complete workflow untested

author: Florian Reimair <florian.reimair@iaik.tugraz.at> 2014-01-29 14:02:05 +0100
committer: Florian Reimair <florian.reimair@iaik.tugraz.at> 2014-01-29 14:04:08 +0100
commit: 04a2d507dfcf59dac15e542e391797e57a820c82 (patch)
tree: 48f26b982ad6a1be12a4832004ae7e55edcf1baf /id/server/idserverlib/src/main/java
parent: 98137f26f5b0bd33d178e16ea5ee9397f2cc2c0a (diff)
download: moa-id-spss-04a2d507dfcf59dac15e542e391797e57a820c82.tar.gz
moa-id-spss-04a2d507dfcf59dac15e542e391797e57a820c82.tar.bz2
moa-id-spss-04a2d507dfcf59dac15e542e391797e57a820c82.zip
6 files changed, 68 insertions, 60 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 3dc2639d5..f19881578 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1723,13 +1723,16 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 //		    	data.setRepresentative(representative);
 //		    	data.setRepresented(represented);
 //		    	data.setMandateContent(mandateContent);
-		    	request.setPEPSData(data);
-
 		    	
+		    	if(null != PEPSIdentifier)
+		    		request.setPEPSData(data);
+
+		    	// TODO add MIS data
 //		    	request.setMIS(value)
 		    	
 		    	Logger.info("Starte Kommunikation mit dem Stammzahlenregister Gateway(" + connectionParameters.getUrl() + ")...");
 				CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request , connectionParameters.getUrl());
+				return response;
 		    	
 				
 				
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
index e4bf37417..3bc152ec8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/StartAuthenticationBuilder.java
@@ -36,8 +36,7 @@ public class StartAuthenticationBuilder {
 	    
 	    Logger.info("Starting authentication for a citizen of country: " + (StringUtils.isEmpty(moasession.getCcc()) ? "AT" : moasession.getCcc()));    
 	    // STORK or normal authentication
-	    //TODO: commented because npe was thrown
-	    /*if (storkConfig.isSTORKAuthentication(moasession.getCcc())) {
+	    if (storkConfig.isSTORKAuthentication(moasession.getCcc())) {
 	    	//STORK authentication
 	    	Logger.trace("Found C-PEPS configuration for citizen of country: " + moasession.getCcc());
 	    	Logger.debug("Starting STORK authentication");
@@ -45,13 +44,13 @@ public class StartAuthenticationBuilder {
 	    	AuthenticationServer.startSTORKAuthentication(req, resp, moasession);
 	    	return "";
 	    	
-	    } else {*/
+	    } else {
 	    	//normal MOA-ID authentication
 	    	Logger.debug("Starting normal MOA-ID authentication");
 		    			    	    	
 	    	String getIdentityLinkForm = AuthenticationServer.getInstance().startAuthentication(moasession, req);	   
 
 	    	return getIdentityLinkForm;
-	    //}
+	    }
 	}
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 4a7676ec8..3ab6701c8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -26,6 +26,7 @@ import java.util.Vector;
 
 import org.w3c.dom.Element;
 
+import eu.stork.peps.auth.commons.IPersonalAttributeList;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
 
 import at.gv.egovernment.moa.id.auth.validator.InfoboxValidator;
@@ -254,7 +255,9 @@ public class AuthenticationSession implements Serializable {
 	private VerifyXMLSignatureResponse XMLVerifySignatureResponse;
 	
 	private boolean isForeigner;
-	
+
+	private IPersonalAttributeList storkAttributes;
+
 	// private String requestedProtocolURL = null;
 	
 	public String getModul() {
@@ -962,6 +965,24 @@ public class AuthenticationSession implements Serializable {
 	public void setAuthBlockTokken(String authBlockTokken) {
 		this.authBlockTokken = authBlockTokken;
 	}
+
+	/**
+	 * Memorizes the stork attribute list.
+	 *
+	 * @param personalAttributeList the new stork attributes
+	 */
+	public void setStorkAttributes(IPersonalAttributeList personalAttributeList) {
+		this.storkAttributes = personalAttributeList;
+	}
+	
+	/**
+	 * Recalls the stork attribute list.
+	 *
+	 * @return the stork attributes
+	 */
+	public IPersonalAttributeList getStorkAttributes() {
+		return this.storkAttributes;
+	}
 	
