diff options
author | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2015-06-30 13:55:17 +0200 |
---|---|---|
committer | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2015-06-30 13:55:17 +0200 |
commit | b92da70a3071e1dbf910ee38ff4efbe61ecc8be6 (patch) | |
tree | 2d0be5ef354b9b24e55dc8a161ec3f7b3d98a49a /id/server/modules/module-stork/src | |
parent | f1d193a42c033cc0b247f5915484bd4963d1f852 (diff) | |
download | moa-id-spss-b92da70a3071e1dbf910ee38ff4efbe61ecc8be6.tar.gz moa-id-spss-b92da70a3071e1dbf910ee38ff4efbe61ecc8be6.tar.bz2 moa-id-spss-b92da70a3071e1dbf910ee38ff4efbe61ecc8be6.zip |
handle multiple assertions with equal attributes
Diffstat (limited to 'id/server/modules/module-stork/src')
-rw-r--r-- | id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index 6eabc0538..b89571fde 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -298,14 +298,20 @@ public class PepsConnectorTask extends AbstractAuthServletTask { Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
-
- // first, try to fetch the attributes from the list of total attributes. Note that this very list is only filled
- // with ALL attributes when there is more than one assertion in the SAML2 STORK message.
- IPersonalAttributeList attributeList = authnResponse.getTotalPersonalAttributeList();
-
- // if the list is empty, there was just one assertion... probably
- if(attributeList.isEmpty())
- attributeList = authnResponse.getPersonalAttributeList();
+ // fetch attribute list from response
+ IPersonalAttributeList attributeList = authnResponse.getPersonalAttributeList();
+ if(authnResponse.getAssertions().size() > 1) {
+ for(IPersonalAttributeList currentList : authnResponse.getPersonalAttributeLists()) {
+ for(PersonalAttribute currentAttribute : currentList.values()) {
+ if(!attributeList.containsKey(currentAttribute.getName()))
+ attributeList.add((PersonalAttribute) currentAttribute.clone());
+ else {
+ if(!attributeList.get(currentAttribute.getName()).getValue().equals(currentAttribute.getValue()))
+ throw new TaskExecutionException("data integrity failure", new Exception("data integrity failure: found non-matching values in multiple attributes of type " + currentAttribute.getName()));
+ }
+ }
+ }
+ }
// //////////// incorporate gender from parameters if not in stork response
|