add federated IDP authentication modul

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-02-24 06:22:18 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-02-24 06:22:18 +0100
commit: 101f582d457f3e0bbd42083521360d18168fbd84 (patch)
tree: 48aa8e439f3e0f02197bacc8095f3aba530ad6c9 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage
parent: cbdb6946d5af7de63afebf5ad256743303f00935 (diff)
download: moa-id-spss-101f582d457f3e0bbd42083521360d18168fbd84.tar.gz
moa-id-spss-101f582d457f3e0bbd42083521360d18168fbd84.tar.bz2
moa-id-spss-101f582d457f3e0bbd42083521360d18168fbd84.zip
2 files changed, 24 insertions, 48 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
index 743caec55..cfdb4426b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
@@ -32,6 +32,7 @@ import org.hibernate.HibernateException;
 import org.hibernate.Query;
 import org.hibernate.Session;
 import org.hibernate.Transaction;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
@@ -47,8 +48,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.session.OASessionStore;
 import at.gv.egovernment.moa.id.commons.db.dao.session.OldSSOSessionIDStore;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.commons.utils.JsonMapper;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.EncryptedData;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
@@ -65,6 +65,8 @@ import at.gv.egovernment.moa.util.MiscUtil;
 @Service("AuthenticationSessionStoreage")
 public class DBAuthenticationSessionStoreage implements IAuthenticationSessionStoreage{
 
+	@Autowired AuthConfiguration authConfig;
+	
 	private static JsonMapper mapper = new JsonMapper();
 	
 	@Override
@@ -749,44 +751,30 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 		  }	
 	}
 	
-	public String createInterfederatedSession(IRequest req, boolean isAuthenticated, String ssoID) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException {		
+	public void createInterfederatedSession(IRequest req, boolean isAuthenticated) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException {		
 		AuthenticatedSessionStore dbsession = null;
+		Date now = new Date();
 		
-		//search for active SSO session
-		if (MiscUtil.isNotEmpty(ssoID)) {
-			String moaSession = getMOASessionSSOID(ssoID);		
-			if (MiscUtil.isNotEmpty(moaSession)) {
-				try {
-					dbsession = searchInDatabase(moaSession, true);
-				
-				}catch (MOADatabaseException e) {
+		//search for active session
+		String moaSession = getMOASessionSSOID(req.getMOASessionIdentifier());		
+		if (MiscUtil.isNotEmpty(moaSession)) {
+			try {
+				dbsession = searchInDatabase(moaSession, true);
 				
-				}			
-			} 	
-		}
-		
-		String id = null;
-		Date now = new Date();
-		//create new MOASession if any exists
-		AuthenticationSession session = null;
-		if (dbsession == null) {
-			id = Random.nextRandom();
-			dbsession = new AuthenticatedSessionStore();
-			dbsession.setSessionid(id);
-			dbsession.setCreated(now);
-			dbsession.setPendingRequestID(req.getRequestID());
-			session = new AuthenticationSession(id, now);
+			}catch (MOADatabaseException e) {
+				Logger.error("NO MOASession found but MOASession MUST already exist!");
+				throw e;
+			}			
+		} 	
 		
-		} else {
-			id = dbsession.getSessionid();
-			session = decryptSession(dbsession);
+		AuthenticationSession session = decryptSession(dbsession);
 		
-		}
-			
-		dbsession.setInterfederatedSSOSession(true);
+		//set Session parameters
+		session.setAuthenticated(isAuthenticated);
 		dbsession.setAuthenticated(isAuthenticated);
+		dbsession.setInterfederatedSSOSession(true);		
 		dbsession.setUpdated(now);		
-		session.setAuthenticated(true);		
+				
 		encryptSession(session, dbsession);
 			
 		//add interfederation information
@@ -816,16 +804,8 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			idp.setIdpurlprefix(interFedEntityID);
 			idp.setAuthURL(req.getAuthURL());
 			
-			try {
-				OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().
-						getOnlineApplicationParameter(idp.getIdpurlprefix());			
-				idp.setStoreSSOInformation(oa.isInterfederationSSOStorageAllowed());
-								
-			} catch (ConfigurationException e) {
-				Logger.warn("MOASession could not be created.");
-				throw new MOADatabaseException(e);
-				
-			}						
+			OAAuthParameter oa = authConfig.getOnlineApplicationParameter(idp.getIdpurlprefix());			
+			idp.setStoreSSOInformation(oa.isInterfederationSSOStorageAllowed());						
 			idp.setMoasession(dbsession);
 			idpList.add(idp);
 						
@@ -839,14 +819,12 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 		//store AssertionStore element to Database
 		try {
 			MOASessionDBUtils.saveOrUpdate(dbsession);
-			Logger.debug("MOASession with sessionID=" + id + " is stored in Database");
 			
 		} catch (MOADatabaseException e) {
 			Logger.warn("MOASession could not be created.");
 			throw new MOADatabaseException(e);
 		}
 		
-		return id;
 	}
 	
 	@Override
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java
index e89713b2e..2fd540a67 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java
@@ -242,14 +242,12 @@ public interface IAuthenticationSessionStoreage {
 	 * 
 	 * @param req Pending request
 	 * @param isAuthenticated true if the session should be marked as authenticated, otherwise false
-	 * @param ssoID Single Sign-On session identifer
-	 * @return MOASessionID of new created MOASession
 	 * @throws MOADatabaseException
 	 * @throws AssertionAttributeExtractorExeption
 	 * @throws BuildException
 	 */
 	@Deprecated
-	public String createInterfederatedSession(IRequest req, boolean isAuthenticated, String ssoID) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException;
+	public void createInterfederatedSession(IRequest req, boolean isAuthenticated) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException;
 	
 	/**
 	 * Search an active federation IDP which could be used for federated Single Sign-On by using an AttributeQuery
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-02-24 06:22:18 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-02-24 06:22:18 +0100
commit	101f582d457f3e0bbd42083521360d18168fbd84 (patch)
tree	48aa8e439f3e0f02197bacc8095f3aba530ad6c9 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage
parent	cbdb6946d5af7de63afebf5ad256743303f00935 (diff)
download	moa-id-spss-101f582d457f3e0bbd42083521360d18168fbd84.tar.gz moa-id-spss-101f582d457f3e0bbd42083521360d18168fbd84.tar.bz2 moa-id-spss-101f582d457f3e0bbd42083521360d18168fbd84.zip