aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at
diff options
context:
space:
mode:
authorAlexander Marsalek <amarsalek@iaik.tugraz.at>2014-10-31 16:26:19 +0100
committerAlexander Marsalek <amarsalek@iaik.tugraz.at>2014-10-31 16:26:19 +0100
commitbce35f534b42d77cdaf1ab8e861237d1cf2f1191 (patch)
tree4daf3b9a89647ff08ddd6414b7ccddd59db5e5d5 /id/server/idserverlib/src/main/java/at
parent9c6fece57add83ce29e6ba1acc55a11d2ed89fc0 (diff)
parent2886006ba2ca141377e66a330df5fc52797c2755 (diff)
downloadmoa-id-spss-bce35f534b42d77cdaf1ab8e861237d1cf2f1191.tar.gz
moa-id-spss-bce35f534b42d77cdaf1ab8e861237d1cf2f1191.tar.bz2
moa-id-spss-bce35f534b42d77cdaf1ab8e861237d1cf2f1191.zip
Merge branch 'merge' into moa-2.1-Snapshot
Diffstat (limited to 'id/server/idserverlib/src/main/java/at')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java24
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java17
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java18
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java15
7 files changed, 60 insertions, 23 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 48933d5c9..5c0e497a3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -364,8 +364,28 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
authData.setIdentificationType(extractor.getSingleAttributeValue(PVPConstants.EID_SOURCE_PIN_TYPE_NAME));
if (extractor.containsAttribute(PVPConstants.BPK_NAME)) {
- String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME);
- authData.setBPK(pvpbPK.split(":")[1]);
+ String pvpbPK = extractor.getSingleAttributeValue(PVPConstants.BPK_NAME);
+ String[] spitted = pvpbPK.split(":");
+ authData.setBPK(spitted[1]);
+ if (MiscUtil.isEmpty(authData.getBPKType())) {
+ Logger.debug("PVP assertion contains NO bPK/wbPK target attribute. " +
+ "Starting target extraction from bPK/wbPK prefix ...");
+ //exract bPK/wbPK type from bpk attribute value prefix if type is
+ //not transmitted as single attribute
+ Pattern pattern = Pattern.compile("[a-zA-Z]{2}(-[a-zA-Z]+)?");
+ Matcher matcher = pattern.matcher(spitted[0]);
+ if (matcher.matches()) {
+ //find public service bPK
+ authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + spitted[0]);
+ Logger.debug("Found bPK prefix. Set target to " + authData.getBPKType());
+
+ } else {
+ //find business service wbPK
+ authData.setBPKType(Constants.URN_PREFIX_WBPK+ "+" + spitted[0]);
+ Logger.debug("Found wbPK prefix. Set target to " + authData.getBPKType());
+
+ }
+ }
}
boolean foundEncryptedbPKForOA = false;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index a2570ed7e..063d7d8e4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -277,11 +277,10 @@ public class BPKBuilder {
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] hash = md.digest(basisbegriff.getBytes("ISO-8859-1"));
String hashBase64 = Base64Utils.encode(hash);
- Logger.debug("STORK identification defined as: " + hashBase64);
return hashBase64;
} catch (Exception ex) {
- throw new BuildException("builder.00", new Object[]{"storkid", ex.toString()}, ex);
+ throw new BuildException("builder.00", new Object[]{"bPK/wbPK", ex.toString()}, ex);
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
index dbf54951f..0a8a6a581 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/MetadataAction.java
@@ -194,7 +194,7 @@ public class MetadataAction implements IAction {
.createSAMLObject(SPSSODescriptor.class);
spSSODescriptor.setAuthnRequestsSigned(true);
- spSSODescriptor.setWantAssertionsSigned(true);
+ spSSODescriptor.setWantAssertionsSigned(false);
//Set AuthRequest Signing certificate
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
index 8b6e71e6b..3d8661143 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
@@ -150,14 +150,14 @@ public class PVPAttributeBuilder {
}
public static Attribute buildAttribute(String name, OAAuthParameter oaParam,
- IAuthData authData) throws PVP2Exception {
+ IAuthData authData) throws PVP2Exception, AttributeException {
if (builders.containsKey(name)) {
try {
return builders.get(name).build(oaParam, authData, generator);
