Merge branch 'eIDAS_node_2.0_tests' into huge_refactoring

# Conflicts:
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java
#	id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java
#	id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml
#	id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java
#	id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java
#	id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
#	id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
#	id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
#	id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
#	id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java
#	id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
#	id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
#	id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
#	id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java

5 files changed, 41 insertions, 60 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
index 9e7f18842..e98e1cb78 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
@@ -131,10 +131,10 @@ public class AttributQueryAction implements IAction {
 			try {
 				//get Single Sign-On information for the Service-Provider
 				// which sends the Attribute-Query request
-				AuthenticationSession moaSession = authenticationSessionStorage.getInternalSSOSession(pendingReq.getSSOSessionIdentifier());
+				AuthenticationSession moaSession = authenticationSessionStorage.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier());
 				if (moaSession == null) {
-					Logger.warn("No MOASession with ID:" + pendingReq.getSSOSessionIdentifier() + " FOUND.");
-					throw new MOAIDException("auth.02", new Object[]{pendingReq.getSSOSessionIdentifier()});
+					Logger.warn("No MOASession with ID:" + pendingReq.getInternalSSOSessionIdentifier() + " FOUND.");
+					throw new MOAIDException("auth.02", new Object[]{pendingReq.getInternalSSOSessionIdentifier()});
 				}
 												
 				InterfederationSessionStore nextIDPInformation = 
@@ -178,9 +178,9 @@ public class AttributQueryAction implements IAction {
 				throw new MOAIDException("pvp2.01", null, e);
 
 			} catch (MOADatabaseException e) {
-				Logger.error("MOASession with SessionID=" + pendingReq.getSSOSessionIdentifier() 
+				Logger.error("MOASession with SessionID=" + pendingReq.getInternalSSOSessionIdentifier() 
 					+ " is not found in Database", e);
-				throw new MOAIDException("init.04", new Object[] { pendingReq.getSSOSessionIdentifier() });
+				throw new MOAIDException("init.04", new Object[] { pendingReq.getInternalSSOSessionIdentifier() });
 				
 			}
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index a59033177..5c71852f2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -107,7 +107,7 @@ public class PVP2XProtocol extends AbstractPVP2XProtocol {
 	public void PVPMetadataRequest(HttpServletRequest req, HttpServletResponse resp) throws EAAFException {
 		if (!moaAuthConfig.getAllowedProtocols().isPVP21Active()) {
 			Logger.info("PVP2.1 is deaktivated!");
-			throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME }, "PVP2.1 is deaktivated!");
+			throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
 			
 		}
 		
@@ -120,7 +120,7 @@ public class PVP2XProtocol extends AbstractPVP2XProtocol {
 	public void PVPIDPPostRequest(HttpServletRequest req, HttpServletResponse resp) throws EAAFException {
 		if (!moaAuthConfig.getAllowedProtocols().isPVP21Active()) {
 			Logger.info("PVP2.1 is deaktivated!");
-			throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME }, "PVP2.1 is deaktivated!");
+			throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
 			
 		}
 		
@@ -133,7 +133,7 @@ public class PVP2XProtocol extends AbstractPVP2XProtocol {
 	public void PVPIDPRedirecttRequest(HttpServletRequest req, HttpServletResponse resp) throws EAAFException {
 		if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isPVP21Active()) {
 			Logger.info("PVP2.1 is deaktivated!");
-			throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME }, "PVP2.1 is deaktivated!");
+			throw new ProtocolNotActiveException("auth.22", new java.lang.Object[] { NAME });
 			
 		}
 		
@@ -183,7 +183,7 @@ public class PVP2XProtocol extends AbstractPVP2XProtocol {
 			if (pendingReq != null)
 				revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.TRANSACTION_ERROR, pendingReq.getUniqueTransactionIdentifier());
 			
-			throw new InvalidProtocolRequestException("pvp2.21", new Object[] {}, e.getMessage());
+			throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
 			
 		} catch (SecurityException e) {
 			String samlRequest = req.getParameter("SAMLRequest");			
@@ -193,7 +193,7 @@ public class PVP2XProtocol extends AbstractPVP2XProtocol {
 			if (pendingReq != null)
 				revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.TRANSACTION_ERROR, pendingReq.getUniqueTransactionIdentifier());
 			
