aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-modules-federated_authentication/src/main/java
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2019-12-11 16:01:38 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2019-12-11 16:01:38 +0100
commite4fa532f93f10115e1f39c97cc96e5950a048884 (patch)
treeb919a752f77a37fbae7407b3864e05b1416c1dcc /id/server/modules/moa-id-modules-federated_authentication/src/main/java
parent84b0604fa11e7f73e3e78b981d628f768a880f35 (diff)
downloadmoa-id-spss-e4fa532f93f10115e1f39c97cc96e5950a048884.tar.gz
moa-id-spss-e4fa532f93f10115e1f39c97cc96e5950a048884.tar.bz2
moa-id-spss-e4fa532f93f10115e1f39c97cc96e5950a048884.zip
update to EAAF-Components 1.0.13.1
Enforce E-ID authentication based on Service-Provider configuration
Diffstat (limited to 'id/server/modules/moa-id-modules-federated_authentication/src/main/java')
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java3
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java4
-rw-r--r--id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java6
3 files changed, 9 insertions, 4 deletions
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
index 4068d2d99..e50836712 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
@@ -22,6 +22,7 @@
*/
package at.gv.egovernment.moa.id.auth.modules.federatedauth;
+import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
@@ -45,7 +46,7 @@ public class FederatedAuthenticationModuleImpl implements AuthModule {
* @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
*/
@Override
- public String selectProcess(ExecutionContext context) {
+ public String selectProcess(ExecutionContext context, IRequest pendingReq) {
//select interfederation authentication if PERFORM_INTERFEDERATION_AUTH flag is set
Object performfedAuthObj = context.get(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH);
if (performfedAuthObj != null && performfedAuthObj instanceof Boolean) {
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
index d0d97e9e8..a798679d7 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
@@ -36,6 +36,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import at.gv.egiz.eaaf.core.api.data.ILoALevelMapper;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
@@ -64,6 +65,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
@Autowired FederatedAuthCredentialProvider credential;
@Autowired(required=true) MOAMetadataProvider metadataProvider;
@Autowired(required=true) ILoALevelMapper loaMapper;
+ @Autowired(required=true) protected IConfigurationWithSP authConfigWithSp;
/* (non-Javadoc)
* @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
@@ -82,7 +84,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
}
//load IDP configuration from MOA-ID Configuration
- IOAAuthParameters idpConfig = authConfig.getServiceProviderConfiguration(idpEntityID, IOAAuthParameters.class);
+ IOAAuthParameters idpConfig = authConfigWithSp.getServiceProviderConfiguration(idpEntityID, IOAAuthParameters.class);
//validate IDP
if (!idpConfig.isInderfederationIDP() || !idpConfig.isInboundSSOInterfederationAllowed()) {
Logger.info("Requested interfederation IDP " + idpEntityID + " is not valid for interfederation.");
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
index 6b6d1a196..7dce22d81 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
@@ -42,6 +42,7 @@ import org.opensaml.xml.security.SecurityException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
@@ -94,6 +95,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
@Autowired private AuthenticationDataBuilder authDataBuilder;
@Autowired(required=true) MOAMetadataProvider metadataProvider;
@Autowired(required=true) protected IAuthenticationSessionStoreage authenticatedSessionStorage;
+ @Autowired(required=true) protected IConfigurationWithSP authConfigWithSp;
/* (non-Javadoc)
@@ -150,7 +152,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
PVPSProfileResponse processedMsg = preProcessAuthResponse((PVPSProfileResponse) msg);
//load IDP and SP configuration
- IOAAuthParameters idpConfig = authConfig.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
+ IOAAuthParameters idpConfig = authConfigWithSp.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
IOAAuthParameters spConfig = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
//check if response Entity is valid
@@ -224,7 +226,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
if (msg != null) {
IOAAuthParameters idpConfig = null;
try {
- idpConfig = authConfig.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
+ idpConfig = authConfigWithSp.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
//remove federated IDP from SSO session if exists
ssoManager.removeInterfederatedSSOIDP(msg.getEntityID(), request);