aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2013-09-18 10:05:01 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2013-09-18 10:05:01 +0200
commit7625168308b648dab99db5c99c9de09b173ed05c (patch)
tree6b0784fbffd20200379761ab186caa940a5d7975 /id/server/idserverlib
parent466342e91b92a68f9738937dbfdeff5348a2b730 (diff)
downloadmoa-id-spss-7625168308b648dab99db5c99c9de09b173ed05c.tar.gz
moa-id-spss-7625168308b648dab99db5c99c9de09b173ed05c.tar.bz2
moa-id-spss-7625168308b648dab99db5c99c9de09b173ed05c.zip
change to 1.9.96-snapshot
--set SL-Version to hardcoded version 1.2 --add "RemoveBPK form AuthBlock" feature --set UTC time as default (SAML1) --add PVP2 Attributes: ++ AuthBlock ++ Certificate ++ BASEID ++ BASEID-TYPE ++BKUURL Bugfix: -- NullPointerException: GetMISSessionIDServlet.java -- Check if it is empty: MOAMetadataProvider.java
Diffstat (limited to 'id/server/idserverlib')
-rw-r--r--id/server/idserverlib/pom.xml6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java58
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java18
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java18
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java12
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java19
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java18
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java9
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java44
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java22
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java10
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java45
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDCcsURL.java33
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSignerCertificate.java45
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePIN.java33
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePINType.java33
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java3
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java13
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/MetadataSignatureFilter.java2
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java2
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java8
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java2
27 files changed, 333 insertions, 139 deletions
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 37663c08b..245f9a254 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -2,14 +2,14 @@
<parent>
<groupId>MOA.id</groupId>
<artifactId>moa-id</artifactId>
- <version>1.5.2</version>
+ <version>1.9.96-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<groupId>MOA.id.server</groupId>
<artifactId>moa-id-lib</artifactId>
<packaging>jar</packaging>
- <version>1.9.95-SNAPSHOT</version>
+ <version>1.9.96-SNAPSHOT</version>
<name>MOA ID API</name>
<properties>
@@ -41,7 +41,7 @@
<dependency>
<groupId>MOA.spss.server</groupId>
<artifactId>moa-spss-lib</artifactId>
- <!--version>${project.version}</version-->
+ <version>1.5.2</version>
</dependency>
<dependency>
<groupId>axis</groupId>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index a19ac724e..dec5b81cf 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -440,12 +440,12 @@ public class AuthenticationServer implements MOAIDAuthConstants {
//build ReadInfobox request
infoboxReadRequest = new InfoboxReadRequestBuilder().build(
- oaParam.isSlVersion12(), isbuisness, domainIdentifier);
+ isbuisness, domainIdentifier);
} else {
//build ReadInfobox request
infoboxReadRequest = new InfoboxReadRequestBuilder().build(
- oaParam.isSlVersion12(), oaParam.getBusinessService(), oaParam
+ oaParam.getBusinessService(), oaParam
.getIdentityLinkDomainIdentifier());
}
@@ -465,7 +465,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
//build CertInfo request
String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder()
- .build(oaParam.isSlVersion12());
+ .build();
String certInfoDataURL = new DataURLBuilder()
.buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION,
session.getSessionID());
@@ -788,7 +788,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
}
String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder()
.build(authBlock, oaParam.getKeyBoxIdentifier(),
- transformsInfos, oaParam.isSlVersion12());
+ transformsInfos);
return createXMLSignatureRequest;
}
@@ -1054,40 +1054,40 @@ public class AuthenticationServer implements MOAIDAuthConstants {
String identificationValue = null;
