refactor authentication process to use service-provider configuration from pending-request

1 files changed, 80 insertions, 66 deletions

diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 417bf4dc9..3facdb50f 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -58,8 +58,8 @@ public class SAML1Protocol extends AbstractProtocolModulController {
 
 	@Autowired private SAML1AuthenticationServer saml1AuthServer;
 	
-	public static final String REQ_DATA_SOURCEID = "sourceID";
-	public static final String REQ_DATA_TARGET = "target";
+	public static final String REQ_DATA_SOURCEID = "saml1_sourceID";
+	public static final String REQ_DATA_TARGET = "saml1_target";
 	
 	public static final String NAME = SAML1Protocol.class.getName();
 	public static final String PATH = "id_saml1";
@@ -111,71 +111,87 @@ public class SAML1Protocol extends AbstractProtocolModulController {
 	
 	public void preProcess(HttpServletRequest request,
 			HttpServletResponse response, SAML1RequestImpl pendingRequest) throws MOAIDException {
+		try {	
+			String oaURL = (String) request.getParameter(PARAM_OA);
+			//oaURL = StringEscapeUtils.escapeHtml(oaURL);
 			
-		String oaURL = (String) request.getParameter(PARAM_OA);
-		//oaURL = StringEscapeUtils.escapeHtml(oaURL);
-		
-		String target = (String) request.getParameter(PARAM_TARGET);
-		target = StringEscapeUtils.escapeHtml(target);
-		
-		String sourceID = request.getParameter(PARAM_SOURCEID);
-		sourceID = StringEscapeUtils.escapeHtml(sourceID);
-		
-		//the target parameter is used to define the OA in SAML1 standard
-		if (target != null && target.startsWith("http")) {
-			oaURL = target;
-			target = null;
-		}
-		
-		if (MiscUtil.isEmpty(oaURL)) {
-			Logger.info("Receive SAML1 request with no OA parameter. Authentication STOPPED!");
-			throw new WrongParametersException("StartAuthentication", PARAM_OA,
-					"auth.12");
+			String target = (String) request.getParameter(PARAM_TARGET);
+			target = StringEscapeUtils.escapeHtml(target);
 			
-		}
-		
-		if (!ParamValidatorUtils.isValidOA(oaURL))
-			throw new WrongParametersException("StartAuthentication", PARAM_OA,
-					"auth.12");
-		
-		pendingRequest.setOAURL(oaURL);
-		
-		Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL);
-		
-	    if (!ParamValidatorUtils.isValidSourceID(sourceID))
-            throw new WrongParametersException("StartAuthentication", PARAM_SOURCEID, "auth.12");
-		
-		
-		//load Target only from OA config
-		OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
-				.getOnlineApplicationParameter(oaURL);
-		
-		if (oaParam == null)
-			throw new InvalidProtocolRequestException("auth.00",
-					new Object[] { null });
+			String sourceID = request.getParameter(PARAM_SOURCEID);
+			sourceID = StringEscapeUtils.escapeHtml(sourceID);
+			
+			//the target parameter is used to define the OA in SAML1 standard
+			if (target != null && target.startsWith("http")) {
+				oaURL = target;
+				target = null;
+			}
+			
+			if (MiscUtil.isEmpty(oaURL)) {
+				Logger.info("Receive SAML1 request with no OA parameter. Authentication STOPPED!");
+				throw new WrongParametersException("StartAuthentication", PARAM_OA,
+						"auth.12");
+				
+			}
+			
+			if (!ParamValidatorUtils.isValidOA(oaURL))
+				throw new WrongParametersException("StartAuthentication", PARAM_OA,
+						"auth.12");
+			
+			pendingRequest.setOAURL(oaURL);
+			
+			Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL);
+			
+		    if (!ParamValidatorUtils.isValidSourceID(sourceID))
+	            throw new WrongParametersException("StartAuthentication", PARAM_SOURCEID, "auth.12");
+			
+			
+			//load Target only from OA config
+			OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance()
+					.getOnlineApplicationParameter(oaURL);
+			
+			if (oaParam == null)
+				throw new InvalidProtocolRequestException("auth.00",
+						new Object[] { null });
+					
+			SAML1ConfigurationParameters saml1 = oaParam.getSAML1Parameter();
+			if (saml1 == null || !(saml1.isIsActive() != null && saml1.isIsActive()) ) {
+				Logger.info("Online-Application " + oaURL + " can not use SAML1 for authentication.");
+				throw new InvalidProtocolRequestException("auth.00",
+						new Object[] { null });
+			}
+			pendingRequest.setOnlineApplicationConfiguration(oaParam);
+			
+			
+			//check and set SourceID
+			if (oaParam.getSAML1Parameter() != null && 
+					MiscUtil.isNotEmpty(oaParam.getSAML1Parameter().getSourceID())) {
+				pendingRequest.setSourceID(oaParam.getSAML1Parameter().getSourceID());
 				
-		SAML1ConfigurationParameters saml1 = oaParam.getSAML1Parameter();
-		if (saml1 == null || !(saml1.isIsActive() != null && saml1.isIsActive()) ) {
-			Logger.info("Online-Application " + oaURL + " can not use SAML1 for authentication.");
-			throw new InvalidProtocolRequestException("auth.00",
-					new Object[] { null });
+			} else
+				pendingRequest.setSourceID(sourceID);
+			
+			revisionsLogger.logEvent(pendingRequest, MOAIDEventConstants.AUTHPROTOCOL_SAML1_AUTHNREQUEST);
+			
+			if (MiscUtil.isNotEmpty(target))
+				pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, target);
+			
+			else
+				pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, oaParam.getTarget());
+	
+			//AuthnRequest needs authentication
+			pendingRequest.setNeedAuthentication(true);
+	
+			//set protocol action, which should be executed after authentication
+			pendingRequest.setAction(AuthenticationAction.class.getName());
+			
+		} catch (WrongParametersException e) {
+			throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters());
+			
+		} catch (InvalidProtocolRequestException e) {
+			throw e;
+			
 		}
-		pendingRequest.setOnlineApplicationConfiguration(oaParam);
-		pendingRequest.setSourceID(sourceID);
-		
-		revisionsLogger.logEvent(pendingRequest, MOAIDEventConstants.AUTHPROTOCOL_SAML1_AUTHNREQUEST);
-		
-		if (MiscUtil.isNotEmpty(target))
-			pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, target);
-		
-		else
-			pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, oaParam.getTarget());
-
-		//AuthnRequest needs authentication
-		pendingRequest.setNeedAuthentication(true);
-
-		//set protocol action, which should be executed after authentication
-		pendingRequest.setAction(AuthenticationAction.class.getName());
 						
 	}
 
@@ -183,9 +199,7 @@ public class SAML1Protocol extends AbstractProtocolModulController {
 			HttpServletRequest request, HttpServletResponse response,
 			IRequest protocolRequest) 
 					throws Throwable{
-		
-		OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(protocolRequest.getOAURL());
-		if (!oa.getSAML1Parameter().isProvideAllErrors())
+		if (!protocolRequest.getOnlineApplicationConfiguration().getSAML1Parameter().isProvideAllErrors())
 			return false;
 		
 		else {