add interfederation attribute query

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-05-02 13:16:29 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-05-02 13:16:29 +0200
commit: 9fe8db82075de8780feec90f94063e708e521391 (patch)
tree: 24958cccfd805aef4d2910bfef61c4eeb9c5f7b4 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage
parent: ae7303098d7bd3574c83f3ba4f4c57ae14c476c7 (diff)
download: moa-id-spss-9fe8db82075de8780feec90f94063e708e521391.tar.gz
moa-id-spss-9fe8db82075de8780feec90f94063e708e521391.tar.bz2
moa-id-spss-9fe8db82075de8780feec90f94063e708e521391.zip
3 files changed, 260 insertions, 38 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
index bc9de7a50..890ec9f0d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
@@ -208,7 +208,7 @@ public class AssertionStorage {
 		  synchronized (session) {
 			  session.beginTransaction();
 			  Query query = session.getNamedQuery("getAssertionWithArtifact");
-			  query.setString("artifact", artifact);
+			  query.setParameter("artifact", artifact);
 			  result = query.list();
 		  
 			  //send transaction
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index e18d9786d..2ee4327dc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -27,6 +27,7 @@ import java.util.Date;
 import java.util.List;
 
 import org.apache.commons.lang.SerializationUtils;
+import org.apache.commons.lang.StringEscapeUtils;
 import org.hibernate.HibernateException;
 import org.hibernate.Query;
 import org.hibernate.Session;
@@ -113,10 +114,13 @@ public class AuthenticationSessionStoreage {
 	public static String createInterfederatedSession(IRequest req, boolean isAuthenticated) throws MOADatabaseException, AssertionAttributeExtractorExeption {
 		String id = Random.nextRandom();
 		AuthenticationSession session = new AuthenticationSession(id);
+		session.setAuthenticated(true);
+		session.setAuthenticatedUsed(false);
 		
 		AuthenticatedSessionStore dbsession = new AuthenticatedSessionStore();
 		dbsession.setSessionid(id);
 		dbsession.setAuthenticated(isAuthenticated);
+		dbsession.setInterfederatedSSOSession(true);
 		
 		//set Timestamp in this state, because automated timestamp generation is buggy in Hibernate 4.2.1
 		Date now = new Date();
@@ -127,20 +131,37 @@ public class AuthenticationSessionStoreage {
 		
 		//add interfederation information
 		List<InterfederationSessionStore> idpList = dbsession.getInderfederation();
-		if (idpList == null)
+		InterfederationSessionStore idp = null;
+		if (idpList == null) {
 			idpList = new ArrayList<InterfederationSessionStore>();
-		
-		InterfederationSessionStore idp = new InterfederationSessionStore();
-		idp.setCreated(now);
-		idp.setIdpurlprefix(req.getInterfederationResponse().getEntityID());
+			dbsession.setInderfederation(idpList);
+			
+		} else {
+			for (InterfederationSessionStore el : idpList) {
+				//resue old entry if interfederation IDP is reused for authentication
+				if (el.getIdpurlprefix().equals(req.getInterfederationResponse().getEntityID()))
+					idp = el;
+				
+			}			
+		}
+
+		//create new interfederation IDP entry
+		if (idp == null) {
+			idp = new InterfederationSessionStore();
+			idp.setCreated(now);
+			idp.setIdpurlprefix(req.getInterfederationResponse().getEntityID());
+			
+		}
 		
 		AssertionAttributeExtractor extract = new AssertionAttributeExtractor(req.getInterfederationResponse().getResponse());		
 		idp.setSessionIndex(extract.getSessionIndex());
 		idp.setUserNameID(extract.getNameID());
 		idp.setAttributesRequested(false);
 		idp.setQAALevel(extract.getQAALevel());
+		idp.setMoasession(dbsession);
 		idpList.add(idp);
 		
+		
 		//store AssertionStore element to Database
 		try {
 			MOASessionDBUtils.saveOrUpdate(dbsession);
@@ -153,28 +174,7 @@ public class AuthenticationSessionStoreage {
 		
 		return id;
 	}
-	
-	public static void setInterfederationAttributCollectorUsed(AuthenticationSession session, String idpID) throws MOADatabaseException {				
-		AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID());
-		List<InterfederationSessionStore> idpList = dbsession.getInderfederation();
-		for (InterfederationSessionStore idp : idpList) {
-			if (idp.getIdpurlprefix().endsWith(idpID))
-				idp.setAttributesRequested(true);			
-		}
 		
