refactor additional parts of MOA-ID-Auth to enabled virtual IDP functionality

1 files changed, 13 insertions, 15 deletions

diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 93ac33524..11917d0c3 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -371,6 +371,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * containg the authentication block, meant to be returned to the security
 	 * layer implementation</li>
 	 * </ul>
+	 * @param pendingReq 
 	 *
 	 * @param sessionID                     ID of associated authentication session data
 	 * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
@@ -379,7 +380,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * <code>&lt;CreateXMLSignatureRequest&gt;</code>
 	 */
 	public String verifyCertificate(AuthenticationSession session,
-			X509Certificate certificate) throws AuthenticationException,
+			X509Certificate certificate, IRequest pendingReq) throws AuthenticationException,
 			BuildException, ParseException, ConfigurationException,
 			ValidateException, ServiceException, MOAIDException {
 
@@ -409,7 +410,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
 
 		String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
-				authConf, oaParam);
+				authConf, oaParam, pendingReq);
 
 		return returnvalue;
 	}
@@ -471,6 +472,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @param session
 	 * @param authConf
 	 * @param oaParam
+	 * @param pendingReq 
 	 * @return
 	 * @throws ConfigurationException
 	 * @throws BuildException
@@ -478,7 +480,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 */
 	public String getCreateXMLSignatureRequestAuthBlockOrRedirect(
 			AuthenticationSession session, AuthConfiguration authConf,
-			OAAuthParameter oaParam) throws ConfigurationException,
+			OAAuthParameter oaParam, IRequest pendingReq) throws ConfigurationException,
 			BuildException, ValidateException {
 
 		//        // check for intermediate processing of the infoboxes
@@ -493,7 +495,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 					session.getPublicOAURLPrefix());
 
 		// builds the AUTH-block
-		String authBlock = buildAuthenticationBlock(session, oaParam);
+		String authBlock = buildAuthenticationBlock(session, oaParam, pendingReq);
 
 		// builds the <CreateXMLSignatureRequest>
 		List<String> transformsInfos = authConf.getTransformsInfos();
@@ -665,12 +667,13 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * given session data.
 	 *
 	 * @param session authentication session
+	 * @param pendingReq 
 	 * @return <code>&lt;saml:Assertion&gt;</code> as a String
 	 * @throws BuildException If an error occurs on serializing an extended SAML attribute
 	 *                        to be appended to the AUTH-Block.
 	 */
 	private String buildAuthenticationBlock(AuthenticationSession session,
-			OAAuthParameter oaParam) throws BuildException {
+			OAAuthParameter oaParam, IRequest pendingReq) throws BuildException {
 
 		IdentityLink identityLink = session.getIdentityLink();
 		String issuer = identityLink.getName();
@@ -726,15 +729,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 
 
 		if (session.isSsoRequested()) {
-			String oaURL = new String();
-			try {
-				oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0);
-
-				if (MiscUtil.isNotEmpty(oaURL))
-					oaURL = oaURL.replaceAll("&", "&amp;");
+			String oaURL = pendingReq.getAuthURL();
+			if (MiscUtil.isNotEmpty(oaURL))
+				oaURL = oaURL.replaceAll("&", "&amp;");
 
-			} catch (ConfigurationException e) {
-			}
 			String authBlock = new AuthenticationBlockAssertionBuilder()
 			.buildAuthBlockSSO(issuer, issueInstant, authURL, target,
 					targetFriendlyName, identificationValue,
@@ -1087,9 +1085,9 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 		}
 		// validates <CreateXMLSignatureResponse>
 		if (session.isSsoRequested())
-			new CreateXMLSignatureResponseValidator().validateSSO(csresp, session);
+			new CreateXMLSignatureResponseValidator().validateSSO(csresp, session, pendingReq);
 		else
-			new CreateXMLSignatureResponseValidator().validate(csresp, session);
+			new CreateXMLSignatureResponseValidator().validate(csresp, session, pendingReq);
 
 		// builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
 		List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();