untested switch to EAAF-components 1.0.7

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2019-05-24 12:23:41 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2019-05-24 12:23:41 +0200
commit: ac531e30d13d6714e2ac61f7329e6adc130aa288 (patch)
tree: 2dbaa63a8d5197bd038e8d6b3f72ddc44c6590a4 /id/server/modules
parent: 996774dbf06b037d9f843e57a2cfac9bcc111a51 (diff)
download: moa-id-spss-ac531e30d13d6714e2ac61f7329e6adc130aa288.tar.gz
moa-id-spss-ac531e30d13d6714e2ac61f7329e6adc130aa288.tar.bz2
moa-id-spss-ac531e30d13d6714e2ac61f7329e6adc130aa288.zip
35 files changed, 138 insertions, 69 deletions
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java
index 582af517c..b63501a6f 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/servlet/CitizenCardAuthProcessEngineSignalController.java
@@ -31,6 +31,7 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 
 /**
@@ -47,7 +48,7 @@ public class CitizenCardAuthProcessEngineSignalController extends AbstractProces
 			 				 "/VerifyIdentityLink"
            					}, 
 					method = {RequestMethod.POST, RequestMethod.GET})
-	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		signalProcessManagement(req, resp);
 
 }
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index c340f90c9..481313035 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -43,7 +43,10 @@
   		<groupId>MOA.id.server</groupId>
   		<artifactId>moa-id-lib</artifactId>
   	</dependency>
-  
+    <dependency>
+    	<groupId>at.gv.egiz.components</groupId>
+    	<artifactId>egiz-spring-api</artifactId>
+    </dependency>
   
   	<dependency>
 		<groupId>org.springframework</groupId>
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
index 4898c8f1e..b80e995ed 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
@@ -37,6 +37,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
 
 import com.google.common.net.MediaType;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
 import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
@@ -72,7 +73,7 @@ public class EidasCentralAuthMetadataController extends AbstractController {
 	
 	@RequestMapping(value = EidasCentralAuthConstants.ENDPOINT_METADATA, 
 					method = {RequestMethod.GET})
-	public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		//check PublicURL prefix
 		try {
 			String authURL = HTTPUtils.extractAuthURLFromRequest(req);		
@@ -101,7 +102,7 @@ public class EidasCentralAuthMetadataController extends AbstractController {
 			
 		} catch (Exception e) {
 			Logger.warn("Build federated-authentication PVP metadata FAILED.", e);
-			handleErrorNoRedirect(e, req, resp, false);
+			protAuthService.handleErrorNoRedirect(e, req, resp, false);
 			
 		}
 		
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthSignalController.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthSignalController.java
index 1486ef841..60a98213e 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthSignalController.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthSignalController.java
@@ -32,6 +32,7 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants;
 import at.gv.egovernment.moa.logging.Logger;
@@ -55,7 +56,7 @@ public class EidasCentralAuthSignalController extends AbstractProcessEngineSigna
 								EidasCentralAuthConstants.ENDPOINT_REDIRECT
 							}, 
 					method = {RequestMethod.POST, RequestMethod.GET})
-	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		signalProcessManagement(req, resp);
 		
 	}
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java
index cd3f1f788..3a4bcdc48 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/EidasCentralAuthMetadataProvider.java
@@ -44,7 +44,7 @@ import org.opensaml.xml.parse.BasicParserPool;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
-import at.gv.egiz.eaaf.core.api.IDestroyableObject;
+import at.gv.egiz.components.spring.api.IDestroyableObject;
 import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain;
 import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.SimpleMetadataProvider;
 import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter;
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index 5f4192645..6dabb938e 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -69,6 +69,12 @@
   					</exclusion>
   				</exclusions>
   			</dependency>
+  			
+  			<dependency>
+    			<groupId>com.google.code.gson</groupId>
+    			<artifactId>gson</artifactId>
+    			<version>2.8.5</version>
+			</dependency>
   
   	<dependency>
  		 <groupId>eu.eidas.extension.eID4U</groupId>
@@ -76,6 +82,11 @@
   		<version>${eID4U.module.version}</version>
   	</dependency>
   
