diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-07-05 11:56:00 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2013-07-05 11:56:00 +0200 |
commit | 5af029d47de31ceb0b171b3fe39744722a5adb63 (patch) | |
tree | 7593dffb95126d68dcd54748bb6fc4120c0c681a /id/server/idserverlib/src | |
parent | 0d652fd6754c4b5719306b81c65c0b28fec07aa1 (diff) | |
download | moa-id-spss-5af029d47de31ceb0b171b3fe39744722a5adb63.tar.gz moa-id-spss-5af029d47de31ceb0b171b3fe39744722a5adb63.tar.bz2 moa-id-spss-5af029d47de31ceb0b171b3fe39744722a5adb63.zip |
Gilt nicht für den privatwirtschaftlichen Modus.
-- Der IdentityLink beinhaltet ab diesem Commit wieder die Stammzahl!!!
-- Diese wird für den AuthBlock und zur Generierung des AuthData Objekts umgerechnet.
-- AuthData.IdentityLinkValue hält jetzt ebenfalls die Stammzahl!!!
-- Die bPK oder wbPK sind im jeweiligen Element AuthData.bPK oder AuthData.wbPK abgelegt.
Diffstat (limited to 'id/server/idserverlib/src')
2 files changed, 71 insertions, 50 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index aef247edb..87bd4ffea 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -744,20 +744,19 @@ public class AuthenticationServer implements MOAIDAuthConstants { .getOnlineApplicationParameter( session.getPublicOAURLPrefix()); + //TODO: CHECK!! is moved to buildAuthenticationBlock to hold the baseID in identitylink // if (!fromMandate) { // BZ.., calculate bPK for signing to be already present in AuthBlock - IdentityLink identityLink = session.getIdentityLink(); - if (identityLink.getIdentificationType().equals( - Constants.URN_PREFIX_BASEID)) { - // only compute bPK if online application is a public service and we - // have the Stammzahl - String bpkBase64 = new BPKBuilder().buildBPK(identityLink - .getIdentificationValue(), session.getTarget()); - identityLink.setIdentificationValue(bpkBase64); - - //TODO: insert correct Type!!!! - identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget()); - } +// IdentityLink identityLink = session.getIdentityLink(); +// if (identityLink.getIdentificationType().equals( +// Constants.URN_PREFIX_BASEID)) { +// // only compute bPK if online application is a public service and we +// // have the Stammzahl +// String bpkBase64 = new BPKBuilder().buildBPK(identityLink +// .getIdentificationValue(), session.getTarget()); +// identityLink.setIdentificationValue(bpkBase64); +// identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget()); +// } // ..BZ // } @@ -1025,12 +1024,32 @@ public class AuthenticationServer implements MOAIDAuthConstants { */ private String buildAuthenticationBlock(AuthenticationSession session, OAAuthParameter oaParam) throws BuildException { + IdentityLink identityLink = session.getIdentityLink(); String issuer = identityLink.getName(); String gebDat = identityLink.getDateOfBirth(); - String identificationValue = identityLink.getIdentificationValue(); - String identificationType = identityLink.getIdentificationType(); + String identificationValue = null; + String identificationType = null; + + if (identityLink.getIdentificationType().equals( + Constants.URN_PREFIX_BASEID)) { + // only compute bPK if online application is a public service and we + // have the Stammzahl + String bpkBase64 = new BPKBuilder().buildBPK(identityLink + .getIdentificationValue(), session.getTarget()); + + identificationValue = bpkBase64; + identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget(); + +// identityLink.setIdentificationValue(bpkBase64); +// identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget()); + + } else { + identificationValue = identityLink.getIdentificationValue(); + identificationType = identityLink.getIdentificationType(); + } + String issueInstant = DateTimeUtils.buildDateTime(Calendar .getInstance(), oaParam.getUseUTC()); session.setIssueInstant(issueInstant); @@ -2441,19 +2460,19 @@ public class AuthenticationServer implements MOAIDAuthConstants { //we have Austrian citizen if (businessService) { authData.setWBPK(identityLink.getIdentificationValue()); + } else { - authData.setBPK(identityLink.getIdentificationValue()); - - // BZ.., calculation of bPK already before sending AUTHBlock - /* - * if(identityLink.getIdentificationType().equals(Constants. - * URN_PREFIX_BASEID)) { // only compute bPK if online - * application is a public service and we have the Stammzahl - * String bpkBase64 = new BPKBuilder().buildBPK( - * identityLink.getIdentificationValue(), session.getTarget()); - * authData.setBPK(bpkBase64); } - */ - + + // OLD! BZ.., calculation of bPK already before sending AUTHBlock + //TL: identitylLink holds the BASEID, bPK is only calculated for AUTHBlock + //authData.setBPK(identityLink.getIdentificationValue()); + + // only compute bPK if online application is a public service and we have the Stammzahl + if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { + String bpkBase64 = new BPKBuilder().buildBPK( + identityLink.getIdentificationValue(), session.getTarget()); + authData.setBPK(bpkBase64); + } } } else { //we have foreigner, thus we have to calculate bPK and wbPK now (after receiving identity link from SZR-GW diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java index f1ecd512a..77817ac72 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/VerifyIdentityLinkServlet.java @@ -183,29 +183,31 @@ public class VerifyIdentityLinkServlet extends AuthServlet { // @TODO: unteren InfoboxReadRequest zu, Signer-Cert auslesen (wegen Cert Abfrage auf Organwalter OID), // nach oben verschoben vor verifyIdentityLink (da hier schon bPK berechnet, die aber f�r OW nicht in // AUTH Block aufscheinen darf. --> D.h. verifyIdentityLink umbauen - verify und AUTH Block bauen trennen) - boolean useMandate = session.getUseMandate(); - if (useMandate) { // Mandate modus - // read certificate and set dataurl to - Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate."); - - - String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true); - - // build dataurl (to the GetForeignIDSerlvet) - String dataurl = - new DataURLBuilder().buildDataURL( - session.getAuthURL(), - REQ_VERIFY_CERTIFICATE, - session.getSessionID()); - - - //Logger.debug("ContentType set to: application/x-www-form-urlencoded (ServletUtils)"); - //ServletUtils.writeCreateXMLSignatureRequestURLEncoded(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl); - Logger.debug("ContentType set to: text/xml;charset=UTF-8 (ServletUtils)"); - ServletUtils.writeCreateXMLSignatureRequest(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl); - - } - else { + + //TODO: Klaus fragen ob der Teil wirklich noch benötigt wird!!!!! +// boolean useMandate = session.getUseMandate(); +// if (useMandate) { // Mandate modus +// // read certificate and set dataurl to +// Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate."); +// +// +// String infoboxReadRequest = new InfoboxReadRequestBuilderCertificate().build(true); +// +// // build dataurl (to the GetForeignIDSerlvet) +// String dataurl = +// new DataURLBuilder().buildDataURL( +// session.getAuthURL(), +// REQ_VERIFY_CERTIFICATE, +// session.getSessionID()); +// +// +// //Logger.debug("ContentType set to: application/x-www-form-urlencoded (ServletUtils)"); +// //ServletUtils.writeCreateXMLSignatureRequestURLEncoded(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl); +// Logger.debug("ContentType set to: text/xml;charset=UTF-8 (ServletUtils)"); +// ServletUtils.writeCreateXMLSignatureRequest(resp, session, infoboxReadRequest, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyIdentityLink", dataurl); +// +// } +// else { Logger.info("Normal"); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() @@ -221,7 +223,7 @@ public class VerifyIdentityLinkServlet extends AuthServlet { } - } +// } try { AuthenticationSessionStoreage.storeSession(session); |