 	/**
 //	 * @return the oAuth20SessionObject
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index f1ee4c181..f05180932 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -78,9 +78,6 @@ public class PEPSConnectorServlet extends AuthServlet {
 				//No authentication session has been started before
 				Logger.error("MOA-SessionID was not found, no previous AuthnRequest had been started");
 				throw new AuthenticationException("auth.02", new Object[] { moaSessionID });
-			} else {
-				//We know user and MOA takes over session handling, invalidate HttpSession
-				httpSession.invalidate();
 			}
 			
 			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(moaSessionID);
@@ -192,49 +189,28 @@ public class PEPSConnectorServlet extends AuthServlet {
 			Logger.info("Received Identity Link from SZR Gateway");
 			moaSession.setIdentityLink(identityLink);
 			
-			Logger.debug("Adding addtional STORK attributes to MOA assertion");
-			//add other stork attributes to MOA assertion
-			List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = STORKResponseProcessor.addAdditionalSTORKAttributes(storkAssertion.getAttributeStatements().get(0).getAttributes());
-			moaSession.setExtendedSAMLAttributesOA(moaExtendedSAMLAttibutes);
+			Logger.debug("Adding addtional STORK attributes to MOA session");
+			moaSession.setStorkAttributes(authnResponse.getPersonalAttributeList());
 			
 			//We don't have BKUURL, setting from null to "Not applicable"
 			moaSession.setBkuURL("Not applicable (STORK Authentication)");
-						
-			Logger.debug("Starting to assemble MOA assertion");
-			//produce MOA-Assertion and artifact			
-			String samlArtifactBase64 = 
-	    		AuthenticationServer.getInstance().getForeignAuthenticationData(moaSession);
-			Logger.info("MOA assertion assembled and SAML Artifact generated.");
+
+			// free for single use
+			moaSession.setAuthenticatedUsed(false);
+			
+			// stork did the authentication step
+			moaSession.setAuthenticated(true);
 			
     		//session is implicit stored in changeSessionID!!!!
     		String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(moaSession);
     		
     		Logger.info("Changed MOASession " + moaSessionID + " to Session " + newMOASessionID);
-    		Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
 			
 			//redirect
 			String redirectURL = null;
-	    	if (!samlArtifactBase64.equals("Redirect to Input Processor")) {
-	    		/*redirectURL = moaSession.getOAURLRequested();
-	    		if (!moaSession.getBusinessService()) {
-	    			redirectURL = addURLParameter(redirectURL, PARAM_TARGET, URLEncoder.encode(moaSession.getTarget(), "UTF-8"));
-	    		}
-	    		redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
-	    		redirectURL = response.encodeRedirectURL(redirectURL);*/
-	    			    		
 	    		redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), 
 						ModulUtils.buildAuthURL(moaSession.getModul(), moaSession.getAction(), pendingRequestID), newMOASessionID);
 	    		redirectURL = response.encodeRedirectURL(redirectURL);
-	    	} else {
-	    		
-	    		redirectURL = new DataURLBuilder().buildDataURL(moaSession.getAuthURL(), AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, newMOASessionID);
-	    	}
-	    	
-	        try {
-				AuthenticationSessionStoreage.storeSession(moaSession);
-			} catch (MOADatabaseException e) {
-				throw new MOAIDException("Session store error", null);
-			}
 	    	
 	    	response.setContentType("text/html");
 	    	response.setStatus(302);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index 9dede7179..664d0cf57 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -14,7 +14,6 @@ import javax.xml.namespace.QName;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
 import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
 import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.core.Attribute;
 import org.opensaml.saml2.metadata.RequestedAttribute;
 import org.opensaml.ws.transport.http.HTTPInTransport;
 import org.opensaml.ws.transport.http.HTTPOutTransport;
@@ -35,7 +34,6 @@ import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.exception.ParseException;
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.client.SZRGWClientException;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.util.XMLUtil;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Constants;
@@ -44,6 +42,7 @@ import at.gv.egovernment.moa.util.StringUtils;
 import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
 import eu.stork.mw.messages.saml.STORKResponse;
 import eu.stork.peps.auth.commons.IPersonalAttributeList;
+import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.vidp.messages.common.STORKConstants;
 import eu.stork.vidp.messages.util.SAMLUtil;
 
