add foreign bPK generation into AuthenticationDataBuilder

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-06-12 06:25:41 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2018-06-12 06:25:41 +0200
commit: b53d2f387282b731ea72806ec7d410a1c27a878d (patch)
tree: 636ba240e98107d44dedab8c0b9453b057cfcb8d /id
parent: 23201ce112d9aa132783f984e0765c0cacca95a5 (diff)
download: moa-id-spss-b53d2f387282b731ea72806ec7d410a1c27a878d.tar.gz
moa-id-spss-b53d2f387282b731ea72806ec7d410a1c27a878d.tar.bz2
moa-id-spss-b53d2f387282b731ea72806ec7d410a1c27a878d.zip
17 files changed, 228 insertions, 14 deletions
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
index b4b3aaf13..f67d4fa27 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OATargetConfiguration.java
@@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletRequest;
 import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.AuthComponentOA;
 import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.IdentificationNumber;
 import at.gv.egovernment.moa.id.commons.db.dao.config.deprecated.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.commons.validation.TargetValidator;
 import at.gv.egovernment.moa.id.configuration.Constants;
 import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
@@ -56,6 +57,8 @@ public class OATargetConfiguration implements IOnlineApplicationData {
 	private String identificationNumber = null;
 	private String identificationType = null;
 	private static List<String> identificationTypeList = null;
+
+	private String foreignbPKTargets = null;
 	
 	public OATargetConfiguration() {
 		 targetList = TargetValidator.getListOfTargets();
@@ -145,6 +148,24 @@ public class OATargetConfiguration implements IOnlineApplicationData {
 			}						 
 		}
 		
+		
+		//parse foreign bPK sector list
+		if (KeyValueUtils.isCSVValueString(dbOA.getForeignbPKTargetList()))
+			foreignbPKTargets = KeyValueUtils.normalizeCSVValueString(dbOA.getForeignbPKTargetList());
+		
+		else {
+			if (dbOA.getForeignbPKTargetList().contains(KeyValueUtils.CSV_DELIMITER)) {
+				//remove trailing comma if exist
+				foreignbPKTargets = dbOA.getForeignbPKTargetList().substring(0, 
+						dbOA.getForeignbPKTargetList().indexOf(KeyValueUtils.CSV_DELIMITER));
+											
+			} else
+				foreignbPKTargets = dbOA.getForeignbPKTargetList();
+			
+		}
+			
+		
+		
 		return null;
 	}
 
@@ -253,6 +274,9 @@ public class OATargetConfiguration implements IOnlineApplicationData {
                 }
             }
         }
+        
+        dbOA.setForeignbPKTargetList(getForeignbPKTargets());
+        
 		return null;
 	}
 
@@ -401,6 +425,22 @@ public class OATargetConfiguration implements IOnlineApplicationData {
 	public void setSubTargetSet(boolean subTargetSet) {
 		this.subTargetSet = subTargetSet;
 	}
+
+
+	public String getForeignbPKTargets() {
+		return foreignbPKTargets;
+	}
+
+
+	public void setForeignbPKTargets(String foreignbPKTargets) {
+		if (MiscUtil.isNotEmpty(foreignbPKTargets))
+			this.foreignbPKTargets = 
+				KeyValueUtils.removeAllNewlineFromString(foreignbPKTargets);
+		else
+			this.foreignbPKTargets = foreignbPKTargets;
+	}
+	
+	
     
     
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
index ca0231577..4807d479e 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OATargetConfigValidation.java
@@ -161,6 +161,10 @@ public class OATargetConfigValidation {
 			}
 		}
 		
