aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-05-28 08:43:32 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-05-28 08:43:32 +0200
commit352a061434c121bb438b01829131aaa85378fc26 (patch)
tree579568bd885a4fc413bd91f71fce483b8e231e2b /id/server/idserverlib/src/main/java/at/gv
parent16a5e33bc2a4832d2d44c18ad1977524ba809463 (diff)
downloadmoa-id-spss-352a061434c121bb438b01829131aaa85378fc26.tar.gz
moa-id-spss-352a061434c121bb438b01829131aaa85378fc26.tar.bz2
moa-id-spss-352a061434c121bb438b01829131aaa85378fc26.zip
use AssertionConsumerServiceURL from request if it exists
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java77
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java7
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java37
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java7
6 files changed, 68 insertions, 65 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
index 70db9cc23..04b7854b1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
@@ -40,7 +40,7 @@ public class AuthenticationAction implements IAction {
PVPTargetConfiguration pvpRequest = (PVPTargetConfiguration) req;
- SLOInformationImpl sloInformation = (SLOInformationImpl) RequestManager.getInstance().handle(pvpRequest.request, httpReq, httpResp, authData);
+ SLOInformationImpl sloInformation = (SLOInformationImpl) RequestManager.getInstance().handle(pvpRequest, httpReq, httpResp, authData);
//set protocol type
sloInformation.setProtocolType(req.requestedModule());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 863bfe501..d9ce6250a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -82,6 +82,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.InvalidAssertionConsumerServiceException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NameIDFormatNotSupportedException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException;
@@ -543,52 +544,51 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
AuthnRequest authnRequest = (AuthnRequest)samlReq;
- Integer aIdx = authnRequest.getAssertionConsumerServiceIndex();
- int assertionidx = 0;
+ //parse AssertionConsumerService
+ AssertionConsumerService consumerService = null;
+ if (MiscUtil.isNotEmpty(authnRequest.getAssertionConsumerServiceURL()) &&
+ MiscUtil.isNotEmpty(authnRequest.getProtocolBinding())) {
+ //use AssertionConsumerServiceURL from request
+ consumerService = SAML2Utils.createSAMLObject(AssertionConsumerService.class);
+ consumerService.setBinding(authnRequest.getProtocolBinding());
+ consumerService.setLocation(authnRequest.getAssertionConsumerServiceURL());
+
+ } else {
+ //use AssertionConsumerServiceIndex and select consumerService from metadata
+ Integer aIdx = authnRequest.getAssertionConsumerServiceIndex();
+ int assertionidx = 0;
- if(aIdx != null) {
- assertionidx = aIdx.intValue();
+ if(aIdx != null) {
+ assertionidx = aIdx.intValue();
+
+ } else {
+ assertionidx = SAML2Utils.getDefaultAssertionConsumerServiceIndex(spSSODescriptor);
+
+ }
+ consumerService = spSSODescriptor.getAssertionConsumerServices().get(assertionidx);
- } else {
- assertionidx = SAML2Utils.getDefaultAssertionConsumerServiceIndex(spSSODescriptor);
+ if (consumerService == null) {
+ throw new InvalidAssertionConsumerServiceException(aIdx);
+
+ }
}
- aIdx = authnRequest.getAttributeConsumingServiceIndex();
+ //select AttributeConsumingService from request
+ AttributeConsumingService attributeConsumer = null;
+ Integer aIdx = authnRequest.getAttributeConsumingServiceIndex();
int attributeIdx = 0;
-
+
if(aIdx != null) {
attributeIdx = aIdx.intValue();
}
- AssertionConsumerService consumerService = spSSODescriptor.getAssertionConsumerServices().get(assertionidx);
-
- AttributeConsumingService attributeConsumer = null;
-
if (spSSODescriptor.getAttributeConsumingServices() != null &&
spSSODescriptor.getAttributeConsumingServices().size() > 0) {
attributeConsumer = spSSODescriptor.getAttributeConsumingServices().get(attributeIdx);
}
- PVPTargetConfiguration config = new PVPTargetConfiguration();
-
- String oaURL = moaRequest.getEntityMetadata().getEntityID();
- String binding = consumerService.getBinding();
-
- Logger.info("Dispatch PVP2 AuthnRequest: OAURL=" + oaURL + " Binding=" + binding);
-
- oaURL = StringEscapeUtils.escapeHtml(oaURL);
-
- config.setOAURL(oaURL);
- config.setBinding(binding);
- config.setRequest(moaRequest);
- config.setConsumerURL(consumerService.getLocation());
-
- //parse AuthRequest
- AuthnRequestImpl authReq = (AuthnRequestImpl) samlReq;
- config.setPassiv(authReq.isPassive());
- config.setForce(authReq.isForceAuthn());
-
//validate AuthnRequest
+ AuthnRequestImpl authReq = (AuthnRequestImpl) samlReq;
AuthnRequestValidator.validate(authReq);
String useMandate = request.getParameter(PARAM_USEMANDATE);
@@ -599,7 +599,22 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
}
}
}
+
+ String oaURL = moaRequest.getEntityMetadata().getEntityID();
+ oaURL = StringEscapeUtils.escapeHtml(oaURL);
+
+ Logger.info("Dispatch PVP2 AuthnRequest: OAURL=" + oaURL + " Binding=" + consumerService.getBinding());
+
+ PVPTargetConfiguration config = new PVPTargetConfiguration();
+ config.setOAURL(oaURL);
+ config.setBinding(consumerService.getBinding());
+ config.setRequest(moaRequest);
+ config.setConsumerURL(consumerService.getLocation());
