fixing authnreq error

author: Bojan Suzic <bojan.suzic@iaik.tugraz.at> 2014-04-17 18:01:18 +0200
committer: Bojan Suzic <bojan.suzic@iaik.tugraz.at> 2014-04-17 18:01:18 +0200
commit: 3d08ca18a290e57f6dd70f4b6914f0e3d5840bb7 (patch)
tree: e3e1e672ce6b982f70edb75c78460e2101266a94 /id/server/idserverlib/src/main
parent: 9f7103359b06b3cd7bff6073edf18142c21cef9a (diff)
download: moa-id-spss-3d08ca18a290e57f6dd70f4b6914f0e3d5840bb7.tar.gz
moa-id-spss-3d08ca18a290e57f6dd70f4b6914f0e3d5840bb7.tar.bz2
moa-id-spss-3d08ca18a290e57f6dd70f4b6914f0e3d5840bb7.zip
1 files changed, 89 insertions, 90 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
index 599d0c302..51ec1fff3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AuthenticationRequest.java
@@ -19,9 +19,6 @@ import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
 import org.apache.velocity.runtime.RuntimeConstants;
-import org.opensaml.saml2.core.AudienceRestriction;
-import org.opensaml.saml2.core.impl.AudienceRestrictionBuilder;
-import org.opensaml.saml2.core.impl.AudienceRestrictionImpl;
 import org.w3c.dom.Element;
 import org.w3c.dom.NamedNodeMap;
 
@@ -76,15 +73,15 @@ public class AuthenticationRequest implements IAction {
                 Logger.debug("Starting AuthenticationRequest");
                 moaStorkResponse.setSTORKAuthnResponse(new STORKAuthnResponse());
 
-                STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
+                //STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
 
-                Logger.debug("Starting generation of SAML response");
-                try {
-                    moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(), httpReq.getRemoteAddr(), false));
-                } catch (STORKSAMLEngineException ex) {
-                    Logger.error("Failed to generate STORK SAML Response", ex);
-                    throw new MOAIDException("stork.05", null);                  // TODO
-                }
+               // Logger.debug("Starting generation of SAML response");
+               // try {
+               //     moaStorkResponse.setSTORKAuthnResponse(engine.generateSTORKAuthnResponse(moaStorkRequest.getStorkAuthnRequest(), moaStorkResponse.getStorkAuthnResponse(), httpReq.getRemoteAddr(), false));
+               // } catch (STORKSAMLEngineException ex) {
+               //     Logger.error("Failed to generate STORK SAML Response", ex);
+               //     throw new MOAIDException("stork.05", null);                  // TODO
+               // }
 
                 // Get personal attributtes from MOA/IdentityLink
                 moaStorkResponse.setPersonalAttributeList(populateAttributes());
@@ -112,103 +109,105 @@ public class AuthenticationRequest implements IAction {
         }
         // check if we are getting request for citizen of some other country
         else if (req instanceof MOASTORKRequest) {
-            STORKAuthnRequest spAuthnRequest = ((MOASTORKRequest) req).getStorkAuthnRequest();
-            STORKAuthnRequest storkAuthnRequest = null;
-
-            String citizenCountryCode = spAuthnRequest.getCitizenCountryCode();
-            Logger.info("Got authentication request for citizen of " + citizenCountryCode);
+            return handleMOAStorkRequest("VIDP", (MOASTORKRequest) req, httpReq.getRemoteAddr(), httpResp);
+        }
 
-            try {
-                storkAuthnRequest = (STORKAuthnRequest) spAuthnRequest.clone();
-            } catch (CloneNotSupportedException e) {
-                Logger.error("Could not clone AuthnRequest ", e);
-                throw new MOAIDException("stork.05", null); // TODO
-            }
+        // Check if we got the response from PEPS
+        // If so then process it and forward to SP
+        else if ((req instanceof MOASTORKResponse)) {
+            return handleMOAStorkResponse("VIDP", (MOASTORKResponse) req, httpReq.getRemoteAddr(), httpResp);
+        } else {
+            Logger.error("Could not recognize request.");
+            throw new MOAIDException("stork.15", null);
+        }
+    }
 
+    /*
+    Handles STORKAuthnRequeste received for citizens of other countries
+     */
+    private String handleMOAStorkRequest(String instanceName, MOASTORKRequest moastorkRequest, String remoteAddr, HttpServletResponse httpResp) throws MOAIDException {
 
