Merge branch 'development_preview'

7 files changed, 58 insertions, 21 deletions

diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
index b9d08a20f..2d7e209ca 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
@@ -22,6 +22,7 @@
  */
 package at.gv.egovernment.moa.id.auth.modules.ssotransfer;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 
@@ -53,7 +54,7 @@ public class SSOTransferAuthModuleImpl implements AuthModule{
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {		
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {		
 		Object restoreSSOSessionObj = context.get("restoreSSOSession");
 		if (restoreSSOSessionObj != null && restoreSSOSessionObj instanceof String) {
 			boolean restoreSSOSession = (boolean) Boolean.parseBoolean((String)restoreSSOSessionObj);
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
index e7280f847..b22dfa3a7 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
@@ -28,6 +28,7 @@ import java.util.List;
 
 import org.w3c.dom.Element;
 
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_VALUES;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
@@ -393,5 +394,35 @@ public class SSOTransferAuthenticationData implements IMOAAuthData {
 		return null;
 	}
 
+	@Override
+	public String getEncryptedSourceId() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	@Override
+	public String getEncryptedSourceIdType() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	@Override
+	public byte[] getEIDToken() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	@Override
+	public EID_IDENTITY_STATUS_LEVEL_VALUES getEIDStatus() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	@Override
+	public String getVdaEndPointUrl() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
 
 }
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
index dc2baab7d..3ab826bcd 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
@@ -158,7 +158,7 @@ public class SSOTransferServlet{
 					DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, 
 					null);
 			
-			internalCreateQRCodeForTransfer(resp, authURL, 
+			internalCreateQRCodeForTransfer(req, resp, authURL, 
 					"123456", "/TestTransmitSSOSession", config);
 
 		} catch (MOAIDException | MOADatabaseException e) {
@@ -423,7 +423,7 @@ public class SSOTransferServlet{
 								
 				String ssoSessionId = authenticationSessionStorage.getInternalSSOSessionWithSSOID(ssoid);
 				if(ssoSessionId != null) {
-					internalCreateQRCodeForTransfer(resp, authURL, 
+					internalCreateQRCodeForTransfer(req, resp, authURL, 
 							ssoSessionId, 
 							SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config);
 						
@@ -432,10 +432,10 @@ public class SSOTransferServlet{
 			}
 								
 			
-			config.putCustomParameter("errorMsg", 
+			config.putCustomParameter(null, "errorMsg", 
 					"No active Single Sign-On session found! SSO Session transfer is not possible.");
 			
-			guiBuilder.build(resp, config, "SSO-Transfer-Module");
+			guiBuilder.build(req, resp, config, "SSO-Transfer-Module");
 			
 		} catch (MOAIDException | MOADatabaseException e) {
 			e.printStackTrace();
@@ -518,7 +518,7 @@ public class SSOTransferServlet{
 		
 	}
 	
-	private void internalCreateQRCodeForTransfer(HttpServletResponse resp, String authURL,
+	private void internalCreateQRCodeForTransfer(HttpServletRequest req, HttpServletResponse resp, String authURL,
 			String moaSessionID, String servletEndPoint, DefaultGUIFormBuilderConfiguration config) throws Exception {
 		SSOTransferContainer container = new SSOTransferContainer();							
 		String token = Random.nextRandom();
@@ -572,12 +572,12 @@ public class SSOTransferServlet{
 		ByteArrayOutputStream qrStream = 
 				QRCode.from(qrResult.toString()).to(ImageType.GIF).withSize(350, 350).stream();							
 		String base64EncodedImage = Base64Utils.encode(qrStream.toByteArray());							
-		config.putCustomParameter("QRImage", base64EncodedImage);
+		config.putCustomParameter(null, "QRImage", base64EncodedImage);
 		
-		config.putCustomParameterWithOutEscaption("successMsg", "Scan the QR-Code with your <i>SSO-Transfer App</i> to start the transfer operation.");
+		config.putCustomParameterWithOutEscaption(null, "successMsg", "Scan the QR-Code with your <i>SSO-Transfer App</i> to start the transfer operation.");
 		
 		
-		guiBuilder.build(resp, config, "SSO-Session Transfer-Module");
+		guiBuilder.build(req, resp, config, "SSO-Session Transfer-Module");
 		
 	}
 		
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java
index bf215373d..169eb464b 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java
@@ -33,6 +33,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
 import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
@@ -53,13 +54,13 @@ public class SSOTransferSignalServlet extends AbstractProcessEngineSignalControl
 	@RequestMapping(value = {	"/SSOTransferSignalEndpoint"
 							}, 
 							method = {RequestMethod.POST, RequestMethod.GET})
-	public void performSSOTransfer(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void performSSOTransfer(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		signalProcessManagement(req, resp);
 
