aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-modules-saml1/src/main
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2018-07-16 13:11:21 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2018-07-16 13:11:21 +0200
commitbb6aaa83002e5daae15dde06abb9c984ab644bb4 (patch)
tree2a0201c5b40bce28fa56654e978b113b8fa1f7f9 /id/server/modules/moa-id-modules-saml1/src/main
parent158d41705d0f8c67a858e84bda8d2c16377cf288 (diff)
downloadmoa-id-spss-bb6aaa83002e5daae15dde06abb9c984ab644bb4.tar.gz
moa-id-spss-bb6aaa83002e5daae15dde06abb9c984ab644bb4.tar.bz2
moa-id-spss-bb6aaa83002e5daae15dde06abb9c984ab644bb4.zip
add countryCode Attribute into SAML1 assertion
Diffstat (limited to 'id/server/modules/moa-id-modules-saml1/src/main')
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java27
1 files changed, 22 insertions, 5 deletions
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 78dc80815..c8f01f67d 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.protocols.saml1;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
+import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -44,6 +45,7 @@ import org.xml.sax.SAXException;
import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator;
import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
@@ -56,6 +58,7 @@ import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
+import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
import at.gv.egovernment.moa.id.auth.exception.BuildException;
import at.gv.egovernment.moa.id.auth.exception.ParseException;
@@ -319,12 +322,26 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
}
- String samlAssertion;
- //add mandate info's
- if (authData.isUseMandate()) {
- List<ExtendedSAMLAttribute> oaAttributes = authData.getExtendedSAMLAttributesOA();
+ List<ExtendedSAMLAttribute> oaAttributes = authData.getExtendedSAMLAttributesOA();
+
+ //add additional SAML1 attribute that containts the CountryCode in case of foreigners
+ if (authData.isForeigner()) {
+ if (oaAttributes == null)
+ oaAttributes = new ArrayList<ExtendedSAMLAttribute>();
+
+ Logger.trace("Entity is marked as foreigner. Adding CountryCode: "
+ + authData.getCiticenCountryCode() + " as attribute into SAML1 assertion ... ");
+ oaAttributes.add(new ExtendedSAMLAttributeImpl(
+ PVPAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME, authData.getCiticenCountryCode(),
+ Constants.MOA_NS_URI,
+ ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+ }
+
+ String samlAssertion = null;
+ //add mandate info's
+ if (authData.isUseMandate()) {
//only provide full mandate if it is included.
if (saml1parameter.isProvideFullMandatorData()
&& authData.getMISMandate() != null) {
@@ -420,7 +437,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
authData.getBkuURL(),
signerCertificateBase64,
oaParam.hasBaseIdTransferRestriction(),
- authData.getExtendedSAMLAttributesOA(),
+ oaAttributes,
useCondition,
conditionLength);
}