-            // check if citizen country is configured in the system
-            if (!(AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode))) {
-                Logger.error("Citizen country PEPS not configured in MOA instance: " + citizenCountryCode);
-                throw new MOAIDException("stork.05", null); // TODO
-            }
+        STORKAuthnRequest spAuthnRequest = moastorkRequest.getStorkAuthnRequest();
+        STORKAuthnRequest storkAuthnRequest = null;
 
-            // extracting basic settings and adjusting assertion consumer
-            String issuer = null;
-            String assertionConsumerURL = null;
-            String publicURLPrefix = null;
-            String destinationURL = null;
+        String citizenCountryCode = spAuthnRequest.getCitizenCountryCode();
+        Logger.info("Got authentication request for citizen of " + citizenCountryCode);
 
-            try {
-                issuer = new URL(AuthConfigurationProvider.getInstance().getPublicURLPrefix()).toString();
-                destinationURL = AuthConfigurationProvider.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString();
-                publicURLPrefix = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
-                assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest";
-            } catch (MalformedURLException ex) {
-                Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix(), ex);
-                throw new MOAIDException("stork.05", null); // TODO
-            } catch (Exception ex) {
-                Logger.error("Problem with PEPS configuration of MOA instance.", ex);
-                throw new MOAIDException("stork.05", null); // TODO
-            }
+        try {
+            storkAuthnRequest = (STORKAuthnRequest) spAuthnRequest.clone();
+        } catch (CloneNotSupportedException e) {
+            Logger.error("Could not clone AuthnRequest ", e);
+            throw new MOAIDException("stork.05", null); // TODO
+        }
 
 
-            // drop if we do not have publicprefix url configured on the instance
-            if (publicURLPrefix == null)
-                throw new AuthenticationException("stork.12", new Object[]{moasession.getPublicOAURLPrefix()});
+        // check if citizen country is configured in the system
+        if (!(AuthConfigurationProvider.getInstance().getStorkConfig().getCpepsMap().containsKey(citizenCountryCode))) {
+            Logger.error("Citizen country PEPS not configured in MOA instance: " + citizenCountryCode);
+            throw new MOAIDException("stork.05", null); // TODO
+        }
 
-            // adjusting request
-            storkAuthnRequest.setEIDCrossBorderShare(spAuthnRequest.isEIDCrossBorderShare());
-            storkAuthnRequest.setEIDSectorShare(spAuthnRequest.isEIDSectorShare());
-            storkAuthnRequest.setEIDCrossSectorShare(spAuthnRequest.isEIDCrossSectorShare());
-            storkAuthnRequest.setCitizenCountryCode(spAuthnRequest.getCitizenCountryCode());
-            storkAuthnRequest.setIssuer(issuer);
-            storkAuthnRequest.setAssertionConsumerServiceURL(assertionConsumerURL);
-            storkAuthnRequest.setDestination(destinationURL);
+        // extracting basic settings and adjusting assertion consumer
+        String issuer = null;
+        String assertionConsumerURL = null;
+        String publicURLPrefix = null;
+        String destinationURL = null;
 
-            // regenerate request
-            try {
-                //Get SAMLEngine instance
-                STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
-                Logger.debug("Starting generation of SAML request");
-                storkAuthnRequest = engine.generateSTORKAuthnRequest(storkAuthnRequest);
-
-                //generateSAML Token
-                Logger.info("SAML response succesfully generated!");
-            } catch (STORKSAMLEngineException e) {
-                Logger.error("Failed to generate STORK SAML Response", e);
-                throw new MOAIDException("stork.05", null);
-            }
+        try {
+            issuer = new URL(AuthConfigurationProvider.getInstance().getPublicURLPrefix()).toString();
+            destinationURL = AuthConfigurationProvider.getInstance().getStorkConfig().getCPEPS(citizenCountryCode).getPepsURL().toString();
+            publicURLPrefix = AuthConfigurationProvider.getInstance().getPublicURLPrefix();
+            assertionConsumerURL = publicURLPrefix + "/stork2/SendPEPSAuthnRequest";
+        } catch (MalformedURLException ex) {
+            Logger.error("Wrong PublicURLPrefix setting of MOA instance: " + AuthConfigurationProvider.getInstance().getPublicURLPrefix(), ex);
+            throw new MOAIDException("stork.05", null); // TODO
+        } catch (Exception ex) {
+            Logger.error("Problem with PEPS configuration of MOA instance.", ex);
+            throw new MOAIDException("stork.05", null); // TODO
+        }
 