+        
+        //foreign bPK configuration
+        
+        
 		return errors;
 	}
 }
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
index 4b29f901a..2006625ff 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
@@ -243,6 +243,7 @@ webpages.oaconfig.general.friendlyname=Name der Online-Applikation
 webpages.oaconfig.general.isbusinessservice=Privatwirtschaftliche Applikation
 webpages.oaconfig.general.isstorkservice=Stork Applikation
 webpages.oaconfig.general.public.header=&Ouml;ffentlicher Bereich
+webpages.oaconfig.general.foreignbpk.header=Fremd-bPK Konfiguration 
 webpages.oaconfig.general.stork.header=STORK Bereich
 webpages.oaconfig.general.stork.countrycode=Landesvorwahl
 webpages.oaconfig.general.target.friendlyname=Bezeichnung des Bereichs (Frei w\u00E4hlbar)
@@ -262,6 +263,8 @@ webpages.oaconfig.general.aditional.iframe=B\u00FCrgerkartenauswahl im IFrame
 webpages.oaconfig.general.aditional.useUTC=UTC Zeit verwenden
 webpages.oaconfig.general.aditional.calculateHPI="TODO!"
 webpages.oaconfig.general.isHideBPKAuthBlock=bPK/wbPK im AuthBlock ausblenden
+webpages.oaconfig.general.foreign.sectors=Sektoren f\u00FCr Fremd-bPKs (CSV)
+
 
 webpages.oaconfig.general.szrgw.header=SZR-Gateway Service
 webpages.oaconfig.general.szrgw.selected=SZR-Gateway Service URL
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
index d642994de..694294df7 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
@@ -249,6 +249,7 @@ webpages.oaconfig.general.friendlyname=Name of the Online-Application
 webpages.oaconfig.general.isbusinessservice=Private sector application
 webpages.oaconfig.general.isstorkservice=Stork application
 webpages.oaconfig.general.public.header=Public sector
+webpages.oaconfig.general.foreignbpk.header=Foreign sectors configuration
 webpages.oaconfig.general.stork.header=STORK sector
 webpages.oaconfig.general.stork.countrycode=Country code
 webpages.oaconfig.general.target.friendlyname=Name of the sector (arbitrary defined)
@@ -268,6 +269,7 @@ webpages.oaconfig.general.aditional.iframe=Selection of citizen card in IFrame
 webpages.oaconfig.general.aditional.useUTC=Use UTC time
 webpages.oaconfig.general.aditional.calculateHPI="TODO!"
 webpages.oaconfig.general.isHideBPKAuthBlock=Hide bPK/wbPK from AuthBlock
+webpages.oaconfig.general.foreign.sectors=Sectors for foreign pseudonyms (CSV)
 
 webpages.oaconfig.general.szrgw.header=SZR-Gateway Service
 webpages.oaconfig.general.szrgw.selected=SZR-Gateway Service URL
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp
index b8bd1dc02..a61ce3053 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp
@@ -111,5 +111,20 @@
 	 						</s:else>
 						</div>
 					</s:if>
+					
+					<div id="oa_config_foreignbPKArea" class="oa_config_block">
+						<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.foreignbpk.header", request) %></h3>
+						<s:textarea name="targetConfig.foreignbPKTargets" 
+									value="%{targetConfig.foreignbPKTargets}" 
+									labelposition="left"
+									key="webpages.oaconfig.general.foreign.sectors"
+									cssClass="textfield_long"
+									rows="6"								
+									requiredLabel="true"
+									style="height:120px;">								
+						</s:textarea>
+					
+					</div>
+					
 
 </html>
 \ No newline at end of file
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
index e8d49a391..27b45fa78 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
@@ -206,7 +206,15 @@ public class ServicesTargetTask extends AbstractTaskValidator implements ITaskVa
 				}												
 			}
 		}
-				
+			
+		
+		//validate foreign bPK targets
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN);
+		if (MiscUtil.isNotEmpty(check)) {
+			log.debug("Find foreign bPK targets, but no validation is required");
+			
+		}
+		
 		if (!errors.isEmpty())
 			throw new ConfigurationTaskValidationException(errors);
 				
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index b93de5119..91159ad4e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -30,9 +30,13 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Date;
+import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
 
+import javax.annotation.PostConstruct;
 import javax.naming.ldap.LdapName;
 import javax.naming.ldap.Rdn;
 
@@ -102,12 +106,32 @@ import iaik.x509.X509Certificate;
 @Service("AuthenticationDataBuilder")
 public class AuthenticationDataBuilder extends MOAIDAuthConstants {
 
+	private static final String CONFIGURATION_PROP_FOREIGN_BPK_ENC_KEYS = "configuration.foreignsectors.pubkey";
+	
 	@Autowired private IAuthenticationSessionStoreage authenticatedSessionStorage;
 	@Autowired protected AuthConfiguration authConfig;
 	@Autowired private AttributQueryBuilder attributQueryBuilder;
 	@Autowired private SAMLVerificationEngineSP samlVerificationEngine;
 	@Autowired(required=true) private MOAMetadataProvider metadataProvider;
 	