-		//store AssertionStore element to Database
-		try {
-			MOASessionDBUtils.saveOrUpdate(dbsession);
-			Logger.info("MOASession with sessionID=" + session.getSessionID() 
-					+ " is stored in Database");
-			
-		} catch (MOADatabaseException e) {
-			Logger.warn("MOASession could not stored.",e);
-			throw e;
-		}
-	}
-	
-	
 	public static void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException {
 		
 		try {
@@ -234,7 +234,7 @@ public class AuthenticationSessionStoreage {
 			  
 			  session.beginTransaction();
 			  Query query = session.getNamedQuery("getSessionWithID");
-			  query.setString("sessionid", moaSessionID);
+			  query.setParameter("sessionid", moaSessionID);
 			  result = query.list();
 
 		  
@@ -308,7 +308,7 @@ public class AuthenticationSessionStoreage {
 				  
 				  tx = session.beginTransaction();
 				  Query query = session.getNamedQuery("getSessionWithID");
-				  query.setString("sessionid", moaSessionID);
+				  query.setParameter("sessionid", moaSessionID);
 				  result = query.list();
 
 			  
@@ -344,7 +344,10 @@ public class AuthenticationSessionStoreage {
 				  if (SLOInfo != null) {
 					  activeOA.setAssertionSessionID(SLOInfo.getSessionIndex());
 					  activeOA.setUserNameID(SLOInfo.getUserNameIdentifier());
+					  activeOA.setUserNameIDFormat(SLOInfo.getUserNameIDFormat());
 					  activeOA.setProtocolType(SLOInfo.getProtocolType());
+					  activeOA.setAttributeQueryUsed(false);
+					  
 					  
 				  }
 				  
@@ -436,7 +439,7 @@ public class AuthenticationSessionStoreage {
 		  synchronized (session) {
 			  session.beginTransaction();
 			  Query query = session.getNamedQuery("getSessionWithSSOID");
-			  query.setString("sessionid", SSOSessionID);
+			  query.setParameter("sessionid", SSOSessionID);
 			  result = query.list();
 			  
 			  //send transaction
@@ -457,7 +460,7 @@ public class AuthenticationSessionStoreage {
 		  
 	}
 	
-	public static boolean isValidSessionWithSSOID(String SSOId, String moaSessionId) {
+	public static AuthenticatedSessionStore isValidSessionWithSSOID(String SSOId, String moaSessionId) {
 		
 		  MiscUtil.assertNotNull(SSOId, "SSOSessionID");	  
 		  Logger.trace("Get authenticated session with SSOID " + SSOId + " from database.");
@@ -468,7 +471,7 @@ public class AuthenticationSessionStoreage {
 		  synchronized (session) {
 			  session.beginTransaction();
 			  Query query = session.getNamedQuery("getSessionWithSSOID");
-			  query.setString("sessionid", SSOId);
+			  query.setParameter("sessionid", SSOId);
 			  result = query.list();
 			  
 			  //send transaction
@@ -480,10 +483,10 @@ public class AuthenticationSessionStoreage {
 		  //Assertion requires an unique artifact
 		  if (result.size() != 1) {
 			 Logger.trace("No entries found.");
-			 return false;
+			 return null;
 					 
 		  } else {
-			  return true;
+			  return result.get(0);
 		  }
 		
 	}
@@ -498,7 +501,7 @@ public class AuthenticationSessionStoreage {
 		  synchronized (session) {
 			  session.beginTransaction();
 			  Query query = session.getNamedQuery("getSessionWithPendingRequestID");
-			  query.setString("sessionid", id);
+			  query.setParameter("sessionid", id);
 			  result = query.list();
 			  
 			  //send transaction
@@ -532,6 +535,48 @@ public class AuthenticationSessionStoreage {
 		
 	}
 	
+	
+	public static AuthenticationSession getSessionWithUserNameID(String nameID) {
+		
+		try {
+			  MiscUtil.assertNotNull(nameID, "nameID");	  
+			  Logger.trace("Get authenticated session with pedingRequestID " + nameID + " from database.");
+			  Session session = MOASessionDBUtils.getCurrentSession();
+			  
+			  List<AuthenticatedSessionStore> result;
+			  
+			  synchronized (session) {
+				  session.beginTransaction();
+				  Query query = session.getNamedQuery("getMOAISessionWithUserNameID");
+				  query.setParameter("usernameid", StringEscapeUtils.escapeHtml(nameID));
+				  result = query.list();
+				  
+				  //send transaction
+				  session.getTransaction().commit();
+			  }
+			  
+			  Logger.trace("Found entries: " + result.size());
+			  
+			  //Assertion requires an unique artifact
+			  if (result.size() != 1) {
+				 Logger.trace("No entries found.");
+			   	return null;
+			  }
+			
+			//decrypt Session
+			EncryptedData encdata = new EncryptedData(result.get(0).getSession(),
+						result.get(0).getIv());
+			byte[] decrypted = SessionEncrytionUtil.decrypt(encdata);			  					
+			return (AuthenticationSession) SerializationUtils.deserialize(decrypted);
+			
+								
+		} catch (Throwable e) {
+			Logger.warn("MOASession deserialization-exception by using MOASessionID=" + nameID);
+			return null;
+		}
+		
+	}
+	
 	public static AuthenticationSession getSessionWithPendingRequestID(String pedingRequestID) {
 		
