update PVP 2.1 SAML2 bindings

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-08-19 15:00:17 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-08-19 15:00:17 +0200
commit: 296ebbfb36ef207abe4611cb8d3727d2f86a692b (patch)
tree: 18eb50901baad0212ec76683871bb7edb30eef3c /id/server/idserverlib/src/main
parent: 2f4f5750cf0d3fc83793a31017daee331410015a (diff)
download: moa-id-spss-296ebbfb36ef207abe4611cb8d3727d2f86a692b.tar.gz
moa-id-spss-296ebbfb36ef207abe4611cb8d3727d2f86a692b.tar.bz2
moa-id-spss-296ebbfb36ef207abe4611cb8d3727d2f86a692b.zip
3 files changed, 51 insertions, 19 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index 7f73b1ed7..1a268c812 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -147,20 +147,22 @@ public class PostBinding implements IDecoder, IEncoder {
 		messageContext
 				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
 		try {
-			decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService()));
-			
+			//set metadata descriptor type
+			if (isSPEndPoint) {
+				messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSOPostService()));
+				
+			} else {
+				messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService()));
+			}
+						
 		} catch (ConfigurationException e) {
 			throw new SecurityException(e);
 		}
 							
 		messageContext.setMetadataProvider(MOAMetadataProvider.getInstance());
-		
-		//set metadata descriptor type
-		if (isSPEndPoint)
-			messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
-		else
-			messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
-		
+				
 		decode.decode(messageContext);
 		
 		InboundMessage msg = null;		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index 26f6f3a62..f11561c14 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -135,18 +135,26 @@ public class RedirectBinding implements IDecoder, IEncoder {
 		HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(
 				new BasicParserPool());
 		
+		BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
+		messageContext
+				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
+		
 		try {
-			decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSORedirectService()));
+			//set metadata descriptor type
+			if (isSPEndPoint) {
+				messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getSPSSOPostService()));
+				
+			} else {
+				messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+				decode.setURIComparator(new MOAURICompare(PVPConfiguration.getInstance().getIDPSSOPostService()));
+			}
 		
 		} catch (ConfigurationException e) {
 			throw new SecurityException(e);
 			
 		}
-		
-		BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-		messageContext
-				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
-					
+							
 		messageContext.setMetadataProvider(MOAMetadataProvider.getInstance());
 				
 		SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule(
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
index f0eafe272..a2583c706 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
@@ -33,6 +33,7 @@ import org.opensaml.common.xml.SAMLConstants;
 import org.opensaml.saml2.binding.encoding.HTTPSOAP11Encoder;
 import org.opensaml.saml2.core.RequestAbstractType;
 import org.opensaml.saml2.core.StatusResponseType;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
 import org.opensaml.ws.message.decoder.MessageDecodingException;
 import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.opensaml.ws.soap.client.BasicSOAPMessageContext;
@@ -52,9 +53,11 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedEx
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessageInterface;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialProvider;
 import at.gv.egovernment.moa.id.protocols.pvp2x.signer.CredentialsNotAvailableException;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class SoapBinding implements IDecoder, IEncoder {
 
@@ -66,8 +69,10 @@ public class SoapBinding implements IDecoder, IEncoder {
 				new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
 		messageContext
 				.setInboundMessageTransport(new HttpServletRequestAdapter(
-						req));
-		
+						req));		
+		//messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+		messageContext.setMetadataProvider(MOAMetadataProvider.getInstance());
+				
 		soapDecoder.decode(messageContext);
 		
 		Envelope inboundMessage = (Envelope) messageContext
@@ -78,8 +83,25 @@ public class SoapBinding implements IDecoder, IEncoder {
 		
 			if (!xmlElemList.isEmpty()) {
 				SignableXMLObject attrReq = (SignableXMLObject) xmlElemList.get(0);			
-				MOARequest request = new MOARequest(attrReq, getSAML2BindingName());
-				request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
+				MOARequest request = new MOARequest(attrReq, getSAML2BindingName());				
+				
+				if (messageContext.getPeerEntityMetadata() != null)
+					request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
+				
+				else if (attrReq instanceof RequestAbstractType) {
+					RequestAbstractType attributeRequest = (RequestAbstractType) attrReq;
+					try {						
+						if (MiscUtil.isNotEmpty(attributeRequest.getIssuer().getValue()) && 
+								MOAMetadataProvider.getInstance().getRole(
+										attributeRequest.getIssuer().getValue(), 
+										SPSSODescriptor.DEFAULT_ELEMENT_NAME) != null)
+							request.setEntityID(attributeRequest.getIssuer().getValue());
+						
+					} catch (Exception e) {
+						Logger.warn("No Metadata found with EntityID " + attributeRequest.getIssuer().getValue());
+					}					
+				} 
+				
 				request.setVerified(false);			
 				return request;
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-08-19 15:00:17 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-08-19 15:00:17 +0200
commit	296ebbfb36ef207abe4611cb8d3727d2f86a692b (patch)
tree	18eb50901baad0212ec76683871bb7edb30eef3c /id/server/idserverlib/src/main
parent	2f4f5750cf0d3fc83793a31017daee331410015a (diff)
download	moa-id-spss-296ebbfb36ef207abe4611cb8d3727d2f86a692b.tar.gz moa-id-spss-296ebbfb36ef207abe4611cb8d3727d2f86a692b.tar.bz2 moa-id-spss-296ebbfb36ef207abe4611cb8d3727d2f86a692b.zip