+    <dependency>
+    	<groupId>at.gv.egiz.components</groupId>
+    	<artifactId>egiz-spring-api</artifactId>
+    </dependency>
+  
  	 <dependency>
     	<groupId>com.google.code.findbugs</groupId>
     	<artifactId>jsr305</artifactId>
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java
index d3aa7b4a0..6efa55ac8 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java
@@ -30,6 +30,7 @@ import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.IRequestStorage;
 import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
 import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl;
 import at.gv.egovernment.moa.id.protocols.eidas.EIDASData;
 import at.gv.egovernment.moa.logging.Logger;
@@ -72,11 +73,19 @@ public class AustrianAuthWitheID4UAuthenticationModulImpl extends DefaultCitizen
 				Logger.warn("Process execution context contains NO 'pendingReqId'. Looks very suspect!");
 			
 			else {
-				IRequest pendingReq = requestStore.getPendingRequest(pendingReqId);
-				if (pendingReq != null && pendingReq instanceof EIDASData) {
-					return "eID4UAttributCollectionAuthentication";
-				
+				IRequest pendingReq;
+				try {
+					pendingReq = requestStore.getPendingRequest(pendingReqId);
+					if (pendingReq != null && pendingReq instanceof EIDASData) {
+						return "eID4UAttributCollectionAuthentication";
+					
+					}
+					
+				} catch (PendingReqIdValidationException e) {
+					Logger.warn("Validation of PendingRequestId FAILED. Reason: " + e.getMessage());
+					
 				}
+				
 			}
 		}	
 		
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eID4UAPSignalServlet.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eID4UAPSignalServlet.java
index c8c65ce76..65b6d1725 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eID4UAPSignalServlet.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eID4UAPSignalServlet.java
@@ -9,6 +9,7 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
 import at.gv.egovernment.moa.id.util.CookieUtils;
@@ -26,7 +27,7 @@ public class eID4UAPSignalServlet extends AbstractProcessEngineSignalController
 	
 	@RequestMapping(value = {eID4UConstants.HTTP_ENDPOINT_AP_CONSENT_RETURN }, 
 					method = {RequestMethod.POST, RequestMethod.GET})
-	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		signalProcessManagement(req, resp);
 	}
 
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java
index 49d98ed33..70c86dad8 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASSignalServlet.java
@@ -32,6 +32,7 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 import at.gv.egovernment.moa.logging.Logger;
 
@@ -54,7 +55,7 @@ public class eIDASSignalServlet extends AbstractProcessEngineSignalController {
 			 					"/eidas/sp/redirect"
 							}, 
 					method = {RequestMethod.POST, RequestMethod.GET})
-	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		signalProcessManagement(req, resp);
 	}
 	
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
index feeff6f84..2a401bb04 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
@@ -29,7 +29,7 @@ import org.opensaml.xml.XMLObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
-import at.gv.egiz.eaaf.core.api.IDestroyableObject;
+import at.gv.egiz.components.spring.api.IDestroyableObject;
 import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing;
 import at.gv.egiz.eaaf.core.api.IPostStartupInitializable;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java
index a58bc4f8d..d2ddc7ef8 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java
@@ -16,6 +16,7 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
 import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.BPKAttributeBuilder;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egiz.eid4u.api.attributes.Definitions;
@@ -23,7 +24,6 @@ import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.modules.eidas.eID4UConstants;
 import at.gv.egovernment.moa.id.auth.modules.eidas.eid4u.utils.AttributeScopeMapper;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator;
 import at.gv.egovernment.moa.id.protocols.eidas.EIDASData;
 import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
 import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java
index d2323d161..4a6f83e5f 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/utils/eIDASAttributeBuilder.java
@@ -36,9 +36,9 @@ import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
 import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
 import at.gv.egovernment.moa.id.data.IMOAAuthData;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator;
 import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.IeIDASAttribute;
 import at.gv.egovernment.moa.id.protocols.eidas.attributes.builder.eIDASMetadata;
 import at.gv.egovernment.moa.logging.Logger;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
index 7c9e66ba0..3996ad59c 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
@@ -48,7 +48,7 @@ import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
 import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider;
-import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
 import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
@@ -82,7 +82,7 @@ import eu.eidas.engine.exceptions.EIDASSAMLEngineException;
  * @author tlenz
  */
 @Controller 
-public class EIDASProtocol extends AbstractAuthProtocolModulController implements IModulInfo {
+public class EIDASProtocol extends AbstractController implements IModulInfo {
 
 	public static final String eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE = "eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE";
 	
