aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2016-03-15 10:43:39 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2016-03-15 10:43:39 +0100
commite03689468de9aaa0bd2b3234b8e6842988a29684 (patch)
tree726ddea66a7964fa6fc8fede855f2f09a458585c /id/server
parent85fd483e113d5a03088d5b8008cef21c83eacd8c (diff)
downloadmoa-id-spss-e03689468de9aaa0bd2b3234b8e6842988a29684.tar.gz
moa-id-spss-e03689468de9aaa0bd2b3234b8e6842988a29684.tar.bz2
moa-id-spss-e03689468de9aaa0bd2b3234b8e6842988a29684.zip
change PVP EntityID to metadata-URL (SAML2 'well-known-location' method)
Diffstat (limited to 'id/server')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java8
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java12
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java9
-rw-r--r--id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java6
4 files changed, 23 insertions, 12 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
index f992737b6..2168316ab 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
@@ -61,6 +61,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.binding.SoapBinding;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AuthResponseBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider;
@@ -128,10 +129,9 @@ public class AttributQueryAction implements IAction {
+ " validTo:" + responseInfo.getSecond().toString());
//build PVP 2.1 assertion
-
- String issuerEntityID = pendingReq.getAuthURL();
- if (issuerEntityID.endsWith("/"))
- issuerEntityID = issuerEntityID.substring(0, issuerEntityID.length()-1);
+
+ String issuerEntityID = PVPConfiguration.getInstance().getIDPSSOMetadataService(
+ pendingReq.getAuthURL());
Assertion assertion = PVP2AssertionBuilder.buildAssertion(issuerEntityID,
attrQuery, responseInfo.getFirst(), date, new DateTime(responseInfo.getSecond().getTime()),
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
index 2d13609d8..8de44a2e8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
@@ -49,6 +49,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.binding.PostBinding;
import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AuthResponseBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.BindingNotSupportedException;
import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
import at.gv.egovernment.moa.id.protocols.pvp2x.metadata.MOAMetadataProvider;
@@ -81,10 +82,13 @@ public class AuthenticationAction implements IAction {
SLOInformationImpl sloInformation = new SLOInformationImpl();
//change to entity value from entity name to IDP EntityID (URL)
- String issuerEntityID = pvpRequest.getAuthURL();
- if (issuerEntityID.endsWith("/"))
- issuerEntityID = issuerEntityID.substring(0, issuerEntityID.length()-1);
-
+// String issuerEntityID = pvpRequest.getAuthURL();
+// if (issuerEntityID.endsWith("/"))
+// issuerEntityID = issuerEntityID.substring(0, issuerEntityID.length()-1);
+
+ String issuerEntityID = PVPConfiguration.getInstance().getIDPSSOMetadataService(
+ pvpRequest.getAuthURL());
+
//build Assertion
Assertion assertion = PVP2AssertionBuilder.buildAssertion(issuerEntityID, pvpRequest, authnRequest, authData,
peerEntity, date, consumerService, sloInformation);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java
index 91f43b10b..5bb1131a6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/config/IDPPVPMetadataConfiguration.java
@@ -97,7 +97,14 @@ public class IDPPVPMetadataConfiguration implements IPVPMetadataBuilderConfigura
*/
@Override
public String getEntityID() {
- return authURL;
+ try {
+ return PVPConfiguration.getInstance().getIDPSSOMetadataService(authURL);
+
+ } catch (ConfigurationException e) {
+ Logger.error("Can not load Metadata entry: EntityID", e);
+ return null;
+
+ }
}
/* (non-Javadoc)
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
index 5f2642cf8..9683d5cb7 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/utils/SSOContainerUtils.java
@@ -97,6 +97,7 @@ import at.gv.egovernment.moa.id.data.MISMandate;
import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.PVPAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.assertion.PVP2AssertionBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionAttributeExtractorExeption;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoCredentialsException;
import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSignedException;
@@ -320,14 +321,13 @@ public class SSOContainerUtils {
public String generateSignedAndEncryptedSSOContainer(String authURL,
AuthenticationSession authSession, Date date) {
try {
- String entityID = authURL;
+ String entityID = PVPConfiguration.getInstance().getIDPSSOMetadataService(authURL);
AuthnContextClassRef authnContextClassRef = SAML2Utils
.createSAMLObject(AuthnContextClassRef.class);
authnContextClassRef.setAuthnContextClassRef(authSession.getQAALevel());
NameID subjectNameID = SAML2Utils.createSAMLObject(NameID.class);
- String random = Random.nextRandom();
- String nameID = subjectNameID.getValue();
+ String random = Random.nextLongRandom();
try {
MessageDigest md = MessageDigest.getInstance("SHA-1");
byte[] hash = md.digest((random).getBytes("ISO-8859-1"));