diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth/builder')
8 files changed, 302 insertions, 87 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java new file mode 100644 index 000000000..241cf0afc --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationAssertionBuilder.java @@ -0,0 +1,88 @@ +package at.gv.egovernment.moa.id.auth.builder; + +import java.io.IOException; +import java.text.MessageFormat; +import java.util.Iterator; +import java.util.List; + +import javax.xml.transform.TransformerException; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute; +import at.gv.egovernment.moa.logging.Logger; +import at.gv.egovernment.moa.util.DOMUtils; +import at.gv.egovernment.moa.util.StringUtils; + +/** + * Base class for building authentication the AUTHBlock and final OA data SAML assertions. + * Encapsulates methods used by the two specific builders + * {@link at.gv.egovernment.moa.id.auth.builder.AuthenticationBlockAssertionBuilder AuthenticationBlockAssertionBuilder} + * and + * {@link at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder AuthenticationDataAssertionBuilder} + * + * @author Harald Bratko + */ +public class AuthenticationAssertionBuilder { + + /** the NewLine representation in Java*/ + protected static String NL = "\n"; + + protected static String SAML_ATTRIBUTE = + " <saml:Attribute AttributeName=''{0}'' AttributeNamespace=''{1}''>" + NL + + " <saml:AttributeValue>{2}</saml:AttributeValue>" + NL + + " </saml:Attribute>"+ NL; + + /** + * Empty constructor + */ + public AuthenticationAssertionBuilder() { + } + + /** + * Builds the SAML attributes to be appended to the AUTHBlock or to the SAML assertion + * delivered to the online application. + * The method traverses through the list of given SAML attribute objects and builds an + * XML structure (String representation) for each of the attributes. + * + * @param extendedSAMLAttributes The SAML attributes to be appended to the AUTHBlock or + * to the SAML assertion delivered to the online application. + * @return A string representation including the XML structures of + * the SAML attributes. + * + * @throws ParseException If an error occurs on serializing an SAML attribute. + */ + protected String buildExtendedSAMLAttributes(List extendedSAMLAttributes) throws ParseException + { + StringBuffer sb = new StringBuffer(); + if (extendedSAMLAttributes!=null) { + Iterator it = extendedSAMLAttributes.iterator(); + while (it.hasNext()) { + ExtendedSAMLAttribute extendedSAMLAttribute = (ExtendedSAMLAttribute)it.next(); + Object value = extendedSAMLAttribute.getValue(); + String name = extendedSAMLAttribute.getName(); + String namespace = extendedSAMLAttribute.getNameSpace(); + if (value instanceof String) { + sb.append(MessageFormat.format( SAML_ATTRIBUTE, new Object[] {name, namespace, value})); + } else if (value instanceof Element) { + try { + String serializedValue = DOMUtils.serializeNode((Element)(value)); + serializedValue = StringUtils.removeXMLDeclaration(serializedValue); + sb.append(MessageFormat.format( SAML_ATTRIBUTE, new Object[] {name, namespace, serializedValue})); + } catch (TransformerException e) { + Logger.error("Error on serializing SAML attribute \"" + name + + " (namespace: \"" + namespace + "\"."); + throw new ParseException("parser.05", new Object[] { name, namespace}); + } catch (IOException e) { + Logger.error("Error on serializing SAML attribute \"" + name + + " (namespace: \"" + namespace + "\"."); + throw new ParseException("parser.05", new Object[] { name, namespace}); + } + } + } + } + return sb.toString(); + } + +} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java index b1fe0a6df..ef50acb3f 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java @@ -1,7 +1,11 @@ package at.gv.egovernment.moa.id.auth.builder; import