}
catch (AttributeException e) {
if (e instanceof UnavailableAttributeException) {
- throw new UnprovideableAttributeException(((UnavailableAttributeException) e).getAttributeName());
+ throw e;
} else if (e instanceof InvalidDateFormatAttributeException) {
throw new InvalidDateFormatException();
} else if (e instanceof NoMandateDataAttributeException) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 3b01e91ad..b301b6e5e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -70,6 +70,8 @@ import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationImpl;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.UnavailableAttributeException;
import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMandateDataAvailableException;
@@ -251,10 +253,21 @@ public class PVP2AssertionBuilder implements PVPConstants {
} else {
attrList.add(attr);
}
+
+ } catch (UnavailableAttributeException e) {
+ Logger.info(
+ "Attribute generation for "
+ + reqAttribut.getFriendlyName() + " not possible.");
+ if (reqAttribut.isRequired()) {
+ throw new UnprovideableAttributeException(
+ reqAttribut.getName());
+ }
+
+
} catch (PVP2Exception e) {
- Logger.error(
+ Logger.warn(
"Attribute generation failed! for "
- + reqAttribut.getFriendlyName(), e);
+ + reqAttribut.getFriendlyName());
if (reqAttribut.isRequired()) {
throw new UnprovideableAttributeException(
reqAttribut.getName());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 7d3c72630..65e520cc3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -36,8 +36,6 @@ import javax.xml.transform.TransformerException;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;
-import com.sun.xml.bind.marshaller.NamespacePrefixMapper;
-
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
@@ -235,14 +233,14 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
Marshaller m = jc.createMarshaller();
m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
- m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() {
- public String getPreferredPrefix(String arg0, String arg1, boolean arg2) {
- if (Constants.PD_NS_URI.equals(arg0))
- return Constants.PD_PREFIX;
- else
- return arg1;
- }
- });
+// m.setProperty("com.sun.xml.bind.namespacePrefixMapper", new NamespacePrefixMapper() {
+// public String getPreferredPrefix(String arg0, String arg1, boolean arg2) {
+// if (Constants.PD_NS_URI.equals(arg0))
+// return Constants.PD_PREFIX;
+// else
+// return arg1;
+// }
+// });
ByteArrayOutputStream stream = new ByteArrayOutputStream();
m.marshal(
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
index 021eaee37..aaded0ce6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOAAttributeProvider.java
@@ -36,12 +36,17 @@ import eu.stork.peps.auth.commons.STORKStatusCode;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import org.joda.time.format.DateTimeFormat;
+import org.joda.time.format.DateTimeFormatter;
+
import javassist.expr.Instanceof;
/**
@@ -65,7 +70,7 @@ public class MOAAttributeProvider {
Map<String, String> tempFunctionMap = new HashMap<String, String>();
tempFunctionMap.put("eIdentifier", "geteIdentifier");
tempFunctionMap.put("ECApplicationRole","getECApplicationRole");
- tempSimpleMap.put("dateOfBirth", "getFormatedDateOfBirth");
+ tempFunctionMap.put("dateOfBirth", "getFormatedDateOfBirth");
storkAttributeFunctionMapping = Collections.unmodifiableMap(tempFunctionMap);
}
@@ -116,7 +121,7 @@ public class MOAAttributeProvider {
private List<String> getECApplicationRole() {
List<String> storkRoles = null;
- if (true || authData.getAuthenticationRoles() != null
+ if (authData.getAuthenticationRoles() != null
&& authData.getAuthenticationRoles().size() > 0) {
storkRoles = new ArrayList<String>();
@@ -132,9 +137,11 @@ public class MOAAttributeProvider {
}
private String getFormatedDateOfBirth() {
- if (authData.getDateOfBirth() != null)
- return authData.getFormatedDateOfBirth();
+ if (authData.getDateOfBirth() != null) {
+ DateFormat fmt = new SimpleDateFormat("yyyyMMdd");
+ return fmt.format(authData.getDateOfBirth());
+ }
else
return null;