Merge branch 'eIDAS_node_2.0_tests' into huge_refactoring

# Conflicts:
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java
#	id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml
#	id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java
#	id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java
#	id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
#	id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
#	id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
#	id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
#	id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java
#	id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
#	id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
#	id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
#	id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java

1 files changed, 121 insertions, 115 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 1274a0407..97c4f40cd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -43,11 +43,12 @@ import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionExtensions;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
 import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
 import at.gv.egovernment.moa.id.commons.db.dao.session.AuthenticatedSessionStore;
@@ -85,7 +86,7 @@ public class SSOManager implements ISSOManager {
 	
 	//@Autowired private MOASessionDBUtils moaSessionDBUtils;
 	
-	
+	@Override
 	public boolean checkAndValidateSSOSession(IRequest pendingReq, HttpServletRequest httpReq, HttpServletResponse httpResp) throws EAAFSSOException {
 		try {
 			//get SSO cookie from http request
@@ -112,10 +113,7 @@ public class SSOManager implements ISSOManager {
 
 			//check if SSO Session is valid
 			boolean isSSOValid = isValidSSOSession(ssoId, pendingReq);
-						
-			if (isSSOValid)
-				pendingReq.setSSOSessionIdentifier(ssoId);
-			
+									
 			return isSSOValid;
 						
 			
@@ -130,7 +128,7 @@ public class SSOManager implements ISSOManager {
 	}
 	
 	
-	
+	@Override
 	public void isSSOAllowedForSP(IRequest pendingReq, HttpServletRequest httpReq) {
 		// check if Service-Provider allows SSO sessions
 		IOAAuthParameters oaConfig = pendingReq.getServiceProviderConfiguration(OAAuthParameterDecorator.class);
@@ -155,11 +153,11 @@ public class SSOManager implements ISSOManager {
 		
 	}
 	
+	@Override
 	public void populatePendingRequestWithSSOInformation(IRequest pendingReq) throws EAAFSSOException {				
 		//populate pending request with eID data from SSO session if no userConsent is required
-		try {			
-			String ssoSessionId = authenticatedSessionStore.getInternalSSOSessionWithSSOID(pendingReq.getSSOSessionIdentifier());						
-			AuthenticationSession ssoMOASession = authenticatedSessionStore.getInternalSSOSession(ssoSessionId);
+		try {									
+			AuthenticationSession ssoMOASession = authenticatedSessionStore.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier());
 			
 			if (ssoMOASession == null)
 				Logger.info("No MOASession FOUND with provided SSO-Cookie.");
@@ -176,8 +174,7 @@ public class SSOManager implements ISSOManager {
 			
 		} catch (EAAFStorageException e) {
 			Logger.warn("Can NOT populate pending request from SSO session.", e);
-			throw new EAAFSSOException("", new Object[] {},
-					"Can NOT populate pending request from SSO session", e);
+			throw new EAAFSSOException("", new Object[] {}, e);
 			
 		}
 
@@ -187,20 +184,23 @@ public class SSOManager implements ISSOManager {
 	@Override
 	public boolean destroySSOSessionOnIDPOnly(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq) throws EAAFSSOException {
 		//get SSO token from request
-		String ssoid = null;
-		if (pendingReq != null && MiscUtil.isNotEmpty(pendingReq.getSSOSessionIdentifier())) {
-			ssoid = pendingReq.getSSOSessionIdentifier();
-			
-		} else {
-			ssoid = getSSOSessionID(httpReq);
-			
-		}
+		String internalSSOSessionId = null;
 		try {
-			if (isValidSSOSession(ssoid, null)) {
+			if (pendingReq != null && MiscUtil.isNotEmpty(pendingReq.getInternalSSOSessionIdentifier())) {
+				internalSSOSessionId = pendingReq.getInternalSSOSessionIdentifier();
+			
+			} else {
+				String ssoid = getSSOSessionID(httpReq);
+				if (isValidSSOSession(ssoid, null)) {
+					internalSSOSessionId = authenticatedSessionStore.getInternalSSOSessionWithSSOID(ssoid);
+				
+				}			
+			}
 		
-				//delete SSO session and MOA session
-				String ssoSessionId = authenticatedSessionStore.getInternalSSOSessionWithSSOID(ssoid);						
-				AuthenticationSession ssoMOASession = authenticatedSessionStore.getInternalSSOSession(ssoSessionId);
+			//destroy SSO session if it was found
+			if (StringUtils.isNotEmpty(internalSSOSessionId)) {		
+				//delete SSO session and MOA session				
+				AuthenticationSession ssoMOASession = authenticatedSessionStore.getInternalSSOSession(internalSSOSessionId);
 		
 				if (ssoMOASession == null) {
 					Logger.info("No internal MOA SSO-Session found. Nothing to destroy");
@@ -219,7 +219,7 @@ public class SSOManager implements ISSOManager {
 			}
 			
