diff options
| author | Bojan Suzic <bojan.suzic@iaik.tugraz.at> | 2014-02-26 17:21:59 +0100 | 
|---|---|---|
| committer | Bojan Suzic <bojan.suzic@iaik.tugraz.at> | 2014-02-26 17:21:59 +0100 | 
| commit | 11e26b97a643704f17f34e7424269325ed51472d (patch) | |
| tree | 3df48db84c622692ceebdb821f59e44f1ffb962b /id/server/idserverlib/src/main/java | |
| parent | 0e38238f9e08b59d3feb47a38b172f82d7f90c64 (diff) | |
| download | moa-id-spss-11e26b97a643704f17f34e7424269325ed51472d.tar.gz moa-id-spss-11e26b97a643704f17f34e7424269325ed51472d.tar.bz2 moa-id-spss-11e26b97a643704f17f34e7424269325ed51472d.zip | |
adjusting attribute collector
Diffstat (limited to 'id/server/idserverlib/src/main/java')
4 files changed, 215 insertions, 284 deletions
| diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index fcef1487e..bc5a0c0c6 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -1,11 +1,9 @@  package at.gv.egovernment.moa.id.protocols.stork2; -import java.util.ArrayList; -import java.util.List; -  import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;  import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;  import at.gv.egovernment.moa.id.auth.exception.MOAIDException; +import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;  import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;  import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;  import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; @@ -13,169 +11,240 @@ import at.gv.egovernment.moa.id.moduls.IAction;  import at.gv.egovernment.moa.id.moduls.IRequest;  import at.gv.egovernment.moa.id.storage.AssertionStorage;  import at.gv.egovernment.moa.logging.Logger; +import eu.stork.peps.auth.commons.IPersonalAttributeList; +import eu.stork.peps.auth.commons.PersonalAttribute; +import eu.stork.peps.auth.commons.STORKAuthnRequest; +import eu.stork.peps.auth.commons.STORKAuthnResponse; +import eu.stork.peps.auth.engine.STORKSAMLEngine; +import eu.stork.peps.exceptions.STORKSAMLEngineException; +import org.apache.commons.io.IOUtils; +import org.apache.velocity.Template; +import org.apache.velocity.VelocityContext; +import org.apache.velocity.app.VelocityEngine; +import org.opensaml.common.impl.SecureRandomIdentifierGenerator;  import javax.servlet.http.HttpServletRequest;  import javax.servlet.http.HttpServletResponse; - -import org.opensaml.common.impl.SecureRandomIdentifierGenerator; - -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PersonalAttribute; +import javax.servlet.http.HttpSession; +import java.io.IOException; +import java.io.StringWriter; +import java.util.ArrayList; +import java.util.List;  /**   * the AttributeCollector Action tries to get all requested attributes from a set of {@link AttributeProvider} Plugins.   * The class is called whenever the {@link AuthenticationRequest} Action is invoked and checks for missing attributes.   * Furthermore, the class can handle direct posts. That is when the class triggers an attribute query which needs user   * interaction, redirect to another portal, etc. The redirect will hit here and the class can continue to fetch attributes. - *  + * <p/>   * TODO how do we treat mandatory and optional attributes? - *    */  public class AttributeCollector implements IAction { -	 -	/** The Constant ARTIFACT_ID. */ -	private static final String ARTIFACT_ID = "artifactId"; -	 + +    /** +     * The Constant ARTIFACT_ID. +     */ +    private static final String ARTIFACT_ID = "artifactId"; +    private DataContainer container; +    private HttpServletResponse httpResp; + +      /* (non-Javadoc)       * @see at.gv.egovernment.moa.id.moduls.IAction#processRequest(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, at.gv.egovernment.moa.id.auth.data.AuthenticationSession)       */      public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { -		// read configuration parameters of OA -		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); -		if (oaParam == null) -			throw new AuthenticationException("stork.12", new Object[] { moasession.getPublicOAURLPrefix() }); - -    	// find the attribute provider plugin that can handle the response -		IPersonalAttributeList newAttributes = null; -		for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) -			try { -				newAttributes = current.parse(httpReq); -			} catch (UnsupportedAttributeException e1) { -				// the current provider cannot find anything familiar within the -				// provided httpreq. Try the next one. -			} - -		if (null == newAttributes) { -			// we do not have a provider which is capable of fetching something -			// from the received httpreq. -			// TODO should we continue with the next attribute? -			Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); -			throw new MOAIDException("stork.11", null); -		} - -    	// - fetch the container -		String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); -		DataContainer