diff options
author | Bojan Suzic <bojan.suzic@iaik.tugraz.at> | 2014-04-25 17:43:29 +0200 |
---|---|---|
committer | Bojan Suzic <bojan.suzic@iaik.tugraz.at> | 2014-04-25 17:43:29 +0200 |
commit | b98fe61752f4614de8dbef5a4892b9cd87854cda (patch) | |
tree | 0ba41143558166f2904d0984ca1e95148d8de581 /id/server | |
parent | 592c6ee57ba5d4955fe06941040f7a158bdec67d (diff) | |
download | moa-id-spss-b98fe61752f4614de8dbef5a4892b9cd87854cda.tar.gz moa-id-spss-b98fe61752f4614de8dbef5a4892b9cd87854cda.tar.bz2 moa-id-spss-b98fe61752f4614de8dbef5a4892b9cd87854cda.zip |
extract attr
Diffstat (limited to 'id/server')
2 files changed, 41 insertions, 5 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java index 47a631ce3..56b87bfa9 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeCollector.java @@ -15,10 +15,7 @@ import at.gv.egovernment.moa.id.moduls.IRequest; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.util.VelocityProvider; import at.gv.egovernment.moa.logging.Logger; -import eu.stork.peps.auth.commons.IPersonalAttributeList; -import eu.stork.peps.auth.commons.PEPSUtil; -import eu.stork.peps.auth.commons.PersonalAttribute; -import eu.stork.peps.auth.commons.PersonalAttributeList; +import eu.stork.peps.auth.commons.*; import eu.stork.peps.auth.engine.STORKSAMLEngine; import eu.stork.peps.exceptions.STORKSAMLEngineException; import org.apache.velocity.Template; @@ -49,6 +46,45 @@ public class AttributeCollector implements IAction { */ public String processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, AuthenticationSession moasession) throws MOAIDException { + // TODO extract attribute response and check if it corresponds to the container + + if (httpReq.getParameter("SAMLResponse") != null) { + MOASTORKResponse STORK2Response = new MOASTORKResponse(); + + //extract STORK Response from HTTP Request + byte[] decSamlToken; + try { + decSamlToken = PEPSUtil.decodeSAMLToken(httpReq.getParameter("SAMLResponse")); + } catch (NullPointerException e) { + if (httpReq.getRemoteHost().contains("129.27.142")) { + Logger.warn("Availability check by " + httpReq.getRemoteHost() + " on URI: " + httpReq.getRequestURI()); + } else { + Logger.error("Unable to retrieve STORK Request for host: " + httpReq.getRemoteHost() + " and URI: " + httpReq.getRequestURI(), e); + } + throw new MOAIDException("stork.04", null); + } + + //Get SAMLEngine instance + STORKSAMLEngine engine = STORKSAMLEngine.getInstance("VIDP"); + + STORKAuthnResponse authnResponse = null; + + + // check if valid authn request is contained + try { + authnResponse = engine.validateSTORKAuthnResponse(decSamlToken, httpReq.getRemoteAddr()); + } catch (STORKSAMLEngineException ex) { + Logger.error("Unable to validate Stork AuthenticationResponse: " + ex.getMessage()); + } + + STORK2Response.setSTORKAuthnResponseToken(decSamlToken); + + + } + + // end addition + + // - fetch the container String artifactId = (String) httpReq.getParameter(ARTIFACT_ID); DataContainer container; diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java index 689aed8aa..e93a7ec87 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java @@ -71,7 +71,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants { return STORK2Request; - if (request.getParameter("SAMLResponse") != null) { + if (request.getParameter("SAMLResponse") != null) { // TODO check attribute collector //extract STORK Response from HTTP Request byte[] decSamlToken; try { |