 	}
 	
 	@Override
-	protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		String pendingRequestID = StringEscapeUtils.escapeHtml(getPendingRequestId(req));
 		IRequest pendingReq = null;
 		try {	
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
index 921e3844b..7132eb08e 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
@@ -85,7 +85,7 @@ public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask {
 			Pair<DHPublicKeySpec, PrivateKey> dhKeyIDP = ssoTransferUtils.createSpecificKey(dhSpec.getP(), dhSpec.getG());
 			String nonce = Random.nextLongRandom();
 			
-			GUIUtils.buildSSOTransferGUI(guiBuilder, response, authURL, 
+			GUIUtils.buildSSOTransferGUI(guiBuilder, request, response, authURL, 
 					pendingReq.getPendingRequestId(), nonce, dhKeyIDP.getF());
 			
 			//store DH params and nonce to pending-request
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
index 90b74ebd7..8839d5a94 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
@@ -189,6 +189,9 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
 				AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 		    	ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moaSession, attributeExtractor);
 		    	
+  		    //set NeedConsent to false, because user gives consont during authentication
+		      pendingReq.setNeedUserConsent(false);
+		    	
 		    	// store MOASession into database
 		    	requestStoreage.storePendingRequest(pendingReq);
 		    		
@@ -267,7 +270,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
 							
 						}	
 						
-						GUIUtils.buildSSOTransferGUI(guiBuilder, response, 
+						GUIUtils.buildSSOTransferGUI(guiBuilder, request, response, 
 								authURL, pendingReq.getPendingRequestId(), nonce, container.getDhParams().getF());
 						
 					} catch (IOException | MOAIDException e) {
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
index 1a4a9b80b..2814874bd 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
@@ -26,6 +26,7 @@ import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 
 import javax.crypto.spec.DHPublicKeySpec;
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import com.google.gson.JsonObject;
@@ -50,9 +51,9 @@ public class GUIUtils {
 	public static final int REFESH_TIMEOUT = 5 * 1000; //5 sec
 	
 	public static void buildSSOTransferGUI(
-			IGUIFormBuilder guiBuilder, HttpServletResponse httpResp,
+			IGUIFormBuilder guiBuilder, HttpServletRequest httpReq,HttpServletResponse httpResp,
 			String authURL, String pendingReqID) throws ConfigurationException, IOException {
-		buildSSOTransferGUI(guiBuilder, httpResp, authURL, pendingReqID, null, null);
+		buildSSOTransferGUI(guiBuilder, httpReq, httpResp, authURL, pendingReqID, null, null);
 				
 	}
 
@@ -66,7 +67,7 @@ public class GUIUtils {
 	 * @throws ConfigurationException 
 	 * @throws IOException 
 	 */
-	public static void buildSSOTransferGUI(IGUIFormBuilder guiBuilder, HttpServletResponse response, String authURL,
+	public static void buildSSOTransferGUI(IGUIFormBuilder guiBuilder, HttpServletRequest request, HttpServletResponse response, String authURL,
 			String requestID, String nonce, DHPublicKeySpec dhKeyIDP) throws ConfigurationException, IOException {
 		try {
 			String containerURL = authURL
@@ -103,12 +104,12 @@ public class GUIUtils {
 					DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, 
 					null);
 			
-			config.putCustomParameter("QRImage", base64EncodedImage);		
-			config.putCustomParameterWithOutEscaption("successMsg", "Select the SSO Session in your <i>SSO-Transfer App</i> and scan the QR-Code to start the process.");			
-			config.putCustomParameterWithOutEscaption("timeoutURL", containerURL);
-			config.putCustomParameter("timeout", String.valueOf(REFESH_TIMEOUT));
+			config.putCustomParameter(null, "QRImage", base64EncodedImage);		
+			config.putCustomParameterWithOutEscaption(null, "successMsg", "Select the SSO Session in your <i>SSO-Transfer App</i> and scan the QR-Code to start the process.");			
+			config.putCustomParameterWithOutEscaption(null, "timeoutURL", containerURL);
+			config.putCustomParameter(null, "timeout", String.valueOf(REFESH_TIMEOUT));
 				
-			guiBuilder.build(response, config, "SSO-Transfer-Module");
+			guiBuilder.build(request, response, config, "SSO-Transfer-Module");
 			
 		} catch (GUIBuildException e) {
 			Logger.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage(), e);