannelResp) {
 			//only set minimal response attributes			
 			authdata.setQAALevel(
-					pendingReq.getGenericData(MOAIDAuthConstants.DATAID_INTERFEDERATION_QAALEVEL, String.class));
+					pendingReq.getRawData(MOAIDAuthConstants.DATAID_INTERFEDERATION_QAALEVEL, String.class));
 			authdata.setBPK(
-					pendingReq.getGenericData(MOAIDAuthConstants.DATAID_INTERFEDERATION_NAMEID, String.class));
+					pendingReq.getRawData(MOAIDAuthConstants.DATAID_INTERFEDERATION_NAMEID, String.class));
 						
 		} else {
 			//build AuthenticationData from MOASession
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
index a43e6a7fb..399ecc022 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
@@ -191,7 +191,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
 		String sectorName = null;
 		
 		
-		String saml1Target = pendingReq.getGenericData(
+		String saml1Target = pendingReq.getRawData(
 				MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class);
 		if (MiscUtil.isNotEmpty(saml1Target)) {
 			target = saml1Target;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 926bfe242..cadaec2a0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -45,6 +45,7 @@ import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Map.Entry;
 
 import org.apache.commons.collections4.map.HashedMap;
 
@@ -235,13 +236,17 @@ public class AuthenticationSession implements Serializable, IAuthenticationSessi
 	 */
 	@Override
 	public X509Certificate getSignerCertificate() {
-		try {
-			return new X509Certificate(signerCertificate);
-		}
-		catch (CertificateException e) {
-			Logger.warn("Signer certificate can not be loaded from session database!", e);
-			return null;
+		if (signerCertificate != null && signerCertificate.length > 0) {
+			try {
+				return new X509Certificate(signerCertificate);
+			}
+			catch (CertificateException e) {
+				Logger.warn("Signer certificate can not be loaded from session database!", e);
+			
+			}
 		}
+		
+		return null;
 	}
 	
 	/* (non-Javadoc)
@@ -665,8 +670,9 @@ public class AuthenticationSession implements Serializable, IAuthenticationSessi
 		result.put(VALUE_SIGNER_CERT, getSignerCertificate());
 		result.put(VALUE_VERIFYSIGRESP, getXMLVerifySignatureResponse());
 		
-		result.putAll(genericSessionDataStorate);
-		
+		for (Entry<String, Object> el : genericSessionDataStorate.entrySet()) 
+			result.put(GENERIC_PREFIX + el.getKey(), el.getValue());
+				
 		return Collections.unmodifiableMap(result);
 	}	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
index b976cba9e..375b144d7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
@@ -78,13 +78,8 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask {
 			//defaultTaskInitialization(request, executionContext);
 			
 			//check SSO session cookie and MOASession object
-			String ssoId = ssoManager.getSSOSessionID(request);
-			boolean isValidSSOSession = ssoManager.isValidSSOSession(ssoId, pendingReq);
-
-			//load MOA SSO-session from database
-			AuthenticationSession ssoMOSSession = authenticatedSessionStorage.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier());
-			
-			if (!(isValidSSOSession && ssoMOSSession.isAuthenticated() )) {
+			String ssoId = ssoManager.getSSOSessionID(request);			
+			if (!(ssoManager.isValidSSOSession(ssoId, pendingReq))) {
 				Logger.info("Single Sign-On consents evaluator found NO valid SSO session. Stopping authentication process ...");
 				throw new AuthenticationException("auth.30", null);
 				
@@ -95,9 +90,12 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask {
 						
 			//user allow single sign-on authentication
 			if (ssoConsents) {
-								
+				//load MOA SSO-session from database
+				AuthenticationSession ssoMOSSession = authenticatedSessionStorage.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier());
+
+				
 				//Populate this pending request with SSO session information
-				pendingReq.setGenericDataToSession(ssoMOSSession.getKeyValueRepresentationFromAuthSession());;
+				pendingReq.setRawDataToTransaction(ssoMOSSession.getKeyValueRepresentationFromAuthSession());;
 				
 				//authenticate pending-request
 				pendingReq.setAuthenticated(true);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java
index 7d9a2c28c..acaf21682 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java
@@ -35,7 +35,7 @@ public class UserRestrictionTask extends AbstractAuthServletTask {
 			List<String> restrictedSPs = KeyValueUtils.getListOfCSVValues(authConfig.getBasicConfiguration(CONFIG_PROPS_SP_LIST));						
 			if (restrictedSPs.contains(spEntityId)) {
 				Logger.debug("SP:" + spEntityId + " has a user restrication. Check users bPK ... ");				
-				AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+				AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class); 
 				
 				//check if user idl is already loaded
 				if (moasession.getIdentityLink() == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index 0e1e1bf12..ead80b117 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -138,8 +138,8 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 				resultTargetFriendlyName = targetFriendlyNameConfig;
 					
 			//set info's into request-context. (It's required to support SAML1 requested target parameters)			
-			protocolReq.setGenericDataToSession(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, resultTarget);
-			protocolReq.setGenericDataToSession(
+			protocolReq.setRawDataToTransaction(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, resultTarget);
+			protocolReq.setRawDataToTransaction(
 					MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, resultTargetFriendlyName);
 			
 		} else {
@@ -206,7 +206,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 	    if (!ParamValidatorUtils.isValidTemplate(req, templateURL, oaParam.getTemplateURL()))
 		       throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12");
 	    
-	    protocolReq.setGenericDataToSession(
+	    protocolReq.setRawDataToTransaction(
 	    		MOAIDAuthConstants.AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE, 
 	    		templateURL);
 	    
@@ -248,7 +248,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 	    oaURL = pendingReq.getSPEntityId();
 	    
 	    //only needed for SAML1
-	    String target = pendingReq.getGenericData("saml1_target", String.class);
+	    String target = pendingReq.getRawData("saml1_target", String.class);
 	    	    
 	    parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, req, pendingReq);
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-07-13 15:48:17 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-07-13 15:48:17 +0200
commit	158d41705d0f8c67a858e84bda8d2c16377cf288 (patch)
tree	8b75f57ff92112e0922f055b595f1800f3bf40af /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth
parent	017ecef03e90c176e040de1c39836f1a81d66b73 (diff)
download	moa-id-spss-158d41705d0f8c67a858e84bda8d2c16377cf288.tar.gz moa-id-spss-158d41705d0f8c67a858e84bda8d2c16377cf288.tar.bz2 moa-id-spss-158d41705d0f8c67a858e84bda8d2c16377cf288.zip