diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-07-16 13:11:21 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-07-16 13:11:21 +0200 |
commit | bb6aaa83002e5daae15dde06abb9c984ab644bb4 (patch) | |
tree | 2a0201c5b40bce28fa56654e978b113b8fa1f7f9 /id/server/modules/moa-id-modules-saml1/src/main | |
parent | 158d41705d0f8c67a858e84bda8d2c16377cf288 (diff) | |
download | moa-id-spss-bb6aaa83002e5daae15dde06abb9c984ab644bb4.tar.gz moa-id-spss-bb6aaa83002e5daae15dde06abb9c984ab644bb4.tar.bz2 moa-id-spss-bb6aaa83002e5daae15dde06abb9c984ab644bb4.zip |
add countryCode Attribute into SAML1 assertion
Diffstat (limited to 'id/server/modules/moa-id-modules-saml1/src/main')
-rw-r--r-- | id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java index 78dc80815..c8f01f67d 100644 --- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java +++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java @@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.protocols.saml1; import java.io.ByteArrayOutputStream; import java.io.IOException; +import java.util.ArrayList; import java.util.List; import java.util.regex.Matcher; import java.util.regex.Pattern; @@ -44,6 +45,7 @@ import org.xml.sax.SAXException; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate; import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator; import at.gv.egiz.eaaf.core.api.IRequest; +import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage; import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException; @@ -56,6 +58,7 @@ import at.gv.egovernment.moa.id.auth.AuthenticationServer; import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder; import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder; import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder; +import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl; import at.gv.egovernment.moa.id.auth.exception.AuthenticationException; import at.gv.egovernment.moa.id.auth.exception.BuildException; import at.gv.egovernment.moa.id.auth.exception.ParseException; @@ -319,12 +322,26 @@ public class SAML1AuthenticationServer extends AuthenticationServer { } - String samlAssertion; - //add mandate info's - if (authData.isUseMandate()) { - List<ExtendedSAMLAttribute> oaAttributes = authData.getExtendedSAMLAttributesOA(); + List<ExtendedSAMLAttribute> oaAttributes = authData.getExtendedSAMLAttributesOA(); + + //add additional SAML1 attribute that containts the CountryCode in case of foreigners + if (authData.isForeigner()) { + if (oaAttributes == null) + oaAttributes = new ArrayList<ExtendedSAMLAttribute>(); + + Logger.trace("Entity is marked as foreigner. Adding CountryCode: " + + authData.getCiticenCountryCode() + " as attribute into SAML1 assertion ... "); + oaAttributes.add(new ExtendedSAMLAttributeImpl( + PVPAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME, authData.getCiticenCountryCode(), + Constants.MOA_NS_URI, + ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); + } + + String samlAssertion = null; + //add mandate info's + if (authData.isUseMandate()) { //only provide full mandate if it is included. if (saml1parameter.isProvideFullMandatorData() && authData.getMISMandate() != null) { @@ -420,7 +437,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer { authData.getBkuURL(), signerCertificateBase64, oaParam.hasBaseIdTransferRestriction(), - authData.getExtendedSAMLAttributesOA(), + oaAttributes, useCondition, conditionLength); } |