aatributes

6 files changed, 108 insertions, 74 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 91326a51d..d33b33c77 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -33,88 +33,96 @@ public class AuthenticationRequest implements IAction {
 
 
     private VelocityEngine velocityEngine;
-    private AuthenticationSession moaSession;
-    private MOASTORKRequest moaStorkRequest;
+    private AuthenticationSession moaSession = null;
+    private MOASTORKRequest moaStorkRequest = null;
 
 
     public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException {
 
         this.moaSession = moasession;
-        this.moaStorkRequest = (MOASTORKRequest) req;
 
-        if (moasession.getUseMandate()) {
-            try {
-                MISMandate mandate = moasession.getMISMandate();
-                String owbpk = mandate.getOWbPK();
-                byte[] mand = mandate.getMandate();
-                String profprep = mandate.getProfRep();
-                //String textdesc = mandate.getTextualDescriptionOfOID();
-                Element mndt = moasession.getMandate();
-
-                iterate(mndt.getAttributes());
-                Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
-            } catch (Exception x) {
-                Logger.debug("There is no mandate used in transaction");
+        if (req instanceof MOASTORKRequest) {
+
+            this.moaStorkRequest = (MOASTORKRequest) req;
+
+
+            if (moasession.getUseMandate()) {
+                try {
+                    MISMandate mandate = moasession.getMISMandate();
+                    String owbpk = mandate.getOWbPK();
+                    byte[] mand = mandate.getMandate();
+                    String profprep = mandate.getProfRep();
+                    //String textdesc = mandate.getTextualDescriptionOfOID();
+                    Element mndt = moasession.getMandate();
+
+                    iterate(mndt.getAttributes());
+                    Logger.debug("mandate encoded: " + new String(org.bouncycastle.util.encoders.Base64.encode(mand)));
+                } catch (Exception x) {
+                    Logger.debug("There is no mandate used in transaction");
+                }
             }
-        }
 
 
-        Logger.debug("Starting AuthenticationRequest");
-        httpResp.reset();
+            Logger.debug("Starting AuthenticationRequest");
+            httpResp.reset();
 
-        STORKAuthnResponse authnResponse = new STORKAuthnResponse();
-        authnResponse.setCountry(((MOASTORKRequest) req).getStorkAuthnRequest().getSpCountry());
+            STORKAuthnResponse authnResponse = new STORKAuthnResponse();
+            authnResponse.setCountry(moaStorkRequest.getStorkAuthnRequest().getSpCountry());
 
 
-        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
-        if (oaParam == null)
-            throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+            OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
+            if (oaParam == null)
+                throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
 
 
-        // Prepare basic AT attributes
-        try {
-            IPersonalAttributeList moaAttrList = moasession.getStorkAttributes();
-            Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size());
+            // Prepare basic AT attributes
+            try {
+                IPersonalAttributeList moaAttrList = moasession.getStorkAttributes();
+                Logger.info("Found number of moa personal attributes: " + moasession.getStorkAttributes().size());
 
 
-            for (PersonalAttribute personalAttribute : moaAttrList) {
-                Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus());
-                if (personalAttribute.getValue().size() > 0) {
-                    for (String value : personalAttribute.getValue()) {
-                        Logger.info("     Value found: " + value);
+                for (PersonalAttribute personalAttribute : moaAttrList) {
+                    Logger.info("Personal attribute found: " + personalAttribute.getName() + personalAttribute.getStatus());
+                    if (personalAttribute.getValue().size() > 0) {
+                        for (String value : personalAttribute.getValue()) {
+                            Logger.info("     Value found: " + value);
+                        }
                     }
                 }
-            }
 
-        } catch (Exception e) {
-            Logger.error("Exception, attributes: " + e.getMessage());
-        }
+            } catch (Exception e) {
+                Logger.error("Exception, attributes: " + e.getMessage());
+            }
 
-        // Get personal attributtes from MOA/IdentityLink
-        authnResponse.setPersonalAttributeList(populateAttributes());
+            // Get personal attributtes from MOA/IdentityLink
+            authnResponse.setPersonalAttributeList(populateAttributes());
 
-        // Prepare extended attributes
-        Logger.debug("Preparing data container");
+            // Prepare extended attributes
+            Logger.debug("Preparing data container");
 
-        // create fresh container
-        DataContainer container = new DataContainer();
+            // create fresh container
+            DataContainer container = new DataContainer();
 
-        // - fill in the request we extracted above
-        container.setRequest(((MOASTORKRequest) req).getStorkAuthnRequest());
+            // - fill in the request we extracted above
+            container.setRequest(moaStorkRequest.getStorkAuthnRequest());
 
-        // - fill in the partial response created above
-        container.setResponse(authnResponse);
+            // - fill in the partial response created above
+            container.setResponse(authnResponse);
 
-        // - memorize the target url were we have to return the result
-        container.setTarget(((MOASTORKRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL());
+            // - memorize the target url were we have to return the result
+            container.setTarget(moaStorkRequest.getStorkAuthnRequest().getAssertionConsumerServiceURL());
 
-        container.setRemoteAddress(httpReq.getRemoteAddr());
+            container.setRemoteAddress(httpReq.getRemoteAddr());
 
 
-        Logger.debug("Data container prepared");
+            Logger.debug("Data container prepared");
 
-        return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
+            return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam);
 
