AuthData Generierung von VerifyAuthBlock nach GenerateSAMLArtifact verschoben.

Die daraus erforderlichen PVP2 Änderungen sind zu prüfen!!!!
author: Thomas Lenz <tlenz@iaik.tugraz.at> 2013-07-08 09:29:16 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2013-07-08 09:29:16 +0200
commit: 206f283585a28009bb8276f78e7ea1d95298fd8c (patch)
tree: 44de251b31d98cd6fe8d15a46207cf66d2aa996f /id/server/idserverlib
parent: cdbfcdbdf4b0a55071f1aad9e514a5024563ddea (diff)
download: moa-id-spss-206f283585a28009bb8276f78e7ea1d95298fd8c.tar.gz
moa-id-spss-206f283585a28009bb8276f78e7ea1d95298fd8c.tar.bz2
moa-id-spss-206f283585a28009bb8276f78e7ea1d95298fd8c.zip
13 files changed, 194 insertions, 147 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 14bb53eb7..1d71fd228 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -115,6 +115,7 @@ import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters;
 import at.gv.egovernment.moa.id.config.stork.CPEPS;
 import at.gv.egovernment.moa.id.config.stork.STORKConfig;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
+import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
@@ -2406,17 +2407,20 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 *             while building the <code>&lt;saml:Assertion&gt;</code>
 	 */
 	public static AuthenticationData buildAuthenticationData(
-			AuthenticationSession session,
-			VerifyXMLSignatureResponse verifyXMLSigResp, boolean useUTC, boolean isForeigner)
+			AuthenticationSession session, OAAuthParameter oaParam, String target)
 			throws ConfigurationException, BuildException {
 
 		IdentityLink identityLink = session.getIdentityLink();
 		AuthenticationData authData = new AuthenticationData();
 		
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
+//		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+//				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
 		
+		VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse();
+		boolean useUTC = oaParam.getUseUTC();
+		boolean isForeigner = session.isForeigner();		
 		boolean businessService = oaParam.getBusinessService();
+		
 		authData.setMajorVersion(1);
 		authData.setMinorVersion(0);
 		authData.setAssertionID(Random.nextRandom());
@@ -2473,7 +2477,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 					 // only compute bPK if online application is a public service and we have the Stammzahl
 					if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
 						String bpkBase64 = new BPKBuilder().buildBPK(
-								identityLink.getIdentificationValue(), session.getTarget());
+								identityLink.getIdentificationValue(), target);
 						authData.setBPK(bpkBase64); 
 					 }
 				}
@@ -2482,7 +2486,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 				if (businessService) {
 					//since we have foreigner, wbPK is not calculated in BKU
 					if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { 						 
-						 String wbpkBase64 = new BPKBuilder().buildWBPK(identityLink.getIdentificationValue(), session.getDomainIdentifier());
+						 String wbpkBase64 = new BPKBuilder().buildWBPK(identityLink.getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier());
 						 authData.setWBPK(wbpkBase64); 
 					 }										
 					
@@ -2490,7 +2494,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 					
 					 if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { 
 						 // only compute bPK if online application is a public service and we have the Stammzahl
-						 String bpkBase64 = new BPKBuilder().buildBPK(identityLink.getIdentificationValue(), session.getTarget());
+						 String bpkBase64 = new BPKBuilder().buildBPK(identityLink.getIdentificationValue(), target);
 						 authData.setBPK(bpkBase64); 
 					 }
 					
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index 897933ea0..fb45e517d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -265,8 +265,8 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
     
     
     //TODO: load special text from OAconfig 
-    String text = "Hiermit bestätige ich, #NAME#, die Übernahme sämtlicher eingelangter Zustellstücke zum #DATE# um #TIME#.";
-    //String text = "";
+    //String text = "Hiermit bestätige ich, #NAME#, die Übernahme sämtlicher eingelangter Zustellstücke zum #DATE# um #TIME#.";
+    String text = "";
     
     
    	String specialText =  MessageFormat.format(SPECIAL_TEXT_ATTRIBUTE, 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index fa9789530..de86a4f05 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -27,6 +27,8 @@ package at.gv.egovernment.moa.id.auth.builder;
 import java.security.MessageDigest;
 
 import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.Constants;
 