String identificationType = null;
- if (identityLink.getIdentificationType().equals(
- Constants.URN_PREFIX_BASEID)) {
- // only compute bPK if online application is a public service and we
- // have the Stammzahl
+ //set empty AuthBlock BPK in case of OW or SSO or bpk is not requested
+ if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) {
+ identificationType = "";
+ identificationValue = "";
+ } else if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
+
+ if (oaParam.getBusinessService()) {
- if (session.isSsoRequested()) {
- identificationType = "";
- identificationValue = "";
+ String bpkBase64 = new BPKBuilder().buildWBPK(identityLink
+ .getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier());
+ identificationValue = bpkBase64;
+
+ if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK + "+" ))
+ identificationType = oaParam.getIdentityLinkDomainIdentifier();
+ else
+ identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier();
} else {
String bpkBase64 = new BPKBuilder().buildBPK(identityLink
- .getIdentificationValue(), session.getTarget());
+ .getIdentificationValue(), session.getTarget());
identificationValue = bpkBase64;
identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget();
}
-// identityLink.setIdentificationValue(bpkBase64);
-// identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget());
-
+
} else {
identificationValue = identityLink.getIdentificationValue();
identificationType = identityLink.getIdentificationType();
}
-
- //set empty AuthBlock BPK in case of OW
- if (session.isOW()) {
- identificationType = "";
- identificationValue = "";
- }
-
- String issueInstant = DateTimeUtils.buildDateTime(Calendar
- .getInstance(), oaParam.getUseUTC());
+
+ String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar
+ .getInstance());
session.setIssueInstant(issueInstant);
String authURL = session.getAuthURL();
String target = session.getTarget();
@@ -2274,15 +2274,17 @@ public class AuthenticationServer implements MOAIDAuthConstants {
AuthenticationData authData = new AuthenticationData();
VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse();
- boolean useUTC = oaParam.getUseUTC();
+
+// boolean useUTC = oaParam.getUseUTC();
boolean businessService = oaParam.getBusinessService();
authData.setMajorVersion(1);
authData.setMinorVersion(0);
authData.setAssertionID(Random.nextRandom());
authData.setIssuer(session.getAuthURL());
- authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar
- .getInstance(), useUTC));
+
+ authData.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar
+ .getInstance()));
//baseID or wbpk in case of BusinessService without SSO or BusinessService SSO
authData.setIdentificationValue(identityLink.getIdentificationValue());
@@ -2297,7 +2299,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
authData.setPublicAuthorityCode(verifyXMLSigResp
.getPublicAuthorityCode());
authData.setBkuURL(session.getBkuURL());
- authData.setUseUTC(oaParam.getUseUTC());
+// authData.setUseUTC(oaParam.getUseUTC());
try {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java
index 7528bc2e8..f3044e7e5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java
@@ -71,25 +71,25 @@ public class CertInfoVerifyXMLSignatureRequestBuilder extends Builder implements
* @return the XML structure
* @throws BuildException
*/
- public String build(boolean slVersion12) throws BuildException {
+ public String build() throws BuildException {
String sl10Prefix;
String sl11Prefix;
String slNsDeclaration;
- if (slVersion12) {
+// if (slVersion12) {
sl10Prefix = SL12_PREFIX;
sl11Prefix = SL12_PREFIX;
slNsDeclaration = "xmlns:" + SL12_PREFIX + "=\"" + SL12_NS_URI + "\"";
- } else {
-
- sl10Prefix = SL10_PREFIX;
- sl11Prefix = SL11_PREFIX;
- slNsDeclaration = "xmlns:" + sl11Prefix + "=\"" + SL11_NS_URI + "\" xmlns:" + sl10Prefix + "=\"" + SL10_NS_URI + "\"";
-
- }
+// } else {
+//
+// sl10Prefix = SL10_PREFIX;
+// sl11Prefix = SL11_PREFIX;
+// slNsDeclaration = "xmlns:" + sl11Prefix + "=\"" + SL11_NS_URI + "\" xmlns:" + sl10Prefix + "=\"" + SL10_NS_URI + "\"";
+//
+// }
String certInfoRequest = MessageFormat.format(CERTINFO_REQUEST, new Object[] {sl11Prefix, sl10Prefix, slNsDeclaration});
String resDsigSignature = "resources/xmldata/CertInfoDsigSignature.xml";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
index 23596abda..51c0c039a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
@@ -81,7 +81,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