+ //parse AuthRequest
+ config.setPassiv(authReq.isPassive());
+ config.setForce(authReq.isForceAuthn());
+
return config;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
index 303fc2924..7f6054f2d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
@@ -34,6 +34,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationInterface;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPAssertionStorage;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.SoapBinding;
@@ -48,13 +49,13 @@ public class ArtifactResolution implements IRequestHandler {
((MOARequest)obj).getSamlRequest() instanceof ArtifactResolve);
}
- public SLOInformationInterface process(InboundMessage obj, HttpServletRequest req,
+ public SLOInformationInterface process(PVPTargetConfiguration obj, HttpServletRequest req,
HttpServletResponse resp, IAuthData authData) throws MOAIDException {
- if (!handleObject(obj)) {
+ if (!handleObject(obj.getRequest())) {
throw new MOAIDException("pvp2.13", null);
}
- ArtifactResolve artifactResolve = (ArtifactResolve) ((MOARequest)obj).getSamlRequest();
+ ArtifactResolve artifactResolve = (ArtifactResolve) ((MOARequest)obj.getRequest()).getSamlRequest();
String artifactID = artifactResolve.getArtifact().getArtifact();
PVPAssertionStorage pvpAssertion = PVPAssertionStorage.getInstance();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index ca5210d21..d33c38f25 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -41,6 +41,7 @@ import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationImpl;
import at.gv.egovernment.moa.id.data.SLOInformationInterface;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
@@ -62,38 +63,22 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
((MOARequest)obj).getSamlRequest() instanceof AuthnRequest);
}
- public SLOInformationInterface process(InboundMessage obj, HttpServletRequest req,
+ public SLOInformationInterface process(PVPTargetConfiguration obj, HttpServletRequest req,
HttpServletResponse resp, IAuthData authData) throws MOAIDException {
- if (!handleObject(obj)) {
+ if (!handleObject(obj.getRequest())) {
throw new MOAIDException("pvp2.13", null);
}
//get basic information
- MOARequest moaRequest = (MOARequest) obj;
+ MOARequest moaRequest = (MOARequest) obj.getRequest();
AuthnRequest authnRequest = (AuthnRequest) moaRequest.getSamlRequest();
- EntityDescriptor peerEntity = obj.getEntityMetadata();
- SPSSODescriptor spSSODescriptor = peerEntity
- .getSPSSODescriptor(SAMLConstants.SAML20P_NS);
-
- //get AssertionConsumingService
- Integer aIdx = authnRequest.getAssertionConsumerServiceIndex();
- int idx = 0;
-
- if (aIdx != null) {
- idx = aIdx.intValue();
-
- } else {
- idx = SAML2Utils.getDefaultAssertionConsumerServiceIndex(spSSODescriptor);
- }
-
- AssertionConsumerService consumerService = spSSODescriptor
- .getAssertionConsumerServices().get(idx);
-
- if (consumerService == null) {
- throw new InvalidAssertionConsumerServiceException(idx);
-
- }
+ EntityDescriptor peerEntity = moaRequest.getEntityMetadata();
+ AssertionConsumerService consumerService =
+ SAML2Utils.createSAMLObject(AssertionConsumerService.class);
+ consumerService.setBinding(obj.getBinding());
+ consumerService.setLocation(obj.getConsumerURL());
+
DateTime date = new DateTime();
SLOInformationImpl sloInformation = new SLOInformationImpl();
@@ -127,7 +112,7 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
try {
binding.encodeRespone(req, resp, authResponse,
- consumerService.getLocation(), obj.getRelayState());
+ consumerService.getLocation(), moaRequest.getRelayState());
return sloInformation;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java
index d1ae0b202..293dccf6c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java
@@ -28,12 +28,13 @@ import javax.servlet.http.HttpServletResponse;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationInterface;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
public interface IRequestHandler {
public boolean handleObject(InboundMessage obj);
- public SLOInformationInterface process(InboundMessage obj, HttpServletRequest req,
+ public SLOInformationInterface process(PVPTargetConfiguration pvpRequest, HttpServletRequest req,
HttpServletResponse resp, IAuthData authData) throws MOAIDException;
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java
index 5b9bf940d..b58b09f12 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java
@@ -33,6 +33,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationInterface;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSupported;
@@ -56,13 +57,13 @@ public class RequestManager {
handler.add(new ArtifactResolution());
}
- public SLOInformationInterface handle(InboundMessage obj, HttpServletRequest req, HttpServletResponse resp, IAuthData authData)
+ public SLOInformationInterface handle(PVPTargetConfiguration pvpRequest, HttpServletRequest req, HttpServletResponse resp, IAuthData authData)
throws SAMLRequestNotSupported, MOAIDException {
Iterator<IRequestHandler> it = handler.iterator();
while(it.hasNext()) {
IRequestHandler handler = it.next();
- if(handler.handleObject(obj)) {
- return handler.process(obj, req, resp, authData);
+ if(handler.handleObject(pvpRequest.getRequest())) {
+ return handler.process(pvpRequest, req, resp, authData);
}
}