respect global mandatory state of attributes

author: Florian Reimair <florian.reimair@iaik.tugraz.at> 2014-01-21 16:02:14 +0100
committer: Florian Reimair <florian.reimair@iaik.tugraz.at> 2014-01-27 16:43:21 +0100
commit: 8cdac4252e1ea43aada04b71ee95d2509c4a75f3 (patch)
tree: 4319df9901275a977173866ed984ad661130ab2c /id
parent: 9cb68043945f53246928443cea723b58ee2b1c24 (diff)
download: moa-id-spss-8cdac4252e1ea43aada04b71ee95d2509c4a75f3.tar.gz
moa-id-spss-8cdac4252e1ea43aada04b71ee95d2509c4a75f3.tar.bz2
moa-id-spss-8cdac4252e1ea43aada04b71ee95d2509c4a75f3.zip
2 files changed, 239 insertions, 241 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 3857cd15c..0fbcc97b2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -106,6 +106,7 @@ import at.gv.egovernment.moa.id.client.SZRGWClient;
 import at.gv.egovernment.moa.id.client.SZRGWClientException;
 import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAStorkAttribute;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.ConnectionParameter;
@@ -118,7 +119,6 @@ import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.id.util.SSLUtils;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
@@ -138,23 +138,14 @@ import eu.stork.peps.auth.commons.PEPSUtil;
 import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.commons.PersonalAttributeList;
 import eu.stork.peps.auth.commons.STORKAuthnRequest;
-import eu.stork.peps.auth.engine.SAMLEngine;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
-import eu.stork.peps.auth.engine.core.QAAAttribute;
-import eu.stork.peps.auth.engine.core.RequestedAttribute;
-import eu.stork.peps.auth.engine.core.RequestedAttributes;
-import eu.stork.peps.auth.engine.core.impl.QAAAttributeBuilder;
-import eu.stork.peps.auth.engine.core.impl.RequestedAttributeBuilder;
-import eu.stork.peps.auth.engine.core.impl.RequestedAttributesBuilder;
-import eu.stork.peps.exceptions.SAMLEngineException;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
-import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
 import eu.stork.vidp.messages.util.XMLUtil;
 
 /**
  * API for MOA ID Authentication Service.<br> {@link AuthenticationSession} is
  * stored in a session store and retrieved by giving the session ID.
- * 
+ *
  * @author Paul Ivancsics
  * @version $Id: AuthenticationServer.java 1273 2012-02-27 14:50:18Z kstranacher
  *          $
@@ -177,7 +168,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 	/**
 	 * Returns the single instance of <code>AuthenticationServer</code>.
-	 * 
+	 *
 	 * @return the single instance of <code>AuthenticationServer</code>
 	 */
 	public static AuthenticationServer getInstance() {
@@ -208,7 +199,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * response to</li>
 	 * </ul>
 	 * </ul>
-	 * 
+	 *
 	 * @param authURL
 	 *            URL of the servlet to be used as data URL
 	 * @param target
@@ -243,13 +234,13 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		if (session == null) {
 			throw new AuthenticationException("auth.18", new Object[] { });
 		}
-		
+
 		//load OnlineApplication configuration
 	    OAAuthParameter oaParam =
 		          AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(session.getPublicOAURLPrefix());
 		        if (oaParam == null)
 		          throw new AuthenticationException("auth.00", new Object[] { session.getPublicOAURLPrefix() });
-		
+
 		//load Template
 		String template = null;
 		if (session.getTemplateURL() != null) {
@@ -262,7 +253,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		}
 
 		String infoboxReadRequest = "";
-		
+
 		if (session.isSsoRequested()) {
 			//load identityLink with SSO Target
 			boolean isbuisness = false;
@@ -272,50 +263,50 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 				isbuisness = true;
 				domainIdentifier = ssobusiness.getValue();
 			}
-		
+
 			//build ReadInfobox request
 			infoboxReadRequest = new InfoboxReadRequestBuilder().build(
 					isbuisness, domainIdentifier);
-			
+
 		} else {
 			//build ReadInfobox request
 			infoboxReadRequest = new InfoboxReadRequestBuilder().build(
 					oaParam.getBusinessService(), oaParam
 						.getIdentityLinkDomainIdentifier());
 		}
-		
+
 
 		String dataURL = new DataURLBuilder().buildDataURL(
 				session.getAuthURL(), REQ_VERIFY_IDENTITY_LINK, session
 						.getSessionID());
-		
+
 		//removed in MOAID 2.0
 		String pushInfobox = "";
-		
+
 //		VerifyInfoboxParameters verifyInfoboxParameters = oaParam
 //				.getVerifyInfoboxParameters();
 //		if (verifyInfoboxParameters != null) {
 //			pushInfobox = verifyInfoboxParameters.getPushInfobox();
 //			session.setPushInfobox(pushInfobox);
 //		}
-		
+
 		//build CertInfo request
 		String certInfoRequest = new CertInfoVerifyXMLSignatureRequestBuilder()
 				.build();
 		String certInfoDataURL = new DataURLBuilder()
 				.buildDataURL(session.getAuthURL(), REQ_START_AUTHENTICATION,
 						session.getSessionID());
-		
+
 		//get Applet Parameters
     	String appletwidth = req.getParameter(PARAM_APPLET_WIDTH);
     	String appletheigth = req.getParameter(PARAM_APPLET_HEIGTH);
     	appletheigth = StringEscapeUtils.escapeHtml(appletheigth);
     	appletwidth = StringEscapeUtils.escapeHtml(appletwidth);
-		
+
 		String htmlForm = new GetIdentityLinkFormBuilder().build(template,
 				session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest,
 				certInfoDataURL, pushInfobox, oaParam, appletheigth, appletwidth);
-		
+
 		return htmlForm;
 	}
 