* @param slVersion12 specifies whether the Security Layer version number is 1.2 or not
* @return String representation of <code>&lt;CreateXMLSignatureRequest&gt;</code>
*/
- public String build(String authBlock, String keyBoxIdentifier, List<String> dsigTransformInfos, boolean slVersion12) {
+ public String build(String authBlock, String keyBoxIdentifier, List<String> dsigTransformInfos) {
String sl10Prefix;
String sl11Prefix;
@@ -97,7 +97,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
// dsigTransformInfosString += dsigTransformInfos[i];
// }
- if (slVersion12) {
+// if (slVersion12) {
// replace the SecurityLayer namespace prefixes and URIs within the transforms
dsigTransformInfosString = StringUtils.changeSLVersion(dsigTransformInfosString,
@@ -107,13 +107,13 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
sl11Prefix = SL12_PREFIX;
slNsDeclaration = "xmlns:" + SL12_PREFIX + "='" + SL12_NS_URI + "'";
- } else {
-
- sl10Prefix = SL10_PREFIX;
- sl11Prefix = SL11_PREFIX;
- slNsDeclaration = "xmlns:" + sl10Prefix + "='" + SL10_NS_URI + "' xmlns:" + sl11Prefix + "='" + SL11_NS_URI + "'";
-
- }
+// } else {
+//
+// sl10Prefix = SL10_PREFIX;
+// sl11Prefix = SL11_PREFIX;
+// slNsDeclaration = "xmlns:" + sl10Prefix + "='" + SL10_NS_URI + "' xmlns:" + sl11Prefix + "='" + SL11_NS_URI + "'";
+//
+// }
String request = MessageFormat.format(
CREATE_XML_SIGNATURE_REQUEST, new Object[] { authBlock,
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
index b2acf9f2d..7edd9df9c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilder.java
@@ -57,18 +57,18 @@ public class InfoboxReadRequestBuilder implements Constants {
*
* @return <code>&lt;InfoboxReadRequest&gt;</code> as String
*/
- public String build(boolean slVersion12, boolean businessService, String identityLinkDomainIdentifier) {
+ public String build(boolean businessService, String identityLinkDomainIdentifier) {
String slPrefix;
String slNsDeclaration;
- if (slVersion12) {
+// if (slVersion12) {
slPrefix = SL12_PREFIX;
slNsDeclaration = SL12_NS_URI;
- } else {
- slPrefix = SL10_PREFIX;
- slNsDeclaration = SL10_NS_URI;
- }
+// } else {
+// slPrefix = SL10_PREFIX;
+// slNsDeclaration = SL10_NS_URI;
+// }
StringBuffer sb = new StringBuffer("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>");
sb.append("<");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
index ee5afa5dc..f90634ab4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
@@ -20,8 +20,6 @@ public class LoginFormBuilder {
private static final String HTMLTEMPLATESDIR = "htmlTemplates/";
private static final String HTMLTEMPLATEFULL = "loginFormFull.html";
- private static final String HTMLTEMPLATEIFRAME = "loginFormFull.html";
- //private static final String HTMLTEMPLATEIFRAME = "loginFormIFrame.html";
private static String AUTH_URL = "#AUTH_URL#";
private static String MODUL = "#MODUL#";
@@ -35,7 +33,7 @@ public class LoginFormBuilder {
private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate";
- private static String getTemplate(boolean isIFrame) {
+ private static String getTemplate() {
String template = null;
@@ -46,10 +44,8 @@ public class LoginFormBuilder {
String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir();
- if (isIFrame)
- pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEIFRAME;
- else
- pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL;
+
+ pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL;
try {
File file = new File(new URI(pathLocation));
@@ -59,10 +55,7 @@ public class LoginFormBuilder {
Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package.");
- if (isIFrame)
- pathLocation = "resources/templates/" + HTMLTEMPLATEIFRAME;
- else
- pathLocation = "resources/templates/" + HTMLTEMPLATEFULL;
+ pathLocation = "resources/templates/" + HTMLTEMPLATEFULL;
input = Thread.currentThread()
.getContextClassLoader()
@@ -86,8 +79,8 @@ public class LoginFormBuilder {
return template;
}
- public static String buildLoginForm(String modul, String action, String oaname, String contextpath, boolean isIFrame, String moaSessionID) {
- String value = getTemplate(isIFrame);
+ public static String buildLoginForm(String modul, String action, String oaname, String contextpath, String moaSessionID) {
+ String value = getTemplate();
if(value != null) {
if(modul == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
index 59cbbe25e..3f6a7d9d6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