+	private Map<String, X509Certificate> encKeyMap = new HashMap<String, X509Certificate>();
+	
+	@PostConstruct
+	private void initialize() {
+		 Map<String, String> pubKeyMap = authConfig.getBasicMOAIDConfigurationWithPrefix(CONFIGURATION_PROP_FOREIGN_BPK_ENC_KEYS);
+		 for (Entry<String, String> el : pubKeyMap.entrySet()) {
+			 try {
+				encKeyMap.put(el.getKey(), new X509Certificate(Base64Utils.decode(el.getValue(), false)));
+				Logger.info("Load foreign bPK encryption certificate for sector: " + el.getKey()); 
+				
+			 } catch (Exception e) {
+				Logger.warn("Can NOT load foreign bPK encryption certificate for sector: \" + el.getKey()", e); 
+				 
+			 }
+			 			 
+		 }		
+	}
+	
 	
 	public IAuthData buildAuthenticationData(IRequest pendingReq, 
             IAuthenticationSession session) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException {
@@ -648,7 +672,7 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants {
 					Logger.info("Can NOT set Organwalter IdentityLink. Msg: No IdentityLink found");				
 
 				
-				//set bPK and IdenityLink for all other
+				//set bPK and IdentityLink for all other
 			} else {
 				//build bPK
 				String pvpbPKValue = getbPKValueFromPVPAttribute(session);
@@ -724,7 +748,11 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants {
 						
 					}					
 				}
-								
+				
+				//build foreign bPKs
+				generateForeignbPK(authData, oaParam.foreignbPKSectorsRequested()); 
+				
+				
 				//build IdentityLink
 				if (identityLink != null)
 					authData.setIdentityLink(buildOAspecificIdentityLink(oaParam, identityLink, authData.getBPK(), authData.getBPKType()));
@@ -810,6 +838,61 @@ public class AuthenticationDataBuilder extends MOAIDAuthConstants {
 		
 	}
 
+	private void generateForeignbPK(AuthenticationData authData, List<String> foreignSectors) {
+		if (foreignSectors != null && !foreignSectors.isEmpty()) {
+			Logger.debug("Sectors for foreign bPKs are configurated. Starting foreign bPK generation ... ");					
+			for (String foreignSector : foreignSectors) {
+				Logger.trace("Process sector: " + foreignSector + " ... ");
+				if (encKeyMap.containsKey(foreignSector)) {
+					try {
+						String sector = null;
+						//splitt sector into VKZ and target
+						if (foreignSector.startsWith("wbpk")) {
+							Logger.trace("Find foreign private sector " + foreignSector);
+							sector = Constants.URN_PREFIX + ":" + foreignSector;
+							
+						} else {
+							String[] split = foreignSector.split("+");
+							if (split.length != 2)  {
+								Logger.warn("Foreign sector: " + foreignSector + " looks WRONG. IGNORE IT!");
+								
+							} else {
+								Logger.trace("Find foreign public sector. VKZ: " + split[0] + " Target: " + split[1]);	
+								sector = Constants.URN_PREFIX_CDID + "+" + split[1];
+								
+							}
+															
+						}
+						
+						if (sector != null) {								
+							Pair<String, String> bpk = new BPKBuilder().generateAreaSpecificPersonIdentifier(
+									authData.getIdentificationValue(), 
+									authData.getIdentificationType(), 										
+									sector);								
+							String foreignbPK = BPKBuilder.encryptBPK(bpk.getFirst(), bpk.getSecond(), encKeyMap.get(foreignSector).getPublicKey());																		
+							authData.getEncbPKList().add("(" + foreignSector + "|" +  foreignbPK + ")");
+							Logger.debug("Foreign bPK for sector: " + foreignSector + " created.");
+							
+						}
+														
+					} catch (Exception e) {
+						Logger.warn("Foreign bPK generation FAILED for sector: " + foreignSector, e);
+						
+					}
+																		
+				} else { 
+					Logger.info("NO encryption cerfificate FOUND in configuration for sector: " + foreignSector);
+					Logger.info("Foreign bPK for sector: " + foreignSector + " is NOT possible");
+					
+				}				
+			}
+			
+		} else
+			Logger.debug("No foreign bPKs required for this service provider");
+		
+	}
+	
+	
 	/**
 	 * Check a bPK-Type against a Service-Provider configuration <br>
 	 * If bPK-Type is <code>null</code> the result is <code>false</code>.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
index a7f6e873f..04df32309 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/BPKBuilder.java
@@ -266,16 +266,21 @@ public class BPKBuilder {
     
