aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/module-stork
diff options
context:
space:
mode:
authorFlorian Reimair <florian.reimair@iaik.tugraz.at>2015-06-30 13:55:17 +0200
committerFlorian Reimair <florian.reimair@iaik.tugraz.at>2015-06-30 13:55:17 +0200
commitb92da70a3071e1dbf910ee38ff4efbe61ecc8be6 (patch)
tree2d0be5ef354b9b24e55dc8a161ec3f7b3d98a49a /id/server/modules/module-stork
parentf1d193a42c033cc0b247f5915484bd4963d1f852 (diff)
downloadmoa-id-spss-b92da70a3071e1dbf910ee38ff4efbe61ecc8be6.tar.gz
moa-id-spss-b92da70a3071e1dbf910ee38ff4efbe61ecc8be6.tar.bz2
moa-id-spss-b92da70a3071e1dbf910ee38ff4efbe61ecc8be6.zip
handle multiple assertions with equal attributes
Diffstat (limited to 'id/server/modules/module-stork')
-rw-r--r--id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java22
1 files changed, 14 insertions, 8 deletions
diff --git a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
index 6eabc0538..b89571fde 100644
--- a/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
+++ b/id/server/modules/module-stork/src/main/java/at/gv/egovernment/moa/id/auth/modules/stork/tasks/PepsConnectorTask.java
@@ -298,14 +298,20 @@ public class PepsConnectorTask extends AbstractAuthServletTask {
Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);
-
- // first, try to fetch the attributes from the list of total attributes. Note that this very list is only filled
- // with ALL attributes when there is more than one assertion in the SAML2 STORK message.
- IPersonalAttributeList attributeList = authnResponse.getTotalPersonalAttributeList();
-
- // if the list is empty, there was just one assertion... probably
- if(attributeList.isEmpty())
- attributeList = authnResponse.getPersonalAttributeList();
+ // fetch attribute list from response
+ IPersonalAttributeList attributeList = authnResponse.getPersonalAttributeList();
+ if(authnResponse.getAssertions().size() > 1) {
+ for(IPersonalAttributeList currentList : authnResponse.getPersonalAttributeLists()) {
+ for(PersonalAttribute currentAttribute : currentList.values()) {
+ if(!attributeList.containsKey(currentAttribute.getName()))
+ attributeList.add((PersonalAttribute) currentAttribute.clone());
+ else {
+ if(!attributeList.get(currentAttribute.getName()).getValue().equals(currentAttribute.getValue()))
+ throw new TaskExecutionException("data integrity failure", new Exception("data integrity failure: found non-matching values in multiple attributes of type " + currentAttribute.getName()));
+ }
+ }
+ }
+ }
// //////////// incorporate gender from parameters if not in stork response