 		try {
@@ -544,7 +589,7 @@ public class AuthenticationSessionStoreage {
 			  synchronized (session) {
 				  session.beginTransaction();
 				  Query query = session.getNamedQuery("getSessionWithPendingRequestID");
-				  query.setString("sessionid", pedingRequestID);
+				  query.setParameter("sessionid", pedingRequestID);
 				  result = query.list();
 				  
 				  //send transaction
@@ -622,6 +667,129 @@ public class AuthenticationSessionStoreage {
 		
 	}
 	
+	public static OASessionStore searchActiveOASSOSession(AuthenticationSession moaSession, String oaID, String protocolType) {
+		  MiscUtil.assertNotNull(moaSession, "MOASession");	  
+		  MiscUtil.assertNotNull(oaID, "OnlineApplicationIdentifier");
+		  MiscUtil.assertNotNull(protocolType, "usedProtocol");
+		  Logger.trace("Get active OnlineApplication for sessionID " + moaSession.getSessionID() + " with OAID "
+				  + oaID + " from database.");
+		  Session session = MOASessionDBUtils.getCurrentSession();
+		  
+		  List<AuthenticatedSessionStore> result;
+		  
+		  synchronized (session) {
+			  session.beginTransaction();
+			  Query query = session.getNamedQuery("getActiveOAWithSessionIDandOAIDandProtocol");
+			  query.setParameter("sessionID", moaSession.getSessionID());
+			  query.setParameter("oaID", oaID);
+			  query.setParameter("protocol", protocolType);
+			  result = query.list();
+			  
+			  //send transaction
+			  session.getTransaction().commit();
+		  }
+		  
+		  Logger.trace("Found entries: " + result.size());
+		  
+		  //Assertion requires an unique artifact
+		  if (result.size() == 0) {
+			 Logger.trace("No entries found.");
+		   	 return null;
+		   	
+		  }
+		  
+		  return  result.get(0).getActiveOAsessions().get(0);
+	}
+	
+	public static InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASession(String sessionID) {
+		  MiscUtil.assertNotNull(sessionID, "MOASession");	  
+		  Logger.trace("Get interfederated IDP for SSO with sessionID " + sessionID + " from database.");
+		  Session session = MOASessionDBUtils.getCurrentSession();
+		  
+		  List<AuthenticatedSessionStore> result;
+		  
+		  synchronized (session) {
+			  session.beginTransaction();
+			  Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionID");
+			  query.setParameter("sessionID", sessionID);
+			  result = query.list();
+			  
+			  //send transaction
+			  session.getTransaction().commit();
+		  }
+		  
+		  Logger.trace("Found entries: " + result.size());
+		  
+		  //Assertion requires an unique artifact
+		  if (result.size() == 0) {
+			 Logger.trace("No entries found.");
+		   	return null;
+		   	
+		  }
+		  
+		  return result.get(0).getInderfederation().get(0);
+	}
+	
+	public static InterfederationSessionStore searchInterfederatedIDPFORSSOWithMOASessionIDPID(String sessionID, String idpID) {
+		  MiscUtil.assertNotNull(sessionID, "MOASession");	  
+		  MiscUtil.assertNotNull(idpID, "Interfederated IDP ID");
+		  Logger.trace("Get interfederated IDP "+ idpID + " for SSO with sessionID " + sessionID + " from database.");
+		  Session session = MOASessionDBUtils.getCurrentSession();
+		  
+		  List<AuthenticatedSessionStore> result;
+		  
+		  synchronized (session) {
+			  session.beginTransaction();
+			  Query query = session.getNamedQuery("getInterfederatedIDPForSSOWithSessionIDIDPID");
+			  query.setParameter("sessionID", sessionID);
+			  query.setParameter("idpID", idpID);
+			  result = query.list();
+			  
+			  //send transaction
+			  session.getTransaction().commit();
+		  }
+		  
+		  Logger.trace("Found entries: " + result.size());
+		  
+		  //Assertion requires an unique artifact
+		  if (result.size() == 0) {
+			 Logger.trace("No entries found.");
+		   	return null;
+		   	
+		  }
+		  
+		  return result.get(0).getInderfederation().get(0);
+	}
+	
+	public static InterfederationSessionStore searchInterfederatedIDPFORAttributeQueryWithSessionID(AuthenticationSession moaSession) {
+		  MiscUtil.assertNotNull(moaSession, "MOASession");	  
+		  Logger.trace("Get interfederated IDP for AttributeQuery with sessionID " + moaSession.getSessionID() + " from database.");
+		  Session session = MOASessionDBUtils.getCurrentSession();
+		  
+		  List<AuthenticatedSessionStore> result;
+		  
+		  synchronized (session) {
+			  session.beginTransaction();
+			  Query query = session.getNamedQuery("getInterfederatedIDPForAttributeQueryWithSessionID");
+			  query.setParameter("sessionID", moaSession.getSessionID());
+			  result = query.list();
+			  
+			  //send transaction
+			  session.getTransaction().commit();
+		  }
+		  
+		  Logger.trace("Found entries: " + result.size());
+		  
+		  //Assertion requires an unique artifact
+		  if (result.size() == 0) {
+			 Logger.trace("No entries found.");
+		   	return null;
+		   	
+		  }
+		  
+		  return result.get(0).getInderfederation().get(0);
+	}
+	
 	@SuppressWarnings("rawtypes")
 	private static AuthenticatedSessionStore searchInDatabase(String sessionID) throws MOADatabaseException {
 		  MiscUtil.assertNotNull(sessionID, "moasessionID");	  
@@ -633,7 +801,7 @@ public class AuthenticationSessionStoreage {
 		  synchronized (session) {
 			  session.beginTransaction();
 			  Query query = session.getNamedQuery("getSessionWithID");
-			  query.setString("sessionid", sessionID);
+			  query.setParameter("sessionid", sessionID);
 			  result = query.list();
 			  