 	public static String encryptBPK(String bpk, String target, PublicKey publicKey) throws BuildException {
 		MiscUtil.assertNotNull(bpk, "BPK");
+		MiscUtil.assertNotNull(target, "sector");
 		MiscUtil.assertNotNull(publicKey, "publicKey");
-		
+			
 		SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss");
-		if (target.startsWith(Constants.URN_PREFIX_CDID + "+"))
-			target = target.substring((Constants.URN_PREFIX_CDID + "+").length());
 		
-		String input = "V1::urn:publicid:gv.at:cdid+" + target + "::"
+		if (!target.startsWith(Constants.URN_PREFIX)) {
+			throw new BuildException("bPK encryption FAILED. bPK target does NOT starts with a valid prefix", null);
+			
+		}
+		
+		String input = "V1::" 
+			+ target + "::"
 		    + bpk + "::"
 		    + sdf.format(new Date());
-		System.out.println(input);
+		Logger.trace("Foreign bPK: " + input);
 		byte[] result;
 		try {
 			byte[] inputBytes = input.getBytes("ISO-8859-1");
@@ -287,6 +292,17 @@ public class BPKBuilder {
 		}		
 	}
 
+	
+	/**
+	 * Currently only works for bPKs!!!!
+	 * 
+	 * 
+	 * @param encryptedBpk
+	 * @param target
+	 * @param privateKey
+	 * @return
+	 * @throws BuildException
+	 */
 	public static String decryptBPK(String encryptedBpk, String target, PrivateKey privateKey) throws BuildException {
 		MiscUtil.assertNotEmpty(encryptedBpk, "Encrypted BPK");
 		MiscUtil.assertNotNull(privateKey, "Private key");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
index 0fba2d3f6..3a0a002e8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/VerifyXMLSignatureResponseParser.java
@@ -209,7 +209,7 @@ public class VerifyXMLSignatureResponseParser {
       
       String signingTimeElement = XPathUtils.getElementValue(verifyXMLSignatureResponse,SIGNING_TIME_XPATH,"");
       if (MiscUtil.isNotEmpty(signingTimeElement)) {
-    	  DateTime datetime = ISODateTimeFormat.dateTimeNoMillis().parseDateTime(signingTimeElement);
+    	  DateTime datetime = ISODateTimeFormat.dateOptionalTimeParser().parseDateTime(signingTimeElement);
     	  respData.setSigningDateTime(datetime.toDate());
     	  
       }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 59bd3893d..140ebcfc8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -54,10 +54,8 @@ import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
-import java.util.Map.Entry;
 import java.util.Set;
 
 import org.apache.commons.lang.SerializationUtils;
@@ -935,4 +933,16 @@ public String toString() {
 	return "Object not initialized";
 }
 
+
+@Override
+public List<String> foreignbPKSectorsRequested() {
+	String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN);
+	if (MiscUtil.isNotEmpty(value))
+		return KeyValueUtils.getListOfCSVValues(KeyValueUtils.normalizeCSVValueString(value));
+		
+	else
+		return null;
+	
+}
+
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
index f3db82315..31b894604 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/data/DynamicOAAuthParameters.java
@@ -531,5 +531,11 @@ public class DynamicOAAuthParameters implements IOAAuthParameters, Serializable{
 		return false;
 	}
 
