aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-module-sl20_authentication/src/main
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-06-12 06:25:12 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-06-12 06:25:12 +0200
commit23201ce112d9aa132783f984e0765c0cacca95a5 (patch)
treea6998160bab46487237a8b89017ca2b2ab37f641 /id/server/modules/moa-id-module-sl20_authentication/src/main
parent010649c11c8308a1e6f23f6e40faac051aee976e (diff)
downloadmoa-id-spss-23201ce112d9aa132783f984e0765c0cacca95a5.tar.gz
moa-id-spss-23201ce112d9aa132783f984e0765c0cacca95a5.tar.bz2
moa-id-spss-23201ce112d9aa132783f984e0765c0cacca95a5.zip
update SL20 module and add an additional jUnit test
Diffstat (limited to 'id/server/modules/moa-id-module-sl20_authentication/src/main')
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java2
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java15
-rw-r--r--id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java9
3 files changed, 16 insertions, 10 deletions
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
index c95e0b731..a5696d36d 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
@@ -148,7 +148,7 @@ public class JsonSecurityUtils implements IJOSETools{
jws.setKey(signPrivKey);
//TODO:
- //jws.setCertificateChainHeaderValue(signCertChain);
+ jws.setCertificateChainHeaderValue(signCertChain);
jws.setX509CertSha256ThumbprintHeaderValue(signCertChain[0]);
return jws.getCompactSerialization();
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
index fa52634a3..0dc2e762d 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
@@ -172,16 +172,10 @@ public class SL20JSONExtractorUtils {
if (result == null && encryptedResult == null)
throw new SLCommandoParserException("NO result OR encryptedResult FOUND.");
-
- else if (result == null && encryptedResult == null)
- throw new SLCommandoParserException("result AND encryptedResultFOUND. Can not used twice");
-
+
else if (encryptedResult == null && mustBeEncrypted)
throw new SLCommandoParserException("result MUST be signed.");
-
- else if (result != null)
- return result;
-
+
else if (encryptedResult != null && encryptedResult.isJsonPrimitive()) {
try {
return decrypter.decryptPayload(encryptedResult.getAsString());
@@ -200,7 +194,10 @@ public class SL20JSONExtractorUtils {
throw e;
}
-
+
+ } else if (result != null) {
+ return result;
+
} else
throw new SLCommandoParserException("Internal build error");
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
index bb66f452a..2f062b71d 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
@@ -140,6 +140,15 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
String ccsURL = eIDData.get(SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_CCSURL);
String LoA = eIDData.get(SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_LOA);
+
+
+ if (MiscUtil.isEmpty(idlB64) || MiscUtil.isEmpty(authBlockB64)
+ || MiscUtil.isEmpty(LoA) || MiscUtil.isEmpty(ccsURL)) {
+ Logger.info("SL20 'qualifiedeID' result does NOT contain all required attributes.");
+ throw new SLCommandoParserException("SL20 'qualifiedeID' result does NOT contain all required attributes.");
+
+ }
+
//cache qualified eID data into pending request
pendingReq.setGenericDataToSession(
Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_IDL,