Merge branch 'development_preview'

2 files changed, 114 insertions, 5 deletions

diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 7a9557baf..73d3d369f 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -53,6 +53,9 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EIDEIDTokenBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.EidIdentityStatusLevelAttributeBuiler;
 import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
@@ -67,6 +70,7 @@ import at.gv.egovernment.moa.id.auth.exception.ServiceException;
 import at.gv.egovernment.moa.id.auth.exception.ValidateException;
 import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
 import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
+import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
@@ -78,7 +82,6 @@ import at.gv.egovernment.moa.id.protocols.builder.attributes.BPKListAttributeBui
 import at.gv.egovernment.moa.id.protocols.builder.attributes.EncryptedBPKAttributeBuilder;
 import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateNaturalPersonBPKListAttributeBuilder;
 import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateNaturalPersonEncBPKListAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
@@ -351,7 +354,11 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 			if (Boolean.parseBoolean(
 					oaParam.getConfigurationValue(
 							MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE, 
-							String.valueOf(false)))) {
+							String.valueOf(false))) ||
+			    Boolean.parseBoolean(
+		          oaParam.getConfigurationValue(
+		              MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_PROXY_MODE, 
+		              String.valueOf(false)))) {
 				Logger.info("Demo-mode for 'New Austrian eID' is active. Add additonal attributes ... ");
 				
 				if (oaAttributes == null)
@@ -393,6 +400,42 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 					
 				}
 				
+				try {
+					String onlineIDL = new EIDEIDTokenBuilder().build(
+							oaParam, 
+							authData, 
+							new SimpleStringAttributeGenerator());
+					if (MiscUtil.isNotEmpty(onlineIDL)) {
+						Logger.trace("Adding Online-IDL: " + onlineIDL + " as attribute into SAML1 assertion ... ");
+						oaAttributes.add(new ExtendedSAMLAttributeImpl(
+								PVPAttributeDefinitions.EID_E_ID_TOKEN_FRIENDLY_NAME, onlineIDL,
+								Constants.MOA_NS_URI,
+								ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+					
+					}
+				} catch (AttributeBuilderException e) {
+					Logger.info("Can NOT build additional 'Online-IDL' attribute. Reason: " + e.getMessage());
+					
+				}
+				
+				try {
+					String eidStatusLevel = new EidIdentityStatusLevelAttributeBuiler().build(
+							oaParam, 
+							authData, 
+							new SimpleStringAttributeGenerator());
+					if (MiscUtil.isNotEmpty(eidStatusLevel)) {
+						Logger.trace("Adding IdentityStatusLevel: " + eidStatusLevel + " as attribute into SAML1 assertion ... ");
+						oaAttributes.add(new ExtendedSAMLAttributeImpl(
+								PVPAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_FRIENDLY_NAME, eidStatusLevel,
+								Constants.MOA_NS_URI,
+								ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+					
+					}
+				} catch (AttributeBuilderException e) {
+					Logger.info("Can NOT build additional 'IdentityStatusLevel' attribute. Reason: " + e.getMessage());
+					
+				}
+				
 				//for mandates
 				try {
 					String additionalMandatorBpks = new MandateNaturalPersonBPKListAttributeBuilder().build(
@@ -429,12 +472,15 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 					Logger.info("Can NOT build foreign Mandator bPKs. Reason: " + e.getMessage());
 					
 				}
+				
+				
 								
 			}
 						
 			String samlAssertion = null;
 			//add mandate info's
 			if (authData.isUseMandate()) {								
+				
 				//only provide full mandate if it is included.  
 				if (saml1parameter.isProvideFullMandatorData() 
 						&& authData.getMISMandate() != null) {
@@ -506,8 +552,12 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 					}				
 				}
 				
+				//build mandateDate Attribute
 				String mandateDate = generateMandateDate(oaParam, authData);
 				
+				//build RepresentationType and
+				generateRepresentationTypeAndOWInfos(oaAttributes, oaParam, authData);
+				
 				samlAssertion = new AuthenticationDataAssertionBuilder().buildMandate(
 						authData, 
 						prPerson, 
@@ -553,6 +603,65 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 
 	}
 
+	private void generateRepresentationTypeAndOWInfos(List<ExtendedSAMLAttribute> oaAttributes,
+			IOAAuthParameters oaParam, SAML1AuthenticationData authData) {
+		boolean isRepresentationTypeSet = false;
+		boolean isOWOIDSet = false;
+		boolean isOWFriendlyNameSet = false;
+		
+		for (ExtendedSAMLAttribute el : oaAttributes) {
+			if (EXT_SAML_MANDATE_REPRESENTATIONTYPE.equals(el.getName()))
+					isRepresentationTypeSet = true;
+			
+			if (EXT_SAML_MANDATE_OID.equals(el.getName()))
+				isOWOIDSet = true;
+			
+			if (EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION.equals(el.getName()))
+				isOWFriendlyNameSet = true;
+		}
+				
+				
+		if (!isRepresentationTypeSet)
+			oaAttributes.add(new ExtendedSAMLAttributeImpl(
+					EXT_SAML_MANDATE_REPRESENTATIONTYPE,
+					EXT_SAML_MANDATE_REPRESENTATIONTEXT,
+					SZRGWConstants.MANDATE_NS,
+					ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+			
+		
+		String oid = null;
+		String oidDescription = null;
+		
+		if (authData.getMISMandate() != null) {
+			oid = authData.getMISMandate().getProfRep();
+			oidDescription = authData.getMISMandate().getTextualDescriptionOfOID();
+			
+		} else {
+			oid = authData.getGenericData(PVPConstants.MANDATE_PROF_REP_OID_NAME, String.class);
+			oidDescription = authData.getGenericData(PVPConstants.MANDATE_PROF_REP_DESC_NAME, String.class);
+			
+		}
+			
+		 
+		
+		
+		if (!isOWOIDSet && oid != null)
+			oaAttributes.add(new ExtendedSAMLAttributeImpl(
+					EXT_SAML_MANDATE_OID, oid,
+					SZRGWConstants.MANDATE_NS,
+					ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+						
+		if (!isOWFriendlyNameSet && oidDescription != null)	
+			oaAttributes.add(new ExtendedSAMLAttributeImpl(
+					EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION,
+					oidDescription, SZRGWConstants.MANDATE_NS,
+					ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
+
+		
+		
+	}
+
+
 	private String generateMandateDate(IOAAuthParameters oaParam, MOAAuthenticationData authData
 			) throws AuthenticationException, BuildException,
 			ParseException, ConfigurationException, ServiceException,
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 20c66d7a2..bb1f3c155 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -42,7 +42,7 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
 import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
 import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
-import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
@@ -66,7 +66,7 @@ import at.gv.egovernment.moa.util.URLEncoder;
  */ 
 
 @Controller
-public class SAML1Protocol extends AbstractAuthProtocolModulController implements IModulInfo {
+public class SAML1Protocol extends AbstractController implements IModulInfo {
 
 	@Autowired private SAML1AuthenticationServer saml1AuthServer;
 	
@@ -127,7 +127,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 		//preProcess SAML1 Request
 		preProcess(req, resp, pendingReq);
 		
-		performAuthentication(req, resp, pendingReq);
+		protAuthService.performAuthentication(req, resp, pendingReq);
 		return;
 				
 	}