@@ -20,8 +20,6 @@ public class SendAssertionFormBuilder {
private static final String HTMLTEMPLATESDIR = "htmlTemplates/";
private static final String HTMLTEMPLATEFULL = "sendAssertionFormFull.html";
- private static final String HTMLTEMPLATEIFRAME = "sendAssertionFormFull.html";
- //private static final String HTMLTEMPLATEIFRAME = "sendAssertionFormIFrame.html";
private static String URL = "#URL#";
private static String MODUL = "#MODUL#";
@@ -32,7 +30,7 @@ public class SendAssertionFormBuilder {
private static String SERVLET = CONTEXTPATH+"/SSOSendAssertionServlet";
- private static String getTemplate(boolean isIFrame) {
+ private static String getTemplate() {
String template = null;
@@ -42,10 +40,7 @@ public class SendAssertionFormBuilder {
String rootconfigdir = AuthConfigurationProvider.getInstance().getRootConfigFileDir();
- if (isIFrame)
- pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEIFRAME;
- else
- pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL;
+ pathLocation = rootconfigdir + HTMLTEMPLATESDIR + HTMLTEMPLATEFULL;
try {
File file = new File(new URI(pathLocation));
@@ -55,10 +50,7 @@ public class SendAssertionFormBuilder {
Logger.warn("No LoginFormTempaltes found. Use Generic Templates from package.");
- if (isIFrame)
- pathLocation = "resources/templates/" + HTMLTEMPLATEIFRAME;
- else
- pathLocation = "resources/templates/" + HTMLTEMPLATEFULL;
+ pathLocation = "resources/templates/" + HTMLTEMPLATEFULL;
input = Thread.currentThread()
.getContextClassLoader()
@@ -77,8 +69,8 @@ public class SendAssertionFormBuilder {
return template;
}
- public static String buildForm(String modul, String action, String id, String oaname, String contextpath, boolean isIFrame) {
- String value = getTemplate(isIFrame);
+ public static String buildForm(String modul, String action, String id, String oaname, String contextpath) {
+ String value = getTemplate();
if(value != null) {
if(modul == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
index e461197e2..b699de074 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetMISSessionIDServlet.java
@@ -181,7 +181,7 @@ public class GetMISSessionIDServlet extends AuthServlet {
MISMandate mandate = (MISMandate) list.get(0);
String sMandate = new String(mandate.getMandate());
- if (sMandate == null | sMandate.compareToIgnoreCase("") == 0) {
+ if (sMandate == null || sMandate.compareToIgnoreCase("") == 0) {
Logger.error("Mandate is empty.");
throw new AuthenticationException("auth.16",
new Object[] { GET_MIS_SESSIONID });
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
index c1715d6fc..7d76ce9d5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/OAParameter.java
@@ -52,6 +52,8 @@ public class OAParameter {
this.targetFriendlyName = oa.getTargetFriendlyName();
+ this.removePBKFromAuthblock = oa.isRemoveBPKFromAuthBlock();
+
}
/**
@@ -84,7 +86,7 @@ public class OAParameter {
*/
private String targetFriendlyName;
-
+ private boolean removePBKFromAuthblock;
public String getOaType() {
return oaType;
@@ -104,6 +106,9 @@ public class OAParameter {
public String getTargetFriendlyName() {
return targetFriendlyName;
}
-
+
+ public boolean isRemovePBKFromAuthBlock() {
+ return removePBKFromAuthblock;
+ }
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index c62594d6f..99d15a612 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -94,27 +94,31 @@ public class OAAuthParameter extends OAParameter {
/**
* @return the slVersion
*/
-public String getSlVersion() {
- return oa_auth.getSlVersion();
-}
-
-/**
- * @return the slVersion12
- */
-public boolean isSlVersion12() {
- if ("1.2".equals(oa_auth.getSlVersion()))
- return true;
- else
- return false;
- }
-
-public boolean getUseUTC() {
- return oa_auth.isUseUTC();
-}
+//public String getSlVersion() {
+// return oa_auth.getSlVersion();
+//}
+//
+///**
+// * @return the slVersion12
+// */
+//public boolean isSlVersion12() {
+//
+// // set SLVersion to 1.2 per default
+// return true;
+//
+//// if ("1.2".equals(oa_auth.getSlVersion()))
+//// return true;
+//// else
+//// return false;
+//}
-public boolean useIFrame() {
- return oa_auth.isUseIFrame();
-}
+//public boolean getUseUTC() {
+// return oa_auth.isUseUTC();
+//}
+//
+//public boolean useIFrame() {
+// return oa_auth.isUseIFrame();
+//}
/**
* @return the identityLinkDomainIdentifier
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 96d0bd2ed..10729e981 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -411,9 +411,9 @@ public class BuildFromLegacyConfig {
