6 files changed, 68 insertions, 65 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
index 70db9cc23..04b7854b1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
@@ -40,7 +40,7 @@ public class AuthenticationAction implements IAction {
 		
 		PVPTargetConfiguration pvpRequest = (PVPTargetConfiguration) req;
 		
-		SLOInformationImpl sloInformation = (SLOInformationImpl) RequestManager.getInstance().handle(pvpRequest.request, httpReq, httpResp, authData);
+		SLOInformationImpl sloInformation = (SLOInformationImpl) RequestManager.getInstance().handle(pvpRequest, httpReq, httpResp, authData);
 
 		//set protocol type
 		sloInformation.setProtocolType(req.requestedModule());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 863bfe501..d9ce6250a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -82,6 +82,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.binding.RedirectBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.config.PVPConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AssertionValidationExeption;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.InvalidAssertionConsumerServiceException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NameIDFormatNotSupportedException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.NoMetadataInformationException;
@@ -543,52 +544,51 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 		
 		AuthnRequest authnRequest = (AuthnRequest)samlReq;
 		
-		Integer aIdx = authnRequest.getAssertionConsumerServiceIndex();
-		int assertionidx = 0;
+		//parse AssertionConsumerService
+		AssertionConsumerService consumerService = null;
+		if (MiscUtil.isNotEmpty(authnRequest.getAssertionConsumerServiceURL()) && 
+				MiscUtil.isNotEmpty(authnRequest.getProtocolBinding())) {
+			//use AssertionConsumerServiceURL from request 
+			consumerService = SAML2Utils.createSAMLObject(AssertionConsumerService.class);
+			consumerService.setBinding(authnRequest.getProtocolBinding());
+			consumerService.setLocation(authnRequest.getAssertionConsumerServiceURL());
+
+		} else {
+			//use AssertionConsumerServiceIndex and select consumerService from metadata
+			Integer aIdx = authnRequest.getAssertionConsumerServiceIndex();
+			int assertionidx = 0;
 		
-		if(aIdx != null) {
-			assertionidx = aIdx.intValue();
+			if(aIdx != null) {
+				assertionidx = aIdx.intValue();
+			
+			} else {				
+				assertionidx = SAML2Utils.getDefaultAssertionConsumerServiceIndex(spSSODescriptor);
+				
+			}		
+			consumerService  = spSSODescriptor.getAssertionConsumerServices().get(assertionidx);
 			
-		} else {				
-			assertionidx = SAML2Utils.getDefaultAssertionConsumerServiceIndex(spSSODescriptor);
+			if (consumerService == null) {			
+				throw new InvalidAssertionConsumerServiceException(aIdx);
+				
+			}
 		}
 		
-		aIdx = authnRequest.getAttributeConsumingServiceIndex();
+		//select AttributeConsumingService from request
+		AttributeConsumingService attributeConsumer = null;		
+		Integer aIdx = authnRequest.getAttributeConsumingServiceIndex();
 		int attributeIdx = 0;
-		
+	
 		if(aIdx != null) {
 			attributeIdx = aIdx.intValue();
 		}
 		
-		AssertionConsumerService consumerService  = spSSODescriptor.getAssertionConsumerServices().get(assertionidx);
-		
-		AttributeConsumingService attributeConsumer = null;
-		
 		if (spSSODescriptor.getAttributeConsumingServices() != null  && 
 				spSSODescriptor.getAttributeConsumingServices().size() > 0) {
 			attributeConsumer  = spSSODescriptor.getAttributeConsumingServices().get(attributeIdx);
 		} 
 		
-		PVPTargetConfiguration config = new PVPTargetConfiguration();
-				
-		String oaURL = moaRequest.getEntityMetadata().getEntityID();
-		String binding = consumerService.getBinding();
-		
-		Logger.info("Dispatch PVP2 AuthnRequest: OAURL=" + oaURL + " Binding=" + binding);
-		
-		oaURL = StringEscapeUtils.escapeHtml(oaURL);
-		
-		config.setOAURL(oaURL);
-		config.setBinding(binding);
-		config.setRequest(moaRequest);
-		config.setConsumerURL(consumerService.getLocation());
-		
-		//parse AuthRequest
-		AuthnRequestImpl authReq = (AuthnRequestImpl) samlReq;
-		config.setPassiv(authReq.isPassive());
-		config.setForce(authReq.isForceAuthn());
-		
 		//validate AuthnRequest
+		AuthnRequestImpl authReq = (AuthnRequestImpl) samlReq;
 		AuthnRequestValidator.validate(authReq);
 		
 		String useMandate = request.getParameter(PARAM_USEMANDATE);
@@ -599,7 +599,22 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 				}
 			}
 		}
+						
+		String oaURL = moaRequest.getEntityMetadata().getEntityID();
+		oaURL = StringEscapeUtils.escapeHtml(oaURL);
+		
+		Logger.info("Dispatch PVP2 AuthnRequest: OAURL=" + oaURL + " Binding=" + consumerService.getBinding());		
+
+		PVPTargetConfiguration config = new PVPTargetConfiguration();		
+		config.setOAURL(oaURL);
+		config.setBinding(consumerService.getBinding());
+		config.setRequest(moaRequest);
+		config.setConsumerURL(consumerService.getLocation());
 		