@@ -169,7 +169,7 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
 		pendingReq.setAction(eIDASAuthenticationRequest.class.getName());
 		
 		//switch to session authentication
-		performAuthentication(req, resp, pendingReq);
+		protAuthService.performAuthentication(req, resp, pendingReq);
 	}
     
     /*
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index 3b5d1ba66..86cb4b1a7 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -34,6 +34,11 @@
   			</dependency>
   			
   			<dependency>
+    			<groupId>at.gv.egiz.components</groupId>
+    			<artifactId>egiz-spring-api</artifactId>
+    		</dependency>
+  			
+  			<dependency>
   				<groupId>MOA.id.server.modules</groupId>
   				<artifactId>moa-id-modul-citizencard_authentication</artifactId>
   				<exclusions>
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java
index d52cd750a..be7778abc 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateMetadataController.java
@@ -34,6 +34,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
 
 import com.google.common.net.MediaType;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
 import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
 import at.gv.egiz.eaaf.modules.pvp2.api.IPVP2BasicConfiguration;
@@ -67,7 +68,7 @@ public class ELGAMandateMetadataController extends AbstractController {
 	
 	@RequestMapping(value = "/sp/elga_mandate/metadata", 
 					method = {RequestMethod.GET})
-	public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		//check PublicURL prefix
 		try {
 			String authURL = HTTPUtils.extractAuthURLFromRequest(req);		
@@ -94,7 +95,7 @@ public class ELGAMandateMetadataController extends AbstractController {
 			
 		} catch (Exception e) {
 			Logger.warn("Build federated-authentication PVP metadata FAILED.", e);
-			handleErrorNoRedirect(e, req, resp, false);
+			protAuthService.handleErrorNoRedirect(e, req, resp, false);
 			
 		}
 		
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java
index 503884edd..7effbc905 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/controller/ELGAMandateSignalController.java
@@ -32,6 +32,7 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
 import at.gv.egovernment.moa.logging.Logger;
@@ -55,7 +56,7 @@ public class ELGAMandateSignalController extends AbstractProcessEngineSignalCont
 			 					"/sp/elga_mandate/redirect"
 							}, 
 					method = {RequestMethod.POST, RequestMethod.GET})
-	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		signalProcessManagement(req, resp);
 		
 	}
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java
index 5c1f8e7bb..9980c4884 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/EvaluateMandateServiceTask.java
@@ -94,7 +94,7 @@ public class EvaluateMandateServiceTask extends AbstractAuthServletTask {
 				requestStoreage.storePendingRequest(pendingReq);
 				
 				//redirect to protocol finalization
-				performRedirectToProtocolFinialization(pendingReq, response);
+				performRedirectToProtocolFinialization(executionContext, pendingReq, request, response);
 				
 			}
 			
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java
index 854f9d2bb..1cd697c4e 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/SelectMandateServiceTask.java
@@ -69,7 +69,7 @@ public class SelectMandateServiceTask extends AbstractAuthServletTask {
 						GeneralProcessEngineSignalController.ENDPOINT_GENERIC,
 						authConfig.getConfigurationRootDirectory().toURL().toString());
 			
-				guiBuilder.build(response, config, "Mandate-Service selection");
+				guiBuilder.build(request, response, config, "Mandate-Service selection");
 		
 				Logger.debug("GUI for mandate-service selection is generated. Wait for user interaction ... ");
 				
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java
index 7bb98c719..aa4dfbe60 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/utils/ELGAMandateServiceMetadataProvider.java
@@ -44,7 +44,7 @@ import org.opensaml.xml.parse.BasicParserPool;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
-import at.gv.egiz.eaaf.core.api.IDestroyableObject;
+import at.gv.egiz.components.spring.api.IDestroyableObject;
 import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain;
 import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.SimpleMetadataProvider;
 import at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata.SchemaValidationFilter;
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index 0952ba0a6..4f3c683ce 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -23,7 +23,7 @@ import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
 import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
 import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
-import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
 import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
@@ -37,7 +37,7 @@ import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
 @Controller
-public class OAuth20Protocol extends AbstractAuthProtocolModulController implements IModulInfo {
+public class OAuth20Protocol extends AbstractController implements IModulInfo {
 	
 	public static final String NAME = OAuth20Protocol.class.getName();
 	public static final String PATH = "id_oauth20";
@@ -101,7 +101,7 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
 				req.getRemoteAddr());
 		