moa_oa.setAuthComponentOA(oa_auth);
//SLLayer Version / useIframe
- oa_auth.setSlVersion(oa.getSlVersion());
- oa_auth.setUseIFrame(false);
- oa_auth.setUseUTC(oa.getUseUTC());
+// oa_auth.setSlVersion(oa.getSlVersion());
+// oa_auth.setUseIFrame(false);
+// oa_auth.setUseUTC(oa.getUseUTC());
//BKUURLs
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
index e18981032..aa95bc38c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
@@ -124,7 +124,7 @@ public class AuthenticationData implements Serializable {
private String samlAssertion;
/** useUTC */
- private boolean useUTC;
+// private boolean useUTC;
/**
* creation timestamp
*/
@@ -186,13 +186,13 @@ public class AuthenticationData implements Serializable {
return bPK;
}
- /**
- * Returns useUTC
- * @return useUTC
- */
- public boolean getUseUTC() {
- return useUTC;
- }
+// /**
+// * Returns useUTC
+// * @return useUTC
+// */
+// public boolean getUseUTC() {
+// return useUTC;
+// }
/**
* Sets the minorVersion.
@@ -242,9 +242,9 @@ public class AuthenticationData implements Serializable {
// this.wbPK = wbPK;
// }
- public void setUseUTC(boolean useUTC) {
- this.useUTC = useUTC;
- }
+// public void setUseUTC(boolean useUTC) {
+// this.useUTC = useUTC;
+// }
/**
* Returns the assertionID.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 7dba67174..f2352e11e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -284,7 +284,7 @@ public class AuthenticationManager extends AuthServlet {
String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(),
- target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), oaParam.useIFrame(), moasession.getSessionID());
+ target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), moasession.getSessionID());
//store MOASession
try {
@@ -310,7 +310,7 @@ public class AuthenticationManager extends AuthServlet {
throws ServletException, IOException, MOAIDException {
String form = SendAssertionFormBuilder.buildForm(target.requestedModule(),
- target.requestedAction(), target.getRequestID(), oaParam.getFriendlyName(), request.getContextPath(), oaParam.useIFrame());
+ target.requestedAction(), target.getRequestID(), oaParam.getFriendlyName(), request.getContextPath());
response.setContentType("text/html;charset=UTF-8");
PrintWriter out = new PrintWriter(response.getOutputStream());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
index 2748d74a6..9403cb205 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAttributeBuilder.java
@@ -12,10 +12,15 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.BPKAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.BirthdateAttributeBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDAuthBlock;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDCcsURL;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDCitizenQAALevelAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDIdentityLinkBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDIssuingNationAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDSectorForIDAttributeBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDSignerCertificate;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDSourcePIN;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDSourcePINType;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.GivenNameAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.IAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.MandateFullMandateAttributeBuilder;
@@ -56,6 +61,11 @@ public class PVPAttributeBuilder {
addBuilder(new EIDIssuingNationAttributeBuilder());
addBuilder(new EIDSectorForIDAttributeBuilder());
addBuilder(new EIDIdentityLinkBuilder());
+ addBuilder(new EIDAuthBlock());
+ addBuilder(new EIDCcsURL());
+ addBuilder(new EIDSignerCertificate());
+ addBuilder(new EIDSourcePIN());
+ addBuilder(new EIDSourcePINType());
// Mandate Attributes
addBuilder(new MandateTypeAttributeBuilder());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
index 17fc52a8c..a02959e39 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/assertion/PVP2AssertionBuilder.java
@@ -307,7 +307,10 @@ public class PVP2AssertionBuilder implements PVPConstants {
audience.setAudienceURI(peerEntity.getEntityID());
audienceRestriction.getAudiences().add(audience);
conditions.setNotBefore(new DateTime());
+
conditions.setNotOnOrAfter(new DateTime().plusMinutes(20));
+// conditions.setNotOnOrAfter(new DateTime());
+
conditions.getAudienceRestrictions().add(audienceRestriction);
