refactored attribute parsing

3 files changed, 67 insertions, 87 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index d77119f4a..5ae3d8e47 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -1733,53 +1733,12 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 				CreateIdentityLinkResponse response = client.sentCreateIDLRequest(request , connectionParameters.getUrl());
 				return response;
 		    	
-				
-				
-//		    	client.setAddress(connectionParameters.getUrl());
-//		    	if (connectionParameters.getUrl().toLowerCase().startsWith("https:")) {
-//		    		Logger.debug("Initialisiere SSL Verbindung");
-//		    		try {
-//		    			client.setSSLSocketFactory(SSLUtils.getSSLSocketFactory(AuthConfigurationProvider.getInstance(), connectionParameters));
-//		    		} catch (IOException e) {
-//		    			Logger.error("Could not initialize SSL Factory", e);
-//		    			throw new SZRGWClientException("Could not initialize SSL Factory");
-//		    		} catch (GeneralSecurityException e) {
-//		    			Logger.error("Could not initialize SSL Factory", e);
-//		    			throw new SZRGWClientException("Could not initialize SSL Factory");
-//		    		} catch (PKIException e) {
-//		    			Logger.error("Could not initialize SSL Factory", e);
-//		    			throw new SZRGWClientException("Could not initialize SSL Factory");
-//		    		} 
-//		    	}
 		    }
 		    catch (ConfigurationException e) {
 		    	Logger.warn(e);
 		    	Logger.warn(MOAIDMessageProvider.getInstance().getMessage("config.12", null ));
 			}
 		    
-//		    // create request
-//		    CreateIdentityLinkResponse response = null;
-//		    Element request = null;
-//		    try {
-//		    	Document doc = client.buildGetIdentityLinkRequest(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, signature);
-//		    	request = doc.getDocumentElement();
-//		    	
-//		    	// send request
-//		    	response = client.createIdentityLinkResponse(request, connectionParameters.getUrl());
-//		   
-//		    
-//		    
-//		    } catch (SZRGWClientException e) {
-//		    	// 	give him a second try - Nach dem Starten des Tomcat wird beim ersten Mal das Client-Zertifikat offenbar vom HTTPClient nicht mitgeschickt.
-////		    	try {
-////		    		response = client.createIdentityLinkResponse(request);
-////		    	} 
-////		    	catch (SZRGWClientException e1) {
-////		    		throw new SZRGWClientException(e1);
-////		    	}
-//		    }
-	        
-		    
 		    return null;
 		
 	  }
@@ -1811,6 +1770,24 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	public CreateIdentityLinkResponse getIdentityLink(String PEPSIdentifier, String PEPSFirstname, String PEPSFamilyname, String PEPSDateOfBirth, String signature) throws SZRGWClientException {
 		return getIdentityLink(PEPSIdentifier, PEPSFirstname, PEPSFamilyname, PEPSDateOfBirth, signature, null, null, null);
 	}
+
+	/**
+	 * Gets the identity link.
+	 *
+	 * @param citizenSignature the citizen signature
+	 * @param representative the representative
+	 * @param represented the represented
+	 * @param mandate the mandate
+	 * @param organizationAddress the organization address
+	 * @param organizationType the organization type
+	 * @return the identity link
+	 * @throws SZRGWClientException 
+	 */
+	public CreateIdentityLinkResponse getIdentityLink(String citizenSignature,
+			String representative, String represented, String mandateContent,
+			String organizationAddress, String organizationType) throws SZRGWClientException {
+		return getIdentityLink(null, null, null, null, citizenSignature, represented, representative, mandateContent, organizationAddress, organizationType);
+	}
 	
  	/**
 	  * SZR-GW Client interface.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
index 4819b8219..45e6ab816 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorServlet.java
@@ -137,29 +137,12 @@ public class PEPSConnectorServlet extends AuthServlet {
 						

 			Logger.debug("Found a preceeding STORK AuthnRequest to this MOA session: " + moaSessionID);

 

-//			Logger.debug("Starting validation of SAML assertion");

-//			//verify SAML assertion

-			Assertion storkAssertion = authnResponse.getAssertions().get(0);

-//			try {

-//				STORKResponseProcessor.verifySTORKAssertion(

-//						storkAssertion, //assertion

-//						request.getRemoteAddr(), //IP address of user

-//						storkAuthnRequest.getID(), //ID of STORK AuthnRequest

-//						request.getRequestURL().toString(), //destination

-//						HTTPUtils.getBaseURL(request), //audience

-//						storkAuthnRequest.getRequestedAttributes()); //Requested Attributes

-//			} catch (STORKException e) {

-//				Logger.error("Failed to verify STORK SAML Assertion", e);

-//				throw new MOAIDException("stork.08", null);

-//			}

-//

-//			Logger.info("SAML assertion succesfully verified!");

-

 			Logger.debug("Starting extraction of signedDoc attribute");

 			//extract signed doc element and citizen signature

 			Element citizenSignature = null;

 			try {

 			

+				Assertion storkAssertion = authnResponse.getAssertions().get(0);

 				citizenSignature = STORKResponseProcessor.extractCitizenSignature(storkAssertion);				

 				moaSession.setAuthBlock(DOMUtils.serializeNode(citizenSignature));

 				moaSession.setSignerCertificate(AuthenticationServer.getCertificateFromXML(citizenSignature));

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
index e81adfb52..466d86f87 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java
@@ -296,6 +296,22 @@ public class STORKResponseProcessor {
 		

 		

 	}

+	

+	/**

+	 * Checks for attribute.

