aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-04-18 12:48:33 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-04-18 12:48:33 +0200
commit7ae642ec1857d0c796ba21ffcd6b5466285c92af (patch)
treed61c207651989e8cb2033a9a542c30cfff82a7c1 /id/server/idserverlib
parenta184de09bda4327441c214aa84d77e57500b28ca (diff)
downloadmoa-id-spss-7ae642ec1857d0c796ba21ffcd6b5466285c92af.tar.gz
moa-id-spss-7ae642ec1857d0c796ba21ffcd6b5466285c92af.tar.bz2
moa-id-spss-7ae642ec1857d0c796ba21ffcd6b5466285c92af.zip
create methodes to parse interfederated assertions into authData
Diffstat (limited to 'id/server/idserverlib')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java49
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java20
2 files changed, 63 insertions, 6 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index 00528f7a1..1e0089a53 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -38,6 +38,8 @@ import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.AuthenticationData;
import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;
+import at.gv.egovernment.moa.id.protocols.pvp2x.utils.AssertionAttributeExtractor;
import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData;
import at.gv.egovernment.moa.id.protocols.saml1.SAML1RequestImpl;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
@@ -72,12 +74,6 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
.getOnlineApplicationParameter(oaID);
-
-
- /* TODO: Support Mandate MODE!
- * Insert functionality to translate mandates in case of SSO
- */
-
AuthenticationData authdata = null;
if (protocolRequest instanceof SAML1RequestImpl) {
@@ -95,6 +91,7 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
if (protocolRequest.getInterfederationResponse() != null) {
//get attributes from interfederated IDP
+ buildAuthDataFromInterfederationResponse(authdata, session, oaParam, protocolRequest);
} else {
@@ -106,6 +103,40 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
return authdata;
}
+ /**
+ * @param authdata
+ * @param session
+ * @param oaParam
+ */
+ private static void buildAuthDataFromInterfederationResponse(
+ AuthenticationData authdata, AuthenticationSession session,
+ OAAuthParameter oaParam, IRequest req) {
+
+ try {
+ AssertionAttributeExtractor extract =
+ new AssertionAttributeExtractor(req.getInterfederationResponse().getResponse());
+
+ if (oaParam.isInderfederationIDP()) {
+ //only set minimal response attributes
+ authdata.setQAALevel(extract.getQAALevel());
+ authdata.setBPK(extract.getNameID());
+
+ } else {
+ //IDP response to service provider
+ // --> collect attributes by using BackChannel communication
+
+ //TODO: get protocol specific requested attributes
+
+
+
+ }
+
+ } catch (AssertionAttributeExtractorExeption e) {
+ Logger.error("Build authData from interfederated PVP2.1 assertion FAILED.", e);
+
+ }
+ }
+
private static void buildAuthDataFormMOASession(AuthenticationData authData, AuthenticationSession session,
OAAuthParameter oaParam) throws BuildException {
@@ -147,6 +178,12 @@ public class AuthenticationDataBuilder implements MOAIDAuthConstants {
authData.setSsoSession(AuthenticationSessionStoreage.isSSOSession(session.getSessionID()));
+
+ /* TODO: Support SSO Mandate MODE!
+ * Insert functionality to translate mandates in case of SSO
+ */
+
+
MISMandate mandate = session.getMISMandate();
authData.setMISMandate(mandate);
authData.setUseMandate(session.getUseMandate());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
index 69167c75d..e18d9786d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AuthenticationSessionStoreage.java
@@ -154,6 +154,26 @@ public class AuthenticationSessionStoreage {
return id;
}
+ public static void setInterfederationAttributCollectorUsed(AuthenticationSession session, String idpID) throws MOADatabaseException {
+ AuthenticatedSessionStore dbsession = searchInDatabase(session.getSessionID());
+ List<InterfederationSessionStore> idpList = dbsession.getInderfederation();
+ for (InterfederationSessionStore idp : idpList) {
+ if (idp.getIdpurlprefix().endsWith(idpID))
+ idp.setAttributesRequested(true);
+ }
+
+ //store AssertionStore element to Database
+ try {
+ MOASessionDBUtils.saveOrUpdate(dbsession);
+ Logger.info("MOASession with sessionID=" + session.getSessionID()
+ + " is stored in Database");
+
+ } catch (MOADatabaseException e) {
+ Logger.warn("MOASession could not stored.",e);
+ throw e;
+ }
+ }
+
public static void storeSession(AuthenticationSession session) throws MOADatabaseException, BuildException {