* Update sourceID Parameter

* Blacklist-Übergabe an iaik-moa * iaik-moa.jar zu repository hinzugefügt git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@1250 d688527b-c9ab-4aba-bd8d-4036d912da1d
author: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2012-02-16 19:03:20 +0000
committer: kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> 2012-02-16 19:03:20 +0000
commit: 92709b7a3e7c18583e127d2160cfd96361ac035b (patch)
tree: ef9c5b9f6e6211eb95d75d196c79d32cdbd901d8 /id/server/idserverlib/src/main/java
parent: 99ecae7954643c971d8a789a196a5d246507a83e (diff)
download: moa-id-spss-92709b7a3e7c18583e127d2160cfd96361ac035b.tar.gz
moa-id-spss-92709b7a3e7c18583e127d2160cfd96361ac035b.tar.bz2
moa-id-spss-92709b7a3e7c18583e127d2160cfd96361ac035b.zip
4 files changed, 45 insertions, 39 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 5eb23cabc..093d22732 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1538,7 +1538,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
               session.getBkuURL(),
               session.getAssertionSignerCertificateBase64(),
               session.getAssertionBusinessService(),
-              session.getSourceID(),
               session.getExtendedSAMLAttributesOA());
           authData.setSamlAssertion(samlAssertion);
           
@@ -1554,7 +1553,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 			} 
     
           String samlArtifact =
-          	new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
+          	new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID());
           storeAuthenticationData(samlArtifact, authData);
           
           // invalidates the authentication session
@@ -1717,7 +1716,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     	} 
     
     	String samlArtifact =
-          	new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
+          	new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID());
         storeAuthenticationData(samlArtifact, authData);
           
           // invalidates the authentication session
@@ -1816,7 +1815,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
           session.getBkuURL(),
           session.getAssertionSignerCertificateBase64(),
           session.getAssertionBusinessService(),
-          session.getSourceID(),
           session.getExtendedSAMLAttributesOA());
       authData.setSamlAssertion(samlAssertion);
       
@@ -1832,7 +1830,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		} 
 
       String samlArtifact =
-      	new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
+      	new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID(), session.getSourceID());
       storeAuthenticationData(samlArtifact, authData);
       
       // invalidates the authentication session
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
index 410d045f0..bcad65eed 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java
@@ -114,25 +114,5 @@ public class AuthenticationAssertionBuilder {
    return sb.toString();
   }
   
-  /**
-   * Builds the SAML attributes to be appended to the AUTHBlock or to the SAML assertion 
-   * delivered to the online application.
-   * The method traverses through the list of given SAML attribute objects and builds an 
-   * XML structure (String representation) for each of the attributes. 
-   * 
-   * @param extendedSAMLAttributes The SAML attributes to be appended to the AUTHBlock or  
-   *                               to the SAML assertion delivered to the online application.
-   * @return                       A string representation including the XML structures of
-   *                               the SAML attributes.
-   *                               
-   * @throws ParseException        If an error occurs on serializing an SAML attribute.
-   */
-  protected String buildSourceIDSAMLAttributes(String sourceID) throws ParseException {
-    StringBuffer sb = new StringBuffer();
-    if (sourceID!=null)       
-          sb.append(MessageFormat.format( SAML_ATTRIBUTE_NO_NAMESPACE, new Object[] {"SourceID", sourceID}));
-
-    return sb.toString();
-  }
-
+ 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
index 7032e09eb..b9e44544d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
@@ -72,7 +72,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
       "{10}" +      
 	  "{11}" + 
       "{12}" +
-      "{13}" +      
 	  "	</saml:AttributeStatement>" + NL +
 	  "</saml:Assertion>";
 	