java.text.MessageFormat; +import java.util.List; +import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.ParseException; +import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; /** @@ -11,41 +15,46 @@ import at.gv.egovernment.moa.util.Constants; * @author Paul Ivancsics * @version $Id$ */ -public class AuthenticationBlockAssertionBuilder implements Constants { - /** the NewLine representation in Java*/ - private static String nl = "\n"; +public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertionBuilder implements Constants { + /** template for the Auth-Block */ private static String AUTH_BLOCK = - "<saml:Assertion xmlns:saml=''" + SAML_NS_URI + "''{0} MajorVersion=''1'' MinorVersion=''0'' AssertionID=''any'' Issuer=''{1}'' IssueInstant=''{2}''>" + nl + - " <saml:AttributeStatement>" + nl + - " <saml:Subject>" + nl + - " <saml:NameIdentifier>{3}</saml:NameIdentifier>" + nl + - " </saml:Subject>" + nl + + "<saml:Assertion xmlns:saml=''" + SAML_NS_URI + "''{0} MajorVersion=''1'' MinorVersion=''0'' AssertionID=''any'' Issuer=''{1}'' IssueInstant=''{2}''>" + NL + + " <saml:AttributeStatement>" + NL + + " <saml:Subject>" + NL + + " <saml:NameIdentifier>{3}</saml:NameIdentifier>" + NL + + " </saml:Subject>" + NL + "{4}" + - " <saml:Attribute AttributeName=''OA'' AttributeNamespace=''" + MOA_NS_URI + "''>" + nl + - " <saml:AttributeValue>{5}</saml:AttributeValue>" + nl + - " </saml:Attribute>" + nl + - " <saml:Attribute AttributeName=''Geburtsdatum'' AttributeNamespace=''" + MOA_NS_URI + "''>" + nl + - " <saml:AttributeValue>{6}</saml:AttributeValue>" + nl + - " </saml:Attribute>" + nl + - " </saml:AttributeStatement>" + nl + + " <saml:Attribute AttributeName=''OA'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL + + " <saml:AttributeValue>{5}</saml:AttributeValue>" + NL + + " </saml:Attribute>" + NL + + " <saml:Attribute AttributeName=''Geburtsdatum'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL + + " <saml:AttributeValue>{6}</saml:AttributeValue>" + NL + + " </saml:Attribute>" + NL + + "{7}" + + " </saml:AttributeStatement>" + NL + "</saml:Assertion>"; private static String GESCHAEFTS_BEREICH_ATTRIBUTE = - " <saml:Attribute AttributeName=''Geschaeftsbereich'' AttributeNamespace=''" + MOA_NS_URI + "''>" + nl + - " <saml:AttributeValue>{0}</saml:AttributeValue>" + nl + - " </saml:Attribute>" + nl; + " <saml:Attribute AttributeName=''Geschaeftsbereich'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL + + " <saml:AttributeValue>{0}</saml:AttributeValue>" + NL + + " </saml:Attribute>" + NL; private static String WBPK_ATTRIBUTE = - " <saml:Attribute AttributeName=''wbPK'' AttributeNamespace=''" + MOA_NS_URI + "''>" + nl + - " <saml:AttributeValue>" + nl + - " <pr:Identification>" + nl + - " <pr:Value>{0}</pr:Value>" + nl + - " <pr:Type>{1}</pr:Type>" + nl + - " </pr:Identification>" + nl + - " </saml:AttributeValue>" + nl + - " </saml:Attribute>" + nl; - + " <saml:Attribute AttributeName=''wbPK'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL + + " <saml:AttributeValue>" + NL + + " <pr:Identification>" + NL + + " <pr:Value>{0}</pr:Value>" + NL + + " <pr:Type>{1}</pr:Type>" + NL + + " </pr:Identification>" + NL + + " </saml:AttributeValue>" + NL + + " </saml:Attribute>" + NL; + + /** + * The number of SAML attributes included in this AUTH-Block (without the extended SAML attributes). + */ + public static final int NUM_OF_SAML_ATTRIBUTES = 3; + /** * Constructor for AuthenticationBlockAssertionBuilder. */ @@ -73,17 +82,26 @@ public class AuthenticationBlockAssertionBuilder implements Constants { * application used as input for wbPK computation; * maybe <code>null</code> if the application is a public service * @param oaURL public URL of online application requested + * @param gebDat The date of birth from the