fix another problem in session database

1 files changed, 41 insertions, 35 deletions

diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 90ed1c886..66161e508 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -36,9 +36,7 @@ import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
 import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.BKUException;
@@ -60,9 +58,13 @@ import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.IRequest;
+import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
+import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
+import at.gv.egovernment.moa.id.commons.api.data.IIdentityLink;
+import at.gv.egovernment.moa.id.commons.api.data.IMISMandate;
+import at.gv.egovernment.moa.id.commons.api.data.IVerifiyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.data.MISMandate;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.util.XMLUtil;
 import at.gv.egovernment.moa.logging.Logger;
@@ -134,7 +136,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @see GetIdentityLinkFormBuilder
 	 * @see InfoboxReadRequestBuilder
 	 */
-	public String startAuthentication(AuthenticationSession session, HttpServletRequest req, IRequest pendingReq) throws WrongParametersException,
+	public String startAuthentication(IAuthenticationSession session, HttpServletRequest req, IRequest pendingReq) throws WrongParametersException,
 	AuthenticationException, ConfigurationException, BuildException {
 
 		if (session == null) {
@@ -246,7 +248,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 *         link results in an Exception being thrown.
 	 * @throws BKUException
 	 */
-	public String verifyIdentityLink(IRequest pendingReq, AuthenticationSession session,
+	public String verifyIdentityLink(IRequest pendingReq, IAuthenticationSession session,
 			Map<String, String> infoboxReadResponseParameters) throws AuthenticationException,
 			BuildException, ParseException, ConfigurationException,
 			ValidateException, ServiceException, BKUException {
@@ -285,7 +287,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 		}
 
 		// parses the <InfoboxReadResponse>
-		IdentityLink identityLink = new InfoboxReadResponseParser(
+		IIdentityLink identityLink = new InfoboxReadResponseParser(
 				xmlInfoboxReadResponse).parseIdentityLink();
 		// validates the identity link
 		IdentityLinkValidator.getInstance().validate(identityLink);
@@ -298,7 +300,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 		Element domVerifyXMLSignatureResponse = SignatureVerificationInvoker.getInstance()
 		.verifyXMLSignature(domVerifyXMLSignatureRequest);
 		// parses the <VerifyXMLSignatureResponse>
-		VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
+		IVerifiyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser(
 				domVerifyXMLSignatureResponse).parseData();
 
 		IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
@@ -346,7 +348,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @return String representation of the
 	 * <code>&lt;CreateXMLSignatureRequest&gt;</code>
 	 */
-	public void verifyCertificate(AuthenticationSession session,
+	public void verifyCertificate(IAuthenticationSession session,
 			X509Certificate certificate, IRequest pendingReq) throws AuthenticationException,
 			BuildException, ParseException, ConfigurationException,
 			ValidateException, ServiceException, MOAIDException {
@@ -387,7 +389,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @return String representation of the
 	 * <code>&lt;CreateXMLSignatureRequest&gt;</code>
 	 */
-	public void verifyMandate(IRequest pendingReq, AuthenticationSession session, MISMandate mandate)
+	public void verifyMandate(IRequest pendingReq, IAuthenticationSession session, IMISMandate mandate)
 			throws AuthenticationException, BuildException, ParseException,
 			ConfigurationException, ValidateException, ServiceException {
 
@@ -429,7 +431,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @throws ValidateException
 	 */
 	public String getCreateXMLSignatureRequestAuthBlockOrRedirect(
-			AuthenticationSession session, IRequest pendingReq) throws ConfigurationException,
+			IAuthenticationSession session, IRequest pendingReq) throws ConfigurationException,
 			BuildException, ValidateException {
 
 		IOAAuthParameters oaParam = pendingReq.getOnlineApplicationConfiguration();
@@ -522,10 +524,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @throws BuildException If an error occurs on serializing an extended SAML attribute
 	 *                        to be appended to the AUTH-Block.
 	 */
-	private String buildAuthenticationBlock(AuthenticationSession session,
+	private String buildAuthenticationBlock(IAuthenticationSession session,
 			IOAAuthParameters oaParam, IRequest pendingReq) throws BuildException {
 
-		IdentityLink identityLink = session.getIdentityLink();
+		IIdentityLink identityLink = session.getIdentityLink();
 		String issuer = identityLink.getName();
 		String gebDat = identityLink.getDateOfBirth();
 
@@ -583,28 +585,32 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 
 		List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH();
 
-
+		String authBlock = null;
 		if (pendingReq.needSingleSignOnFunctionality()) {
 			String oaURL = pendingReq.getAuthURL();
 			if (MiscUtil.isNotEmpty(oaURL))
 				oaURL = oaURL.replaceAll("&", "&amp;");
 
-			String authBlock = new AuthenticationBlockAssertionBuilder()
-			.buildAuthBlockSSO(issuer, issueInstant, authURL, requestedTarget,
-					targetFriendlyName, identificationValue,
-					identificationType, oaURL, gebDat,
-					extendedSAMLAttributes, session, oaParam);
-			return authBlock;
+			authBlock = new AuthenticationBlockAssertionBuilder()
+					.buildAuthBlockSSO(issuer, issueInstant, authURL, requestedTarget,
+							targetFriendlyName, identificationValue,
+							identificationType, oaURL, gebDat,
+							extendedSAMLAttributes, session, oaParam);
+
 