@@ -335,7 +326,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * containg the authentication block, meant to be returned to the security
 	 * layer implementation</li>
 	 * </ul>
-	 * 
+	 *
 	 * @param sessionID
 	 *            ID of associated authentication session data
 	 * @param infoboxReadResponseParameters
@@ -343,7 +334,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 *            including the <code>&lt;InfoboxReadResponse&gt;</code>
 	 * @return String representation of the
 	 *         <code>&lt;CreateXMLSignatureRequest&gt;</code>
-	 * @throws BKUException 
+	 * @throws BKUException
 	 */
 	public String verifyIdentityLink(AuthenticationSession session,
 			Map<String, String> infoboxReadResponseParameters) throws AuthenticationException,
@@ -360,7 +351,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		if (isEmpty(xmlInfoboxReadResponse))
 			throw new AuthenticationException("auth.10", new Object[] {
 					REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE });
-		
+
 		AuthConfigurationProvider authConf = AuthConfigurationProvider
 				.getInstance();
 
@@ -420,7 +411,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 		session.setIdentityLink(identityLink);
 		// now validate the extended infoboxes
-		
+
 		//Removed in MOA-ID 2.0
 		//verifyInfoboxes(session, infoboxReadResponseParameters, false);
 
@@ -443,7 +434,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * containg the authentication block, meant to be returned to the security
 	 * layer implementation</li>
 	 * </ul>
-	 * 
+	 *
 	 * @param sessionID
 	 *            ID of associated authentication session data
 	 * @param infoboxReadResponseParameters
@@ -468,14 +459,14 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 				if (certificate.getExtension(OWid) != null) {
 					session.setOW(true);
 				}
-			
+
 			}
-			
+
 		} catch (X509ExtensionInitException e) {
 			Logger.warn("Certificate extension is not readable.");
 			session.setOW(false);
 		}
-				
+
 		AuthConfigurationProvider authConf = AuthConfigurationProvider
 				.getInstance();
 
@@ -484,10 +475,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 		String returnvalue = getCreateXMLSignatureRequestAuthBlockOrRedirect(session,
 				authConf, oaParam);
-			
+
 		return returnvalue;
 	}
-	
+
 	/**
 	 * Processes an <code>Mandate</code> sent by the MIS.<br>
 	 * <ul>
@@ -498,7 +489,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * containg the authentication block, meant to be returned to the security
 	 * layer implementation</li>
 	 * </ul>
-	 * 
+	 *
 	 * @param sessionID
 	 *            ID of associated authentication session data
 	 * @param infoboxReadResponseParameters
@@ -522,10 +513,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 			// sets the extended SAML attributes for OID (Organwalter)
 			setExtendedSAMLAttributeForMandatesOID(session, mandate, oaParam
 					.getBusinessService());
-			
+
 			validateExtendedSAMLAttributeForMandates(session, mandate, oaParam.getBusinessService());
-			
-			
+
+
 		} catch (SAXException e) {
 			throw new AuthenticationException("auth.16",
 					new Object[] { GET_MIS_SESSIONID }, e);
@@ -539,11 +530,11 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 			throw new AuthenticationException("auth.16",
 					new Object[] { GET_MIS_SESSIONID }, e);
 		}
-		
+
 	}
 
 	/**
-	 * 
+	 *
 	 * @param session
 	 * @param authConf
 	 * @param oaParam
@@ -588,7 +579,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * <ul>
 	 * <li>Creates an CreateXMLSignatureRequest to be signed by the user</li>
 	 * </ul>
-	 * 
+	 *
 	 * @param sessionID
 	 *            ID of associated authentication session data
 	 * @param cert
@@ -610,7 +601,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
 				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-		
+
 		return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam,
 				cert);
 	}
@@ -648,13 +639,13 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * <li>Verifies signature by calling the MOA SP component</li>
 	 * <li>Returns the signer certificate</li>
 	 * </ul>
-	 * 
+	 *
 	 * @param sessionID
 	 *            ID of associated authentication session data
 	 * @param createXMLSignatureResponseParameters
 	 *            The parameters from the response returned from the BKU
 	 *            including the <code>&lt;CreateXMLSignatureResponse&gt;</code>
-	 * @throws BKUException 
+	 * @throws BKUException
 	 */
 	public X509Certificate verifyXMLSignature(String sessionID,
 			Map<String, String> createXMLSignatureResponseParameters)
@@ -708,13 +699,13 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * <li>Verifies signature by calling the MOA SP component</li>
 	 * <li>Returns the signer certificate</li>
 	 * </ul>
-	 * 
+	 *
 	 * @param sessionID
 	 *            ID of associated authentication session data
 	 * @param readInfoboxResponseParameters
 	 *            The parameters from the response returned from the BKU
 	 *            including the <code>&lt;ReadInfoboxResponse&gt;</code>
-	 * @throws BKUException 
+	 * @throws BKUException
 	 */
 	public X509Certificate getCertificate(String sessionID,
 			Map<String, String> readInfoboxResponseParameters) throws AuthenticationException,
@@ -744,80 +735,80 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	/**
 	 * Builds an authentication block <code>&lt;saml:Assertion&gt;</code> from
 	 * given session data.
-	 * 
+	 *
 	 * @param session
 	 *            authentication session
-	 * 
+	 *
 	 * @return <code>&lt;saml:Assertion&gt;</code> as a String
-	 * 
+	 *
 	 * @throws BuildException
 	 *             If an error occurs on serializing an extended SAML attribute
 	 *             to be appended to the AUTH-Block.
 	 */
 	private String buildAuthenticationBlock(AuthenticationSession session,
 			OAAuthParameter oaParam) throws BuildException {
-		
+
 		IdentityLink identityLink = session.getIdentityLink();
 		String issuer = identityLink.getName();
 		String gebDat = identityLink.getDateOfBirth();
 
