temporarily commit to save state

2 files changed, 35 insertions, 29 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
index cfdb4426b..c190ad779 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
@@ -53,9 +53,8 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.EncryptedData;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
 import at.gv.egovernment.moa.id.moduls.IRequest;
-import at.gv.egovernment.moa.id.moduls.RequestImpl;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;
-import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOAResponse;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor;
 import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.id.util.SessionEncrytionUtil;
@@ -95,9 +94,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			Date now = new Date();
 			dbsession.setCreated(now);
 			dbsession.setUpdated(now);
-		
-			dbsession.setPendingRequestID(target.getRequestID());
-		
+				
 			//set additional session informations
 			AuthenticationSessionExtensions sessionExt = new AuthenticationSessionExtensions();
 			sessionExt.setUniqueSessionId(target.getUniqueSessionIdentifier());
@@ -443,6 +440,10 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 					  
 				  }
 				  
+				  //set additional information for AttributeQuery
+				  activeOA.setAttQueryContainerID(protocolRequest.getGenericData(
+						  PVPTargetConfiguration.DATAID_INTERFEDERATION_ATTRQUERYCONTAINERID, String.class));
+				  
 				  List<OASessionStore> activeOAs = dbsession.getActiveOAsessions();				  
 				  activeOAs.add(activeOA);
 				  dbsession.setActiveOAsessions(activeOAs);
@@ -461,7 +462,6 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 					dbsession.setSSOSession(true);
 					dbsession.setSSOsessionid(SSOSessionID);
 					dbsession.setAuthenticated(false);
-					dbsession.setPendingRequestID("empty");
 
 					//Store MOASession
 					session.saveOrUpdate(dbsession);
@@ -751,7 +751,8 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 		  }	
 	}
 	
-	public void createInterfederatedSession(IRequest req, boolean isAuthenticated) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException {		
+	@Override
+	public void addFederatedSessionInformation(IRequest req, String idpEntityID, AssertionAttributeExtractor extractor) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException {		
 		AuthenticatedSessionStore dbsession = null;
 		Date now = new Date();
 		
@@ -766,23 +767,27 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 				throw e;
 			}			
 		} 	
+
+		dbsession.setUpdated(now);
 		
+		//decrypt MOASession
 		AuthenticationSession session = decryptSession(dbsession);
 		
-		//set Session parameters
-		session.setAuthenticated(isAuthenticated);
-		dbsession.setAuthenticated(isAuthenticated);
-		dbsession.setInterfederatedSSOSession(true);		
-		dbsession.setUpdated(now);		
-				
+		//federated Session are never authenticated locally, 
+		// because they get always authentication information from federated IDP
+		session.setAuthenticated(false);
+		dbsession.setAuthenticated(false);
+
+		//encrypt MOASession
 		encryptSession(session, dbsession);
+		
+		//mark as federated SSO session
+		dbsession.setInterfederatedSSOSession(true);
 			
 		//add interfederation information
 		List<InterfederationSessionStore> idpList = dbsession.getInderfederation();
-		
-		MOAResponse interfederationResp = req.getGenericData(RequestImpl.DATAID_INTERFEDERATIOIDP_RESPONSE, MOAResponse.class);
-		String interFedEntityID = interfederationResp.getEntityID();
-		
+
+		//check if federated IDP is already stored
 		InterfederationSessionStore idp = null;
 		if (idpList == null) {
 			idpList = new ArrayList<InterfederationSessionStore>();
@@ -791,7 +796,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 		} else {
 			for (InterfederationSessionStore el : idpList) {
 				//resue old entry if interfederation IDP is reused for authentication
-				if (el.getIdpurlprefix().equals(interFedEntityID))
+				if (el.getIdpurlprefix().equals(idpEntityID))
 					idp = el;
 				
 			}			
@@ -801,7 +806,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 		if (idp == null) {
 			idp = new InterfederationSessionStore();
 			idp.setCreated(now);
-			idp.setIdpurlprefix(interFedEntityID);
+			idp.setIdpurlprefix(idpEntityID);
 			idp.setAuthURL(req.getAuthURL());
 			
 			OAAuthParameter oa = authConfig.getOnlineApplicationParameter(idp.getIdpurlprefix());			
@@ -809,12 +814,11 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			idp.setMoasession(dbsession);
 			idpList.add(idp);
 						
-		}
-		AssertionAttributeExtractor extract = new AssertionAttributeExtractor(interfederationResp.getResponse());		
-		idp.setSessionIndex(extract.getSessionIndex());
-		idp.setUserNameID(extract.getNameID());
+		}		
+		idp.setSessionIndex(extractor.getSessionIndex());
+		idp.setUserNameID(extractor.getNameID());
 		idp.setAttributesRequested(false);
-		idp.setQAALevel(extract.getQAALevel());
+		idp.setQAALevel(extractor.getQAALevel());
 
 		//store AssertionStore element to Database
 		try {
@@ -1024,4 +1028,5 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 				throw e;
 		}	
 	}
+
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java
index 2fd540a67..aaa54fbb9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/IAuthenticationSessionStoreage.java
@@ -36,6 +36,7 @@ import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor;
 
 /**
  * @author tlenz
@@ -238,16 +239,16 @@ public interface IAuthenticationSessionStoreage {
 	
 	
 	/**
-	 * Create a MOASession from interfederation information
+	 * Add information of the federated IDP to MOASession
 	 * 
-	 * @param req Pending request
-	 * @param isAuthenticated true if the session should be marked as authenticated, otherwise false
+	 * @param req Pending request of the service-provider request, never null
+	 * @param idpEntityID The SAML2 EntityID of the federated IDP, never null
+	 * @param extractor <code>AssertionAttributeExtractor</code> which holds the SAML2 response of the federated IDP, never null 
 	 * @throws MOADatabaseException
 	 * @throws AssertionAttributeExtractorExeption
 	 * @throws BuildException
 	 */
-	@Deprecated
-	public void createInterfederatedSession(IRequest req, boolean isAuthenticated) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException;
+	public void addFederatedSessionInformation(IRequest req, String idpEntityID, AssertionAttributeExtractor extractor) throws MOADatabaseException, AssertionAttributeExtractorExeption, BuildException;
 	
 	/**
 	 * Search an active federation IDP which could be used for federated Single Sign-On by using an AttributeQuery