update some method headers

2 files changed, 39 insertions, 12 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 94e30238a..af22a2d7e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -132,7 +132,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		
 		SubjectConfirmationData subjectConfirmationData = null;
 		
-		return buildGenericAssertion(pendingReq, attrQuery.getIssuer().getValue(), date, 
+		return buildGenericAssertion(pendingReq.getAuthURL(), attrQuery.getIssuer().getValue(), date, 
 				authnContextClassRef, attrList, subjectNameID, subjectConfirmationData, sessionIndex,
 				new DateTime(authData.getSsoSessionValidTo().getTime()));
 	}
@@ -410,12 +410,12 @@ public class PVP2AssertionBuilder implements PVPConstants {
 		sloInformation.setNameIDFormat(subjectNameID.getFormat());
 		sloInformation.setSessionIndex(sessionIndex);
 		
-		return buildGenericAssertion(pendingReq, peerEntity.getEntityID(), date, authnContextClassRef, attrList, subjectNameID, subjectConfirmationData, sessionIndex, subjectConfirmationData.getNotOnOrAfter());
+		return buildGenericAssertion(pendingReq.getAuthURL(), peerEntity.getEntityID(), date, authnContextClassRef, attrList, subjectNameID, subjectConfirmationData, sessionIndex, subjectConfirmationData.getNotOnOrAfter());
 	}
 	
 	/**
 	 * 
-	 * @param pendingReq IDP PublicURL PreFix
+	 * @param issuer IDP EntityID
 	 * @param entityID Service Provider EntityID
 	 * @param date 
 	 * @param authnContextClassRef
@@ -428,7 +428,7 @@ public class PVP2AssertionBuilder implements PVPConstants {
 	 * @throws ConfigurationException
 	 */
 	
-	public static Assertion buildGenericAssertion(IRequest pendingReq, String entityID, DateTime date, 
+	public static Assertion buildGenericAssertion(String issuer, String entityID, DateTime date, 
 			AuthnContextClassRef authnContextClassRef, List<Attribute> attrList, 
 			NameID subjectNameID, SubjectConfirmationData subjectConfirmationData, 
 			String sessionIndex, DateTime isValidTo) throws ConfigurationException {
@@ -478,15 +478,14 @@ public class PVP2AssertionBuilder implements PVPConstants {
 
 		assertion.setConditions(conditions);
 
-		Issuer issuer = SAML2Utils.createSAMLObject(Issuer.class);
-		
-		String authURL = pendingReq.getAuthURL();		
-		if (authURL.endsWith("/"))
-			authURL = authURL.substring(0, authURL.length()-1);
-		issuer.setValue(authURL);
-		issuer.setFormat(NameID.ENTITY);
+		Issuer issuerObj = SAML2Utils.createSAMLObject(Issuer.class);
+				
+		if (issuer.endsWith("/"))
+			issuer = issuer.substring(0, issuer.length()-1);
+		issuerObj.setValue(issuer);
+		issuerObj.setFormat(NameID.ENTITY);
 		
-		assertion.setIssuer(issuer);
+		assertion.setIssuer(issuerObj);
 		assertion.setSubject(subject);
 		assertion.setID(SAML2Utils.getSecureIdentifier());
 		assertion.setIssueInstant(date);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java
index e7df23d61..4c9a1e59f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/signer/AbstractCredentialProvider.java
@@ -23,11 +23,17 @@
 package at.gv.egovernment.moa.id.protocols.pvp2x.signer;
 
 import java.security.KeyStore;
+import java.security.PrivateKey;
+import java.security.interfaces.RSAPrivateKey;
 
+import org.opensaml.xml.security.credential.Credential;
 import org.opensaml.xml.security.credential.UsageType;
 import org.opensaml.xml.security.x509.X509Credential;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureConstants;
 
 import at.gv.egovernment.moa.id.opemsaml.MOAKeyStoreX509CredentialAdapter;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.KeyStoreUtils;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -183,4 +189,26 @@ public abstract class AbstractCredentialProvider {
 			throw new CredentialsNotAvailableException(e.getMessage(), null);
 		}
 	}
+	
+	public static Signature getIDPSignature(Credential credentials) {		
+		PrivateKey privatekey = credentials.getPrivateKey();		
+		Signature signer = SAML2Utils.createSAMLObject(Signature.class);
+		
+		if (privatekey instanceof RSAPrivateKey) {
+			signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+			
+		} else if (privatekey instanceof iaik.security.ecc.ecdsa.ECPrivateKey) {
+			signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA1);
+
+		} else {
+			Logger.warn("Could NOT evaluate the Private-Key type from " + credentials.getEntityId() + " credential.");
+			
+			
+		}
+
+		signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);		
+		signer.setSigningCredential(credentials);
+		return signer;
+		
+	}
 }