 		String identificationValue = null;
 		String identificationType = null;
-		
+
 		//set empty AuthBlock BPK in case of OW or SSO or bpk is not requested
 		if (session.isOW() || session.isSsoRequested() || oaParam.isRemovePBKFromAuthBlock()) {
 			identificationType = "";
 			identificationValue = "";
-			
+
 		} else if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
 
 			if (oaParam.getBusinessService()) {
-			
+
 				String bpkBase64 = new BPKBuilder().buildWBPK(identityLink
 							.getIdentificationValue(), oaParam.getIdentityLinkDomainIdentifier());
 				identificationValue = bpkBase64;
-				
+
 			    if (oaParam.getIdentityLinkDomainIdentifier().startsWith(Constants.URN_PREFIX_WBPK + "+" ))
 			    	identificationType = oaParam.getIdentityLinkDomainIdentifier();
 			    else
 			    	identificationType = Constants.URN_PREFIX_WBPK + "+" + oaParam.getIdentityLinkDomainIdentifier();
-				
+
 			} else {
 				String bpkBase64 = new BPKBuilder().buildBPK(identityLink
 							.getIdentificationValue(), session.getTarget());
 				identificationValue = bpkBase64;
 				identificationType = Constants.URN_PREFIX_CDID + "+" + session.getTarget();
 			}
-			
+
 
 		} else {
 			identificationValue = identityLink.getIdentificationValue();
 			identificationType = identityLink.getIdentificationType();
-			
+
 		}
-				
+
 		String issueInstant = DateTimeUtils.buildDateTimeUTC(Calendar
 				.getInstance());
 		session.setIssueInstant(issueInstant);
 		String authURL = session.getAuthURL();
 		String target = session.getTarget();
 		String targetFriendlyName = session.getTargetFriendlyName();
-		
+
 		// Bug #485
 		// (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105)
 		// String oaURL = session.getPublicOAURLPrefix();
-		
+
 		List<ExtendedSAMLAttribute> extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH();
-		
-		
+
+
 		if (session.isSsoRequested()) {
 			String oaURL =new String();
 			try {
 				oaURL = AuthConfigurationProvider.getInstance().getSSOPublicUrl();
-				
+
 				if (MiscUtil.isNotEmpty(oaURL))
 					oaURL = oaURL.replaceAll("&", "&amp;");
-				
+
 			} catch (ConfigurationException e) {
 			}
 			String authBlock = new AuthenticationBlockAssertionBuilder()
@@ -826,7 +817,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 						identificationType, oaURL, gebDat,
 						extendedSAMLAttributes, session, oaParam);
 			return authBlock;
-			
+
 		} else {
 			String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&amp;");
 			String authBlock = new AuthenticationBlockAssertionBuilder()
@@ -835,20 +826,20 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 						identificationType, oaURL, gebDat,
 						extendedSAMLAttributes, session, oaParam);
 			return authBlock;
-		}		
+		}
 	}
-	
+
 
 
 	/**
 	 * Verifies the infoboxes (except of the identity link infobox) returned by
 	 * the BKU by calling appropriate validator classes.
-	 * 
+	 *
 	 * @param session
 	 *            The actual authentication session.
 	 * @param mandate
 	 *            The Mandate from the MIS
-	 * 
+	 *
 	 * @throws AuthenticationException
 	 * @throws ConfigurationException
 	 * @throws TransformerException
@@ -871,19 +862,19 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 			verifySAMLAttribute(samlAttribute, i, "MISService",
 					"MISService");
-			
+
 		}
 	}
 
