diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-01-18 17:35:10 +0100 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2016-01-18 17:35:10 +0100 |
commit | 70ae2eb241fa347bda7bd89612c88db63506311c (patch) | |
tree | df7fba74074fa53f0f4a15a959c76c39e11337b6 /id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at | |
parent | 871e8fefefdd935bc99db467d43f4ec61dba251d (diff) | |
download | moa-id-spss-70ae2eb241fa347bda7bd89612c88db63506311c.tar.gz moa-id-spss-70ae2eb241fa347bda7bd89612c88db63506311c.tar.bz2 moa-id-spss-70ae2eb241fa347bda7bd89612c88db63506311c.zip |
refactor additional parts of MOA-ID-Auth to enabled virtual IDP functionality
Diffstat (limited to 'id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at')
4 files changed, 28 insertions, 29 deletions
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 93ac33524..11917d0c3 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -371,6 +371,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * containg the authentication block, meant to be returned to the security * layer implementation</li> * </ul> + * @param pendingReq * * @param sessionID ID of associated authentication session data * @param infoboxReadResponseParameters The parameters from the response returned from the BKU @@ -379,7 +380,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * <code><CreateXMLSignatureRequest></code> */ public String verifyCertificate(AuthenticationSession session, - X509Certificate certificate) throws AuthenticationException, + X509Certificate certificate, IRequest pendingReq) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ValidateException, ServiceException, MOAIDException { @@ -409,7 +410,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session, - authConf, oaParam); + authConf, oaParam, pendingReq); return returnvalue; } @@ -471,6 +472,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { * @param session * @param authConf * @param oaParam + * @param pendingReq * @return * @throws ConfigurationException * @throws BuildException @@ -478,7 +480,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { */ public String getCreateXMLSignatureRequestAuthBlockOrRedirect( AuthenticationSession session, AuthConfiguration authConf, - OAAuthParameter oaParam) throws ConfigurationException, + OAAuthParameter oaParam, IRequest pendingReq) throws ConfigurationException, BuildException, ValidateException { // // check for intermediate processing of the infoboxes @@ -493,7 +495,7 @@ public class AuthenticationServer extends BaseAuthenticationServer { session.getPublicOAURLPrefix()); // builds the AUTH-block - String authBlock = buildAuthenticationBlock(session, oaParam); + String authBlock = buildAuthenticationBlock(session, oaParam, pendingReq); // builds the <CreateXMLSignatureRequest> List<String> transformsInfos = authConf.getTransformsInfos(); @@ -665,12 +667,13 @@ public class AuthenticationServer extends BaseAuthenticationServer { * given session data. * * @param session authentication session + * @param pendingReq * @return <code><saml:Assertion></code> as a String * @throws BuildException If an error occurs on serializing an extended SAML attribute * to be appended to the AUTH-Block. */ private String buildAuthenticationBlock(AuthenticationSession session, - OAAuthParameter oaParam) throws BuildException { + OAAuthParameter oaParam, IRequest pendingReq) throws BuildException { IdentityLink identityLink = session.getIdentityLink(); String issuer = identityLink.getName(); @@ -726,15 +729,10 @@ public class AuthenticationServer extends BaseAuthenticationServer { if (session.isSsoRequested()) { - String oaURL = new String(); - try { - oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0); - - if (MiscUtil.isNotEmpty(oaURL)) - oaURL = oaURL.replaceAll("&", "&"); + String oaURL = pendingReq.getAuthURL(); + if (MiscUtil.isNotEmpty(oaURL)) + oaURL = oaURL.replaceAll("&", "&"); - } catch (ConfigurationException e) { - } String authBlock = new AuthenticationBlockAssertionBuilder() .buildAuthBlockSSO(issuer, issueInstant, authURL, target, targetFriendlyName, identificationValue, @@ -1087,9 +1085,9 @@ public class AuthenticationServer extends BaseAuthenticationServer { } // validates <CreateXMLSignatureResponse> if (session.isSsoRequested()) - new CreateXMLSignatureResponseValidator().validateSSO(csresp, session); + new CreateXMLSignatureResponseValidator().validateSSO(csresp, session, pendingReq); else - new CreateXMLSignatureResponseValidator().validate(csresp, session); + new CreateXMLSignatureResponseValidator().validate(csresp, session, pendingReq); // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs(); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java index 469ca91a9..49888c136 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java @@ -17,6 +17,8 @@ import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException; import at.gv.egovernment.moa.id.config.auth.AuthConfiguration; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.moduls.IRequest; +import at.gv.egovernment.moa.id.moduls.RequestStorage; import at.gv.egovernment.moa.id.process.api.ExecutionContext; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; import at.gv.egovernment.moa.id.util.CitizenCardServletUtils; @@ -66,7 +68,9 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask { } pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID); - + IRequest pendingReq = RequestStorage.getPendingRequest( + (String) executionContext.get("pendingRequestID")); + AuthenticationSession session = AuthenticationServer.getSession(sessionID); // change MOASessionID @@ -77,7 +81,7 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask { AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance(); String createXMLSignatureRequest = AuthenticationServer.getInstance() - .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam); + .getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam, pendingReq); AuthenticationSessionStoreage.storeSession(session); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java index d99ba873d..2734d1027 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java @@ -110,7 +110,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask { if (useMandate) { // verify certificate for OrganWalter - String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert); + String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert, pendingReq); try { AuthenticationSessionStoreage.storeSession(session); diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java index d70cd6f50..8a9c19c80 100644 --- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java +++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java @@ -67,6 +67,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper; import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; +import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; import at.gv.egovernment.moa.util.MiscUtil; @@ -124,9 +125,10 @@ public class CreateXMLSignatureResponseValidator { * The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse} * @param createXMLSignatureResponse * @param session + * @param pendingReq * @throws ValidateException */ - public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session) + public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session, IRequest pendingReq) throws ValidateException { // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier @@ -411,20 +413,15 @@ public class CreateXMLSignatureResponseValidator { * The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse} * @param createXMLSignatureResponse * @param session + * @param pendingReq * @throws ValidateException */ - public void validateSSO(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session) + public void validateSSO(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session, IRequest pendingReq) throws ValidateException { - // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier - - String oaURL; - try { - oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0); - } catch (ConfigurationException e1) { - oaURL = new String(); - } - + // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier + String oaURL = pendingReq.getAuthURL(); + IdentityLink identityLink = session.getIdentityLink(); Element samlAssertion = createXMLSignatureResponse.getSamlAssertion(); |