refactor authentication process to use service-provider configuration from pending-request

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-02-18 11:02:55 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-02-18 11:02:55 +0100
commit: c9370266c7553db65e9d18f7fe2a0230ab94d912 (patch)
tree: 041eaa2f9b715205bf377b586d4e8381887b2951 /id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol
parent: 98cdf5c84739362a2d41702f538c370fa3d2c86e (diff)
download: moa-id-spss-c9370266c7553db65e9d18f7fe2a0230ab94d912.tar.gz
moa-id-spss-c9370266c7553db65e9d18f7fe2a0230ab94d912.tar.bz2
moa-id-spss-c9370266c7553db65e9d18f7fe2a0230ab94d912.zip
3 files changed, 36 insertions, 36 deletions
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
index fcde874b4..17d0738e3 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
@@ -36,8 +36,7 @@ import org.springframework.stereotype.Service;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.config.auth.IOAAuthParameters;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationImpl;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
@@ -153,7 +152,7 @@ class OAuth20AuthAction implements IAction {
 	
 	private Pair<String, String> buildIdToken(String scope, OAuth20AuthRequest oAuthRequest, IAuthData authData)
 			throws MOAIDException, SignatureException {
-		OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oAuthRequest.getOAURL());
+		IOAAuthParameters oaParam = oAuthRequest.getOnlineApplicationConfiguration();
 		
 		OAuthSigner signer = OAuth20SignatureUtil.loadSigner(authData.getIssuer());
 		OAuthJsonToken token = new OAuthJsonToken(signer);
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
index ecef9b0a3..416445fa6 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
@@ -212,38 +212,30 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest {
 		for (String el : PVP2XProtocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION)
 			reqAttr.put(el, "");
 						
-		try {
-			OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL());
-			
-			for (String s : scope.split(" ")) {
-				if (s.equalsIgnoreCase("profile")) {
-					for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersprofile())
-						reqAttr.put(el.getName(), "");
+		for (String s : scope.split(" ")) {
+			if (s.equalsIgnoreCase("profile")) {
+				for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersprofile())
+					reqAttr.put(el.getName(), "");
 
-				} else if (s.equalsIgnoreCase("eID")) {
-					for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseid())
-						reqAttr.put(el.getName(), "");
-					
-				} else if (s.equalsIgnoreCase("eID_gov")) {
-					for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseidgov())
-						reqAttr.put(el.getName(), "");
-					
-				} else if (s.equalsIgnoreCase("mandate")) {
-					for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersmandate())
-						reqAttr.put(el.getName(), "");
-					
-				} else if (s.equalsIgnoreCase("stork")) {
-					for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersstork())
-						reqAttr.put(el.getName(), "");
-					
-				}
+			} else if (s.equalsIgnoreCase("eID")) {
+				for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseid())
+					reqAttr.put(el.getName(), "");
+				
+			} else if (s.equalsIgnoreCase("eID_gov")) {
+				for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuilderseidgov())
+					reqAttr.put(el.getName(), "");
+				
+			} else if (s.equalsIgnoreCase("mandate")) {
+				for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersmandate())
+					reqAttr.put(el.getName(), "");
+				
+			} else if (s.equalsIgnoreCase("stork")) {
+				for (IAttributeBuilder el :OAuth20AttributeBuilder.getBuildersstork())
+					reqAttr.put(el.getName(), "");
+				
 			}
-			
-			return AttributQueryBuilder.buildSAML2AttributeList(oa, reqAttr.keySet().iterator());
-			
-		} catch (ConfigurationException e) {
-			Logger.error("Load configuration for OA " + getOAURL() + " FAILED", e);
-			return null;
 		}
+		
+		return AttributQueryBuilder.buildSAML2AttributeList(this.getOnlineApplicationConfiguration(), reqAttr.keySet().iterator());
 	}
 }
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index 52204d7f6..22ceda4f1 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -17,6 +17,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
 import com.google.gson.JsonObject;
 
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException;
 import at.gv.egovernment.moa.id.moduls.IAction;
@@ -122,9 +123,17 @@ public class OAuth20Protocol extends AbstractProtocolModulController {
 	 */
 	public IRequest preProcess(HttpServletRequest request, HttpServletResponse resp, String action) throws MOAIDException {
 		// validation is done inside creation
-		OAuth20BaseRequest res = OAuth20BaseRequest.newInstance(action, request);
-		Logger.debug("Created: " + res);
-		return res;
+		
+		try {
+			OAuth20BaseRequest res = OAuth20BaseRequest.newInstance(action, request);
+			Logger.debug("Created: " + res);
+			return res;
+			
+		} catch (OAuth20Exception e) {
+			Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
+			throw new InvalidProtocolRequestException(e.getMessage(), null);
+			
+		}
 	}
 	
 	/*
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-02-18 11:02:55 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-02-18 11:02:55 +0100
commit	c9370266c7553db65e9d18f7fe2a0230ab94d912 (patch)
tree	041eaa2f9b715205bf377b586d4e8381887b2951 /id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol
parent	98cdf5c84739362a2d41702f538c370fa3d2c86e (diff)
download	moa-id-spss-c9370266c7553db65e9d18f7fe2a0230ab94d912.tar.gz moa-id-spss-c9370266c7553db65e9d18f7fe2a0230ab94d912.tar.bz2 moa-id-spss-c9370266c7553db65e9d18f7fe2a0230ab94d912.zip