refactor additional parts of MOA-ID-Auth to enabled virtual IDP functionality

4 files changed, 28 insertions, 29 deletions

diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 93ac33524..11917d0c3 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -371,6 +371,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * containg the authentication block, meant to be returned to the security
 	 * layer implementation</li>
 	 * </ul>
+	 * @param pendingReq 
 	 *
 	 * @param sessionID                     ID of associated authentication session data
 	 * @param infoboxReadResponseParameters The parameters from the response returned from the BKU
@@ -379,7 +380,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * <code>&lt;CreateXMLSignatureRequest&gt;</code>
 	 */
 	public String verifyCertificate(AuthenticationSession session,
-			X509Certificate certificate) throws AuthenticationException,
+			X509Certificate certificate, IRequest pendingReq) throws AuthenticationException,
 			BuildException, ParseException, ConfigurationException,
 			ValidateException, ServiceException, MOAIDException {
 
@@ -409,7 +410,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
 
 		String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
-				authConf, oaParam);
+				authConf, oaParam, pendingReq);
 
 		return returnvalue;
 	}
@@ -471,6 +472,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * @param session
 	 * @param authConf
 	 * @param oaParam
+	 * @param pendingReq 
 	 * @return
 	 * @throws ConfigurationException
 	 * @throws BuildException
@@ -478,7 +480,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 */
 	public String getCreateXMLSignatureRequestAuthBlockOrRedirect(
 			AuthenticationSession session, AuthConfiguration authConf,
-			OAAuthParameter oaParam) throws ConfigurationException,
+			OAAuthParameter oaParam, IRequest pendingReq) throws ConfigurationException,
 			BuildException, ValidateException {
 
 		//        // check for intermediate processing of the infoboxes
@@ -493,7 +495,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 					session.getPublicOAURLPrefix());
 
 		// builds the AUTH-block
-		String authBlock = buildAuthenticationBlock(session, oaParam);
+		String authBlock = buildAuthenticationBlock(session, oaParam, pendingReq);
 
 		// builds the <CreateXMLSignatureRequest>
 		List<String> transformsInfos = authConf.getTransformsInfos();
@@ -665,12 +667,13 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 	 * given session data.
 	 *
 	 * @param session authentication session
+	 * @param pendingReq 
 	 * @return <code>&lt;saml:Assertion&gt;</code> as a String
 	 * @throws BuildException If an error occurs on serializing an extended SAML attribute
 	 *                        to be appended to the AUTH-Block.
 	 */
 	private String buildAuthenticationBlock(AuthenticationSession session,
-			OAAuthParameter oaParam) throws BuildException {
+			OAAuthParameter oaParam, IRequest pendingReq) throws BuildException {
 
 		IdentityLink identityLink = session.getIdentityLink();
 		String issuer = identityLink.getName();
@@ -726,15 +729,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 
 
 		if (session.isSsoRequested()) {
-			String oaURL = new String();
-			try {
-				oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0);
-
-				if (MiscUtil.isNotEmpty(oaURL))
-					oaURL = oaURL.replaceAll("&", "&amp;");
+			String oaURL = pendingReq.getAuthURL();
+			if (MiscUtil.isNotEmpty(oaURL))
+				oaURL = oaURL.replaceAll("&", "&amp;");
 
-			} catch (ConfigurationException e) {
-			}
 			String authBlock = new AuthenticationBlockAssertionBuilder()
 			.buildAuthBlockSSO(issuer, issueInstant, authURL, target,
 					targetFriendlyName, identificationValue,
@@ -1087,9 +1085,9 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 		}
 		// validates <CreateXMLSignatureResponse>
 		if (session.isSsoRequested())
-			new CreateXMLSignatureResponseValidator().validateSSO(csresp, session);
+			new CreateXMLSignatureResponseValidator().validateSSO(csresp, session, pendingReq);
 		else
-			new CreateXMLSignatureResponseValidator().validate(csresp, session);
+			new CreateXMLSignatureResponseValidator().validate(csresp, session, pendingReq);
 
 		// builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
 		List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
index 469ca91a9..49888c136 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
@@ -17,6 +17,8 @@ import at.gv.egovernment.moa.id.auth.modules.TaskExecutionException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfiguration;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IRequest;
+import at.gv.egovernment.moa.id.moduls.RequestStorage;
 import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.CitizenCardServletUtils;
@@ -66,7 +68,9 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
 			}
 
 			pendingRequestID = AuthenticationSessionStoreage.getPendingRequestID(sessionID);
-
+			IRequest pendingReq = RequestStorage.getPendingRequest(
+					(String) executionContext.get("pendingRequestID"));	
+						
 			AuthenticationSession session = AuthenticationServer.getSession(sessionID);
 
 			// change MOASessionID
@@ -77,7 +81,7 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
 			AuthConfiguration authConf = AuthConfigurationProviderFactory.getInstance();
 
 			String createXMLSignatureRequest = AuthenticationServer.getInstance()
-					.getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam);
+					.getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam, pendingReq);
 
 			AuthenticationSessionStoreage.storeSession(session);
 			
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
index d99ba873d..2734d1027 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
@@ -110,7 +110,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
 	    	if (useMandate) {
 
 	    		// verify certificate for OrganWalter
-	    		String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert);
+	    		String createXMLSignatureRequestOrRedirect = AuthenticationServer.getInstance().verifyCertificate(session, cert, pendingReq);
 	    		
 		    	try {
 					AuthenticationSessionStoreage.storeSession(session);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index d70cd6f50..8a9c19c80 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -67,6 +67,7 @@ import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.TargetToSectorNameMapper;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -124,9 +125,10 @@ public class CreateXMLSignatureResponseValidator {
    * The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse}
    * @param createXMLSignatureResponse
    * @param session
+ * @param pendingReq 
    * @throws ValidateException
    */
-  public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session)
+  public void validate(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session, IRequest pendingReq)
    throws ValidateException {
       
       // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier
@@ -411,20 +413,15 @@ public class CreateXMLSignatureResponseValidator {
    * The Method validate is used for validating an explicit {@link CreateXMLSignatureResponse}
    * @param createXMLSignatureResponse
    * @param session
+ * @param pendingReq 
    * @throws ValidateException
    */
-  public void validateSSO(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session)
+  public void validateSSO(CreateXMLSignatureResponse createXMLSignatureResponse, AuthenticationSession session, IRequest pendingReq)
    throws ValidateException {
       
-      // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier
-    
-	String oaURL;
-    try {
-		oaURL = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().get(0);
-	} catch (ConfigurationException e1) {
-		oaURL = new String();
-	} 
-    
+      // A3.056: more then one /saml:Assertion/saml:AttributeStatement/saml:Subject/saml:NameIdentifier    
+	String	oaURL = pendingReq.getAuthURL();
+		
     IdentityLink identityLink = session.getIdentityLink();
     
     Element samlAssertion = createXMLSignatureResponse.getSamlAssertion();