diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-12 06:25:12 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-06-12 06:25:12 +0200 |
commit | 23201ce112d9aa132783f984e0765c0cacca95a5 (patch) | |
tree | a6998160bab46487237a8b89017ca2b2ab37f641 /id/server/modules/moa-id-module-sl20_authentication/src/main | |
parent | 010649c11c8308a1e6f23f6e40faac051aee976e (diff) | |
download | moa-id-spss-23201ce112d9aa132783f984e0765c0cacca95a5.tar.gz moa-id-spss-23201ce112d9aa132783f984e0765c0cacca95a5.tar.bz2 moa-id-spss-23201ce112d9aa132783f984e0765c0cacca95a5.zip |
update SL20 module and add an additional jUnit test
Diffstat (limited to 'id/server/modules/moa-id-module-sl20_authentication/src/main')
3 files changed, 16 insertions, 10 deletions
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java index c95e0b731..a5696d36d 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java @@ -148,7 +148,7 @@ public class JsonSecurityUtils implements IJOSETools{ jws.setKey(signPrivKey); //TODO: - //jws.setCertificateChainHeaderValue(signCertChain); + jws.setCertificateChainHeaderValue(signCertChain); jws.setX509CertSha256ThumbprintHeaderValue(signCertChain[0]); return jws.getCompactSerialization(); diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java index fa52634a3..0dc2e762d 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java @@ -172,16 +172,10 @@ public class SL20JSONExtractorUtils { if (result == null && encryptedResult == null) throw new SLCommandoParserException("NO result OR encryptedResult FOUND."); - - else if (result == null && encryptedResult == null) - throw new SLCommandoParserException("result AND encryptedResultFOUND. Can not used twice"); - + else if (encryptedResult == null && mustBeEncrypted) throw new SLCommandoParserException("result MUST be signed."); - - else if (result != null) - return result; - + else if (encryptedResult != null && encryptedResult.isJsonPrimitive()) { try { return decrypter.decryptPayload(encryptedResult.getAsString()); @@ -200,7 +194,10 @@ public class SL20JSONExtractorUtils { throw e; } - + + } else if (result != null) { + return result; + } else throw new SLCommandoParserException("Internal build error"); diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java index bb66f452a..2f062b71d 100644 --- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java +++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java @@ -140,6 +140,15 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask { String ccsURL = eIDData.get(SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_CCSURL); String LoA = eIDData.get(SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_LOA); + + + if (MiscUtil.isEmpty(idlB64) || MiscUtil.isEmpty(authBlockB64) + || MiscUtil.isEmpty(LoA) || MiscUtil.isEmpty(ccsURL)) { + Logger.info("SL20 'qualifiedeID' result does NOT contain all required attributes."); + throw new SLCommandoParserException("SL20 'qualifiedeID' result does NOT contain all required attributes."); + + } + //cache qualified eID data into pending request pendingReq.setGenericDataToSession( Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_IDL, |