 	/**
 	 * Verifies the infoboxes (except of the identity link infobox) returned by
 	 * the BKU by calling appropriate validator classes.
-	 * 
+	 *
 	 * @param session
 	 *            The actual authentication session.
 	 * @param mandate
 	 *            The Mandate from the MIS
-	 * 
+	 *
 	 * @throws AuthenticationException
 	 * @throws ConfigurationException
 	 * @throws TransformerException
@@ -908,7 +899,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * Adds given SAML Attributes to the current session. They will be appended
 	 * to the final SAML Assertion or the AUTH block. If the attributes are
 	 * already in the list, they will be replaced.
-	 * 
+	 *
 	 * @param session
 	 *            The current session
 	 * @param extendedSAMLAttributes
@@ -979,7 +970,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * Adds the AUTH block related SAML attributes to the validation result.
 	 * This is needed always before the AUTH block is to be signed, because the
 	 * name of the mandator has to be set
-	 * 
+	 *
 	 * @throws ParserConfigurationException
 	 * @throws IOException
 	 * @throws SAXException
@@ -1046,7 +1037,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * Adds the AUTH block related SAML attributes to the validation result.
 	 * This is needed always before the AUTH block is to be signed, because the
 	 * name of the mandator has to be set
-	 * 
+	 *
 	 * @throws ParserConfigurationException
 	 * @throws IOException
 	 * @throws SAXException
@@ -1091,7 +1082,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	}
 
 	/**
-	 * 
+	 *
 	 * @param mandate
 	 * @return
 	 * @throws ParserConfigurationException
@@ -1143,7 +1134,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * <li>Deletes authentication session</li>
 	 * <li>Returns the SAML artifact, encoded BASE64</li>
 	 * </ul>
-	 * 
+	 *
 	 * @param sessionID
 	 *            session ID of the running authentication session
 	 * @param xmlCreateXMLSignatureReadResponse
@@ -1151,20 +1142,20 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 *            <code>&lt;CreateXMLSignatureResponse&gt;</code>
 	 * @return SAML artifact needed for retrieving authentication data, encoded
 	 *         BASE64
-	 * @throws BKUException 
+	 * @throws BKUException
 	 */
 	public String verifyAuthenticationBlock(AuthenticationSession session,
 			String xmlCreateXMLSignatureReadResponse)
 			throws AuthenticationException, BuildException, ParseException,
 			ConfigurationException, ServiceException, ValidateException, BKUException {
-		
+
 		if (session == null)
 			throw new AuthenticationException("auth.10", new Object[] {
 					REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID });
 		if (isEmpty(xmlCreateXMLSignatureReadResponse))
 			throw new AuthenticationException("auth.10", new Object[] {
 					REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE });
-				
+
 		AuthConfigurationProvider authConf = AuthConfigurationProvider
 				.getInstance();
 		// parses <CreateXMLSignatureResponse>
@@ -1187,7 +1178,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 			new CreateXMLSignatureResponseValidator().validateSSO(csresp, session);
 		else
 			new CreateXMLSignatureResponseValidator().validate(csresp, session);
-		
+
 		// builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
 		List<String> vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
 		String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
@@ -1226,7 +1217,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		// Compare AuthBlock Data with information stored in session, especially
 		// date and time
 		CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp);
-		
+
 		// compares the public keys from the identityLink with the AuthBlock
 		VerifyXMLSignatureResponseValidator.getInstance().validateCertificate(
 				vsresp, session.getIdentityLink());
@@ -1269,29 +1260,29 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 				}
 			}
 		}
-		
+
 		session.setXMLVerifySignatureResponse(vsresp);
 		session.setSignerCertificate(vsresp.getX509certificate());
 		vsresp.setX509certificate(null);
 		session.setForeigner(false);
-		
+
 		if (session.getUseMandate()) {
 			// mandate mode
 			return null;
-			
+
 		} else {
-			
+
 			session.setAuthenticatedUsed(false);
 			session.setAuthenticated(true);
-					
+
 			String oldsessionID = session.getSessionID();
-			
+
 			//Session is implicte stored in changeSessionID!!!
 			String newMOASessionID = AuthenticationSessionStoreage.changeSessionID(session);
-			
+
 			Logger.info("Changed MOASession " + oldsessionID + " to Session " + newMOASessionID);
 			Logger.info("Daten angelegt zu MOASession " + newMOASessionID);
-			
+
 			return newMOASessionID;
 		}
 	}
@@ -1313,7 +1304,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * <li>Deletes authentication session</li>
 	 * <li>Returns the SAML artifact, encoded BASE64</li>
 	 * </ul>
-	 * 
+	 *
 	 * @param sessionID
 	 *            session ID of the running authentication session
 	 * @param xmlCreateXMLSignatureReadResponse
@@ -1374,7 +1365,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * <li>Deletes authentication session</li>
 	 * <li>Returns the SAML artifact, encoded BASE64</li>
 	 * </ul>
-	 * 
+	 *
 	 * @param sessionID
 	 *            session ID of the running authentication session
 	 * @return SAML artifact needed for retrieving authentication data, encoded
@@ -1383,11 +1374,11 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	public String getForeignAuthenticationData(AuthenticationSession session)
 			throws AuthenticationException, BuildException, ParseException,
 			ConfigurationException, ServiceException, ValidateException {
-		
+
 		if (session == null)
 			throw new AuthenticationException("auth.10", new Object[] {
 					REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID });
-		
+
 		// post processing of the infoboxes
 		Iterator iter = session.getInfoboxValidatorIterator();
 		boolean formpending = false;
@@ -1430,10 +1421,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse();
 		X509Certificate cert = session.getSignerCertificate();
 		vsresp.setX509certificate(cert);
-		
+
 		session.setAuthenticatedUsed(false);
 		session.setAuthenticated(true);
-		
+
 