 			  //send transaction
@@ -650,4 +818,58 @@ public class AuthenticationSessionStoreage {
 		  
 		  return (AuthenticatedSessionStore) result.get(0);
 	}
+
+	/**
+	 * @param entityID
+	 * @param requestID
+	 */
+	public static boolean removeInterfederetedSession(String entityID,
+			String pedingRequestID) {
+		
+		try {
+			Logger.debug("Remove interfederated IDP from local SSO session ...");
+			
+			  MiscUtil.assertNotNull(pedingRequestID, "pedingRequestID");	  
+			  Logger.trace("Get authenticated session with pedingRequestID " + pedingRequestID + " from database.");
+			  Session session = MOASessionDBUtils.getCurrentSession();
+			  
+			  List<AuthenticatedSessionStore> result;
+			  
+			  synchronized (session) {
+				  session.beginTransaction();
+				  Query query = session.getNamedQuery("getSessionWithPendingRequestID");
+				  query.setParameter("sessionid", pedingRequestID);
+				  result = query.list();
+				  
+				  //send transaction
+				  session.getTransaction().commit();
+			  }
+			  
+			  Logger.trace("Found entries: " + result.size());
+			  
+			  //Assertion requires an unique artifact
+			  if (result.size() != 1) {
+				 Logger.trace("No entries found.");
+			   	return false;
+			  }
+			
+			  AuthenticatedSessionStore authsession = result.get(0);
+			  
+			  List<InterfederationSessionStore> idpSessions = authsession.getInderfederation();
+			  if (idpSessions != null) {
+				  for (InterfederationSessionStore idp : idpSessions) {
+					  if (idp.getIdpurlprefix().equals(entityID))
+						  idpSessions.remove(idp);
+					  
+				  }				  
+			  }
+			  
+			  MOASessionDBUtils.saveOrUpdate(authsession);
+			  return true;			
+								
+		} catch (Throwable e) {
+			Logger.warn("MOASession deserialization-exception by using MOASessionID=" + pedingRequestID);
+			return false;
+		}		
+	}
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java
index ae8e5ee27..054ad1014 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBExceptionStoreImpl.java
@@ -154,7 +154,7 @@ public class DBExceptionStoreImpl implements IExceptionStore {
 		  synchronized (session) {
 			  session.beginTransaction();
 			  Query query = session.getNamedQuery("getExceptionWithID");
-			  query.setString("id", id);
+			  query.setParameter("id", id);
 			  result = query.list();
 		  
 			  //send transaction
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-05-02 13:16:29 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-05-02 13:16:29 +0200
commit	9fe8db82075de8780feec90f94063e708e521391 (patch)
tree	24958cccfd805aef4d2910bfef61c4eeb9c5f7b4 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage
parent	ae7303098d7bd3574c83f3ba4f4c57ae14c476c7 (diff)
download	moa-id-spss-9fe8db82075de8780feec90f94063e708e521391.tar.gz moa-id-spss-9fe8db82075de8780feec90f94063e708e521391.tar.bz2 moa-id-spss-9fe8db82075de8780feec90f94063e708e521391.zip