 		} catch (ConfigurationException | SessionDataStorageException | EAAFStorageException e) {
-			Logger.info("NO MOA Authentication data for ID " + ssoid);
+			Logger.info("NO MOA Authentication data for ID " + internalSSOSessionId);
 			return false;
 			
 		}
@@ -232,6 +232,56 @@ public class SSOManager implements ISSOManager {
 		
 	}
 	
+	@Override
+	public String createNewSSOSessionCookie(HttpServletRequest httpReq, HttpServletResponse httpResp, IRequest pendingReq)
+		throws EAAFSSOException {
+		Logger.debug("Creating new SSO session-cookie for http response ... ");
+
+		//Store SSO information into database
+		String newSSOSessionId = Random.nextHexRandom32();
+
+		//set SSO cookie to response
+		if (StringUtils.isNotEmpty(newSSOSessionId))
+			setSSOSessionID(httpReq, httpResp, newSSOSessionId);
+		else
+			deleteSSOSessionID(httpReq, httpResp);
+		
+		return newSSOSessionId;
+	}
+	
+	
+@Override
+public void createNewSSOSession(IRequest pendingReq, String newSSOSessionId) throws EAAFSSOException {
+	AuthenticationSession internalDBSSOSession;
+	try {
+		internalDBSSOSession = authenticatedSessionStore.createInternalSSOSession(pendingReq);
+		pendingReq.setInternalSSOSessionIdentifier(internalDBSSOSession.getSSOSessionID());
+		
+	} catch (MOADatabaseException | BuildException e) {
+		Logger.warn("Can NOT create SSO session.", e);
+		throw new EAAFSSOException("builder.10", null, e);
+
+	}				
+		
+}
+
+
+@Override
+public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInformationInterface sloInformation) throws EAAFSSOException {
+	try {
+		authenticatedSessionStore.addSSOInformation(
+				pendingReq.getInternalSSOSessionIdentifier(), 
+				newSSOSessionId, 
+				sloInformation, 
+				pendingReq);
+		
+	} catch (AuthenticationException e) {
+		Logger.warn("Can NOT update SSO session.", e);
+		throw new EAAFSSOException("builder.10", null, e);
+	}
+
+}
+	
 	
 	//*********************************** old **************************************
 	
@@ -287,26 +337,6 @@ public class SSOManager implements ISSOManager {
 		
 	}
 	
-	protected String createNewSSOSessionCookie(HttpServletRequest req, HttpServletResponse resp, 
-	IRequest pendingReq, IAuthenticationSession moaSession) {
-		Logger.debug("Add SSO information to MOASession.");
-
-		//Store SSO information into database
-		String newSSOSessionId = createSSOSessionInformations(moaSession.getSSOSessionID(), 
-				pendingReq.getSPEntityId());
-
-		//set SSO cookie to response
-		if (StringUtils.isNotEmpty(newSSOSessionId)) {
-			setSSOSessionID(req, resp, newSSOSessionId);
-
-		} else {
-			deleteSSOSessionID(req, resp);
-
-		}
-
-		return newSSOSessionId;
-	}
-	
 	public boolean isValidSSOSession(String ssoSessionID, IRequest protocolRequest) throws ConfigurationException, SessionDataStorageException, EAAFStorageException {
 		
 		// search SSO Session
@@ -363,7 +393,11 @@ public class SSOManager implements ISSOManager {
 				return false;
 									 				
 			}
-						
+			
+			//set internal SSO SessionID 
+			if (protocolRequest != null)
+				protocolRequest.setInternalSSOSessionIdentifier(storedSession.getSessionid());
+			
 			return true;
 		}
 		
@@ -381,7 +415,10 @@ public class SSOManager implements ISSOManager {
 				String ssoSessionId = authenticatedSessionStore.getInternalSSOSessionWithSSOID(ssoSessionID);
 				if (MiscUtil.isNotEmpty(ssoSessionId)) {
 					AuthenticationSessionExtensions extSessionInformation = authenticatedSessionStore.getAuthenticationSessionExtensions(ssoSessionId);
+					if (extSessionInformation != null)
 						return extSessionInformation.getUniqueSessionId();
+					else
+						Logger.warn("Extended SSO-Session Information ARE NULL. Something looks wrong!");
 			