 		//process request
-		performAuthentication(req, resp, (RequestImpl)pendingReq);
+		protAuthService.performAuthentication(req, resp, (RequestImpl)pendingReq);
 		
 	}
 	
@@ -135,7 +135,7 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
 				req.getRemoteAddr());
 		
 		//process request
-		performAuthentication(req, resp, (RequestImpl)pendingReq);
+		protAuthService.performAuthentication(req, resp, (RequestImpl)pendingReq);
 		
 	}
 			
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 74aa6682b..6ad72adde 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -45,6 +45,10 @@
   		<groupId>MOA.id.server</groupId>
   		<artifactId>moa-id-lib</artifactId>
   	</dependency> 
+	<dependency> 
+		<groupId>at.gv.egiz.eaaf</groupId>
+	  	<artifactId>eaaf_module_auth_sl20</artifactId> 
+	</dependency>
 	
 	<dependency>
     	<groupId>com.google.code.gson</groupId>
@@ -65,6 +69,7 @@
 </dependency>
   
   
+  	<!-- Dependencies for testing -->
   	<dependency>
 		<groupId>org.springframework</groupId>
 		<artifactId>spring-test</artifactId>
@@ -75,6 +80,27 @@
       <artifactId>junit</artifactId>
       <scope>test</scope>
     </dependency>
+    <dependency>
+		<groupId>xerces</groupId>
+		<artifactId>xercesImpl</artifactId>
+		<scope>test</scope>
+	</dependency>
+	<dependency>
+		<groupId>xalan-bin-dist</groupId>
+		<artifactId>xml-apis</artifactId>
+		<scope>test</scope>
+	</dependency>
+	<dependency>
+		<groupId>xalan-bin-dist</groupId>
+		<artifactId>xalan</artifactId>
+		<scope>test</scope>
+	</dependency>
+	<dependency>
+		<groupId>xalan-bin-dist</groupId>
+		<artifactId>serializer</artifactId>
+		<scope>test</scope>
+	</dependency>
+    
   </dependencies>
   
 </project>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java
index a8c4a941e..a5a472ed8 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20SignalServlet.java
@@ -31,6 +31,7 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 import at.gv.egovernment.moa.logging.Logger;
 
@@ -54,7 +55,7 @@ public class SL20SignalServlet extends AbstractProcessEngineSignalController {
 							  Constants.HTTP_ENDPOINT_RESUME
 							}, 
 					method = {RequestMethod.POST, RequestMethod.GET})
-	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		Logger.trace("Receive req. on SL2.0 servlet with pendingReqId ... ");		
 		signalProcessManagement(req, resp);
 	}
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
index a02f86376..39364f062 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/JsonSecurityUtils.java
@@ -32,6 +32,7 @@ import com.google.gson.JsonSyntaxException;
 
 import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
 import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
+import at.gv.egiz.eaaf.core.impl.utils.X509Utils;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.Constants;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20Exception;
@@ -40,11 +41,11 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoBuil
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoParserException;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
-import at.gv.egovernment.moa.id.commons.utils.X509Utils;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.MiscUtil;
 
+
 @Service
 public class JsonSecurityUtils implements IJOSETools{
 
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java
index 599a67dfd..8a288b9b8 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/verifier/QualifiedeIDVerifier.java
@@ -19,6 +19,7 @@ import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
 import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils;
 import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
 import at.gv.egovernment.moa.id.auth.builder.SignatureVerificationUtils;
+import at.gv.egovernment.moa.id.auth.exception.ValidateException;
 import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20eIDDataValidationException;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants;
@@ -112,7 +113,7 @@ public class QualifiedeIDVerifier {
 			// date and time
 			validateSigningDateTime(sigVerifyResult, authBlockExtractor);
 			