+	@Override
+	public List<String> foreignbPKSectorsRequested() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
 	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
index 7f56f519b..4cd9ecd6a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/data/AuthenticationData.java
@@ -691,6 +691,8 @@ public class AuthenticationData  implements IAuthData, Serializable {
 	 * @return the encbPKList
 	 */
 	public List<String> getEncbPKList() {
+		if (encbPKList == null)
+			encbPKList = new ArrayList<String>();
 		return encbPKList;
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java
index 9dfbe00b2..f5c48b826 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/builder/attributes/EncryptedBPKAttributeBuilder.java
@@ -41,7 +41,7 @@ public class EncryptedBPKAttributeBuilder implements IPVPAttributeBuilder {
 
 		if (authData.getEncbPKList() != null &&
 				authData.getEncbPKList().size() > 0) {
-			String value = authData.getEncbPKList().get(0);
+			String value = "(" + authData.getEncbPKList().get(0) + ")";
 			for (int i=1; i<authData.getEncbPKList().size(); i++)
 				value += ";"+authData.getEncbPKList().get(i);			
 			
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
index 1e1bfa94b..332764edf 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
@@ -254,4 +254,11 @@ public interface IOAAuthParameters {
 	
 	public List<Integer> getReversionsLoggingEventCodes();
 	
+	/**
+	 * Get a List of sectors for that this service provider requires foreign bPKs
+	 * 
+	 * @return list of sectors, or null if no sectors are defined
+	 */
+	public List<String> foreignbPKSectorsRequested();
+	
 }
 \ No newline at end of file
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
index 93f26051c..b49278947 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
@@ -174,6 +174,9 @@ public class ConfigurationMigrationUtils {
 				}
 			}
 			
+			if (MiscUtil.isNotEmpty(oa.getForeignbPKTargetList()))
+				result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN, oa.getForeignbPKTargetList());
+			
 			//convert selected SZR-GW service
 			if (MiscUtil.isNotEmpty(oa.getSelectedSZRGWServiceURL()))
 				result.put(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL, oa.getSelectedSZRGWServiceURL());
@@ -826,6 +829,9 @@ public class ConfigurationMigrationUtils {
 	            }
 	        }
 
+	        if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN)))
+	        		dbOA.setForeignbPKTargetList(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN));
+	        
             //store BKU-URLs
             BKUURLS bkuruls = new BKUURLS();
             authoa.setBKUURLS(bkuruls);
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
index 695df3123..8b52e4e0c 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
@@ -61,6 +61,8 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants {
 	private static final String SERVICE_AUTH_TARGET_BUSINESS = SERVICE_AUTH_TARGET + ".business";	
 	public static final String SERVICE_AUTH_TARGET_BUSINESS_TYPE = SERVICE_AUTH_TARGET_BUSINESS + ".type";
 	public static final String SERVICE_AUTH_TARGET_BUSINESS_VALUE = SERVICE_AUTH_TARGET_BUSINESS + ".value";
+	public static final String SERVICE_AUTH_TARGET_FOREIGN = SERVICE_AUTH_TARGET + ".foreign";
+	
 	
 	public static final String SERVICE_AUTH_TARGET_PUBLIC_TARGET = SERVICE_AUTH_TARGET_PUBLIC + ".target"; 
 	public static final String SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB = SERVICE_AUTH_TARGET_PUBLIC + ".target.sub";
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OnlineApplication.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OnlineApplication.java
index 196923ce6..e37873a72 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OnlineApplication.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/OnlineApplication.java
@@ -115,10 +115,20 @@ public class OnlineApplication
     @XmlTransient
     protected String mandateServiceSelectionTemplateURL = null;
     
+    @XmlTransient
+    protected String foreignbPKTargetList = null;
     
+
     
-    
-    /**
+    public String getForeignbPKTargetList() {
+		return foreignbPKTargetList;
+	}
+
+	public void setForeignbPKTargetList(String foreignbPKTargetList) {
+		this.foreignbPKTargetList = foreignbPKTargetList;
+	}
+
+	/**
 	 * @return the saml2PostBindingTemplateURL
 	 */
 	public String getSaml2PostBindingTemplateURL() {
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-06-12 06:25:41 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2018-06-12 06:25:41 +0200
commit	b53d2f387282b731ea72806ec7d410a1c27a878d (patch)
tree	636ba240e98107d44dedab8c0b9453b057cfcb8d /id
parent	23201ce112d9aa132783f984e0765c0cacca95a5 (diff)
download	moa-id-spss-b53d2f387282b731ea72806ec7d410a1c27a878d.tar.gz moa-id-spss-b53d2f387282b731ea72806ec7d410a1c27a878d.tar.bz2 moa-id-spss-b53d2f387282b731ea72806ec7d410a1c27a878d.zip