identity link. + * @param extendedSAMLAttributes The SAML attributes to be appended to the AUTHBlock. + * * @return String representation of authentication block * <code><saml:Assertion></code> built + * + * @throws BuildException If an error occurs on serializing an extended SAML attribute + * to be appended to the AUTH-Block. */ - public String buildAuthBlock(String issuer, - String issueInstant, - String authURL, - String target, - String identityLinkValue, - String identityLinkType, - String oaURL, - String GebDat) + public String buildAuthBlock( + String issuer, + String issueInstant, + String authURL, + String target, + String identityLinkValue, + String identityLinkType, + String oaURL, + String gebDat, + List extendedSAMLAttributes) + throws BuildException { String gebeORwbpk = ""; @@ -97,8 +115,23 @@ public class AuthenticationBlockAssertionBuilder implements Constants { GESCHAEFTS_BEREICH_ATTRIBUTE, new Object[] { target }); } - String assertion = MessageFormat.format( - AUTH_BLOCK, new Object[] { wbpkNSDeclaration, issuer, issueInstant, authURL, gebeORwbpk, oaURL, GebDat}); + String assertion; + try { + assertion = MessageFormat.format( + AUTH_BLOCK, new Object[] { + wbpkNSDeclaration, + issuer, + issueInstant, + authURL, + gebeORwbpk, + oaURL, + gebDat, + buildExtendedSAMLAttributes(extendedSAMLAttributes)}); + } catch (ParseException e) { + Logger.error("Error on building AUTH-Block: " + e.getMessage()); + throw new BuildException("builder.00", new Object[] { "AUTH-Block", e.toString()}); + } + return assertion; } diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java index 7e866089d..53520c846 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java @@ -1,10 +1,14 @@ package at.gv.egovernment.moa.id.auth.builder; import java.text.MessageFormat; +import java.util.List; import at.gv.egovernment.moa.id.BuildException; +import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.data.AuthenticationData; +import at.gv.egovernment.moa.logging.Logger; import at.gv.egovernment.moa.util.Constants; +import at.gv.egovernment.moa.util.StringUtils; /** * Builder for the authentication data <code><saml:Assertion></code> @@ -13,7 +17,7 @@ import at.gv.egovernment.moa.util.Constants; * @author Paul Ivancsics * @version $Id$ */ -public class AuthenticationDataAssertionBuilder implements Constants { +public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionBuilder implements Constants { /** private static String NL contains the NewLine representation in Java*/ private static final String NL = "\n"; /** @@ -38,11 +42,12 @@ public class AuthenticationDataAssertionBuilder implements Constants { " <saml:Attribute AttributeName=''isQualifiedCertificate'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL + " <saml:AttributeValue>{8}</saml:AttributeValue>" + NL + " </saml:Attribute>" + NL + - " <saml:Attribute AttributeName=''bkuURL'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL + - " <saml:AttributeValue>{9}</saml:AttributeValue>" + NL + - " </saml:Attribute>" + NL + + " <saml:Attribute AttributeName=''bkuURL'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL + + " <saml:AttributeValue>{9}</saml:AttributeValue>" + NL + + " </saml:Attribute>" + NL + "{10}" + - "{11}" + + "{11}" + + "{12}" + " </saml:AttributeStatement>" + NL + "</saml:Assertion>"; /** @@ -54,10 +59,10 @@ public class AuthenticationDataAssertionBuilder implements Constants { " <saml:AttributeValue>{0}</saml:AttributeValue>" + NL + " </saml:Attribute>" + NL; - private static final String SIGNER_CERTIFICATE_ATT = - " <saml:Attribute AttributeName=''SignerCertificate'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL + - " <saml:AttributeValue>{0}</saml:AttributeValue>" + NL + - " </saml:Attribute>" + NL; + private static final String SIGNER_CERTIFICATE_ATT = + " <saml:Attribute AttributeName=''SignerCertificate'' AttributeNamespace=''" + MOA_NS_URI + "''>" + NL + + " <saml:AttributeValue>{0}</saml:AttributeValue>" + NL + + " </saml:Attribute>" + NL; /** * Constructor for AuthenticationDataAssertionBuilder. @@ -92,7 +97,10 @@ public class AuthenticationDataAssertionBuilder implements Constants { String xmlIdentityLink, String bkuURL, String signerCertificateBase64, - boolean businessService) throws BuildException { + boolean businessService, + List extendedSAMLAttributes) + throws BuildException + { String isQualifiedCertificate = authData.isQualifiedCertificate() ? "true" : "false"; String publicAuthorityAttribute = ""; @@ -122,33 +130,27 @@ public class AuthenticationDataAssertionBuilder implements Constants { pkValue = authData.getBPK(); } - String assertion = MessageFormat.format(AUTH_DATA, new Object[] { - authData.getAssertionID(), - authData.getIssuer(), - authData.getIssueInstant(), - pkType, - pkValue, - removeXMLDeclaration(xmlAuthBlock), - removeXMLDeclaration(xmlIdentityLink), - removeXMLDeclaration(xmlPersonData), - isQualifiedCertificate, - bkuURL, - publicAuthorityAttribute, - signerCertificateAttribute}); + String assertion; + try { + assertion = MessageFormat.format(AUTH_DATA, new Object[] { + authData.getAssertionID(), + authData.getIssuer(), + authData.getIssueInstant(), + pkType, + pkValue, + StringUtils.removeXMLDeclaration(xmlAuthBlock), + StringUtils.removeXMLDeclaration(xmlIdentityLink), + StringUtils.removeXMLDeclaration(xmlPersonData), + isQualifiedCertificate, + bkuURL, + publicAuthorityAttribute, + signerCertificateAttribute, + buildExtendedSAMLAttributes(extendedSAMLAttributes)}); + } catch (ParseException e) { + Logger.error("Error on building Authentication Data Assertion: " + e.getMessage()); + throw new BuildException("builder.00", new Object[] { "Authentication Data Assertion", e.toString()}); + } return assertion; } - - /** - * Removes the XML declaration from an XML expression. - * @param xmlString XML expression as String - * @return XML expression, XML declaration removed - */ - private String removeXMLDeclaration(String xmlString) { - if (xmlString.startsWith("<?xml")) { - int firstElement = xmlString.indexOf("<", 1); - return xmlString.substring(firstElement); - } - else return xmlString; - } } diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java index 03895a38e..06c81f49e 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/CertInfoVerifyXMLSignatureRequestBuilder.java @@ -73,7 +73,7 @@ public class CertInfoVerifyXMLSignatureRequestBuilder extends Builder implements try { String dsigSignature = FileUtils.readResource(resDsigSignature, "UTF-8"); - certInfoRequest = replaceTag(certInfoRequest, SIGNATURE_TAG, dsigSignature, 1); + certInfoRequest = replaceTag(certInfoRequest, SIGNATURE_TAG, dsigSignature, true, 1); return certInfoRequest; } catch (IOException ex) { diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java index 9baa71612..0d0595b69 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java @@ -26,6 +26,8 @@ public class GetIdentityLinkFormBuilder extends Builder { private static final String CERTINFO_XMLREQUEST_TAG = "<CertInfoXMLRequest>"; /** special tag in the HTML template to be substituted for the certificate info data URL */ private static final String CERTINFO_DATAURL_TAG = "<CertInfoDataURL>"; + /** special tag in the HTML template to be substituted for the infoboxes to be pushed from the BKU */ + private static final String PUSHINFOBOX_TAG = "<PushInfobox>"; /** private static int all contains the representation to replace all tags*/ private static final int ALL = -1; @@ -46,6 +48,9 @@ public class GetIdentityLinkFormBuilder extends Builder { " <input type=\"hidden\" " + nl + " name=\"DataURL\"" + nl + " value=\"" + DATAURL_TAG + "\"/>" + nl + + " <input type=\"hidden\" " + nl + + " name=\"PushInfobox\"" + nl + + " value=\"" + PUSHINFOBOX_TAG + "\"/>" + nl + " <input type=\"submit\" value=\"Anmeldung mit Bürgerkarte\"/>" + nl + "</form>" + nl + "<form name=\"CertificateInfoForm\"" + nl + @@ -80,17 +85,24 @@ public class GetIdentityLinkFormBuilder extends Builder { * @param dataURL DataURL to be sent as a parameter in the form */ public String build( - String htmlTemplate, String bkuURL, String xmlRequest, String dataURL, String certInfoXMLRequest, String certInfoDataURL) - throws BuildException { - + String htmlTemplate, + String bkuURL, + String xmlRequest, + String dataURL, + String certInfoXMLRequest, + String certInfoDataURL, + String pushInfobox) + throws BuildException + { String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate; // String bku = bkuURL == null ? DEFAULT_BKU : bkuURL; - htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, ALL); - htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), ALL); - htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, ALL); + htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL, true, ALL); + htmlForm = replaceTag(htmlForm, XMLREQUEST_TAG, encodeParameter(xmlRequest), true, ALL); + htmlForm = replaceTag(htmlForm, DATAURL_TAG, dataURL, true, ALL); + htmlForm = replaceTag(htmlForm, PUSHINFOBOX_TAG, pushInfobox, false, ALL); //new:wird oben mitreplaced htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL); - htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest), ALL); - htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL, ALL); + htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest), true, ALL); + htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL, true, ALL); return htmlForm; } /** diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java new file mode 100644 index 000000000..2d9837f9a --- /dev/null +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java @@ -0,0 +1,78 @@ +package at.gv.egovernment.moa.id.auth.builder; + +import java.util.List; + +import org.w3c.dom.Element; + +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.auth.data.IdentityLink; +import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams; +import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParamsImpl; +import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser; +import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter; +import at.gv.egovernment.moa.util.XPathUtils; + +/** + * This class provides one method for building parameters needed for + * validating an infobox token. + * + * @author Harald Bratko + */ +public class InfoboxValidatorParamsBuilder { + + // hide the default constructor + private InfoboxValidatorParamsBuilder() { + } + + /** + * Builds the parameters passed to the validator class for validating an infobox token. + * + * @param session The actual Authentication session. + * @param verifyInfoboxParameter The configuration parameters for the infobox. + * @param infoboxTokenList Contains the infobox token to be validated. + * + * @return Parameters for validating an infobox token. + */ + public static InfoboxValidatorParams buildInfoboxValidatorParams( + AuthenticationSession session, + VerifyInfoboxParameter verifyInfoboxParameter, + List infoboxTokenList) + { + InfoboxValidatorParamsImpl infoboxValidatorParams = new InfoboxValidatorParamsImpl(); + IdentityLink identityLink = session.getIdentityLink(); + + // the infobox token to validate + infoboxValidatorParams.setInfoboxTokenList(infoboxTokenList); + // configuration parameters + infoboxValidatorParams.setTrustProfileID(verifyInfoboxParameter.getTrustProfileID()); + infoboxValidatorParams.setSchemaLocations(verifyInfoboxParameter.getSchemaLocations()); + infoboxValidatorParams.setApplicationSpecificParams(verifyInfoboxParameter.getApplicationSpecificParams()); + // authentication