-		} catch ( Exception e) {
+		} catch ( ValidateException e) {
 			Logger.warn("Validation of eID information FAILED. ", e);
 			throw new SL20eIDDataValidationException(new Object[] {
 					SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_IDL,
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java
index fe12e9b76..7b82eb253 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/test/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/dummydata/DummyAuthConfig.java
@@ -400,11 +400,6 @@ public class DummyAuthConfig implements AuthConfiguration {
 		return false;
 	}
 
-	@Override
-	public URI getConfigurationFilePath() {
-		// TODO Auto-generated method stub
-		return null;
-	}
 
 	@Override
 	public URI getConfigurationRootDirectory() {
@@ -413,12 +408,6 @@ public class DummyAuthConfig implements AuthConfiguration {
 	}
 
 	@Override
-	public Properties getFullConfigurationProperties() {
-		// TODO Auto-generated method stub
-		return null;
-	}
-
-	@Override
 	public ISPConfiguration getServiceProviderConfiguration(String arg0) throws EAAFConfigurationException {
 		// TODO Auto-generated method stub
 		return null;
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
index e7280f847..efbfd8472 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/data/SSOTransferAuthenticationData.java
@@ -393,5 +393,17 @@ public class SSOTransferAuthenticationData implements IMOAAuthData {
 		return null;
 	}
 
+	@Override
+	public String getEncryptedSourceId() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	@Override
+	public String getEncryptedSourceIdType() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
 
 }
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
index dc2baab7d..3ab826bcd 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferServlet.java
@@ -158,7 +158,7 @@ public class SSOTransferServlet{
 					DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, 
 					null);
 			
-			internalCreateQRCodeForTransfer(resp, authURL, 
+			internalCreateQRCodeForTransfer(req, resp, authURL, 
 					"123456", "/TestTransmitSSOSession", config);
 
 		} catch (MOAIDException | MOADatabaseException e) {
@@ -423,7 +423,7 @@ public class SSOTransferServlet{
 								
 				String ssoSessionId = authenticationSessionStorage.getInternalSSOSessionWithSSOID(ssoid);
 				if(ssoSessionId != null) {
-					internalCreateQRCodeForTransfer(resp, authURL, 
+					internalCreateQRCodeForTransfer(req, resp, authURL, 
 							ssoSessionId, 
 							SSOTransferConstants.SERVLET_SSOTRANSFER_TO_SMARTPHONE, config);
 						
@@ -432,10 +432,10 @@ public class SSOTransferServlet{
 			}
 								
 			
-			config.putCustomParameter("errorMsg", 
+			config.putCustomParameter(null, "errorMsg", 
 					"No active Single Sign-On session found! SSO Session transfer is not possible.");
 			
-			guiBuilder.build(resp, config, "SSO-Transfer-Module");
+			guiBuilder.build(req, resp, config, "SSO-Transfer-Module");
 			
 		} catch (MOAIDException | MOADatabaseException e) {
 			e.printStackTrace();
@@ -518,7 +518,7 @@ public class SSOTransferServlet{
 		
 	}
 	
-	private void internalCreateQRCodeForTransfer(HttpServletResponse resp, String authURL,
+	private void internalCreateQRCodeForTransfer(HttpServletRequest req, HttpServletResponse resp, String authURL,
 			String moaSessionID, String servletEndPoint, DefaultGUIFormBuilderConfiguration config) throws Exception {
 		SSOTransferContainer container = new SSOTransferContainer();							
 		String token = Random.nextRandom();
@@ -572,12 +572,12 @@ public class SSOTransferServlet{
 		ByteArrayOutputStream qrStream = 
 				QRCode.from(qrResult.toString()).to(ImageType.GIF).withSize(350, 350).stream();							
 		String base64EncodedImage = Base64Utils.encode(qrStream.toByteArray());							
-		config.putCustomParameter("QRImage", base64EncodedImage);
+		config.putCustomParameter(null, "QRImage", base64EncodedImage);
 		
-		config.putCustomParameterWithOutEscaption("successMsg", "Scan the QR-Code with your <i>SSO-Transfer App</i> to start the transfer operation.");
+		config.putCustomParameterWithOutEscaption(null, "successMsg", "Scan the QR-Code with your <i>SSO-Transfer App</i> to start the transfer operation.");
 		
 		
-		guiBuilder.build(resp, config, "SSO-Session Transfer-Module");
+		guiBuilder.build(req, resp, config, "SSO-Session Transfer-Module");
 		
