Merge branch 'eIDAS_node_2.0_tests' into huge_refactoring

# Conflicts: # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java # id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml # id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java # id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java # id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java # id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java # id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java # id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java # id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java # id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java # id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java # id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java # id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
author: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-07-12 16:16:29 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-07-12 16:16:29 +0200
commit: 132681b9f3e00158b1671f50b23517462aa54afd (patch)
tree: cda5e6b321a44fbb54a959693a4afe71eb25bd6a /id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java
parent: 3535ae9500b29d0b2d0f317ea7f47a6c25c6f70e (diff)
parent: 3b1130e2366138871a92a1f83124a27fa83885dd (diff)
download: moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.tar.gz
moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.tar.bz2
moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.zip
1 files changed, 20 insertions, 5 deletions
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
index 1269229d0..b17f0c121 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
@@ -45,19 +45,20 @@ import at.gv.egovernment.moa.util.MiscUtil;
  */
 public class BKAMobileAuthModule implements AuthModule {
 
-	private int priority = 1;
+	private int priority = 2;
 	
 	@Autowired(required=true) protected AuthConfiguration authConfig;
 	@Autowired(required=true) private IAuthenticationManager authManager;
 	
 	private List<String> uniqueIDsDummyAuthEnabled = new ArrayList<String>();
+	private String noAuthHeaderValue = null;
 	
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
 	 */
 	@Override
 	public int getPriority() {
-		return priority;
+		return priority; 
 	}
 
 	/**
@@ -67,11 +68,13 @@ public class BKAMobileAuthModule implements AuthModule {
 	public void setPriority(int priority) {
 		this.priority = priority;
 	}
-
 	
 	@PostConstruct
 	public void initialDummyAuthWhiteList() {
 		String sensitiveSpIdentifier = authConfig.getBasicConfiguration("modules.bkamobileAuth.entityID");
+		noAuthHeaderValue = authConfig.getBasicConfiguration("modules.bkamobileAuth.noAuthHeaderValue", "0");
+		Logger.info("Dummy authentication is sensitive on 'X-MOA-VDA' value: " + noAuthHeaderValue);
+		
 		if (MiscUtil.isNotEmpty(sensitiveSpIdentifier)) {
 			uniqueIDsDummyAuthEnabled.addAll(KeyValueUtils.getListOfCSVValues(sensitiveSpIdentifier));
 			
@@ -84,6 +87,8 @@ public class BKAMobileAuthModule implements AuthModule {
 		
 		//parameter to whiteList
 		authManager.addParameterNameToWhiteList(FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW);
+//		authManager.addHeaderNameToWhiteList("SL2ClientType");
+//		authManager.addHeaderNameToWhiteList("X-MOA-VDA");
 	}
 	
 	/* (non-Javadoc)
@@ -92,12 +97,22 @@ public class BKAMobileAuthModule implements AuthModule {
 	@Override
 	public String selectProcess(ExecutionContext context) {		
 		String spEntityID = (String) context.get(EAAFConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID);
-		if (MiscUtil.isNotEmpty(spEntityID)) {				
-			if (uniqueIDsDummyAuthEnabled.contains(spEntityID)) {
+		String sl20ClientTypeHeader = (String) context.get("SL2ClientType".toLowerCase());
+		String sl20VDATypeHeader = (String)  context.get("X-MOA-VDA".toLowerCase());				
+		if (MiscUtil.isNotEmpty(spEntityID)) {
+			Logger.trace("Check dummy-auth for SP: " + spEntityID);
+			
+			
+			if ( (uniqueIDsDummyAuthEnabled.contains(spEntityID))) {
 				String eIDBlob = (String)context.get(FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW);
 				if (eIDBlob != null && MiscUtil.isNotEmpty(eIDBlob.trim())) {				
 					return "BKAMobileAuthentication";
 					
+				} else if (MiscUtil.isNotEmpty(sl20ClientTypeHeader) 
+						&& MiscUtil.isNotEmpty(sl20VDATypeHeader) && sl20VDATypeHeader.equals(noAuthHeaderValue)) {
+					Logger.info("Find dummy-auth request for oe.gv.at demos ... ");
+					return "BKAMobileAuthentication";
+					
 				} else {
 					Logger.debug("Dummy-auth are enabled for " + spEntityID + " but no '"
 							+ FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW + "' req. parameter available.");
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-07-12 16:16:29 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-07-12 16:16:29 +0200
commit	132681b9f3e00158b1671f50b23517462aa54afd (patch)
tree	cda5e6b321a44fbb54a959693a4afe71eb25bd6a /id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java
parent	3535ae9500b29d0b2d0f317ea7f47a6c25c6f70e (diff)
parent	3b1130e2366138871a92a1f83124a27fa83885dd (diff)
download	moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.tar.gz moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.tar.bz2 moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.zip