container; -		try { -			container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); -		} catch (MOADatabaseException e) { -			Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); -			throw new MOAIDException("stork.11", null); -		} - -    	// - insert the embedded attribute(s) into the container -		for(PersonalAttribute current : newAttributes) -			container.getResponse().getPersonalAttributeList().add(current); -    	 -    	// see if we need some more attributes -    	return processRequest(container, httpReq, httpResp, moasession, oaParam); +        this.httpResp = httpResp; + +        // read configuration parameters of OA +        OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix()); +        if (oaParam == null) +            throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()}); + +        // find the attribute provider plugin that can handle the response +        IPersonalAttributeList newAttributes = null; +        for (AttributeProvider current : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) +            try { +                newAttributes = current.parse(httpReq); +            } catch (UnsupportedAttributeException e1) { +                // the current provider cannot find anything familiar within the +                // provided httpreq. Try the next one. +            } + +        if (null == newAttributes) { +            // we do not have a provider which is capable of fetching something +            // from the received httpreq. +            // TODO should we continue with the next attribute? +            Logger.error("No attribute could be retrieved from the response the attribute provider gave us."); +            throw new MOAIDException("stork.11", null); +        } + +        // - fetch the container +        String artifactId = (String) httpReq.getAttribute(ARTIFACT_ID); +        DataContainer container; +        try { +            container = AssertionStorage.getInstance().get(artifactId, DataContainer.class); +        } catch (MOADatabaseException e) { +            Logger.error("Error fetching incomplete Stork response from temporary storage. Most likely a timeout occured.", e); +            throw new MOAIDException("stork.11", null); +        } + +        // - insert the embedded attribute(s) into the container +        for (PersonalAttribute current : newAttributes) +            container.getResponse().getPersonalAttributeList().add(current); + +        // see if we need some more attributes +        return processRequest(container, httpReq, httpResp, moasession, oaParam);      } -     +      /**       * Checks if there are missing attributes and tries to fetch them. If there are no more attribute to fetch,       * this very method creates and sends the protocol result to the asking S-PEPS.       *       * @param container the {@link DataContainer} representing the status of the overall query.       * @return the string -     * @throws MOAIDException  +     * @throws MOAIDException       */      public String processRequest(DataContainer container, HttpServletRequest request, HttpServletResponse response, AuthenticationSession moasession, OAAuthParameter oaParam) throws MOAIDException { -    	// check if there are attributes we need to fetch -    	IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); -    	IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); -    	List<PersonalAttribute> missingAttributes = new ArrayList<PersonalAttribute>(); -    	for(PersonalAttribute current : requestAttributeList) -    		if(!responseAttributeList.containsKey(current)) -    			missingAttributes.add(current); -    	 -    	try { -	    	// for each attribute still missing -	    	for(PersonalAttribute currentAttribute : missingAttributes) { -	    	// - check if we can find a suitable AttributeProvider Plugin -				for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { -					try { -						// - hand over control to the suitable plugin -						IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); - -						// - add the aquired attribute to the container -						for(PersonalAttribute current : aquiredAttributes) -							container.getResponse().getPersonalAttributeList().add(current); -					} catch(UnsupportedAttributeException e) { -						// ok, try the next attributeprovider -					} catch(MOAIDException e) { -						// the current plugin had an error. Try the next one. -						// TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop -					} -	 -	    		} -	    	} -		} catch (ExternalAttributeRequestRequiredException e) { -			// the attribute request is ongoing and requires an external service. -			try { -				// memorize the container again -				// - generate new key -				String newArtifactId = new SecureRandomIdentifierGenerator() -						.generateIdentifier();                                       /* -            Logger.debug("STORK QAA 2 :" + ((STORKAuthnRequestDEL) req).getStorkAuthnRequest().getQAALevel()); -            StartAuthResponse startAuthResponse = getStartAuthResponse(((STORKAuthnRequestDEL) req).getStorkAuthnRequest()); - -            HttpSession httpSession = httpReq.getSession(); -            httpSession.setAttribute("STORKSessionID", "12345"); -            httpResp.setStatus(startAuthResponse.getHttpStatusCode()); -            try { -                ServletOutputStream os = httpResp.getOutputStream(); -                String html = new String(startAuthResponse.getContent()); - - -                if (html.contains("<![CDATA[")) { -                    Logger.info("-------- content contains <![CDATA[-----------------"); -                    Logger.info("-------- content contains html -----------------"); -                    Logger.info("HTML : " + html); -                    int beginIndex = html.indexOf("<![CDATA["); -                    int endIndex = html.indexOf("]]>"); -                    html = html.substring(beginIndex + 9, endIndex); -                    startAuthResponse.setContent(html.getBytes()); -                } -                Logger.info("HTML : " + html); +        // check if there are attributes we need to fetch +        this.httpResp = response; +        this.container = container; + +        IPersonalAttributeList requestAttributeList = container.getRequest().getPersonalAttributeList(); +        IPersonalAttributeList responseAttributeList = container.getResponse().getPersonalAttributeList(); +        List<PersonalAttribute> missingAttributes = new ArrayList<PersonalAttribute>(); +        for (PersonalAttribute current : requestAttributeList) +            if (!responseAttributeList.containsKey(current)) +                missingAttributes.add(current); + +        try { +            // for each attribute still missing +            for (PersonalAttribute currentAttribute : missingAttributes) { +                // - check if we can find a suitable AttributeProvider Plugin +                for (AttributeProvider currentProvider : AttributeProviderFactory.getConfiguredPlugins(oaParam.getStorkAPs())) { +                    try { +                        // - hand over control to the suitable plugin +                        IPersonalAttributeList aquiredAttributes = currentProvider.acquire(currentAttribute, moasession); + +                        // - add the aquired attribute to the container +                        for (PersonalAttribute current : aquiredAttributes) +                            container.getResponse().getPersonalAttributeList().add(current); +                    } catch (UnsupportedAttributeException e) { +                        // ok, try the next attributeprovider +                    } catch (MOAIDException e) { +                        // the current plugin had an error. Try the next one. +                        // TODO we might want to add the non-fetchable attribute as "NotAvailable" to prevent an infinite loop +                    } -                os.write(startAuthResponse.getContent()); -                Logger.info("Response sent to client"); -            } catch (IOException e) { -                Logger.error("ERROR MOA"); -                throw new MOAIDException("error response sending", new Object[]{}); +                } +            } +        } catch (ExternalAttributeRequestRequiredException e) { +            // the attribute request is ongoing and requires an external service. +            try { +                // memorize the container again +                // - generate new key +                String newArtifactId = new SecureRandomIdentifierGenerator() +                        .generateIdentifier(); +            } catch (Exception e1) { +                // TODO should we return the response as is to the PEPS? +                Logger.error("Error putting incomplete Stork response into temporary storage", e); +                throw new MOAIDException("stork.11", null);              } -            //httpSession.setAttribute("CCC", ccc); - -          */ -        }  catch (Exception e1) { -				// TODO should we return the response as is to the PEPS? -				Logger.error("Error putting incomplete Stork response into temporary storage", e); -				throw new MOAIDException("stork.11", null); -			} - -			return "12345"; // TODO what to do here? -		} -    	// build response -    	// done -    	return "12345"; // AssertionId + +            return "12345"; // TODO what to do here? +        } + +        // build response +        generateSTORKResponse(); + +        // set new http response +        generateRedirectResponse(); +        response = httpResp; + +        return "12345"; // AssertionId +    } + + +    private void generateSTORKResponse() throws MOAIDException { +        STORKAuthnResponse authnResponse = container.getResponse(); +        STORKAuthnRequest authnRequest = container.getRequest(); + +        