aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-07-12 16:16:29 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-07-12 16:16:29 +0200
commit132681b9f3e00158b1671f50b23517462aa54afd (patch)
treecda5e6b321a44fbb54a959693a4afe71eb25bd6a /id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test
parent3535ae9500b29d0b2d0f317ea7f47a6c25c6f70e (diff)
parent3b1130e2366138871a92a1f83124a27fa83885dd (diff)
downloadmoa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.tar.gz
moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.tar.bz2
moa-id-spss-132681b9f3e00158b1671f50b23517462aa54afd.zip
Merge branch 'eIDAS_node_2.0_tests' into huge_refactoring
# Conflicts: # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/validator/VerifyXMLSignatureResponseValidator.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/AssertionAttributeExtractor.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/SAML2Utils.java # id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/verification/metadata/SchemaValidationFilter.java # id/server/idserverlib/src/main/resources/moaid.authentication.beans.xml # id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/module/test/TestRequestImpl.java # id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java # id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java # id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java # id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java # id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java # id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java # id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java # id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java # id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java # id/server/modules/module-monitoring/src/main/java/at/gv/egovernment/moa/id/monitoring/IdentityLinkTestModule.java
Diffstat (limited to 'id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test')
-rw-r--r--id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java25
-rw-r--r--id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/resources/BKAMobileAuth.process.xml14
-rw-r--r--id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/resources/moaid_bka_mobileauth.beans.xml2
3 files changed, 28 insertions, 13 deletions
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
index 1269229d0..b17f0c121 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
@@ -45,19 +45,20 @@ import at.gv.egovernment.moa.util.MiscUtil;
*/
public class BKAMobileAuthModule implements AuthModule {
- private int priority = 1;
+ private int priority = 2;
@Autowired(required=true) protected AuthConfiguration authConfig;
@Autowired(required=true) private IAuthenticationManager authManager;
private List<String> uniqueIDsDummyAuthEnabled = new ArrayList<String>();
+ private String noAuthHeaderValue = null;
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
*/
@Override
public int getPriority() {
- return priority;
+ return priority;
}
/**
@@ -67,11 +68,13 @@ public class BKAMobileAuthModule implements AuthModule {
public void setPriority(int priority) {
this.priority = priority;
}
-
@PostConstruct
public void initialDummyAuthWhiteList() {
String sensitiveSpIdentifier = authConfig.getBasicConfiguration("modules.bkamobileAuth.entityID");
+ noAuthHeaderValue = authConfig.getBasicConfiguration("modules.bkamobileAuth.noAuthHeaderValue", "0");
+ Logger.info("Dummy authentication is sensitive on 'X-MOA-VDA' value: " + noAuthHeaderValue);
+
if (MiscUtil.isNotEmpty(sensitiveSpIdentifier)) {
uniqueIDsDummyAuthEnabled.addAll(KeyValueUtils.getListOfCSVValues(sensitiveSpIdentifier));
@@ -84,6 +87,8 @@ public class BKAMobileAuthModule implements AuthModule {
//parameter to whiteList
authManager.addParameterNameToWhiteList(FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW);
+// authManager.addHeaderNameToWhiteList("SL2ClientType");
+// authManager.addHeaderNameToWhiteList("X-MOA-VDA");
}
/* (non-Javadoc)
@@ -92,12 +97,22 @@ public class BKAMobileAuthModule implements AuthModule {
@Override
public String selectProcess(ExecutionContext context) {
String spEntityID = (String) context.get(EAAFConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID);
- if (MiscUtil.isNotEmpty(spEntityID)) {
- if (uniqueIDsDummyAuthEnabled.contains(spEntityID)) {
+ String sl20ClientTypeHeader = (String) context.get("SL2ClientType".toLowerCase());
+ String sl20VDATypeHeader = (String) context.get("X-MOA-VDA".toLowerCase());
+ if (MiscUtil.isNotEmpty(spEntityID)) {
+ Logger.trace("Check dummy-auth for SP: " + spEntityID);
+
+
+ if ( (uniqueIDsDummyAuthEnabled.contains(spEntityID))) {
String eIDBlob = (String)context.get(FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW);
if (eIDBlob != null && MiscUtil.isNotEmpty(eIDBlob.trim())) {
return "BKAMobileAuthentication";
+ } else if (MiscUtil.isNotEmpty(sl20ClientTypeHeader)
+ && MiscUtil.isNotEmpty(sl20VDATypeHeader) && sl20VDATypeHeader.equals(noAuthHeaderValue)) {
+ Logger.info("Find dummy-auth request for oe.gv.at demos ... ");
+ return "BKAMobileAuthentication";
+
} else {
Logger.debug("Dummy-auth are enabled for " + spEntityID + " but no '"
+ FirstBKAMobileAuthTask.REQ_PARAM_eID_BLOW + "' req. parameter available.");
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/resources/BKAMobileAuth.process.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/resources/BKAMobileAuth.process.xml
index 6f41f347a..07faeae88 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/resources/BKAMobileAuth.process.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/resources/BKAMobileAuth.process.xml
@@ -5,17 +5,17 @@
STORK authentication both with C-PEPS supporting xml signatures and with C-PEPS not supporting xml signatures.
-->
<pd:Task id="firstStep" class="FirstBKAMobileAuthTask" />
- <pd:Task id="secondStep" class="SecondBKAMobileAuthTask" async="true" />
- <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" />
+ <pd:Task id="secondStep" class="SecondBKAMobileAuthTask" />
+ <pd:Task id="finalizeAuthentication" class="FinalizeAuthenticationTask" />
<!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. -->
<pd:StartEvent id="start" />
- <pd:Transition from="start" to="firstStep" />
- <!-- pd:Transition from="firstStep" to="secondStep"/>
- <pd:Transition from="secondStep" to="finalizeAuthentication" /-->
-
- <pd:Transition from="firstStep" to="finalizeAuthentication" />
+ <pd:Transition from="start" to="secondStep" />
+ <pd:Transition from="secondStep" to="finalizeAuthentication" />
+
+<!-- <pd:Transition from="firstStep" to="secondStep"/> -->
+ <!-- <pd:Transition from="firstStep" to="finalizeAuthentication" /> -->
<pd:Transition from="finalizeAuthentication" to="end" />
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/resources/moaid_bka_mobileauth.beans.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/resources/moaid_bka_mobileauth.beans.xml
index ef13b0348..79f29e08c 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/resources/moaid_bka_mobileauth.beans.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/resources/moaid_bka_mobileauth.beans.xml
@@ -10,7 +10,7 @@
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
<bean id="BKAMobileAuthModule" class="at.gv.egovernment.moa.id.auth.modules.bkamobileauthtests.BKAMobileAuthModule">
- <property name="priority" value="1" />
+ <property name="priority" value="4" />
</bean>