refector attribute generation from session information

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-04-17 17:32:23 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-04-17 17:32:23 +0200
commit: 7222102b1c6092f5062c5476f2f05bba07e82c30 (patch)
tree: a26726b64196c882b3aed9f2acb4bb97a68f6da1 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
parent: e568d9464c43705f157ac82e8d299adcc1369049 (diff)
download: moa-id-spss-7222102b1c6092f5062c5476f2f05bba07e82c30.tar.gz
moa-id-spss-7222102b1c6092f5062c5476f2f05bba07e82c30.tar.bz2
moa-id-spss-7222102b1c6092f5062c5476f2f05bba07e82c30.zip
1 files changed, 23 insertions, 18 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index def0d9b80..5f16bcfce 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -58,13 +58,12 @@ import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
 import at.gv.e_government.reference.namespace.persondata._20020228_.CorporateBodyType;
 import at.gv.e_government.reference.namespace.persondata._20020228_.IdentificationType;
 import at.gv.e_government.reference.namespace.persondata._20020228_.PhysicalPersonType;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationImpl;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder;
@@ -83,7 +82,7 @@ import at.gv.egovernment.moa.util.Constants;
 
 public class PVP2AssertionBuilder implements PVPConstants {
 	public static Assertion buildAssertion(AuthnRequest authnRequest,
-			AuthenticationSession authSession, EntityDescriptor peerEntity, DateTime date, 
+			IAuthData authData, EntityDescriptor peerEntity, DateTime date, 
 			AssertionConsumerService assertionConsumerService, SLOInformationImpl sloInformation)
 			throws MOAIDException {
 		Assertion assertion = SAML2Utils.createSAMLObject(Assertion.class);
@@ -99,7 +98,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 						peerEntity.getEntityID());
 		
 		if (reqAuthnContext == null) {
-			 authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel());
+			 authnContextClassRef.setAuthnContextClassRef(authData.getQAALevel());
 			
 		} else {
 
@@ -110,7 +109,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		
 			if (reqAuthnContextClassRefIt.size() == 0) {
 			 
-				QAALevelVerifier.verifyQAALevel(authSession.getQAALevel(), 
+				QAALevelVerifier.verifyQAALevel(authData.getQAALevel(), 
 						STORK_QAA_1_4);
 			
 				stork_qaa_1_4_found = true;
@@ -124,20 +123,20 @@ public class PVP2AssertionBuilder implements PVPConstants {
 							|| qaa_uri.trim().equals(STORK_QAA_1_2)
 							|| qaa_uri.trim().equals(STORK_QAA_1_1)) {
 					
-						 if (authSession.isForeigner()) {
-							 QAALevelVerifier.verifyQAALevel(authSession.getQAALevel(), 
+						 if (authData.isForeigner()) {
+							 QAALevelVerifier.verifyQAALevel(authData.getQAALevel(), 
 									 STORK_QAA_PREFIX + oaParam.getQaaLevel());
 							 
 							 stork_qaa_1_4_found = true;
-							 authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel());
+							 authnContextClassRef.setAuthnContextClassRef(authData.getQAALevel());
 							 
 						 } else {
 							 
-							 QAALevelVerifier.verifyQAALevel(authSession.getQAALevel(), 
+							 QAALevelVerifier.verifyQAALevel(authData.getQAALevel(), 
 									 qaa_uri.trim());
 							 
 							 stork_qaa_1_4_found = true;
-							 authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel());
+							 authnContextClassRef.setAuthnContextClassRef(authData.getQAALevel());
 							 							 
 						 }
 						 break;
@@ -172,10 +171,6 @@ public class PVP2AssertionBuilder implements PVPConstants {
 
 		Subject subject = SAML2Utils.createSAMLObject(Subject.class);
 
-		AuthenticationData authData = AuthenticationServer
-				.buildAuthenticationData(authSession, oaParam,
-						oaParam.getTarget());
-
 		//add Attributes to Assertion
 		if (spSSODescriptor.getAttributeConsumingServices() != null && 
 				spSSODescriptor.getAttributeConsumingServices().size() > 0) {
@@ -205,7 +200,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 					RequestedAttribute reqAttribut = it.next();
 					try {
 						Attribute attr = PVPAttributeBuilder.buildAttribute(
-								reqAttribut.getName(), authSession, oaParam, authData);
+								reqAttribut.getName(), oaParam, authData);
 						if (attr == null) {
 							if (reqAttribut.isRequired()) {
 								throw new UnprovideableAttributeException(
@@ -222,6 +217,16 @@ public class PVP2AssertionBuilder implements PVPConstants {
 							throw new UnprovideableAttributeException(
 									reqAttribut.getName());
 						}
+						
+					} catch (Exception e) {
+						Logger.error(
+								"General Attribute generation failed! for "
+										+ reqAttribut.getFriendlyName(), e);
+						if (reqAttribut.isRequired()) {
+							throw new UnprovideableAttributeException(
+									reqAttribut.getName());
+						}
+						
 					}
 				}
 			}
@@ -233,8 +238,8 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		NameID subjectNameID = SAML2Utils.createSAMLObject(NameID.class);
 
 		//TLenz: set correct bPK Type and Value from AuthData
-		if (authSession.getUseMandate()) {
-			Element mandate = authSession.getMandate();
+		if (authData.isUseMandate()) {
+			Element mandate = authData.getMandate();
 			if(mandate == null) {
 				throw new NoMandateDataAvailableException();
 			}
@@ -263,7 +268,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 			
 			
 			if (bpktype.equals(Constants.URN_PREFIX_BASEID)) {
-				if (authSession.getBusinessService()) {						    
+				if (oaParam.getBusinessService()) {						    
 					subjectNameID.setValue(new BPKBuilder().buildWBPK(bpk, oaParam.getIdentityLinkDomainIdentifier()));
 					if (oaParam.getIdentityLinkDomainIdentifier().startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_))
 						subjectNameID.setNameQualifier(oaParam.getIdentityLinkDomainIdentifier());
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-04-17 17:32:23 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-04-17 17:32:23 +0200
commit	7222102b1c6092f5062c5476f2f05bba07e82c30 (patch)
tree	a26726b64196c882b3aed9f2acb4bb97a68f6da1 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
parent	e568d9464c43705f157ac82e8d299adcc1369049 (diff)
download	moa-id-spss-7222102b1c6092f5062c5476f2f05bba07e82c30.tar.gz moa-id-spss-7222102b1c6092f5062c5476f2f05bba07e82c30.tar.bz2 moa-id-spss-7222102b1c6092f5062c5476f2f05bba07e82c30.zip