diff options
| author | Alexander Marsalek <amarsalek@iaik.tugraz.at> | 2014-07-08 14:58:58 +0200 |
|---|---|---|
| committer | Alexander Marsalek <amarsalek@iaik.tugraz.at> | 2014-07-08 14:58:58 +0200 |
| commit | 5f01c76acc4bcb0539f3de39b3e38e0bd25e336f (patch) | |
| tree | b5d3682ec96a1165a0448380aa78478b71b08eea /id | |
| parent | 487db6041f9c215e7d6cb93ed1d5b93ebb607ee3 (diff) | |
| download | moa-id-spss-5f01c76acc4bcb0539f3de39b3e38e0bd25e336f.tar.gz moa-id-spss-5f01c76acc4bcb0539f3de39b3e38e0bd25e336f.tar.bz2 moa-id-spss-5f01c76acc4bcb0539f3de39b3e38e0bd25e336f.zip | |
szrg connector now extracts signature form Signresponse
Diffstat (limited to 'id')
2 files changed, 61 insertions, 25 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java index 129494cbe..bf2df9d7a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/PEPSConnectorWithLocalSigningServlet.java @@ -205,15 +205,15 @@ public class PEPSConnectorWithLocalSigningServlet extends AuthServlet { moaSession.setXMLVerifySignatureResponse(tmp); try{ IPersonalAttributeList personalAttributeList = moaSession.getAuthnResponseGetPersonalAttributeList(); - //Add signResponse + //Add SignResponse TODO Add signature (extracted from signResponse)? List<String> values = new ArrayList<String>(); - //values.add(signResponseString); - values.add(citizenSignature); + values.add(signResponseString); +// values.add(citizenSignature); Logger.debug("Assembling signedDoc attribute"); PersonalAttribute signedDocAttribute = new PersonalAttribute("signedDoc", false, values, "Available"); personalAttributeList.add(signedDocAttribute); - + String authnContextClassRef = moaSession.getAuthnContextClassRef(); SZRGInsertion(moaSession, personalAttributeList, authnContextClassRef); } catch (STORKException e) { diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java index 46fd06741..5d7eefe0a 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/stork/STORKResponseProcessor.java @@ -26,28 +26,19 @@ package at.gv.egovernment.moa.id.auth.stork;
import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
import java.util.List;
import java.util.Vector;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.namespace.QName;
+import javax.activation.DataSource;
+import javax.xml.transform.Source;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactoryConfigurationError;
+import javax.xml.transform.stream.StreamSource;
-import org.opensaml.common.binding.BasicSAMLMessageContext;
-import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
-import org.opensaml.saml2.core.Assertion;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.ws.transport.http.HTTPInTransport;
-import org.opensaml.ws.transport.http.HTTPOutTransport;
-import org.opensaml.ws.transport.http.HttpServletRequestAdapter;
-import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSAny;
-import org.opensaml.xml.schema.XSString;
-import org.opensaml.xml.util.Base64;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Element;
-import org.w3c.dom.NodeList;
+import org.apache.commons.io.IOUtils;
import at.gv.egovernment.moa.id.auth.AuthenticationServer;
import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
@@ -57,12 +48,16 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException; import at.gv.egovernment.moa.id.auth.exception.ParseException;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.client.SZRGWClientException;
-import at.gv.egovernment.moa.id.util.XMLUtil;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DateTimeUtils;
import at.gv.egovernment.moa.util.StringUtils;
import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
+import eu.stork.oasisdss.api.ApiUtils;
+import eu.stork.oasisdss.api.LightweightSourceResolver;
+import eu.stork.oasisdss.api.exceptions.ApiUtilsException;
+import eu.stork.oasisdss.api.exceptions.UtilsException;
+import eu.stork.oasisdss.profile.SignResponse;
import eu.stork.peps.auth.commons.IPersonalAttributeList;
import eu.stork.peps.auth.commons.PersonalAttribute;
@@ -142,7 +137,13 @@ public class STORKResponseProcessor { Logger.trace("Starting call...");
// if there is no signedDoc attribute, we cannot go on
- String citizenSignature = getAttributeValue("signedDoc", attributeList);
+ String signResponseString = getAttributeValue("signedDoc", attributeList);
+
+ //Extract signature from SIgnResponse
+ Source response1 = new StreamSource(new java.io.StringReader(signResponseString));
+ SignResponse dssSignResponse = ApiUtils.unmarshal(response1, SignResponse.class);
+ String citizenSignature = getCitizienSignatureFromSignResponse(dssSignResponse);
+
String fiscalNumber = getAttributeValue("fiscalNumber", attributeList, false);
// if we have a signedDoc we test for a representation case
@@ -235,7 +236,27 @@ public class STORKResponseProcessor { } catch (ParseException e) {
Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
throw new MOAIDException("auth.25", null, e);
-
+ } catch (ApiUtilsException e) {
+ Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+ throw new MOAIDException("auth.25", null, e);
+ } catch (IllegalArgumentException e) {
+ Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+ throw new MOAIDException("auth.25", null, e);
+ } catch (TransformerConfigurationException e) {
+ Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+ throw new MOAIDException("auth.25", null, e);
+ } catch (UtilsException e) {
+ Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+ throw new MOAIDException("auth.25", null, e);
+ } catch (TransformerException e) {
+ Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+ throw new MOAIDException("auth.25", null, e);
+ } catch (TransformerFactoryConfigurationError e) {
+ Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+ throw new MOAIDException("auth.25", null, e);
+ } catch (IOException e) {
+ Logger.error("Error parsing IdentityLink received from SZR-Gateway: ", e);
+ throw new MOAIDException("auth.25", null, e);
}
return identityLink;
@@ -272,5 +293,20 @@ public class STORKResponseProcessor { return moaExtendedSAMLAttributeList;
}
+
+ private static String getCitizienSignatureFromSignResponse(SignResponse dssSignResponse) throws IllegalArgumentException, TransformerConfigurationException, UtilsException, TransformerException, TransformerFactoryConfigurationError, IOException, ApiUtilsException
+ {
+ // fetch signed doc
+ DataSource ds = LightweightSourceResolver.getDataSource(dssSignResponse);
+ if(ds == null){
+ throw new ApiUtilsException("No datasource found in response");
+ }
+
+ InputStream incoming = ds.getInputStream();
+ String citizenSignature = IOUtils.toString(incoming);
+ incoming.close();
+
+ return citizenSignature;
+ }
}
|