-			throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()}, e.getMessage());
+			throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()});
 		
 		} catch (MOAIDException e) {			
 			//write revision log entries
@@ -385,7 +385,7 @@ public class PVP2XProtocol extends AbstractPVP2XProtocol {
 		pendingReq.setAction(AttributQueryAction.class.getName());
 
 		//add moasession
-		pendingReq.setSSOSessionIdentifier(session.getSSOSessionID());
+		pendingReq.setInternalSSOSessionIdentifier(session.getSSOSessionID());
 				
 		//write revisionslog entry
 		revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROTOCOL_PVP_REQUEST_ATTRIBUTQUERY);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
index ab88a765e..68158cd61 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
@@ -135,7 +135,7 @@ public class SingleLogOutAction implements IAction {
 				}					
 			}
 
-			pvpReq.setSSOSessionIdentifier(ssoSessionId);
+			pvpReq.setInternalSSOSessionIdentifier(ssoSessionId);
 			ISLOInformationContainer sloInformationContainer 
 				= authManager.performSingleLogOut(httpReq, httpResp, pvpReq, ssoSessionId);
 			
@@ -165,25 +165,7 @@ public class SingleLogOutAction implements IAction {
 				//TODO: add counter to prevent deadlock
 				synchronized(this){
 					while (!storageSuccess) {
-						//						tx = session.beginTransaction();
-						//						
-						//						List result;
-						//						Query query = session.getNamedQuery("getAssertionWithArtifact");
-						//						query.setParameter("artifact", relayState);
-						//						result = query.list();					  
-						//						
-						//						
-						//						Logger.trace("Found entries: " + result.size());
-						//						  
-						//						//Assertion requires an unique artifact
-						//						if (result.size() != 1) {
-						//							Logger.trace("No entries found.");
-						//						   	throw new MOADatabaseException("No sessioninformation found with this ID");
-						//						}
-						//						  
-						//						AssertionStore element = (AssertionStore) result.get(0);					
-						//						Object data = SerializationUtils.deserialize(element.getAssertion());
-						Logger.debug("Current Thread getAssertionStore: "+Thread.currentThread().getId());
+						Logger.debug("Current Thread: " +Thread.currentThread().getId() + " requests TransactionStore");
 						Object o = transactionStorage.getRaw(relayState);
 						if(o==null){
 							Logger.trace("No entries found.");
@@ -204,35 +186,35 @@ public class SingleLogOutAction implements IAction {
 									byte[] serializedSLOContainer = SerializationUtils.serialize((Serializable) sloContainer);
 									element.setAssertion(serializedSLOContainer);
 									element.setType(sloContainer.getClass().getName());
-
-									//									session.saveOrUpdate(element);							
-									//									tx.commit();
-									Logger.debug("Current Thread putAssertionStore: "+Thread.currentThread().getId());
+									Logger.debug("Current Thread: " + Thread.currentThread().getId() + " puts SLOInformation into TransactionStore");									
 									transactionStorage.putRaw(element.getArtifact(), element);
 
 									//sloContainer could be stored to database
 									storageSuccess = true;
 
 								} catch(EAAFException e) {
-									//tx.rollback();
-
 									counter++;									
 									Logger.debug("SLOContainter could not stored to database. Wait some time and restart storage process ... ");
-									java.util.Random rand = new java.util.Random();
-
+									if (counter > 1000) {
+										Logger.warn("Stopping SLO process with an error, because it runs in a loop.", e);
+										throw new EAAFException("internal.01", null, e);
+										
+									}
+										
+																		
 									try {
+										java.util.Random rand = new java.util.Random();
 										Thread.sleep(rand.nextInt(20)*10);
 
 									} catch (InterruptedException e1) {
 										Logger.warn("Thread could not stopped. ReStart storage process immediately", e1);
+										
 									}																	
 								}
 
 							} else {
-								Logger.debug("Current Thread removeElement by Artifact: "+Thread.currentThread().getId());
+								Logger.debug("Current Thread: " + Thread.currentThread().getId() + " remove SLOInformation from TransactionStore");
 								transactionStorage.remove(element.getArtifact());
-								//									session.delete(element);
-								//									tx.commit();
 
 								storageSuccess = true;
 								String redirectURL = null;
@@ -292,16 +274,7 @@ public class SingleLogOutAction implements IAction {
 				throw new AuthenticationException("pvp2.13", new Object[]{});
 