+	 *

+	 * @param attributeName the attribute name

+	 * @param attributeList the attribute list

+	 * @return true, if successful

+	 */

+	private static boolean hasAttribute(String attributeName, IPersonalAttributeList attributeList) {

+		try {

+			getAttributeValue(attributeName, attributeList);

+			return true;

+		} catch(STORKException e) {

+			return false;

+		}

+	}

 

 	/**

 	 * helper for reading attributes. Handles logging and error handling.

@@ -325,52 +341,56 @@ public class STORKResponseProcessor {
 	public static IdentityLink connectToSZRGateway(IPersonalAttributeList attributeList) throws STORKException {

 		Logger.trace("Calling SZR Gateway with the following attributes:");

 

-		// fetch mandatory attributes

-		String citizenSignature = getAttributeValue("signedDoc", attributeList);

-		String eIdentifier = getAttributeValue("eIdentifier", attributeList);

-		String givenName = getAttributeValue("givenName", attributeList);

-		String lastName = getAttributeValue("surname", attributeList);

-		String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);

-		if (!StringUtils.isEmpty(dateOfBirth)) {

-			dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);

-		} 

-		

-		CreateIdentityLinkResponse response;

+		CreateIdentityLinkResponse identityLinkResponse = null;

 		IdentityLink identityLink = null;

 		try {

 			Logger.trace("Starting call...");

 

-			// do we have a case of representation?

-			try {

+			

+			// if there is no signedDoc attribute, we cannot go on

+			String citizenSignature = getAttributeValue("signedDoc", attributeList);

+			

+			// if we have a signedDoc we test for a representation case

+			if(hasAttribute("mandateContent", attributeList) || hasAttribute("representative", attributeList) || hasAttribute("represented", attributeList)) {

+				// we have a representation case

 				String representative = getAttributeValue("representative", attributeList);

 				String represented = getAttributeValue("represented", attributeList);

 				String mandate = getAttributeValue("mandateContent", attributeList);

 				

-				// we definitely know we have a representation case here

-				// lets try if the represented is an organization

-				try {

+				if(!hasAttribute("dateOfBirth", attributeList)) {

+					// if we get here, we have a natural person representing a legal person

 					String organizationAddress = getAttributeValue("canonicalRegisteredAddress", attributeList);

 					String organizationType = getAttributeValue("translateableType", attributeList);

 					

-					// if we got here, we have a natural person representing a legal person

-					response = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, representative, represented, mandate, organizationAddress, organizationType);

-				} catch(STORKException e1) {

+					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(citizenSignature, representative, represented, mandate, organizationAddress, organizationType);

+				} else {

+					// if we get here, we have a natural person representing another natural person

+					String eIdentifier = getAttributeValue("eIdentifier", attributeList);

+					String givenName = getAttributeValue("givenName", attributeList);

+					String lastName = getAttributeValue("surname", attributeList);

+					String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);

+					if (!StringUtils.isEmpty(dateOfBirth))

+						dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);

 

-					// if we get here we have natural persons representing each other

-					response = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, representative, represented, mandate);

+					identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature, representative, represented, mandate);

 				}

-			} catch(STORKException e) {

+			} else {

 				// we do not have a representation case

-				response = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature);

+				String eIdentifier = getAttributeValue("eIdentifier", attributeList);

+				String givenName = getAttributeValue("givenName", attributeList);

+				String lastName = getAttributeValue("surname", attributeList);

+				String dateOfBirth = getAttributeValue("dateOfBirth", attributeList);

+				if (!StringUtils.isEmpty(dateOfBirth))

+					dateOfBirth = DateTimeUtils.formatPEPSDateToMOADate(dateOfBirth);

+				identityLinkResponse = AuthenticationServer.getInstance().getIdentityLink(eIdentifier, givenName, lastName, dateOfBirth, citizenSignature);

 			}

-

-   	    	

-	    	if (null != response.getErrorResponse()){

+	    	

+	    	if (null != identityLinkResponse.getErrorResponse()){

 	    		// TODO fix exception parameter

-	    		throw new SZRGWClientException(response.getErrorResponse().getErrorCode().toString(), null);

+	    		throw new SZRGWClientException(identityLinkResponse.getErrorResponse().getErrorCode().toString(), null);

 	    	}

 	    	else {

-		    	IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(response.getIdentityLink()));

+		    	IdentityLinkAssertionParser ilParser = new IdentityLinkAssertionParser(new ByteArrayInputStream(identityLinkResponse.getIdentityLink()));

 		    	identityLink = ilParser.parseIdentityLink();

 		    	

 		    	Logger.debug("Received Identity Link from SZR Gateway");