@@ -89,6 +91,16 @@ public class BPKBuilder {
           new Object[] {"wbPK", "Unvollständige Parameterangaben: identificationValue=" + 
                         identificationValue + ",Register+Registernummer=" + registerAndOrdNr});
     }
+    
+	if (registerAndOrdNr.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) {
+		// If domainIdentifier starts with prefix
+		// "urn:publicid:gv.at:wbpk+"; remove this prefix
+		registerAndOrdNr = registerAndOrdNr
+				.substring(AuthenticationSession.REGISTERANDORDNR_PREFIX_.length());
+		Logger.debug("Register and ordernumber prefix stripped off; resulting register string: "
+				+ registerAndOrdNr);
+	} 
+    
     String basisbegriff = identificationValue + "+" + Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr;
     try {
       MessageDigest md = MessageDigest.getInstance("SHA-1");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index 2e07a39a7..63ad62662 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -105,8 +105,9 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{
 			    	// no target attribut is given in OA config
 			    	// target is used from request
 			    	// check parameter
-		 	if (!ParamValidatorUtils.isValidTarget(target))
-			   		throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12");			    			   
+				if (!ParamValidatorUtils.isValidTarget(target))
+			   		throw new WrongParametersException("StartAuthentication", PARAM_TARGET, "auth.12");
+				
 			} else {
 			    	// use target from config			    	
 			    	target = targetConfig;
@@ -223,7 +224,7 @@ public class StartAuthentificationParameterParser implements MOAIDAuthConstants{
 	    target = request.getTarget();
 	    
 	    parse(moasession, target, sourceID, oaURL, bkuURL, templateURL, useMandate, ccc, modul, action, req);
-
+	    
 	}
 	
 	/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index 93bc0d214..e77dd30d0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -243,8 +243,8 @@ public class CreateXMLSignatureResponseValidator {
       String samlSpecialText = (String)samlAttribute.getValue();
       
       //TODO:load Text from OA config
-      String text = "Hiermit bestätige ich, #NAME#, die Übernahme sämtlicher eingelangter Zustellstücke zum #DATE# um #TIME#.";
-      //String text = "";
+      //String text = "Hiermit bestätige ich, #NAME#, die Übernahme sämtlicher eingelangter Zustellstücke zum #DATE# um #TIME#.";
+      String text = "";
       
       String specialText = AuthenticationBlockAssertionBuilder.generateSpecialText(text, issuer, issueInstant);
       if (!samlSpecialText.equals(specialText)) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 5342cd0d3..abfb4a1c0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -256,6 +256,7 @@ public class DispatcherServlet extends AuthServlet {
 				
 				RequestStorage.removePendingRequest(httpSession);
 
+				
 				authmanager.logout(req, resp);
 				
 			} catch (Throwable e) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
index 91b88acb9..f63b0049f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IRequest.java
@@ -10,4 +10,6 @@ public interface IRequest {
 	public void setModule(String module);
 	public void setAction(String action);
 	public String getTarget();
+	
+	//public void setTarget();
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java
index 18f981243..a2f46694f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/CitizenTokenBuilder.java
@@ -110,16 +110,13 @@ public class CitizenTokenBuilder {
 		//TL: AuthData generation is moved out from VerifyAuthBlockServlet
 		try {
 
+			//TODO: LOAD oaParam from request and not from MOASession in case of SSO
 			OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-				.getOnlineApplicationParameter(authSession.getPublicOAURLPrefix());
-			boolean useUTC = oaParam.getUseUTC();
+					.getOnlineApplicationParameter(authSession.getPublicOAURLPrefix());
 		
-			AuthenticationData authData;
-
-			authData = AuthenticationServer.buildAuthenticationData(authSession, 
-					authSession.getXMLVerifySignatureResponse(), 
-					useUTC, 
-					authSession.isForeigner());
+			AuthenticationData authData = AuthenticationServer.buildAuthenticationData(authSession,
+					oaParam,
+					authSession.getTarget());
 			
 			Attribute pvpVersion = buildPVPVersion("2.1");
 			Attribute secClass = buildSecClass(3);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index 6b35d7640..86e941db7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -102,14 +102,14 @@ public class AuthnRequestHandler implements IRequestHandler {
 
 		
 		//TL: AuthData generation is moved to Assertion generation.  
+
+		//TODO: LOAD oaParam from request and not from MOASession in case of SSO
 		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
 				.getOnlineApplicationParameter(authSession.getPublicOAURLPrefix());
-		boolean useUTC = oaParam.getUseUTC();
 	