@@ -389,33 +388,29 @@ public class STORKResponseProcessor {
 	
 	/**
 	 * Transforms additional STORK attributes to MOA Extended attributes
-	 * @param storkAttributeList STORK attribute list
+	 * @param iPersonalAttributeList STORK attribute list
 	 * @return
 	 */
-	public static List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(List<Attribute> storkAttributeList) {
+	public static List<ExtendedSAMLAttribute> addAdditionalSTORKAttributes(IPersonalAttributeList iPersonalAttributeList) {
 		List<ExtendedSAMLAttribute> moaExtendedSAMLAttributeList = new Vector<ExtendedSAMLAttribute>();
 		
+		if(null == iPersonalAttributeList)
+			return moaExtendedSAMLAttributeList;
+		
 		Logger.trace("Adding the following attributes to MOA assertion: ");
 		int count = 0;
-		//only add attributes different than eIdentifier, given name, surname, dateOfBirth, signedDoc
-		for (Attribute attribute : storkAttributeList) {
-			//attribute is not in default returned attribute set
-			if (!STORKConstants.DEFAULT_STORK_RETURNED_ATTRIBUTE_SET.contains(attribute.getName())) {
-				
-				String attributeValue = null;
-				if (!attribute.getAttributeValues().isEmpty()) {
-					//we have attribute value
-					attributeValue = SAMLUtil.getStringValueFromXMLObject(attribute.getAttributeValues().get(0));
-				}
-				ExtendedSAMLAttribute extendedSAMLAttribute = 
-					new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0);
-				moaExtendedSAMLAttributeList.add(extendedSAMLAttribute);
-				count++;
-				Logger.trace("Additional attribute: " + attribute.getName());
-			}				
+
+		for (PersonalAttribute attribute : iPersonalAttributeList) {
+			Object attributeValue = attribute.getValue();
+			if (null == attributeValue)
+				attributeValue = attribute.getComplexValue();
+			ExtendedSAMLAttribute extendedSAMLAttribute = 
+				new ExtendedSAMLAttributeImpl(attribute.getName(), attributeValue, Constants.STORK_NS_URI, 0);
+			moaExtendedSAMLAttributeList.add(extendedSAMLAttribute);
+			count++;
+			Logger.trace("Additional attribute: " + attribute.getName());
 		}
 		
-		
 		Logger.debug("Added " + count + " STORK attribute(s) to the MOA assertion.");		
 		
 		return moaExtendedSAMLAttributeList;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index fa9dbe990..bf353bce4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -1,12 +1,17 @@
 package at.gv.egovernment.moa.id.protocols.saml1;
 
+import java.util.List;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
+import at.gv.egovernment.moa.id.auth.stork.STORKResponseProcessor;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
@@ -48,6 +53,15 @@ public class GetArtifactAction implements IAction {
 					oaParam,
 					target);
 			
+			// add other stork attributes to MOA assertion if available
+			if(null != session.getStorkAttributes()) {
+				List<ExtendedSAMLAttribute> moaExtendedSAMLAttibutes = STORKResponseProcessor.addAdditionalSTORKAttributes(session.getStorkAttributes());
+				session.setExtendedSAMLAttributesOA(moaExtendedSAMLAttibutes);
+				//produce MOA-Assertion and artifact                    
+				AuthenticationServer.getInstance().getForeignAuthenticationData(session);
+				Logger.info("MOA assertion assembled and SAML Artifact generated.");
+			}
+			
 			String samlArtifactBase64 = saml1server.BuildSAMLArtifact(session, oaParam, authData);
 			
 			if (AuthenticationSessionStoreage.isSSOSession(session.getSessionID())) {
author	Florian Reimair <florian.reimair@iaik.tugraz.at>	2014-01-29 14:02:05 +0100
committer	Florian Reimair <florian.reimair@iaik.tugraz.at>	2014-01-29 14:04:08 +0100
commit	04a2d507dfcf59dac15e542e391797e57a820c82 (patch)
tree	48f26b982ad6a1be12a4832004ae7e55edcf1baf /id/server/idserverlib/src/main/java
parent	98137f26f5b0bd33d178e16ea5ee9397f2cc2c0a (diff)
download	moa-id-spss-04a2d507dfcf59dac15e542e391797e57a820c82.tar.gz moa-id-spss-04a2d507dfcf59dac15e542e391797e57a820c82.tar.bz2 moa-id-spss-04a2d507dfcf59dac15e542e391797e57a820c82.zip