 		session.setXMLVerifySignatureResponse(vsresp);
 		session.setSignerCertificate(vsresp.getX509certificate());
@@ -1447,7 +1438,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	/**
 	 * Builds the AuthenticationData object together with the corresponding
 	 * <code>&lt;saml:Assertion&gt;</code>
-	 * 
+	 *
 	 * @param session
 	 *            authentication session
 	 * @param verifyXMLSigResp
@@ -1467,23 +1458,23 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 		IdentityLink identityLink = session.getIdentityLink();
 		AuthenticationData authData = new AuthenticationData();
-	
+
 		VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse();
-		
+
 		boolean businessService = oaParam.getBusinessService();
-		
+
 		authData.setMajorVersion(1);
 		authData.setMinorVersion(0);
 		authData.setAssertionID(Random.nextRandom());
 		authData.setIssuer(session.getAuthURL());
-		
+
 		authData.setIssueInstant(DateTimeUtils.buildDateTimeUTC(Calendar
 				.getInstance()));
-		
+
 		//baseID or wbpk in case of BusinessService without SSO or BusinessService SSO
 		authData.setIdentificationValue(identityLink.getIdentificationValue());
 		authData.setIdentificationType(identityLink.getIdentificationType());
-		
+
 		authData.setGivenName(identityLink.getGivenName());
 		authData.setFamilyName(identityLink.getFamilyName());
 		authData.setDateOfBirth(identityLink.getDateOfBirth());
@@ -1493,25 +1484,25 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		authData.setPublicAuthorityCode(verifyXMLSigResp
 				.getPublicAuthorityCode());
 		authData.setBkuURL(session.getBkuURL());
-		
+
 		try {
-			
+
 			if (session.getUseMandate() && session.isOW()) {
 				MISMandate mandate = session.getMISMandate();
 				authData.setBPK(mandate.getOWbPK());
 				authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + "OW");
 				authData.setIdentityLink(identityLink);
-				
+
 				Logger.trace("Authenticated User is OW: " + mandate.getOWbPK());
-				
+
 			} else {
-			
+
 				if (businessService) {
 					//since we have foreigner, wbPK is not calculated in BKU
 					if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
-							
+
 					 	String registerAndOrdNr = oaParam.getIdentityLinkDomainIdentifier();
-						 
+
 						if (registerAndOrdNr.startsWith(AuthenticationSession.REGISTERANDORDNR_PREFIX_)) {
 							// If domainIdentifier starts with prefix
 							// "urn:publicid:gv.at:wbpk+"; remove this prefix
@@ -1519,47 +1510,47 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 									.substring(AuthenticationSession.REGISTERANDORDNR_PREFIX_.length());
 							Logger.debug("Register and ordernumber prefix stripped off; resulting register string: "
 									+ registerAndOrdNr);
-						} 
-							    
+						}
+
 						String wbpkBase64 = new BPKBuilder().buildWBPK(identityLink.getIdentificationValue(), registerAndOrdNr);
 						authData.setBPK(wbpkBase64);
 						authData.setBPKType( Constants.URN_PREFIX_WBPK + "+" + registerAndOrdNr);
-						
+
 					} else {
 						authData.setBPK(identityLink.getIdentificationValue());
 						authData.setBPKType(identityLink.getIdentificationType());
-						
+
 					}
-					
+
 					Logger.trace("Authenticate user with wbPK " + authData.getBPK());
-					
+
 					Element idlassertion = session.getIdentityLink().getSamlAssertion();
 					//set bpk/wpbk;
 					Node prIdentification = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH);
 					prIdentification.getFirstChild().setNodeValue(authData.getBPK());
-					//set bkp/wpbk type 
+					//set bkp/wpbk type
 					Node prIdentificationType = XPathUtils.selectSingleNode(idlassertion, IdentityLinkAssertionParser.PERSON_IDENT_TYPE_XPATH);
 					prIdentificationType.getFirstChild().setNodeValue(authData.getBPKType());
-					
+
 					IdentityLinkAssertionParser idlparser = new IdentityLinkAssertionParser(idlassertion);
 					IdentityLink idl = idlparser.parseIdentityLink();
 					authData.setIdentityLink(idl);
-					
+
 				} else {
-									
-					if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { 
+
+					if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
 						// only compute bPK if online application is a public service and we have the Stammzahl
 						String bpkBase64 = new BPKBuilder().buildBPK(identityLink.getIdentificationValue(), target);
 						authData.setBPK(bpkBase64);
 						authData.setBPKType(Constants.URN_PREFIX_CDID + "+" + oaParam.getTarget());
 					}
-					
+
 					Logger.trace("Authenticate user with bPK " + authData.getBPK());
-					
+
 					authData.setIdentityLink(identityLink);
 				}
 			}
-				
+
 			return authData;
 