assertion.setConditions(conditions);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java
new file mode 100644
index 000000000..16d05842a
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDAuthBlock.java
@@ -0,0 +1,45 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
+
+import iaik.util.logging.Log;
+
+import java.io.IOException;
+
+import org.opensaml.saml2.core.Attribute;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.UnprovideableAttributeException;
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class EIDAuthBlock extends BaseAttributeBuilder {
+
+ public String getName() {
+ return EID_AUTH_BLOCK_NAME;
+ }
+
+ public Attribute build(AuthenticationSession authSession,
+ OAAuthParameter oaParam, AuthenticationData authData)
+ throws PVP2Exception {
+
+ try {
+ String authblock = authSession.getAuthBlock();
+ if (MiscUtil.isNotEmpty(authblock)) {
+ return buildStringAttribute(EID_AUTH_BLOCK_FRIENDLY_NAME,
+ EID_AUTH_BLOCK_NAME, Base64Utils.encode(authblock.getBytes()));
+ }
+
+ } catch (IOException e) {
+ Log.info("Encode AuthBlock BASE64 failed.");
+ }
+ throw new UnprovideableAttributeException(EID_AUTH_BLOCK_NAME);
+
+ }
+
+ public Attribute buildEmpty() {
+ return buildemptyAttribute(EID_AUTH_BLOCK_FRIENDLY_NAME, EID_AUTH_BLOCK_NAME);
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDCcsURL.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDCcsURL.java
new file mode 100644
index 000000000..0d96d4817
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDCcsURL.java
@@ -0,0 +1,33 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
+
+import org.opensaml.saml2.core.Attribute;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.UnprovideableAttributeException;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class EIDCcsURL extends BaseAttributeBuilder{
+
+ public String getName() {
+ return EID_CCS_URL_NAME;
+ }
+
+ public Attribute build(AuthenticationSession authSession,
+ OAAuthParameter oaParam, AuthenticationData authData)
+ throws PVP2Exception {
+
+ String bkuurl = authSession.getBkuURL();
+ if (MiscUtil.isNotEmpty(bkuurl))
+ return buildStringAttribute(EID_CCS_URL_FRIENDLY_NAME, EID_CCS_URL_NAME, bkuurl);
+ else
+ throw new UnprovideableAttributeException(EID_CCS_URL_NAME);
+ }
+
+ public Attribute buildEmpty() {
+ return buildemptyAttribute(EID_CCS_URL_FRIENDLY_NAME, EID_CCS_URL_NAME);
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSignerCertificate.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSignerCertificate.java
new file mode 100644
index 000000000..f5cb51228
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSignerCertificate.java
@@ -0,0 +1,45 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
+
+import iaik.util.logging.Log;
+
+import java.io.IOException;
+
+import org.opensaml.saml2.core.Attribute;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.UnprovideableAttributeException;
+import at.gv.egovernment.moa.util.Base64Utils;
+
+public class EIDSignerCertificate extends BaseAttributeBuilder {
+
+ public String getName() {
+ return EID_SIGNER_CERTIFICATE_NAME;
+ }
+
+ public Attribute build(AuthenticationSession authSession,
+ OAAuthParameter oaParam, AuthenticationData authData)
+ throws PVP2Exception {
+
+ try {
+ byte[] signerCertificate = authSession.getEncodedSignerCertificate();
+ if (signerCertificate != null) {
+ return buildStringAttribute(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, EID_SIGNER_CERTIFICATE_NAME, Base64Utils
+ .encode(signerCertificate));
+ }
+
+ }catch (IOException e) {
+ Log.info("Signer certificate BASE64 encoding error");
+ }
+
+ throw new UnprovideableAttributeException(EID_SIGNER_CERTIFICATE_NAME);
+
+ }
+
+ public Attribute buildEmpty() {
+ return buildemptyAttribute(EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, EID_SIGNER_CERTIFICATE_NAME);
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePIN.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePIN.java
new file mode 100644
index 000000000..d21d264f6
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePIN.java
@@ -0,0 +1,33 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
+
+import org.opensaml.saml2.core.Attribute;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.UnprovideableAttributeException;
+
+public class EIDSourcePIN extends BaseAttributeBuilder {
+
+ public String getName() {
+ return EID_SOURCE_PIN_NAME;
+ }
+