@@ -107,7 +106,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
       "{11}" +
 	  "{12}" + 
       "{13}" +
-      "{14}" +
 	  "	</saml:AttributeStatement>" + NL +
 	  "</saml:Assertion>";
 	/**
@@ -158,7 +156,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
     String bkuURL,
     String signerCertificateBase64,
     boolean businessService,
-    String sourceID,
     List extendedSAMLAttributes) 
   throws BuildException 
   {
@@ -210,7 +207,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
         StringUtils.removeXMLDeclaration(xmlPersonData), 
         isQualifiedCertificate,
         bkuURL,
-        buildSourceIDSAMLAttributes(sourceID),
         publicAuthorityAttribute,
         signerCertificateAttribute,
         buildExtendedSAMLAttributes(extendedSAMLAttributes)});
@@ -301,7 +297,6 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
         StringUtils.removeXMLDeclaration(xmlMandateData),
         isQualifiedCertificate,
         bkuURL,
-        buildSourceIDSAMLAttributes(sourceID),
         publicAuthorityAttribute,
         signerCertificateAttribute,
         buildExtendedSAMLAttributes(extendedSAMLAttributes)});
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
index 41e4cd37d..145664a2b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilder.java
@@ -67,7 +67,7 @@ public class SAMLArtifactBuilder {
    *                   of <code>AssertionHandle</code>
    * @return the 42-byte SAML artifact, encoded BASE64
    */
-  public String build(String authURL, String sessionID) throws BuildException {
+  public String build(String authURL, String sessionID, String sourceIdParam) throws BuildException {
     try {
       MessageDigest md = MessageDigest.getInstance("SHA-1");
       byte[] sourceID;
@@ -77,16 +77,45 @@ public class SAMLArtifactBuilder {
       //System.out.println("alternativeSourceID: " + alternativeSourceID);
       //System.out.println("authURL: " + authURL);
       
-      if (!ParepUtils.isEmpty(alternativeSourceID)) {
-        // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL;
-        sourceID = md.digest(alternativeSourceID.getBytes());
-        Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\".");
-      } else {
-        sourceID = md.digest(authURL.getBytes());
+      // if sourceID is given in GET/POST param - use this as source id
+      if (!ParepUtils.isEmpty(sourceIdParam)) {
+          // if GET/POST parameter sourceID is set, use that sourceID instead of authURL;
+          sourceID = md.digest(sourceIdParam.getBytes());      
+          Logger.info("Building SAMArtifact from sourceID \"" + sourceIdParam + "\" instead of authURL \"" + authURL + "\".");
+          
+          byte[] assertionHandle = md.digest(sessionID.getBytes());
+          ByteArrayOutputStream out = new ByteArrayOutputStream(42);
+          out.write(0);
+          out.write(1);
+          out.write(sourceID, 0, 20);
+          out.write(assertionHandle, 0, 20);
+          byte[] samlArtifact = out.toByteArray();
+          //System.out.println("samlArtifact: " + new String(samlArtifact));
+          String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
+          //System.out.println("samlArtifact Base64: " + samlArtifactBase64);
+          return samlArtifactBase64;          
       }
       
-      //System.out.println("sourceID: " + new String(sourceID));
+      // if generic config parameter "AuthenticationServer.SourceID" is given, use that sourceID instead of authURL;
+      if (!ParepUtils.isEmpty(alternativeSourceID)) {
+          sourceID = md.digest(alternativeSourceID.getBytes());      
+          Logger.info("Building SAMArtifact from sourceID \"" + alternativeSourceID + "\" instead of authURL \"" + authURL + "\".");
+          
+          byte[] assertionHandle = md.digest(sessionID.getBytes());
+          ByteArrayOutputStream out = new ByteArrayOutputStream(42);
+          out.write(0);
+          out.write(1);
+          out.write(sourceID, 0, 20);
+          out.write(assertionHandle, 0, 20);
+          byte[] samlArtifact = out.toByteArray();
+          System.out.println("samlArtifact: " + new String(samlArtifact));
+          String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
+          System.out.println("samlArtifact Base64: " + samlArtifactBase64);
+          return samlArtifactBase64;          
+      }
       
+      // default: sourecID from authURL      
+      sourceID = md.digest(authURL.getBytes());
       byte[] assertionHandle = md.digest(sessionID.getBytes());
       ByteArrayOutputStream out = new ByteArrayOutputStream(42);
       out.write(0);
@@ -98,6 +127,10 @@ public class SAMLArtifactBuilder {
       String samlArtifactBase64 = Base64Utils.encode(samlArtifact);
       //System.out.println("samlArtifact Base64: " + samlArtifactBase64);
       return samlArtifactBase64;
+      
+      //System.out.println("sourceID: " + new String(sourceID));
+      
+      
     }
     catch (Throwable ex) {
       throw new BuildException(
author	kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2012-02-16 19:03:20 +0000
committer	kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d>	2012-02-16 19:03:20 +0000
commit	92709b7a3e7c18583e127d2160cfd96361ac035b (patch)
tree	ef9c5b9f6e6211eb95d75d196c79d32cdbd901d8 /id/server/idserverlib/src/main/java
parent	99ecae7954643c971d8a789a196a5d246507a83e (diff)
download	moa-id-spss-92709b7a3e7c18583e127d2160cfd96361ac035b.tar.gz moa-id-spss-92709b7a3e7c18583e127d2160cfd96361ac035b.tar.bz2 moa-id-spss-92709b7a3e7c18583e127d2160cfd96361ac035b.zip