 		} catch (Throwable ex) {
@@ -1570,7 +1561,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 	/**
 	 * Retrieves a session from the session store.
-	 * 
+	 *
 	 * @param id
 	 *            session ID
 	 * @return <code>AuthenticationSession</code> stored with given session ID,
@@ -1578,7 +1569,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 */
 	public static AuthenticationSession getSession(String id)
 			throws AuthenticationException {
-		
+
 		AuthenticationSession session;
 		try {
 			session = AuthenticationSessionStoreage.getSession(id);
@@ -1586,10 +1577,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 			if (session == null)
 				throw new AuthenticationException("auth.02", new Object[] { id });
 			return session;
-			
+
 		} catch (MOADatabaseException e) {
 			throw new AuthenticationException("parser.04", new Object[] { id });
-		} 
+		}
 	}
 
 	/**
@@ -1597,38 +1588,38 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 */
 	public void cleanup() {
 		long now = new Date().getTime();
-		
-		//clean AuthenticationSessionStore		
-			
+
+		//clean AuthenticationSessionStore
+
 		AuthenticationSessionStoreage.clean(now, sessionTimeOutCreated, sessionTimeOutUpdated);
-			
+
 		//clean AssertionStore
 		AssertionStorage assertionstore = AssertionStorage.getInstance();
 		assertionstore.clean(now, authDataTimeOut);
-		
-		//clean ExeptionStore 
+
+		//clean ExeptionStore
 		DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore();
 		exstore.clean(now, authDataTimeOut);
-		
+
 	}
 
 	/**
 	 * Sets the sessionTimeOut.
-	 * 
+	 *
 	 * @param seconds
 	 *            Time out of the session in seconds
 	 */
 	public void setSecondsSessionTimeOutCreated(long seconds) {
 		sessionTimeOutCreated = seconds * 1000;
 	}
-	
+
 	public void setSecondsSessionTimeOutUpdated(long seconds) {
 		sessionTimeOutUpdated = seconds * 1000;
 	}
 
 	/**
 	 * Sets the authDataTimeOut.
-	 * 
+	 *
 	 * @param seconds
 	 *            Time out for signing AuthData in seconds
 	 */
@@ -1638,7 +1629,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 	/**
 	 * Checks a parameter.
-	 * 
+	 *
 	 * @param param
 	 *            parameter
 	 * @return true if the parameter is null or empty
@@ -1649,7 +1640,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 	/**
 	 * Checks the correctness of SAML attributes and returns its value.
-	 * 
+	 *
 	 * @param param
 	 *            samlAttribute
 	 * @param i
@@ -1698,7 +1689,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 		return value;
 	}
-	
+
 	/**
 	   * Does the request to the SZR-GW
 	   * @param signature XMLDSIG signature
@@ -1779,13 +1770,13 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		    return null;
 		
 	  }
-	
+
 	/**
 	 * Starts a MOA-ID authentication process using STORK
 	 * @param req HttpServletRequest
 	 * @param resp HttpServletResponse
 	 * @param ccc Citizen country code
-	 * @param oaURL URL of the online application 
+	 * @param oaURL URL of the online application
 	 * @param target Target parameter
 	 * @param targetFriendlyName Friendly Name of Target
 	 * @param authURL Authentication URL
@@ -1797,36 +1788,34 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 */
 	public static void startSTORKAuthentication(
 			HttpServletRequest req,
-			HttpServletResponse resp, 
+			HttpServletResponse resp,
 			AuthenticationSession moasession) throws MOAIDException, AuthenticationException, WrongParametersException, ConfigurationException {
-		
+
 		if (moasession == null) {
 			throw new AuthenticationException("auth.18", new Object[] { });
 		}
-		
+
 		//read configuration paramters of OA
 		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(moasession.getPublicOAURLPrefix());
 		if (oaParam == null)
 				throw new AuthenticationException("auth.00", new Object[] { moasession.getPublicOAURLPrefix() });
-		
-		//Start of STORK Processing		
+
+		//Start of STORK Processing
 		STORKConfig storkConfig = AuthConfigurationProvider.getInstance().getStorkConfig();
-		
+
 		CPEPS cpeps = storkConfig.getCPEPS(moasession.getCcc());
-    	
-		Logger.debug("Preparing to assemble STORK AuthnRequest witht the following values:");		
-    	String destination = cpeps.getPepsURL().toExternalForm();    	
+
+		Logger.debug("Preparing to assemble STORK AuthnRequest witt the following values:");
+    	String destination = cpeps.getPepsURL().toExternalForm();
     	Logger.debug("C-PEPS URL: " + destination);
-    	
+
     	String acsURL = HTTPUtils.getBaseURL(req) + PEPSConnectorServlet.PEPSCONNECTOR_SERVLET_URL_PATTERN;
     	Logger.debug("MOA Assertion Consumer URL (PEPSConnctor): " + acsURL);
-    	
+
     	String providerName= oaParam.getFriendlyName();
     	String issuerValue = HTTPUtils.getBaseURL(req);
     	Logger.debug("Issuer value: " + issuerValue);
 