+ public Attribute build(AuthenticationSession authSession,
+ OAAuthParameter oaParam, AuthenticationData authData)
+ throws PVP2Exception {
+
+ if (oaParam.getBusinessService())
+ throw new UnprovideableAttributeException(EID_SOURCE_PIN_NAME);
+
+ else {
+ return buildStringAttribute(EID_SOURCE_PIN_FRIENDLY_NAME, EID_SOURCE_PIN_NAME, authData.getIdentificationValue());
+ }
+ }
+
+ public Attribute buildEmpty() {
+ return buildemptyAttribute(EID_SOURCE_PIN_FRIENDLY_NAME, EID_SOURCE_PIN_NAME);
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePINType.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePINType.java
new file mode 100644
index 000000000..9bc9716cf
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/EIDSourcePINType.java
@@ -0,0 +1,33 @@
+package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
+
+import org.opensaml.saml2.core.Attribute;
+
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.UnprovideableAttributeException;
+
+public class EIDSourcePINType extends BaseAttributeBuilder {
+
+ public String getName() {
+ return EID_SOURCE_PIN_TYPE_NAME;
+ }
+
+ public Attribute build(AuthenticationSession authSession,
+ OAAuthParameter oaParam, AuthenticationData authData)
+ throws PVP2Exception {
+
+ if (oaParam.getBusinessService())
+ throw new UnprovideableAttributeException(EID_SOURCE_PIN_TYPE_NAME);
+
+ else {
+ return buildStringAttribute(EID_SOURCE_PIN_TYPE_FRIENDLY_NAME, EID_SOURCE_PIN_TYPE_NAME, authData.getIdentificationType());
+ }
+ }
+
+ public Attribute buildEmpty() {
+ return buildemptyAttribute(EID_SOURCE_PIN_TYPE_FRIENDLY_NAME, EID_SOURCE_PIN_TYPE_NAME);
+ }
+
+}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
index 0786f896a..ebe597ed2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/PVPConfiguration.java
@@ -98,7 +98,8 @@ public class PVPConfiguration {
String publicPath = generalpvpconfigdb.getPublicURLPrefix();
if(publicPath != null) {
if(publicPath.endsWith("/")) {
- publicPath = publicPath.substring(0, publicPath.length()-2);
+ int length = publicPath.length();
+ publicPath = publicPath.substring(0, length-1);
}
}
return publicPath;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index 99567478d..a92ac8e7f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -1,20 +1,15 @@
package at.gv.egovernment.moa.id.protocols.pvp2x.metadata;
-import java.io.File;
import java.security.cert.CertificateException;
import java.util.Iterator;
import java.util.List;
-import java.util.Timer;
import javax.xml.namespace.QName;
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.protocol.Protocol;
import org.opensaml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml2.metadata.RoleDescriptor;
import org.opensaml.saml2.metadata.provider.ChainingMetadataProvider;
-import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
import org.opensaml.saml2.metadata.provider.MetadataFilter;
import org.opensaml.saml2.metadata.provider.MetadataProvider;
@@ -22,15 +17,12 @@ import org.opensaml.saml2.metadata.provider.MetadataProviderException;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.parse.BasicParserPool;
-import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWSecureSocketFactory;
import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
-import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.protocols.pvp2x.verification.MetadataSignatureFilter;
-import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
public class MOAMetadataProvider implements MetadataProvider {
@@ -62,7 +54,8 @@ public class MOAMetadataProvider implements MetadataProvider {
OnlineApplication oa = oaIt.next();
Logger.info("Loading metadata for: " + oa.getFriendlyName());
OAPVP2 pvp2Config = oa.getAuthComponentOA().getOAPVP2();
- if (pvp2Config != null) {
+ if (pvp2Config != null && MiscUtil.isNotEmpty(pvp2Config.getMetadataURL())) {
+// if (pvp2Config != null) {
String metadataURL = pvp2Config.getMetadataURL();
try {
// TODO: use proper SSL checking
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/MetadataSignatureFilter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/MetadataSignatureFilter.java
index 36dc2442c..fb1f08132 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/MetadataSignatureFilter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/MetadataSignatureFilter.java
@@ -49,6 +49,8 @@ public class MetadataSignatureFilter implements MetadataFilter {
Iterator<EntityDescriptor> entIT = desc.getEntityDescriptors().iterator();
+
+ //TODO: check this!!!!