-		AuthenticationData authData = AuthenticationServer.buildAuthenticationData(authSession, 
-				authSession.getXMLVerifySignatureResponse(), 
-				useUTC, 
-				authSession.isForeigner());
+		AuthenticationData authData = AuthenticationServer.buildAuthenticationData(authSession,
+				oaParam,
+				authSession.getTarget());
 	
 		//TL: getIdentificationValue holds the baseID  --> change to pBK
 		//subjectNameID.setValue(authData.getIdentificationValue());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index de87ebc50..3634c9983 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -13,6 +13,9 @@ import at.gv.egovernment.moa.id.BuildException;
 import at.gv.egovernment.moa.id.auth.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
@@ -29,27 +32,48 @@ public class GetArtifactAction implements IAction {
 		AuthenticationManager authmanager = AuthenticationManager.getInstance();
 		AuthenticationSession session = authmanager.getAuthenticationSession(httpSession);
 
-		String oaURL = (String) httpReq.getAttribute(PARAM_OA);
-		oaURL = StringEscapeUtils.escapeHtml(oaURL);
 
+//		String oaURL = (String) httpReq.getAttribute(PARAM_OA);
+//		oaURL = StringEscapeUtils.escapeHtml(oaURL);
+		String oaURL = (String) req.getOAURL();
+		String target = (String) req.getTarget();
+		
 		try {
-
-			// check parameter
-			if (!ParamValidatorUtils.isValidOA(oaURL))
+		
+			
+			if (oaURL == null) {
 				throw new WrongParametersException("StartAuthentication",
 						PARAM_OA, "auth.12");
-
-			if (oaURL == null) {
-				oaURL = session.getOAURLRequested();
 			}
-
-			if (oaURL == null) {
+			
+			// check parameter
+			if (!ParamValidatorUtils.isValidOA(oaURL))
 				throw new WrongParametersException("StartAuthentication",
 						PARAM_OA, "auth.12");
-			}
-
+	
+
+			//			if (oaURL == null) {
+//				oaURL = session.getOAURLRequested();
+//			}
+	
+
+			// TODO: Support Mandate MODE!
+			OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+				.getOnlineApplicationParameter(oaURL);
+		
+			// builds authentication data and stores it together with a SAML
+			// artifact
+		
+			//TODO: check, if this is correct!!!!
+			//AuthenticationData authData = buildAuthenticationData(session, session.getXMLVerifySignatureResponse(),
+			//		useUTC, false);
+		
+			AuthenticationData authData = SAML1AuthenticationServer.buildAuthenticationData(session, 
+					oaParam,
+					target);
+			
 			String samlArtifactBase64 = SAML1AuthenticationServer
-					.BuildSAMLArtifact(session);
+					.BuildSAMLArtifact(session, oaParam, authData);
 
 			String redirectURL = oaURL;
 			session.getOAURLRequested();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactServlet.java
index 7f7d82a20..3a2f4ee9f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactServlet.java
@@ -1,5 +1,7 @@
 package at.gv.egovernment.moa.id.protocols.saml1;
 
+import iaik.util.logging.Log;
+
 import java.io.IOException;
 
 import javax.servlet.ServletException;
@@ -37,90 +39,95 @@ public class GetArtifactServlet extends AuthServlet {
 	@Override
 	protected void doGet(HttpServletRequest req, HttpServletResponse resp)
 			throws ServletException, IOException {
-		HttpSession httpSession = req.getSession();
-
-		AuthenticationManager authmanager = AuthenticationManager.getInstance();
-		AuthenticationSession session = authmanager.getAuthenticationSession(httpSession);
-
-		String oaURL = (String) req.getAttribute(PARAM_OA);
-		oaURL = StringEscapeUtils.escapeHtml(oaURL);
-
-		String target = (String) req.getAttribute(PARAM_TARGET);
-		target = StringEscapeUtils.escapeHtml(target);
 		