-
-
     	// prepare collection of required attributes
     	// - attributes for online application
     	List<OAStorkAttribute> attributesFromConfig = oaParam.getRequestedAttributes();
@@ -1838,7 +1827,15 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     	for(OAStorkAttribute current : attributesFromConfig) {
 	    	PersonalAttribute newAttribute = new PersonalAttribute();
 	    	newAttribute.setName(current.getName());
-	    	newAttribute.setIsRequired(current.isMandatory());
+
+	    	boolean globallyMandatory = false;
+	    	for(StorkAttribute currentGlobalAttribute : storkConfig.getStorkAttributes())
+	    		if(current.getName().equals(currentGlobalAttribute.getName())) {
+	    			globallyMandatory = currentGlobalAttribute.isMandatory();
+	    			break;
+	    		}
+
+	    	newAttribute.setIsRequired(current.isMandatory() || globallyMandatory);
 	    	attributeList.add(newAttribute);
     	}
 
@@ -1867,32 +1864,23 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     	authnRequest.setSpSector(spSector);
     	authnRequest.setPersonalAttributeList(attributeList);
 
-//    			STORKAuthnRequestProcessor.generateSTORKAuthnRequest(
-//    			destination,
-//    			acsURL,
-//    			providerName,
-//    			issuerValue,
-//    			qaaLevel,
-//    			spInstitution,
-//    			spApplication,
-//    			spCountry,
-//    			spSector,
-//    			requestedAttributes,
-
-//    			textToBeSigned,
-//    			"application/xhtml+xml");
+    	authnRequest.setEIDCrossBorderShare(true);
+    	authnRequest.setEIDCrossSectorShare(true);
+    	authnRequest.setEIDSectorShare(true);
+
+    	authnRequest.setCitizenCountryCode("LOCAL");
+
 
     	Logger.debug("STORK AuthnRequest succesfully assembled.");
 
     	STORKSAMLEngine samlEngine = STORKSAMLEngine.getInstance("CONF0");
     	try {
     		authnRequest = samlEngine.generateSTORKAuthnRequest(authnRequest);
-//			authnRequest = STORKAuthnRequestProcessor.signSTORKAuthnRequest(authnRequest, keyStorePath, keyStorePassword, keyName, keyPassword);
     	} catch (STORKSAMLEngineException e) {
 			Logger.error("Could not sign STORK SAML AuthnRequest.", e);
 			throw new MOAIDException("stork.00", null);
 		}
-    	
+
 		Logger.info("STORK AuthnRequest successfully signed!");
 		
     	//validate AuthnRequest
@@ -1936,7 +1924,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 
 		Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination());
 	}
-	
+
 	/**
 	 * Extracts an X509 Certificate out of an XML signagture element
 	 * @param signedXML XML signature element
@@ -1944,27 +1932,27 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * @throws CertificateException
 	 */
 	public static X509Certificate getCertificateFromXML(Element signedXML) throws CertificateException {
-		
+
 		NodeList nList = signedXML.getElementsByTagNameNS(Constants.DSIG_NS_URI, "X509Certificate");
-		
+
 		String base64CertString = XMLUtil.getFirstTextValueFromNodeList(nList);
-		
-		if (StringUtils.isEmpty(base64CertString)) {					
+
+		if (StringUtils.isEmpty(base64CertString)) {
 			String msg = "XML does not contain a X509Certificate element.";
 			Logger.error(msg);
 			throw new CertificateException(msg);
 		}
-		
+
 		InputStream is = new ByteArrayInputStream(Base64.decode(base64CertString));
-		
+
 		X509Certificate cert;
 		try {
 			cert = new X509Certificate(is);
 			return cert;
-			
+
 		} catch (Throwable e) {
 			throw new CertificateException(e);
 		}
 	}
-	
+
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
index 25f12af62..e388b39e7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/stork/STORKConfig.java
@@ -1,5 +1,5 @@
 /**
- * 
+ *
  */
 package at.gv.egovernment.moa.id.config.stork;
 
@@ -25,119 +25,129 @@ import eu.stork.vidp.messages.util.XMLUtil;
 import at.gv.egovernment.moa.id.commons.db.dao.config.SAMLSigningParameter;
 import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
 import at.gv.egovernment.moa.id.commons.db.dao.config.SignatureVerificationParameterType;
+import at.gv.egovernment.moa.id.commons.db.dao.config.StorkAttribute;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.StringUtils;
 
 /**
  * Encapsulates several STORK configuration parameters according MOA configuration
- * 
+ *
  * @author bzwattendorfer
  *
  */
 public class STORKConfig {
-	
+
 	/** STORK SAML signature creation parameters */
 	private Properties props = null;
 	private Map<String, CPEPS> cpepsMap  = null;
 	private String basedirectory = null;
 	private SignatureVerificationParameter sigverifyparam = null;
-	
-	
+	private List<StorkAttribute> attr = null;
+
+
 	public STORKConfig(STORK stork, Properties props, String basedirectory) {
 		this.basedirectory = basedirectory;
 		this.props = props;
-		
+
 		//create CPEPS map
 		List<at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS> cpeps = stork.getCPEPS();
 		