+        } else {
+            Logger.error("Could not recognize request.");
+            throw new MOAIDException("stork.15", null);
+        }
     }
 
     public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
index 669a9389b..9c0869d97 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoNoRedirectAttributeProvider.java
@@ -20,7 +20,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
-	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession)
 			throws UnsupportedAttributeException {
 		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
@@ -31,7 +30,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
-	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) {
 		// TODO Auto-generated method stub
 		return null;
@@ -40,7 +38,6 @@ public class DemoNoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 	 */
-	@Override
 	public void performRedirect(String url, String citizenCountyCode,
 			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
 		// we should not get here
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
index 2f6b69075..26fc00406 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DemoRedirectAttributeProvider.java
@@ -20,7 +20,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)
 	 */
-	@Override
 	public IPersonalAttributeList acquire(PersonalAttribute attributeName, AuthenticationSession moasession)
 			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {
 		throw new ExternalAttributeRequestRequiredException(this);
@@ -29,7 +28,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)
 	 */
-	@Override
 	public IPersonalAttributeList parse(HttpServletRequest httpReq) {
 		PersonalAttributeList requestedAttributes = new PersonalAttributeList(1);
 		requestedAttributes.add(new PersonalAttribute("sepp", true, new ArrayList<String>(), ""));
@@ -39,7 +37,6 @@ public class DemoRedirectAttributeProvider implements AttributeProvider {
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
 	 */
-	@Override
 	public void performRedirect(String url, String citizenCountyCode,
 			HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) {
 		// we should not get here
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
new file mode 100644
index 000000000..7665bb239
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MISAttributeProvider.java
@@ -0,0 +1,27 @@
+package at.gv.egovernment.moa.id.protocols.stork2;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Implements Attribute Provider for Mandates
+ */
+public class MISAttributeProvider implements AttributeProvider {
+    public IPersonalAttributeList acquire(PersonalAttribute attributes, AuthenticationSession moasession) throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException, MOAIDException {
+        return null;  //
+    }
+
+    public void performRedirect(String url, String citizenCountyCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {
+        //
+    }
+
+    public IPersonalAttributeList parse(HttpServletRequest httpReq) throws UnsupportedAttributeException, MOAIDException {
+        return null;  //
+    }
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
index 8c7fd8706..1776d958c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/MOASTORKRequest.java
@@ -1,11 +1,13 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
 
 /**
- * Implements MOA request and stores StorkAuthnRequest related data
+ * Implements MOA request and stores StorkAuthn/Attr-Request related data
  *
  * @author bsuzic
  */
@@ -32,7 +34,6 @@ public class MOASTORKRequest implements IRequest {
         if (request != null) {
             isAttrRequest = true;
         }
-
     }
 
     public boolean isAttrRequest() {
@@ -49,8 +50,14 @@ public class MOASTORKRequest implements IRequest {
     }
 
     public String getOAURL() {
-
-        return storkAuthnRequest.getAssertionConsumerServiceURL();
+        if (isAuthnRequest)
+            return storkAuthnRequest.getAssertionConsumerServiceURL();
+        else if (isAttrRequest)
+            return storkAttrQueryRequest.getAssertionConsumerServiceURL();
+        else {
+            Logger.error("There is no authentication or attribute request contained in MOASTORKRequest.");
+            return null;
+        }
     }
 
     public boolean isPassiv() {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 3b9a5bc29..e68b66510 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -6,9 +6,7 @@ import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IModulInfo;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.logging.Logger;
-import eu.stork.peps.auth.commons.PEPSUtil;
-import eu.stork.peps.auth.commons.STORKAttrQueryRequest;
-import eu.stork.peps.auth.commons.STORKAuthnRequest;
+import eu.stork.peps.auth.commons.*;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
@@ -93,14 +91,15 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
         }
 
         //Get SAMLEngine instance
-        STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming");
+        STORKSAMLEngine authnEngine = STORKSAMLEngine.getInstance("incoming");
+        STORKSAMLEngine attrEngine = STORKSAMLEngine.getInstance("incoming_attr");
 
         STORKAuthnRequest authnRequest = null;
         STORKAttrQueryRequest attrRequest = null;
 
         // check if valid authn request is contained
         try {
-            authnRequest = engine.validateSTORKAuthnRequest(decSamlToken);
+            authnRequest = authnEngine.validateSTORKAuthnRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
             Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
         }
@@ -108,17 +107,16 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
 
         // check if a valid attr request is container
         try {
-            attrRequest = engine.validateSTORKAttrQueryRequest(decSamlToken);
+            attrRequest = attrEngine.validateSTORKAttrQueryRequest(decSamlToken);
         } catch (STORKSAMLEngineException ex) {
             Logger.error("Unable to validate Stork AuthenticationRequest: " + ex.getMessage());
         }
 
-
-        Logger.error("acsu " + authnRequest.getAssertionConsumerServiceURL());
-        Logger.error("cc " + authnRequest.getCitizenCountryCode());
-        Logger.error("iss " + authnRequest.getIssuer());
-        Logger.error("spid " + authnRequest.getSPID());
-        Logger.error("spi " + authnRequest.getSpInstitution());
+        // if there is no authn or attr request, raise error
+        if ((authnRequest == null) && (attrRequest == null)) {
+            Logger.error("There is no authentication or attribute request contained.");
+            throw new MOAIDException("stork.14", null);
+        }
 
         STORK2Request.setSTORKAuthnRequest(authnRequest);
         STORK2Request.setSTORKAttrRequest(attrRequest);