 	}
 		
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java
index bf215373d..169eb464b 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/servlet/SSOTransferSignalServlet.java
@@ -33,6 +33,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
 import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
@@ -53,13 +54,13 @@ public class SSOTransferSignalServlet extends AbstractProcessEngineSignalControl
 	@RequestMapping(value = {	"/SSOTransferSignalEndpoint"
 							}, 
 							method = {RequestMethod.POST, RequestMethod.GET})
-	public void performSSOTransfer(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void performSSOTransfer(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		signalProcessManagement(req, resp);
 
 	}
 	
 	@Override
-	protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	protected void signalProcessManagement(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		String pendingRequestID = StringEscapeUtils.escapeHtml(getPendingRequestId(req));
 		IRequest pendingReq = null;
 		try {	
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
index 921e3844b..7132eb08e 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
@@ -85,7 +85,7 @@ public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask {
 			Pair<DHPublicKeySpec, PrivateKey> dhKeyIDP = ssoTransferUtils.createSpecificKey(dhSpec.getP(), dhSpec.getG());
 			String nonce = Random.nextLongRandom();
 			
-			GUIUtils.buildSSOTransferGUI(guiBuilder, response, authURL, 
+			GUIUtils.buildSSOTransferGUI(guiBuilder, request, response, authURL, 
 					pendingReq.getPendingRequestId(), nonce, dhKeyIDP.getF());
 			
 			//store DH params and nonce to pending-request
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
index 90b74ebd7..d89d0bd2b 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
@@ -267,7 +267,7 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
 							
 						}	
 						
-						GUIUtils.buildSSOTransferGUI(guiBuilder, response, 
+						GUIUtils.buildSSOTransferGUI(guiBuilder, request, response, 
 								authURL, pendingReq.getPendingRequestId(), nonce, container.getDhParams().getF());
 						
 					} catch (IOException | MOAIDException e) {
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
index 1a4a9b80b..2814874bd 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/GUIUtils.java
@@ -26,6 +26,7 @@ import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 
 import javax.crypto.spec.DHPublicKeySpec;
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import com.google.gson.JsonObject;
@@ -50,9 +51,9 @@ public class GUIUtils {
 	public static final int REFESH_TIMEOUT = 5 * 1000; //5 sec
 	
 	public static void buildSSOTransferGUI(
-			IGUIFormBuilder guiBuilder, HttpServletResponse httpResp,
+			IGUIFormBuilder guiBuilder, HttpServletRequest httpReq,HttpServletResponse httpResp,
 			String authURL, String pendingReqID) throws ConfigurationException, IOException {
-		buildSSOTransferGUI(guiBuilder, httpResp, authURL, pendingReqID, null, null);
+		buildSSOTransferGUI(guiBuilder, httpReq, httpResp, authURL, pendingReqID, null, null);
 				
 	}
 
@@ -66,7 +67,7 @@ public class GUIUtils {
 	 * @throws ConfigurationException 
 	 * @throws IOException 
 	 */
-	public static void buildSSOTransferGUI(IGUIFormBuilder guiBuilder, HttpServletResponse response, String authURL,
+	public static void buildSSOTransferGUI(IGUIFormBuilder guiBuilder, HttpServletRequest request, HttpServletResponse response, String authURL,
 			String requestID, String nonce, DHPublicKeySpec dhKeyIDP) throws ConfigurationException, IOException {
 		try {
 			String containerURL = authURL
@@ -103,12 +104,12 @@ public class GUIUtils {
 					DefaultGUIFormBuilderConfiguration.VIEW_SSO_SESSION_TRANSFER, 
 					null);
 			
-			config.putCustomParameter("QRImage", base64EncodedImage);		
-			config.putCustomParameterWithOutEscaption("successMsg", "Select the SSO Session in your <i>SSO-Transfer App</i> and scan the QR-Code to start the process.");			
-			config.putCustomParameterWithOutEscaption("timeoutURL", containerURL);
-			config.putCustomParameter("timeout", String.valueOf(REFESH_TIMEOUT));
+			config.putCustomParameter(null, "QRImage", base64EncodedImage);		
+			config.putCustomParameterWithOutEscaption(null, "successMsg", "Select the SSO Session in your <i>SSO-Transfer App</i> and scan the QR-Code to start the process.");			
+			config.putCustomParameterWithOutEscaption(null, "timeoutURL", containerURL);
+			config.putCustomParameter(null, "timeout", String.valueOf(REFESH_TIMEOUT));
 				