-		try {
-
-			// check parameter
-			if (!ParamValidatorUtils.isValidOA(oaURL))
-				throw new WrongParametersException("StartAuthentication",
-						PARAM_OA, "auth.12");
-
-			if (oaURL == null) {
-				oaURL = session.getOAURLRequested();
-			}
-
-			if (oaURL == null) {
-				throw new WrongParametersException("StartAuthentication",
-						PARAM_OA, "auth.12");
-			}
-
-			String samlArtifactBase64 = SAML1AuthenticationServer
-					.BuildSAMLArtifact(session);
-
-			String redirectURL = oaURL;
-			session.getOAURLRequested();
-			if (!session.getBusinessService()) {
-				redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
-						URLEncoder.encode(session.getTarget(), "UTF-8"));
-
-			}
-			redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT,
-					URLEncoder.encode(samlArtifactBase64, "UTF-8"));
-			redirectURL = resp.encodeRedirectURL(redirectURL);
-
-			resp.setContentType("text/html");
-			resp.setStatus(302);
-
-			resp.addHeader("Location", redirectURL);
-			Logger.debug("REDIRECT TO: " + redirectURL);
-
-			// CONFIRMATION FOR SSO!
-			/*
-			 * OAAuthParameter oaParam =
-			 * AuthConfigurationProvider.getInstance().
-			 * getOnlineApplicationParameter(oaURL);
-			 * 
-			 * String friendlyName = oaParam.getFriendlyName(); if(friendlyName
-			 * == null) { friendlyName = oaURL; }
-			 * 
-			 * 
-			 * LoginConfirmationBuilder builder = new
-			 * LoginConfirmationBuilder();
-			 * builder.addParameter(PARAM_SAMLARTIFACT, samlArtifactBase64);
-			 * String form = builder.finish(oaURL, session.getIdentityLink()
-			 * .getName(), friendlyName);
-			 */
-
-			/*
-			resp.setContentType("text/html");
-
-			OutputStream out = resp.getOutputStream();
-			out.write(form.getBytes("UTF-8"));
-			out.flush();
-			out.close();*/
-
-		} catch (WrongParametersException ex) {
-			handleWrongParameters(ex, req, resp);
-		} catch (ConfigurationException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (BuildException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		} catch (AuthenticationException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		}
+		Log.err("Sollte nicht mehr verwendet werden!!!!");
+		throw new ServletException("The Servlet Class + " + GetArtifactServlet.class 
+				+ " is out of date!!!");
+		
+//		HttpSession httpSession = req.getSession();
+//
+//		AuthenticationManager authmanager = AuthenticationManager.getInstance();
+//		AuthenticationSession session = authmanager.getAuthenticationSession(httpSession);
+//
+//		String oaURL = (String) req.getAttribute(PARAM_OA);
+//		oaURL = StringEscapeUtils.escapeHtml(oaURL);
+//
+//		String target = (String) req.getAttribute(PARAM_TARGET);
+//		target = StringEscapeUtils.escapeHtml(target);
+//		
+//		try {
+//
+//			// check parameter
+//			if (!ParamValidatorUtils.isValidOA(oaURL))
+//				throw new WrongParametersException("StartAuthentication",
+//						PARAM_OA, "auth.12");
+//
+//			if (oaURL == null) {
+//				oaURL = session.getOAURLRequested();
+//			}
+//
+//			if (oaURL == null) {
+//				throw new WrongParametersException("StartAuthentication",
+//						PARAM_OA, "auth.12");
+//			}
+//
+//			String samlArtifactBase64 = SAML1AuthenticationServer
+//					.BuildSAMLArtifact(session);
+//
+//			String redirectURL = oaURL;
+//			session.getOAURLRequested();
+//			if (!session.getBusinessService()) {
+//				redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
+//						URLEncoder.encode(session.getTarget(), "UTF-8"));
+//
+//			}
+//			redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT,
+//					URLEncoder.encode(samlArtifactBase64, "UTF-8"));
+//			redirectURL = resp.encodeRedirectURL(redirectURL);
+//
+//			resp.setContentType("text/html");
+//			resp.setStatus(302);
+//
+//			resp.addHeader("Location", redirectURL);
+//			Logger.debug("REDIRECT TO: " + redirectURL);
+//
+//			// CONFIRMATION FOR SSO!
+//			/*
+//			 * OAAuthParameter oaParam =
+//			 * AuthConfigurationProvider.getInstance().
+//			 * getOnlineApplicationParameter(oaURL);
+//			 * 
+//			 * String friendlyName = oaParam.getFriendlyName(); if(friendlyName
+//			 * == null) { friendlyName = oaURL; }
+//			 * 
+//			 * 
+//			 * LoginConfirmationBuilder builder = new
+//			 * LoginConfirmationBuilder();
+//			 * builder.addParameter(PARAM_SAMLARTIFACT, samlArtifactBase64);
+//			 * String form = builder.finish(oaURL, session.getIdentityLink()
+//			 * .getName(), friendlyName);
+//			 */
+//
+//			/*
+//			resp.setContentType("text/html");
+//
+//			OutputStream out = resp.getOutputStream();
+//			out.write(form.getBytes("UTF-8"));
+//			out.flush();
+//			out.close();*/
+//
+//		} catch (WrongParametersException ex) {
+//			handleWrongParameters(ex, req, resp);
+//		} catch (ConfigurationException e) {
+//			// TODO Auto-generated catch block
+//			e.printStackTrace();
+//		} catch (BuildException e) {
+//			// TODO Auto-generated catch block
+//			e.printStackTrace();
+//		} catch (AuthenticationException e) {
+//			// TODO Auto-generated catch block
+//			e.printStackTrace();
+//		}
 