 		cpepsMap = new HashMap<String, CPEPS>();
-		
+
 		for(at.gv.egovernment.moa.id.commons.db.dao.config.CPEPS cpep : cpeps) {
-			
+
 			try {
 				CPEPS moacpep = new CPEPS(cpep.getCountryCode(), new URL(cpep.getURL()));
-				
-				List<String> attr = cpep.getAttributeValue();
-				
-				ArrayList<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>();
-				
-				for (String e1 : attr) {
-					Element element = XMLUtil.stringToDOM(e1);
-					RequestedAttribute requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(element);
-					requestedAttributes.add(requestedAttribute);
-				}
-				moacpep.setCountrySpecificRequestedAttributes(requestedAttributes);
-				
+
+
+
+//				List<String> attr = cpep.getAttributeValue();
+//
+//				ArrayList<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>();
+//
+//				for (String e1 : attr) {
+//					Element element = XMLUtil.stringToDOM(e1);
+//					RequestedAttribute requestedAttribute = (RequestedAttribute) SAMLUtil.unmarshallMessage(element);
+//					requestedAttributes.add(requestedAttribute);
+//				}
+//				moacpep.setCountrySpecificRequestedAttributes(requestedAttributes);
+
 				cpepsMap.put(cpep.getCountryCode(), moacpep);
-				
+
 			} catch (MalformedURLException e) {
-				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country " 
+				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
 						+ cpep.getCountryCode() + " has an invalid URL and is ignored.");
-			} catch (ParserConfigurationException e) {
-				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country " 
-						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
-			} catch (SAXException e) {
-				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country " 
-						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
-			} catch (IOException e) {
-				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country " 
-						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
-			} catch (MessageEncodingException e) {
-				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country " 
-						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
+//			} catch (ParserConfigurationException e) {
+//				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+//						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
+//			} catch (SAXException e) {
+//				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+//						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
+//			} catch (IOException e) {
+//				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+//						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
+//			} catch (MessageEncodingException e) {
+//				Logger.warn("Error in MOA-ID Configuration. CPEP entry for country "
+//						+ cpep.getCountryCode() + " has an invalid Attribute and is ignored.");
 			}
-		}
-		
-		SAMLSigningParameter samlsign = stork.getSAMLSigningParameter();
 		
-		if (samlsign == null) {
-			Logger.warn("Error in MOA-ID Configuration. No STORK->SAMLSigningParameter configuration found.");
 
-		} else {
-			SignatureVerificationParameterType sigverify = samlsign.getSignatureVerificationParameter();
-		
-			if (sigverify == null) {
-				Logger.warn("Error in MOA-ID Configuration. No STORK->SignatureVerificationParameter configuration found.");
-				
-			} else {
-				sigverifyparam = new SignatureVerificationParameter(sigverify.getTrustProfileID());
-			}
+//		SAMLSigningParameter samlsign = stork.getSAMLSigningParameter();   // TODO Fix nullpointerexception when nothing is configured
+//
+//		if (samlsign == null) {
+//			Logger.warn("Error in MOA-ID Configuration. No STORK->SAMLSigningParameter configuration found.");
+//
+//		} else {
+//			SignatureVerificationParameterType sigverify = samlsign.getSignatureVerificationParameter();
+//
+//			if (sigverify == null) {
+//				Logger.warn("Error in MOA-ID Configuration. No STORK->SignatureVerificationParameter configuration found.");
+//
+//			} else {
+//				sigverifyparam = new SignatureVerificationParameter(sigverify.getTrustProfileID());
+//			}
+//		}
+		attr = new ArrayList<StorkAttribute>();
+		for(StorkAttribute current : stork.getAttributes()) {
+			attr.add(current);
 		}
-		
+
 	}
 
 	public SignatureCreationParameter getSignatureCreationParameter() {
-		
+
 		return new SignatureCreationParameter(props, basedirectory);
 	}
 
 	public SignatureVerificationParameter getSignatureVerificationParameter() {
-	
-		return sigverifyparam; 	
+
+		return sigverifyparam;
 	}
 
 	public Map<String, CPEPS> getCpepsMap() {
 		return cpepsMap;
 	}
-	
+
 	public boolean isSTORKAuthentication(String ccc) {
-		  
+
 		  if (StringUtils.isEmpty(ccc) || this.cpepsMap.isEmpty())
 			  return false;
-		   		 
+
 		  if (this.cpepsMap.containsKey(ccc.toUpperCase()))
 			  return true;
 		  else
 			  return false;
-			  
+
 	}
-	
+
 	public CPEPS getCPEPS(String ccc) {
 		if (isSTORKAuthentication(ccc))
 			return this.cpepsMap.get(ccc);
 		else
 			return null;
 	}
-	
 
+	public List<StorkAttribute> getStorkAttributes() {
+		return attr;
+	}
 }
author	Florian Reimair <florian.reimair@iaik.tugraz.at>	2014-01-21 16:02:14 +0100
committer	Florian Reimair <florian.reimair@iaik.tugraz.at>	2014-01-27 16:43:21 +0100
commit	8cdac4252e1ea43aada04b71ee95d2509c4a75f3 (patch)
tree	4319df9901275a977173866ed984ad661130ab2c /id
parent	9cb68043945f53246928443cea723b58ee2b1c24 (diff)
download	moa-id-spss-8cdac4252e1ea43aada04b71ee95d2509c4a75f3.tar.gz moa-id-spss-8cdac4252e1ea43aada04b71ee95d2509c4a75f3.tar.bz2 moa-id-spss-8cdac4252e1ea43aada04b71ee95d2509c4a75f3.zip