3 files changed, 31 insertions, 2 deletions

diff --git a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
index d6df363c5..461ff7efc 100644
--- a/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
+++ b/id/server/auth/src/main/webapp/WEB-INF/urlrewrite.xml
@@ -61,6 +61,10 @@
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AttributeCollector&amp;%{query-string}</to>
     </rule>
     <rule match-type="regex">
+        <from>^/stork2/CompleteAuthentication$</from>
+        <to type="forward">/dispatcher?mod=id_stork2&amp;action=ConsentEvaluator&amp;%{query-string}</to>
+    </rule>
+    <rule match-type="regex">
         <from>^/stork2/SendPEPSAuthnRequest$</from>
         <to type="forward">/dispatcher?mod=id_stork2&amp;action=AuthenticationRequest&amp;%{query-string}</to>
     </rule>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
index 9745d81c5..8b7bcf0c6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/ConsentEvaluator.java
@@ -1,21 +1,27 @@
 package at.gv.egovernment.moa.id.protocols.stork2;
 
 import java.io.StringWriter;
+import java.util.ArrayList;
+import java.util.HashMap;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.auth.stork.VelocityProvider;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.logging.Logger;
 import eu.stork.peps.auth.commons.PEPSUtil;
+import eu.stork.peps.auth.commons.PersonalAttribute;
 import eu.stork.peps.auth.engine.STORKSAMLEngine;
 import eu.stork.peps.exceptions.STORKSAMLEngineException;
 import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -63,6 +69,25 @@ public class ConsentEvaluator implements IAction {
 	 */
 	public String requestConsent(DataContainer container, HttpServletResponse response, OAAuthParameter oaParam) throws MOAIDException {
 		// prepare redirect
+		String newArtifactId;
+		try {
+
+			// memorize the container again
+			Logger.debug("prepare putting the container into temporary storage...");
+
+			// - generate new key
+			newArtifactId = new SecureRandomIdentifierGenerator().generateIdentifier();
+
+			// - put container in temporary store.
+			AssertionStorage.getInstance().put(newArtifactId, container);
+
+			Logger.debug("...successful");
+
+		} catch (Exception e1) {
+			// TODO should we return the response as is to the PEPS?
+			Logger.error("Error putting incomplete Stork response into temporary storage", e1);
+			throw new MOAIDException("stork.17", null);
+		}
 
 		// ask for consent
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index b1c923b9f..19d1c7f15 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -33,7 +33,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
     static {
         actions.put(AUTHENTICATIONREQUEST, new AuthenticationRequest());
         actions.put(ATTRIBUTE_COLLECTOR, new AttributeCollector());
-        actions.put(CONSENT_EVALUATOR, new ConsentEvaluatorSepp());
+        actions.put(CONSENT_EVALUATOR, new ConsentEvaluator());
     }
 
     public String getName() {
@@ -65,7 +65,7 @@ public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
 
         MOASTORKRequest STORK2Request = new MOASTORKRequest();
 
-		if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluatorSepp.class.getSimpleName().equals(action))
+		if (AttributeCollector.class.getSimpleName().equals(action) || ConsentEvaluator.class.getSimpleName().equals(action))
 			return STORK2Request;
 
         //extract STORK Response from HTTP Request