try { +            //Get SAMLEngine instance +            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("vidp"); +            Logger.debug("Starting generation of SAML response"); +            authnResponse = engine.generateSTORKAuthnResponse(authnRequest, authnResponse, container.getRemoteAddress(), false); + +            //generateSAML Token +            Logger.info("SAML response succesfully generated!"); +        } catch (STORKSAMLEngineException e) { +            Logger.error("Failed to generate STORK SAML Response", e); +            throw new MOAIDException("stork.05", null); +        } + +        Logger.info("STORK SAML Response message succesfully generated "); +        String statusCodeValue = authnResponse.getStatusCode(); + +        try { +            Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); +            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works +            Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + +        } catch (IOException e) { +            e.printStackTrace(); +        } + +        container.setResponse(authnResponse); + +    } + + +    private void generateRedirectResponse() { +        STORKAuthnResponse authnResponse = container.getResponse(); +        STORKAuthnRequest authnRequest = container.getRequest(); + + +        // preparing redirection for the client + +        try { +            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); +            Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); +            VelocityContext context = new VelocityContext(); + +            context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); +            Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); + +            Logger.debug("Putting assertion consumer url as action: " + authnRequest.getAssertionConsumerServiceURL()); +            context.put("action", authnRequest.getAssertionConsumerServiceURL()); +            Logger.debug("Starting template merge"); +            StringWriter writer = new StringWriter(); + +            Logger.debug("Doing template merge"); +            template.merge(context, writer); +            Logger.debug("Template merge done"); + +            Logger.debug("Sending html content: " + writer.getBuffer().toString()); +            Logger.debug("Sending html content2  : " + new String(writer.getBuffer())); + + +            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); + +        } catch (Exception e) { +            Logger.error("Velocity error: " + e.getMessage()); +        } + +        //HttpSession httpSession = this.httpResp.getSession(); +        //httpSession.setAttribute("STORKSessionID", "12345"); +        //Logger.info("Status code again: " + authnResponse.getStatusCode()); + +        //return "12345"; // AssertionId      }      /* (non-Javadoc)       * @see at.gv.egovernment.moa.id.moduls.IAction#needAuthentication(at.gv.egovernment.moa.id.moduls.IRequest, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)       */      public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { -    	// this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action. +        // this action does not need any authentication. The authentication is already done by the preceding AuthenticationRequest-Action.          return false;      } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java index db3e12f43..b3f009ae2 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java @@ -59,41 +59,6 @@ public class AuthenticationRequest implements IAction {          Logger.debug("Remote user: " + httpReq.getRemoteAddr());          Logger.debug("Moa session: " + moasession.toString() + " " + moasession.getOAURLRequested() + " " + moasession.getPublicOAURLPrefix() + " " + moasession.getAction() + " " + moasession.getIdentityLink().getName() + " " + moasession.getTarget());          httpResp.reset(); -        //httpResp.addHeader("Location", "http:/www.google.com"); -        if (req instanceof MOASTORKAuthnRequest) { -          /* -            Logger.debug("STORK QAA 2 :" + ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getQAALevel()); -            StartAuthResponse startAuthResponse = getStartAuthResponse(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); - -            HttpSession httpSession = httpReq.getSession();                                       performRed -            httpSession.setAttribute("STORKSessionID", "12345"); -            httpResp.setStatus(startAuthResponse.getHttpStatusCode()); -            try { -                ServletOutputStream os = httpResp.getOutputStream(); -                String html = new String(startAuthResponse.getContent()); - - -                if (html.contains("<![CDATA[")) { -                    Logger.info("-------- content contains <![CDATA[-----------------"); -                    Logger.info("-------- content contains html -----------------"); -                    Logger.info("HTML : " + html); -                    int beginIndex = html.indexOf("<![CDATA["); -                    int endIndex = html.indexOf("]]>"); -                    html = html.substring(beginIndex + 9, endIndex); -                    startAuthResponse.setContent(html.getBytes()); -                } -                Logger.info("HTML : " + html); - -                os.write(startAuthResponse.getContent()); -                Logger.info("Response sent to client"); -            } catch (IOException e) { -                Logger.error("ERROR MOA"); -                throw new MOAIDException("error response sending", new Object[]{}); -            } -            //httpSession.setAttribute("CCC", ccc); - -          */ -        }          STORKAuthnResponse authnResponse = new STORKAuthnResponse();          authnResponse.setCountry("AT"); @@ -122,18 +87,15 @@ public class AuthenticationRequest implements IAction {              Logger.error("Exception, attributes: " + e.getMessage());          } +        // Get personal attributtes from MOA/IdentityLink          authnResponse.setPersonalAttributeList(populateAttributes());          // Prepare extended attributes          Logger.debug("Preparing data container"); -        //httpResp.setStatus(200); -        //VPEPSInboundPostHandler -                  // create fresh container          DataContainer container = new DataContainer(); -          // - fill in the request we extracted above          container.setRequest(((MOASTORKAuthnRequest) req).getStorkAuthnRequest()); @@ -146,90 +108,8 @@ public class AuthenticationRequest implements IAction {          Logger.debug("Data container prepared"); +        return (new AttributeCollector()).processRequest(container, httpReq, httpResp, moasession, oaParam); -        if (1==0) // test -        // see if we need to fetch further attributes -        return (new AttributeCollector()).processRequest(container, httpReq, httpResp, oaParam); - -        Logger.debug("Finished sending data container"); - - - - - - -        try { -            //Get SAMLEngine instance -            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("incoming"); -            Logger.debug("Starting generation of SAML response"); -            authnResponse = engine.generateSTORKAuthnResponse(((MOASTORKAuthnRequest)req).getStorkAuthnRequest(),authnResponse,httpReq.getRemoteAddr(),false); -            //generateSAML Token -            Logger.info("SAML response succesfully generated!"); -        }catch(STORKSAMLEngineException e){ -            Logger.error("Failed to generate STORK SAML Response", e); -            throw new MOAIDException("stork.05", null); -        } - -        Logger.info("STORK SAML Response message succesfully generated "); -        Logger.debug("STORK response: "); - -        Logger.debug("authn response string: " + authnResponse.toString()); - -        String statusCodeValue = authnResponse.getStatusCode(); -        Logger.debug("authn status code value: " + statusCodeValue); - -        try { -            Logger.debug("authn saml plain:" + authnResponse.getTokenSaml()); -            Logger.debug("authn saml string:" + new String(authnResponse.getTokenSaml())); // works -            Logger.debug("authn saml encodedx: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); - -        } catch (IOException e) { -            e.printStackTrace(); -        } - -        // preparing redirection for the client - -        try { -            VelocityEngine velocityEngine = VelocityProvider.getClassPathVelocityEngine(); -            Template template = velocityEngine.getTemplate("/resources/templates/stork2_postbinding_template.html"); -            VelocityContext context = new VelocityContext(); -            //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.decode(context.get("SAMLResponse").toString())); - -            //context.put("SAMLResponse", IOUtils.toString(authnResponse.getTokenSaml())); - -            context.put("SAMLResponse", new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); -            Logger.debug("SAMLResponse original: " + new String(org.bouncycastle.util.encoders.Base64.encode(IOUtils.toString(authnResponse.getTokenSaml()).getBytes()))); -            //Logger.info("Putting saml token in response: " + org.bouncycastle.util.encoders.Base64.encode(context.get("SAMLResponse").toString().getBytes())); - -            Logger.debug("Putting assertion consumer url as action: " + ((MOASTORKAuthnRequest)req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); -            context.put("action", ((MOASTORKAuthnRequest) req).getStorkAuthnRequest().getAssertionConsumerServiceURL()); -            Logger.debug("Starting template merge"); -            StringWriter writer = new StringWriter(); -            //PrintWriter pwriter = new StringWriter(); - -            Logger.debug("Doing template