 			} 
-
-			//				finally {
-			//					if (tx != null && !tx.getStatus().equals(TransactionStatus.COMMITTED)) {
-			//						tx.commit();
-			//						
-			//					}
-			//				}
-
-
-
+			
 		} else {
 			Logger.error("Process SingleLogOutAction but request is NOT of type LogoutRequest or LogoutResponse.");
 			throw new MOAIDException("pvp2.13", null);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
index 53606b341..8229fb405 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
@@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.builder;
 import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
 import java.util.Collection;
+import java.util.Date;
 import java.util.Iterator;
 import java.util.LinkedHashMap;
 import java.util.List;
@@ -35,6 +36,7 @@ import javax.servlet.http.HttpServletResponse;
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
 
+import org.apache.commons.lang.SerializationUtils;
 import org.joda.time.DateTime;
 import org.opensaml.Configuration;
 import org.opensaml.common.SAMLObject;
@@ -97,6 +99,7 @@ import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.frontend.builder.DefaultGUIFormBuilderConfiguration;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -201,7 +204,12 @@ public class SingleLogOutBuilder {
 				}
 				
 				//put SLO process-information into transaction storage
-				transactionStorage.put(relayState, sloContainer, -1);
+				AssertionStore rawContainer = new AssertionStore();
+				rawContainer.setArtifact(relayState);
+				rawContainer.setDatatime(new Date());
+				rawContainer.setAssertion(SerializationUtils.serialize(sloContainer));
+				rawContainer.setType(sloContainer.getClass().getName());
+				transactionStorage.putRaw(relayState, rawContainer);
 				
 				if (MiscUtil.isEmpty(authUrl))
 					authUrl = sloContainer.getSloRequest().getAuthURL();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java
index e8aa93d43..1286c2351 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/EntityVerifier.java
@@ -38,7 +38,7 @@ import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.idp.exception.SAMLRequestNotSignedException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SAMLMetadataSignatureException;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
@@ -65,7 +65,7 @@ public class EntityVerifier {
 	public static void verify(EntityDescriptor entityDescriptor, Credential cred)
 			throws EAAFException {
 		if (entityDescriptor.getSignature() == null) {
-			throw new SAMLRequestNotSignedException();
+			throw new SAMLMetadataSignatureException(); 
 		}
 
 		try {
@@ -73,7 +73,7 @@ public class EntityVerifier {
 			sigValidator.validate(entityDescriptor.getSignature());
 		} catch (ValidationException e) {
 			Logger.error("Failed to validate Signature", e);
-			throw new SAMLRequestNotSignedException(e);
+			throw new SAMLMetadataSignatureException(e);
 		}
 
 		SignatureValidator sigValidator = new SignatureValidator(cred);
@@ -81,14 +81,14 @@ public class EntityVerifier {
 			sigValidator.validate(entityDescriptor.getSignature());
 		} catch (ValidationException e) {
 			Logger.error("Failed to verfiy Signature", e);
-			throw new SAMLRequestNotSignedException(e);
+			throw new SAMLMetadataSignatureException(e);
 		}
 	}
 
 	public static void verify(EntitiesDescriptor entityDescriptor,
 			Credential cred) throws EAAFException {
 		if (entityDescriptor.getSignature() == null) {
-			throw new SAMLRequestNotSignedException();
+			throw new SAMLMetadataSignatureException();
 		}
 
 		try {
@@ -96,7 +96,7 @@ public class EntityVerifier {
 			sigValidator.validate(entityDescriptor.getSignature());
 		} catch (ValidationException e) {
 			Logger.error("Failed to validate Signature", e);
-			throw new SAMLRequestNotSignedException(e);
+			throw new SAMLMetadataSignatureException(e);
 		}
 
 		SignatureValidator sigValidator = new SignatureValidator(cred);
@@ -105,7 +105,7 @@ public class EntityVerifier {
 
 		} catch (ValidationException e) {
 			Logger.error("Failed to verfiy Signature", e);
-			throw new SAMLRequestNotSignedException(e);
+			throw new SAMLMetadataSignatureException(e);
 		}
 	}