session parameters + infoboxValidatorParams.setBkuURL(session.getBkuURL()); + infoboxValidatorParams.setTarget(session.getTarget()); + infoboxValidatorParams.setBusinessApplication(session.getBusinessService()); + // parameters from the identity link + infoboxValidatorParams.setFamilyName(identityLink.getFamilyName()); + infoboxValidatorParams.setGivenName(identityLink.getGivenName()); + infoboxValidatorParams.setDateOfBirth(identityLink.getDateOfBirth()); + if (verifyInfoboxParameter.getProvideStammzahl()) { + infoboxValidatorParams.setIdentificationValue(identityLink.getIdentificationValue()); + } + infoboxValidatorParams.setIdentificationType(identityLink.getIdentificationType()); + infoboxValidatorParams.setPublicKeys(identityLink.getPublicKey()); + if (verifyInfoboxParameter.getProvideIdentityLink()) { + Element identityLinkElem = (Element)identityLink.getSamlAssertion().cloneNode(true); + if (!verifyInfoboxParameter.getProvideStammzahl()) { + Element identificationValueElem = + (Element)XPathUtils.selectSingleNode(identityLinkElem, IdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH); + if (identificationValueElem != null) { + identificationValueElem.getFirstChild().setNodeValue(""); + } + } + infoboxValidatorParams.setIdentityLink(identityLinkElem); + } + + return infoboxValidatorParams; + } + +} diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java index 72ecb53af..312179e73 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java @@ -55,8 +55,8 @@ public class SelectBKUFormBuilder extends Builder { throws BuildException { String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate; - htmlForm = replaceTag(htmlForm, ACTION_TAG, startAuthenticationURL, 1); - htmlForm = replaceTag(htmlForm, SELECT_TAG, bkuSelectTag, 1); + htmlForm = replaceTag(htmlForm, ACTION_TAG, startAuthenticationURL, true, 1); + htmlForm = replaceTag(htmlForm, SELECT_TAG, bkuSelectTag, true, 1); return htmlForm; } diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java index b98b87dee..e38ccc62a 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilder.java @@ -6,7 +6,7 @@ import java.io.InputStream; import org.w3c.dom.Element; import org.w3c.dom.Text; -import at.gv.egovernment.moa.id.*; +import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse; import at.gv.egovernment.moa.id.auth.data.IdentityLink; import at.gv.egovernment.moa.util.Base64Utils; @@ -24,6 +24,8 @@ import at.gv.egovernment.moa.util.XPathUtils; public class VerifyXMLSignatureRequestBuilder { /** The MOA-Prefix */ private static final String MOA = Constants.MOA_PREFIX + ":"; + /** The DSIG-Prefix */ + private static final String DSIG = Constants.DSIG_PREFIX + ":"; /** the request as string */ private String request; /** the request as DOM-Element */ @@ -53,7 +55,7 @@ public class VerifyXMLSignatureRequestBuilder { + " <Base64Content>" + " </Base64Content>" + " </VerifySignatureEnvironment>" - + " <VerifySignatureLocation>//dsig:Signature</VerifySignatureLocation>" + + " <VerifySignatureLocation>" + DSIG + "Signature</VerifySignatureLocation>" + " </VerifySignatureInfo>" + " <SignatureManifestCheckParams ReturnReferenceInputData=\"false\">" // True bei CreateXMLSig Überprüfung +" <ReferenceInfo>" + " <VerifyTransformsInfoProfile/>" @@ -160,7 +162,7 @@ public class VerifyXMLSignatureRequestBuilder { + " <VerifySignatureEnvironment>" + " <XMLContent xml:space=\"preserve\"/>" + " </VerifySignatureEnvironment>" - + " <VerifySignatureLocation>//dsig:Signature</VerifySignatureLocation>" + + " <VerifySignatureLocation>" + DSIG + "Signature</VerifySignatureLocation>" + " </VerifySignatureInfo>" + " <SignatureManifestCheckParams ReturnReferenceInputData=\"true\">" + " <ReferenceInfo>"; |