while(entID.hasNext()) {
processEntityDescriptorr(entIT.next());
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
index 1fbcb9a46..9fade4864 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
@@ -119,7 +119,7 @@ public class GetAuthenticationDataService implements Constants {
AuthenticationData authData = saml1server.getSaml1AuthenticationData(samlArtifact);
- useUTC = authData.getUseUTC();
+// useUTC = authData.getUseUTC();
// success
samlAssertion = authData.getSamlAssertion();
@@ -170,7 +170,7 @@ public class GetAuthenticationDataService implements Constants {
try {
String responseID = Random.nextRandom();
- String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance(), useUTC);
+ String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar.getInstance());
if (statusMessage == null)
statusMessage = MOAIDMessageProvider.getInstance().getMessage(statusMessageCode, null);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java
index 2493f42b8..6f601334b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilder.java
@@ -63,7 +63,7 @@ public class SAMLRequestBuilder implements Constants {
*/
public Element build(String requestID, String samlArtifactBase64) throws BuildException {
try {
- String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance(), true);
+ String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar.getInstance());
String request = MessageFormat.format(REQUEST, new Object[] {requestID, issueInstant, samlArtifactBase64});
Element requestElem = DOMUtils.parseDocument(request, false, ALL_SCHEMA_LOCATIONS, null).getDocumentElement();
return requestElem;
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
index 2887454ec..f8c5b565f 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
@@ -73,9 +73,9 @@ public class GetIdentityLinkFormBuilderTest extends TestCase {
"http://localhost:3495/http-security-layer-request";
public void testBuild() throws Exception {
- String xmlRequest = new InfoboxReadRequestBuilder().build(false, false, null);
+ String xmlRequest = new InfoboxReadRequestBuilder().build(false, null);
String dataURL = "https://1.2.3.4/auth/VerifyIdentityLink?MOASessionID=1234567";
- String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(false);
+ String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build();
String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/";
String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL, null);
String formShould = MessageFormat.format(
@@ -83,9 +83,9 @@ public class GetIdentityLinkFormBuilderTest extends TestCase {
assertEquals(formShould, form);
}
public void testBuildCustomBKU() throws Exception {
- String xmlRequest = new InfoboxReadRequestBuilder().build(false, false, null);
+ String xmlRequest = new InfoboxReadRequestBuilder().build(false, null);
String dataURL = "https://1.2.3.4/auth/AuthServlet/StartAuthentication?MOASessionID=1234567";
- String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build(false);
+ String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build();
String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/";
String bkuURL = "http://bku.at/";
String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL, null);
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java
index 968055384..07bed3492 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java
@@ -43,7 +43,7 @@ public class InfoboxReadRequestBuilderTest extends UnitTestCase implements Const
public void testBuild() throws Exception {
InfoboxReadRequestBuilder builder = new InfoboxReadRequestBuilder();
- String xmlBuilt = builder.build(false, false, null);
+ String xmlBuilt = builder.build(false, null);
Document docBuilt = DOMUtils.parseDocument(xmlBuilt, false, ALL_SCHEMA_LOCATIONS, null);
String xmlBuiltSerialized = DOMUtils.serializeNode(docBuilt);
// xmlShould was generated by Hot:Sign Tester