-			guiBuilder.build(response, config, "SSO-Transfer-Module");
+			guiBuilder.build(request, response, config, "SSO-Transfer-Module");
 			
 		} catch (GUIBuildException e) {
 			Logger.warn("Can not build GUI:'BKU-Selection'. Msg:" + e.getMessage(), e);
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java
index 6a733adb8..8eb6e7b92 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthMetadataController.java
@@ -34,6 +34,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
 
 import com.google.common.net.MediaType;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
 import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
 import at.gv.egiz.eaaf.modules.pvp2.api.IPVP2BasicConfiguration;
@@ -67,7 +68,7 @@ public class FederatedAuthMetadataController extends AbstractController {
 	
 	@RequestMapping(value = "/sp/federated/metadata", 
 					method = {RequestMethod.GET})
-	public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		//check PublicURL prefix
 		try {
 			String authURL = HTTPUtils.extractAuthURLFromRequest(req);		
@@ -94,7 +95,7 @@ public class FederatedAuthMetadataController extends AbstractController {
 			
 		} catch (Exception e) {
 			Logger.warn("Build federated-authentication PVP metadata FAILED.", e);
-			handleErrorNoRedirect(e, req, resp, false);
+			protAuthService.handleErrorNoRedirect(e, req, resp, false);
 			
 		}
 		
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java
index 5edd36248..ae68261ee 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/controller/FederatedAuthSignalController.java
@@ -32,6 +32,7 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 import at.gv.egovernment.moa.id.auth.modules.federatedauth.FederatedAuthConstants;
 import at.gv.egovernment.moa.logging.Logger;
@@ -55,7 +56,7 @@ public class FederatedAuthSignalController extends AbstractProcessEngineSignalCo
 			 					"/sp/federated/redirect"
 							}, 
 					method = {RequestMethod.POST, RequestMethod.GET})
-	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+	public void performCitizenCardAuthentication(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		signalProcessManagement(req, resp);
 		
 	}
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index 7a9557baf..10ae63e17 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -53,6 +53,7 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
 import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
@@ -78,7 +79,6 @@ import at.gv.egovernment.moa.id.protocols.builder.attributes.BPKListAttributeBui
 import at.gv.egovernment.moa.id.protocols.builder.attributes.EncryptedBPKAttributeBuilder;
 import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateNaturalPersonBPKListAttributeBuilder;
 import at.gv.egovernment.moa.id.protocols.builder.attributes.MandateNaturalPersonEncBPKListAttributeBuilder;
-import at.gv.egovernment.moa.id.protocols.builder.attributes.SimpleStringAttributeGenerator;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 20c66d7a2..bb1f3c155 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -42,7 +42,7 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
 import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
 import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
-import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
@@ -66,7 +66,7 @@ import at.gv.egovernment.moa.util.URLEncoder;
  */ 
 
 @Controller
-public class SAML1Protocol extends AbstractAuthProtocolModulController implements IModulInfo {
+public class SAML1Protocol extends AbstractController implements IModulInfo {
 
 	@Autowired private SAML1AuthenticationServer saml1AuthServer;
 	
@@ -127,7 +127,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 		//preProcess SAML1 Request
 		preProcess(req, resp, pendingReq);
 		
-		performAuthentication(req, resp, pendingReq);
+		protAuthService.performAuthentication(req, resp, pendingReq);
 		return;
 				
 	}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2019-05-24 12:23:41 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2019-05-24 12:23:41 +0200
commit	ac531e30d13d6714e2ac61f7329e6adc130aa288 (patch)
tree	2dbaa63a8d5197bd038e8d6b3f72ddc44c6590a4 /id/server/modules
parent	996774dbf06b037d9f843e57a2cfac9bcc111a51 (diff)
download	moa-id-spss-ac531e30d13d6714e2ac61f7329e6adc130aa288.tar.gz moa-id-spss-ac531e30d13d6714e2ac61f7329e6adc130aa288.tar.bz2 moa-id-spss-ac531e30d13d6714e2ac61f7329e6adc130aa288.zip