diff options
| author | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2015-06-30 13:55:17 +0200 | 
|---|---|---|
| committer | Florian Reimair <florian.reimair@iaik.tugraz.at> | 2015-06-30 13:55:17 +0200 | 
| commit | b92da70a3071e1dbf910ee38ff4efbe61ecc8be6 (patch) | |
| tree | 2d0be5ef354b9b24e55dc8a161ec3f7b3d98a49a /id/server/modules/module-stork | |
| parent | f1d193a42c033cc0b247f5915484bd4963d1f852 (diff) | |
| download | moa-id-spss-b92da70a3071e1dbf910ee38ff4efbe61ecc8be6.tar.gz moa-id-spss-b92da70a3071e1dbf910ee38ff4efbe61ecc8be6.tar.bz2 moa-id-spss-b92da70a3071e1dbf910ee38ff4efbe61ecc8be6.zip | |
handle multiple assertions with equal attributes
Diffstat (limited to 'id/server/modules/module-stork')
| -rw-r--r-- | id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java | 22 | 
1 files changed, 14 insertions, 8 deletions
| diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java index 6eabc0538..b89571fde 100644 --- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java +++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java @@ -298,14 +298,20 @@ public class PepsConnectorTask extends AbstractAuthServletTask {  			Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
 -
 -			// first, try to fetch the attributes from the list of total attributes. Note that this very list is only filled
 -			// with ALL attributes when there is more than one assertion in the SAML2 STORK message.  
 -			IPersonalAttributeList attributeList = authnResponse.getTotalPersonalAttributeList();
 -
 -			// if the list is empty, there was just one assertion... probably
 -			if(attributeList.isEmpty())
 -				attributeList = authnResponse.getPersonalAttributeList();
 +			// fetch attribute list from response
 +			IPersonalAttributeList attributeList = authnResponse.getPersonalAttributeList();
 +			if(authnResponse.getAssertions().size() > 1) {
 +				for(IPersonalAttributeList currentList : authnResponse.getPersonalAttributeLists()) {
 +					for(PersonalAttribute currentAttribute : currentList.values()) {
 +						if(!attributeList.containsKey(currentAttribute.getName()))
 +							attributeList.add((PersonalAttribute) currentAttribute.clone());
 +						else {
 +							if(!attributeList.get(currentAttribute.getName()).getValue().equals(currentAttribute.getValue()))
 +								throw new TaskExecutionException("data integrity failure", new Exception("data integrity failure: found non-matching values in multiple attributes of type " + currentAttribute.getName()));
 +						}
 +					}
 +				}
 +			}
  			// //////////// incorporate gender from parameters if not in stork response
 | 