merge"); -            template.merge(context, writer); -            Logger.debug("Template merge done"); - -            Logger.debug("Sending html content: " + writer.getBuffer().toString()); -            Logger.debug("Sending html content2  : " + new String(writer.getBuffer())); - - - -            httpResp.getOutputStream().write(writer.getBuffer().toString().getBytes()); - -        } catch (Exception e) { -            Logger.error("Velocity error: " + e.getMessage()); -        } - -        HttpSession httpSession = httpReq.getSession(); -        httpSession.setAttribute("STORKSessionID", "12345"); -        Logger.info("Status code again: " + authnResponse.getStatusCode()); - - - - -        return "12345"; // AssertionId      }      public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp) { @@ -249,42 +129,17 @@ public class AuthenticationRequest implements IAction {          try {              for (PersonalAttribute personalAttribute : attrLst) {                  Logger.debug("Personal attribute found in request: " + personalAttribute.getName() + " isRequired: " + personalAttribute.isRequired()); -                  moaAttributeProvider.populateAttribute(attributeList, personalAttribute); - -     //           if ("givenName".equals(personalAttribute.getName())) { -     //               Logger.debug("Providing new attribute: " + personalAttribute.getName()); -     //               PersonalAttribute newAttribute = new PersonalAttribute(); -     //               newAttribute.setName("givenName"); -     //               newAttribute.setValue(new ArrayList<String>(Collections.singletonList(moaSession.getIdentityLink().getGivenName()))); -     //               attributeList.add(newAttribute); -    //            } -              }          }  catch (Exception e) {              Logger.error("Exception, attributes: " + e.getMessage());          } -          Logger.debug("AUTHBLOCK " + moaSession.getAuthBlock());          Logger.debug("TARGET " + moaSession.getTarget() + " " + moaSession.getTargetFriendlyName()); - -          Logger.debug("SESSION IDENTIFIER " + moaSession.getCcc() + " " + moaSession.getDomainIdentifier()); - -          Logger.debug("AUTHBLOCKTOKKEN" + moaSession.getAuthBlockTokken()); -        // moaAttributeProvider.populateAttribute(attributeList, personalAttribute.getName()); - -    //    moaAttributeProvider.populateAttribute(attributeList, "givenName"); - -    //    moaAttributeProvider.populateAttribute(attributeList, "surname"); - -    //    moaAttributeProvider.populateAttribute(attributeList, "xxname"); - -    //    moaAttributeProvider.populateAttribute(attributeList, "dateOfBirth"); -          return attributeList;      } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java index 40c827ef8..44ad0000a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/DataContainer.java @@ -22,8 +22,9 @@ public class DataContainer implements Serializable {  	/** The target. */  	private String target; -	 -	/** +    private String remoteAddress; + +    /**  	 * Gets the request.  	 *  	 * @return the request @@ -76,4 +77,13 @@ public class DataContainer implements Serializable {  	public void setTarget(String target) {  		this.target = target;  	} +     +    /* +     Sets IP address +     */ +    public void setRemoteAddress(String address) { this.remoteAddress = address; } +    public String getRemoteAddress() { +        return this.remoteAddress; +    } +      } diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java index bd6f192dc..4314e666e 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/StorkAttributeRequestProvider.java @@ -47,7 +47,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider {  	/* (non-Javadoc)  	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#acquire(java.lang.String)  	 */ -	@Override  	public IPersonalAttributeList acquire(PersonalAttribute attribute, AuthenticationSession moasession)  			throws UnsupportedAttributeException, ExternalAttributeRequestRequiredException {  		requestedAttributes = new PersonalAttributeList(1); @@ -58,7 +57,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider {  	/* (non-Javadoc)  	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#parse(javax.servlet.http.HttpServletRequest)  	 */ -	@Override  	public IPersonalAttributeList parse(HttpServletRequest httpReq) throws MOAIDException, UnsupportedAttributeException {  		Logger.debug("Beginning to extract SAMLResponse out of HTTP Request"); @@ -91,7 +89,6 @@ public class StorkAttributeRequestProvider implements AttributeProvider {  	/* (non-Javadoc)  	 * @see at.gv.egovernment.moa.id.protocols.stork2.AttributeProvider#performRedirect(java.lang.String)  	 */ -	@Override  	public void performRedirect(String url, String citizenCountryCode, HttpServletRequest req, HttpServletResponse resp, OAAuthParameter oaParam) throws MOAIDException {      	String spSector = "Business"; | 