 				}
 			} 
@@ -392,55 +429,13 @@ public class SSOManager implements ISSOManager {
 		return null;		
 	}
 	
-	
-	public String existsOldSSOSession(String ssoId) {
-		
-		Logger.trace("Check that the SSOID has already been used");
-		
-		OldSSOSessionIDStore oldSSOSession = authenticatedSessionStore.checkSSOTokenAlreadyUsed(ssoId);
-		
-		if (oldSSOSession == null) {
-			Logger.debug("SSO session-cookie was not used in parst");
-			return null;
-		}
-		
-		AuthenticatedSessionStore correspondingMoaSession = oldSSOSession.getMoasession();
-		
-		if (correspondingMoaSession == null) {
-			Logger.info("Get request with old SSO SessionID but no corresponding SSO Session is found.");
-			return null;
-		}
-		
-		return correspondingMoaSession.getSessionid();
-		
-	}
-	
-	public String createSSOSessionInformations(String moaSessionID, String OAUrl) {
-		
-		String newSSOId = Random.nextRandom();
-				
-		if (MiscUtil.isEmpty(moaSessionID) || MiscUtil.isEmpty(OAUrl)) {
-			Logger.warn("MoaSessionID or OAUrl are empty -> SSO is not enabled!");
-			return null;
-		}
-		
-		return newSSOId;
-		
-	}
-
-	public void setSSOSessionID(HttpServletRequest httpReq, HttpServletResponse httpResp, String ssoId) {
-		setCookie(httpReq, httpResp, SSOCOOKIE, ssoId, -1);
-		
-	}
-		
+			
 	public String getSSOSessionID(HttpServletRequest httpReq) {
 		return getValueFromCookie(httpReq, SSOCOOKIE);
 		
 	}
 		
-	public void deleteSSOSessionID(HttpServletRequest httpReq, HttpServletResponse httpResp) {
-		deleteCookie(httpReq, httpResp, SSOCOOKIE);
-	}
+
 	
 	/**
 	 * @param entityID
@@ -477,7 +472,41 @@ public class SSOManager implements ISSOManager {
 			return false;
 		
 	}
-			
+
+	
+	private String existsOldSSOSession(String ssoId) {
+		
+		Logger.trace("Check that the SSOID has already been used");
+		
+		OldSSOSessionIDStore oldSSOSession = authenticatedSessionStore.checkSSOTokenAlreadyUsed(ssoId);
+		
+		if (oldSSOSession == null) {
+			Logger.debug("SSO session-cookie was not used in parst");
+			return null;
+		}
+		
+		AuthenticatedSessionStore correspondingMoaSession = oldSSOSession.getMoasession();
+		
+		if (correspondingMoaSession == null) {
+			Logger.info("Get request with old SSO SessionID but no corresponding SSO Session is found.");
+			return null;
+		}
+		
+		return correspondingMoaSession.getSessionid();
+		
+	}
+	
+	
+	private void setSSOSessionID(HttpServletRequest httpReq, HttpServletResponse httpResp, String ssoId) {
+		setCookie(httpReq, httpResp, SSOCOOKIE, ssoId, -1);
+		
+	}
+
+	private void deleteSSOSessionID(HttpServletRequest httpReq, HttpServletResponse httpResp) {
+		deleteCookie(httpReq, httpResp, SSOCOOKIE);
+		
+	}
+	
 	private String getValueFromCookie(HttpServletRequest httpReq, String cookieName) {
 		Cookie[] cookies = httpReq.getCookies();
 		
@@ -505,30 +534,7 @@ public class SSOManager implements ISSOManager {
 	
 	private void deleteCookie(HttpServletRequest httpReq, HttpServletResponse httpResp, String cookieName) {
 		setCookie(httpReq, httpResp, cookieName, "", 0);
-	}
-
-
-
-	@Override
-	public void createNewSSOSession(IRequest arg0, String arg1, SLOInformationInterface arg2) throws EAAFSSOException {
-		// TODO Auto-generated method stub
 		
 	}
-
-
-
-	@Override
-	public String createNewSSOSessionCookie(HttpServletRequest arg0, HttpServletResponse arg1, IRequest arg2)
-			throws EAAFSSOException {
-		// TODO Auto-generated method stub
-		return null;
-	}
-
-
-	@Override
-	public void updateSSOSession(IRequest arg0, String arg1, SLOInformationInterface arg2) throws EAAFSSOException {
-		// TODO Auto-generated method stub
-		
-	}
-
+	
 }