 		} else {			
 			String oaURL = oaParam.getPublicURLPrefix().replaceAll("&", "&amp;");
-			String authBlock = new AuthenticationBlockAssertionBuilder()
-			.buildAuthBlock(issuer, issueInstant, authURL, requestedTarget,
-					targetFriendlyName, identificationValue,
-					identificationType, oaURL, gebDat,
-					extendedSAMLAttributes, session, oaParam);
-			return authBlock;
+			authBlock = new AuthenticationBlockAssertionBuilder()
+					.buildAuthBlock(issuer, issueInstant, authURL, requestedTarget,
+							targetFriendlyName, identificationValue,
+							identificationType, oaURL, gebDat,
+							extendedSAMLAttributes, session, oaParam);
+			
 		}
+		
+		session.setExtendedSAMLAttributesAUTH(extendedSAMLAttributes);
+		return authBlock;
+		
 	}
 
 
@@ -622,7 +628,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @throws SAXException
 	 */
 	private void validateExtendedSAMLAttributeForMandates(
-			AuthenticationSession session, MISMandate mandate,
+			IAuthenticationSession session, IMISMandate mandate,
 			boolean business)
 					throws ValidateException, ConfigurationException, SAXException,
 					IOException, ParserConfigurationException, TransformerException {
@@ -654,7 +660,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @throws SAXException
 	 */
 	private void setExtendedSAMLAttributeForMandatesOID(
-			AuthenticationSession session, MISMandate mandate, boolean business)
+			IAuthenticationSession session, IMISMandate mandate, boolean business)
 					throws ValidateException, ConfigurationException, SAXException,
 					IOException, ParserConfigurationException, TransformerException {
 
@@ -677,7 +683,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @param friendlyNam            The friendly name of the infobox for debug purposes
 	 */
 	private static void AddAdditionalSAMLAttributes(
-			AuthenticationSession session,
+			IAuthenticationSession session,
 			ExtendedSAMLAttribute[] extendedSAMLAttributes, String identifier,
 			String friendlyName) throws ValidateException {
 		if (extendedSAMLAttributes == null)
@@ -745,7 +751,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 */
 
 	protected static ExtendedSAMLAttribute[] addExtendedSamlAttributes(
-			MISMandate mandate, boolean business, boolean provideStammzahl)
+			IMISMandate mandate, boolean business, boolean provideStammzahl)
 					throws SAXException, IOException, ParserConfigurationException,
 					TransformerException {
 		Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>();
@@ -811,7 +817,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @throws TransformerException
 	 */
 	private static ExtendedSAMLAttribute[] addExtendedSamlAttributesOID(
-			MISMandate mandate, boolean business) throws SAXException,
+			IMISMandate mandate, boolean business) throws SAXException,
 			IOException, ParserConfigurationException, TransformerException {
 
 		Vector<ExtendedSAMLAttribute> extendedSamlAttributes = new Vector<ExtendedSAMLAttribute>();
@@ -855,7 +861,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @throws IOException
 	 * @throws SAXException
 	 */
-	private static Element mandateToElement(MISMandate mandate)
+	private static Element mandateToElement(IMISMandate mandate)
 			throws SAXException, IOException, ParserConfigurationException {
 		ByteArrayInputStream bais = new ByteArrayInputStream(mandate
 				.getMandate());
@@ -910,7 +916,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * BASE64</strike><br/>New id of the authenticated MOA session or {@code null} in case of mandate mode (???)
 	 * @throws BKUException
 	 */
-	public void verifyAuthenticationBlock(IRequest pendingReq, AuthenticationSession session,
+	public void verifyAuthenticationBlock(IRequest pendingReq, IAuthenticationSession session,
 			String xmlCreateXMLSignatureReadResponse)
 					throws AuthenticationException, BuildException, ParseException,
 					ConfigurationException, ServiceException, ValidateException, BKUException {
@@ -958,7 +964,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 		domVsresp = SignatureVerificationInvoker.getInstance().verifyXMLSignature(domVsreq);
 
 		// parses the <VerifyXMLSignatureResponse>
-		VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(
+		IVerifiyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(
 				domVsresp).parseData();
 
 		if (Logger.isTraceEnabled()) {
@@ -1103,14 +1109,14 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @param sessionID session ID of the running authentication session
 	 * @return String "new Session"
 	 */
-	public void getForeignAuthenticationData(AuthenticationSession session)
+	public void getForeignAuthenticationData(IAuthenticationSession session)
 			throws AuthenticationException, BuildException, ParseException,
 			ConfigurationException, ServiceException, ValidateException {
 		
 		if (session == null)
 			throw new AuthenticationException("auth.10", new Object[]{
 					REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID});
-		VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse();
+		IVerifiyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse();
 		X509Certificate cert = session.getSignerCertificate();
 		vsresp.setX509certificate(cert);