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 36fd75d8b..e79954daa 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -96,27 +96,10 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 		return authData;
 	}
 	
-	public static String BuildSAMLArtifact(AuthenticationSession session) throws ConfigurationException, BuildException, AuthenticationException {
-
-		// TODO: Support Mandate MODE!
-		
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-		boolean useUTC = oaParam.getUseUTC();
-		boolean useCondition = oaParam.getUseCondition();
-		int conditionLength = oaParam.getConditionLength();
-
-		// builds authentication data and stores it together with a SAML
-		// artifact
-		
-		//TODO: check, if this is correct!!!!
-		//AuthenticationData authData = buildAuthenticationData(session, session.getXMLVerifySignatureResponse(),
-		//		useUTC, false);
-		
-		AuthenticationData authData = buildAuthenticationData(session, 
-				session.getXMLVerifySignatureResponse(), 
-				useUTC, 
-				session.isForeigner());
+	public static String BuildSAMLArtifact(AuthenticationSession session, 
+			OAAuthParameter oaParam, 
+			AuthenticationData authData) 
+					throws ConfigurationException, BuildException, AuthenticationException {
 		
 		//TODO: check, if this is correct!!!!
 //		String samlAssertion = new AuthenticationDataAssertionBuilder().build(
@@ -127,6 +110,10 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 //				session.getAssertionBusinessService(),
 //				session.getExtendedSAMLAttributesOA(), useCondition,
 //				conditionLength);
+		
+		
+		boolean useCondition = oaParam.getUseCondition();
+		int conditionLength = oaParam.getConditionLength();
 
 		try {
 		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index b5e957c5a..09314ba37 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -9,9 +9,12 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang.StringEscapeUtils;
 
+import at.gv.egovernment.moa.id.AuthenticationException;
 import at.gv.egovernment.moa.id.MOAIDException;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.WrongParametersException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IModulInfo;
 import at.gv.egovernment.moa.id.moduls.IRequest;
@@ -67,6 +70,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 		RequestImpl config = new RequestImpl();
 		String oaURL = (String) request.getParameter(PARAM_OA);
 		oaURL = StringEscapeUtils.escapeHtml(oaURL);
+		
 		String target = (String) request.getParameter(PARAM_TARGET);
 		target = StringEscapeUtils.escapeHtml(target);
 		
@@ -76,15 +80,23 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 			target = null;
 		}
 		
-		
 		if (!ParamValidatorUtils.isValidOA(oaURL))
 			throw new WrongParametersException("StartAuthentication", PARAM_OA,
 					"auth.12");
 		config.setOAURL(oaURL);
-		config.setTarget(target);
+		
+		//load Target only from OA config
+		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
+				.getOnlineApplicationParameter(oaURL);
+		
+		if (oaParam == null)
+			throw new AuthenticationException("auth.00",
+					new Object[] { oaURL });
+		
+		config.setTarget(oaParam.getTarget());
 		
 		request.getSession().setAttribute(PARAM_OA, oaURL);
-		request.getSession().setAttribute(PARAM_TARGET, target);
+		request.getSession().setAttribute(PARAM_TARGET, oaParam.getTarget());
 		return config;
 	}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2013-07-08 09:29:16 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2013-07-08 09:29:16 +0200
commit	206f283585a28009bb8276f78e7ea1d95298fd8c (patch)
tree	44de251b31d98cd6fe8d15a46207cf66d2aa996f /id/server/idserverlib
parent	cdbfcdbdf4b0a55071f1aad9e514a5024563ddea (diff)
download	moa-id-spss-206f283585a28009bb8276f78e7ea1d95298fd8c.tar.gz moa-id-spss-206f283585a28009bb8276f78e7ea1d95298fd8c.tar.bz2 moa-id-spss-206f283585a28009bb8276f78e7ea1d95298fd8c.zip