-            // store original request from SP in order to be able to extract it in later iteration/response
-            DataContainer spRequestContainer = new DataContainer();
-            spRequestContainer.setRequest((MOASTORKRequest) req);
 
-            try {
-                AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), spRequestContainer);
-                Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request with id " + spAuthnRequest.getSamlId());
-            } catch (MOADatabaseException e) {
-                e.printStackTrace();
-            }
+        // drop if we do not have publicprefix url configured on the instance
+        if (publicURLPrefix == null)
+            throw new AuthenticationException("stork.12", new String[]{"PublicURLPrefix"});
 
-            // preparing redirection for the client
-            performRedirection("SAMLRequest", destinationURL, storkAuthnRequest.getTokenSaml(), httpResp);
-            return "xxxx";// TODO
+        // adjusting request
+        storkAuthnRequest.setEIDCrossBorderShare(spAuthnRequest.isEIDCrossBorderShare());
+        storkAuthnRequest.setEIDSectorShare(spAuthnRequest.isEIDSectorShare());
+        storkAuthnRequest.setEIDCrossSectorShare(spAuthnRequest.isEIDCrossSectorShare());
+        storkAuthnRequest.setCitizenCountryCode(spAuthnRequest.getCitizenCountryCode());
+        storkAuthnRequest.setIssuer(issuer);
+        storkAuthnRequest.setAssertionConsumerServiceURL(assertionConsumerURL);
+        storkAuthnRequest.setDestination(destinationURL);
 
-        }
+        // regenerate request
+        try {
+            //Get SAMLEngine instance
+            STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP");
+            Logger.debug("Starting generation of SAML request");
+            storkAuthnRequest = engine.generateSTORKAuthnRequest(storkAuthnRequest);
 
-        // Check if we got the response from PEPS
-        // If so then process it and forward to SP
-        else if ((req instanceof MOASTORKResponse)) {
-            return handleMOAStorkResponse("VIDP", (MOASTORKResponse) req, httpReq.getRemoteAddr(), httpResp);
-        } else {
-            Logger.error("Could not recognize request.");
-            throw new MOAIDException("stork.15", null);
+            //generateSAML Token
+            Logger.info("SAML response succesfully generated!");
+        } catch (STORKSAMLEngineException e) {
+            Logger.error("Failed to generate STORK SAML Response", e);
+            throw new MOAIDException("stork.05", null);
         }
-    }
 
+        // store original request from SP in order to be able to extract it in later iteration/response
+        DataContainer spRequestContainer = new DataContainer();
+        spRequestContainer.setRequest(moastorkRequest);
 
-    private String handleMOAStorkRequest(String instanceName, MOASTORKRequest moastorkRequest, String remoteAddr, HttpServletResponse httpResp) {
+        try {
+            AssertionStorage.getInstance().put(storkAuthnRequest.getSamlId(), spRequestContainer);
+            Logger.info("Storing artifactId " + storkAuthnRequest.getSamlId() + " of SP authentication request with id " + spAuthnRequest.getSamlId());
+        } catch (MOADatabaseException e) {
+            e.printStackTrace();
+        }
 
+        // preparing redirection for the client
+        performRedirection("SAMLRequest", destinationURL, storkAuthnRequest.getTokenSaml(), httpResp);
+        return "xxxx";// TODO
     }
 
     /*
author	Bojan Suzic <bojan.suzic@iaik.tugraz.at>	2014-04-17 18:01:18 +0200
committer	Bojan Suzic <bojan.suzic@iaik.tugraz.at>	2014-04-17 18:01:18 +0200
commit	3d08ca18a290e57f6dd70f4b6914f0e3d5840bb7 (patch)
tree	e3e1e672ce6b982f70edb75c78460e2101266a94 /id/server/idserverlib/src/main
parent	9f7103359b06b3cd7bff6073edf18142c21cef9a (diff)
download	moa-id-spss-3d08ca18a290e57f6dd70f4b6914f0e3d5840bb7.tar.gz moa-id-spss-3d08ca18a290e57f6dd70f4b6914f0e3d5840bb7.tar.bz2 moa-id-spss-3d08ca18a290e57f6dd70f4b6914f0e3d5840bb7.zip