add countryCode Attribute into SAML1 assertion

1 files changed, 22 insertions, 5 deletions

diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 78dc80815..c8f01f67d 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.protocols.saml1;
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
+import java.util.ArrayList;
 import java.util.List;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
@@ -44,6 +45,7 @@ import org.xml.sax.SAXException;
 import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
 import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator;
 import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
 import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
@@ -56,6 +58,7 @@ import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
 import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
 import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
+import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.id.auth.exception.ParseException;
@@ -319,12 +322,26 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 				
 			}
 			
-			String samlAssertion;
 			
-			//add mandate info's
-			if (authData.isUseMandate()) {
-				List<ExtendedSAMLAttribute> oaAttributes = authData.getExtendedSAMLAttributesOA();
+			List<ExtendedSAMLAttribute> oaAttributes = authData.getExtendedSAMLAttributesOA();
+			
+			//add additional SAML1 attribute that containts the CountryCode in case of foreigners
+			if (authData.isForeigner()) {
+				if (oaAttributes == null)
+					oaAttributes = new ArrayList<ExtendedSAMLAttribute>();
+
+				Logger.trace("Entity is marked as foreigner. Adding CountryCode: "
+						+ authData.getCiticenCountryCode() + " as attribute into SAML1 assertion ... ");
+				oaAttributes.add(new ExtendedSAMLAttributeImpl(
+						PVPAttributeDefinitions.EID_ISSUING_NATION_FRIENDLY_NAME, authData.getCiticenCountryCode(),
+						Constants.MOA_NS_URI,
+						ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK));
 				
+			}
+									
+			String samlAssertion = null;
+			//add mandate info's
+			if (authData.isUseMandate()) {								
 				//only provide full mandate if it is included.  
 				if (saml1parameter.isProvideFullMandatorData() 
 						&& authData.getMISMandate() != null) {
@@ -420,7 +437,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 					authData.getBkuURL(),
 					signerCertificateBase64,
 					oaParam.hasBaseIdTransferRestriction(),
-					authData.getExtendedSAMLAttributesOA(), 
+					oaAttributes, 
 					useCondition,
 					conditionLength);
 			}