add MOA specific eIDAS engine.

1 files changed, 68 insertions, 0 deletions

diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAProtocolEngine.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAProtocolEngine.java
new file mode 100644
index 000000000..d8fcd1694
--- /dev/null
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAProtocolEngine.java
@@ -0,0 +1,68 @@
+package at.gv.egovernment.moa.id.auth.modules.eidas.engine;
+
+import java.security.cert.X509Certificate;
+
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.saml2.core.Response;
+
+import at.gv.egovernment.moa.logging.Logger;
+import eu.eidas.auth.commons.EidasErrorKey;
+import eu.eidas.auth.commons.protocol.IAuthenticationRequest;
+import eu.eidas.auth.engine.ProtocolEngine;
+import eu.eidas.auth.engine.configuration.ProtocolConfigurationAccessor;
+import eu.eidas.auth.engine.xml.opensaml.SAMLEngineUtils;
+import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
+
+public class MOAProtocolEngine extends ProtocolEngine {
+
+	public MOAProtocolEngine(ProtocolConfigurationAccessor configurationAccessor) {
+		super(configurationAccessor);
+
+	}
+
+//	@Override
+//	protected X509Certificate getEncryptionCertificate(String requestIssuer,
+//			String destinationCountryCode) throws EIDASSAMLEngineException {
+//		if ((StringUtils.isNotBlank(destinationCountryCode)) && (null != getProtocolEncrypter())
+//				&& (getProtocolEncrypter().isEncryptionEnabled(destinationCountryCode))) {
+//			X509Certificate encryptionCertificate = getProtocolProcessor().getEncryptionCertificate(requestIssuer);
+//			
+//			if (null == encryptionCertificate) {
+//				return getProtocolEncrypter().getEncryptionCertificate(destinationCountryCode);
+//				
+//			}
+//			return encryptionCertificate;
+//		}
+//		return null;
+//	}
+//	
+//	@Override
+//	protected Response signResponse(IAuthenticationRequest request, Response response)
+//			throws EIDASSAMLEngineException {
+//		Response responseToSign = response;
+//
+//		if ((null != getProtocolEncrypter()) && (!(SAMLEngineUtils.isErrorSamlResponse(responseToSign)))) {
+//			X509Certificate destinationCertificate = getEncryptionCertificate(request.getIssuer(),
+//					request.getOriginCountryCode());
+//
+//			if (null != destinationCertificate) {
+//				responseToSign = getProtocolEncrypter().encryptSamlResponse(responseToSign, destinationCertificate);
+//				
+//			} else if (getProtocolEncrypter().isEncryptionEnabled(request.getOriginCountryCode())) {
+////				Logger.error(SAML_EXCHANGE,
+////						"BUSINESS EXCEPTION : encryption cannot be performed, no matching certificate for issuer="
+////								+ request.getIssuer() + " and country=" + request.getOriginCountryCode());
+//
+//				throw new EIDASSAMLEngineException(EidasErrorKey.SAML_ENGINE_INVALID_CERTIFICATE.errorCode(),
+//						EidasErrorKey.SAML_ENGINE_INVALID_CERTIFICATE.errorMessage());
+//			}
+//
+//		} else if (!(SAMLEngineUtils.isErrorSamlResponse(responseToSign))) {
+//			checkSendingUnencryptedResponsesAllowed();
+//			
+//		}
+//
+//		Logger.debug("Signing SAML Response.");
+//		return ((Response) getSigner().sign(responseToSign));
+//	}
+}