+		//parse AuthRequest
+		config.setPassiv(authReq.isPassive());
+		config.setForce(authReq.isForceAuthn());
+				
 		return config;
 	}
 	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
index 303fc2924..7f6054f2d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/ArtifactResolution.java
@@ -34,6 +34,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPAssertionStorage;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.SoapBinding;
@@ -48,13 +49,13 @@ public class ArtifactResolution implements IRequestHandler {
 				((MOARequest)obj).getSamlRequest() instanceof ArtifactResolve);
 	}
 
-	public SLOInformationInterface process(InboundMessage obj, HttpServletRequest req,
+	public SLOInformationInterface process(PVPTargetConfiguration obj, HttpServletRequest req,
 			HttpServletResponse resp, IAuthData authData) throws MOAIDException {
-		if (!handleObject(obj)) {
+		if (!handleObject(obj.getRequest())) {
 			throw new MOAIDException("pvp2.13", null);
 		}
 		
-		ArtifactResolve artifactResolve = (ArtifactResolve) ((MOARequest)obj).getSamlRequest();
+		ArtifactResolve artifactResolve = (ArtifactResolve) ((MOARequest)obj.getRequest()).getSamlRequest();
 		String artifactID = artifactResolve.getArtifact().getArtifact();
 
 		PVPAssertionStorage pvpAssertion = PVPAssertionStorage.getInstance();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index ca5210d21..d33c38f25 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -41,6 +41,7 @@ import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationImpl;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.ArtifactBinding;
 import at.gv.egovernment.moa.id.protocols.pvp2x.binding.IEncoder;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
@@ -62,38 +63,22 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 				((MOARequest)obj).getSamlRequest() instanceof AuthnRequest);
 	}
 
-	public SLOInformationInterface process(InboundMessage obj, HttpServletRequest req,
+	public SLOInformationInterface process(PVPTargetConfiguration obj, HttpServletRequest req,
 			HttpServletResponse resp, IAuthData authData) throws MOAIDException {
-		if (!handleObject(obj)) {
+		if (!handleObject(obj.getRequest())) {
 			throw new MOAIDException("pvp2.13", null);
 		}
 		
 		//get basic information
-		MOARequest moaRequest = (MOARequest) obj;
+		MOARequest moaRequest = (MOARequest) obj.getRequest();
 		AuthnRequest authnRequest = (AuthnRequest) moaRequest.getSamlRequest();
-		EntityDescriptor peerEntity = obj.getEntityMetadata();		
-		SPSSODescriptor spSSODescriptor = peerEntity
-				.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
-		
-		//get AssertionConsumingService
-		Integer aIdx = authnRequest.getAssertionConsumerServiceIndex();
-		int idx = 0;
-
-		if (aIdx != null) {
-			idx = aIdx.intValue();
-			
-		} else {				
-			idx = SAML2Utils.getDefaultAssertionConsumerServiceIndex(spSSODescriptor);
-		}
-
-		AssertionConsumerService consumerService = spSSODescriptor
-				.getAssertionConsumerServices().get(idx);
-
-		if (consumerService == null) {			
-			throw new InvalidAssertionConsumerServiceException(idx);
-			
-		}
+		EntityDescriptor peerEntity = moaRequest.getEntityMetadata();		
 		
+		AssertionConsumerService consumerService = 
+				SAML2Utils.createSAMLObject(AssertionConsumerService.class);
+		consumerService.setBinding(obj.getBinding());
+		consumerService.setLocation(obj.getConsumerURL());
+				
 		DateTime date = new DateTime();
 		
 		SLOInformationImpl sloInformation = new SLOInformationImpl();
@@ -127,7 +112,7 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 		
 		try {
 			binding.encodeRespone(req, resp, authResponse, 
-					consumerService.getLocation(), obj.getRelayState());
+					consumerService.getLocation(), moaRequest.getRelayState());
 				
 			return sloInformation;
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java
index d1ae0b202..293dccf6c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/IRequestHandler.java
@@ -28,12 +28,13 @@ import javax.servlet.http.HttpServletResponse;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
 
 public interface IRequestHandler {
 	public boolean handleObject(InboundMessage obj);
 
-	public SLOInformationInterface process(InboundMessage obj, HttpServletRequest req,
+	public SLOInformationInterface process(PVPTargetConfiguration pvpRequest, HttpServletRequest req,
 			HttpServletResponse resp, IAuthData authData) throws MOAIDException;
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java
index 5b9bf940d..b58b09f12 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/RequestManager.java
@@ -33,6 +33,7 @@ import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPTargetConfiguration;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.MOARequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.SAMLRequestNotSupported;
@@ -56,13 +57,13 @@ public class RequestManager {
 		handler.add(new ArtifactResolution());
 	}
 	
-	public SLOInformationInterface handle(InboundMessage obj, HttpServletRequest req, HttpServletResponse resp, IAuthData authData) 
+	public SLOInformationInterface handle(PVPTargetConfiguration pvpRequest, HttpServletRequest req, HttpServletResponse resp, IAuthData authData) 
 			throws SAMLRequestNotSupported, MOAIDException {
 		Iterator<IRequestHandler> it = handler.iterator();
 		while(it.hasNext()) {
 			IRequestHandler handler = it.next();
-			if(handler.handleObject(obj)) {
-				return handler.process(obj, req, resp, authData);
+			if(handler.handleObject(pvpRequest.getRequest())) {
+				return handler.process(pvpRequest, req, resp, authData);
 			}
 		}