aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/at/gv/egovernment/moa/id
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java9
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java8
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java14
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java22
4 files changed, 47 insertions, 6 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 2baa172f1..0d3166090 100644
--- a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -446,7 +446,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.setIdentityLink(identityLink);
// now validate the extended infoboxes
- verifyInfoboxes(session, infoboxReadResponseParameters);
+ verifyInfoboxes(session, infoboxReadResponseParameters, !oaParam.getProvideStammzahl());
// builds the AUTH-block
String authBlock = buildAuthenticationBlock(session);
// session.setAuthBlock(authBlock);
@@ -507,12 +507,15 @@ public class AuthenticationServer implements MOAIDAuthConstants {
* @param infoboxReadResponseParams The parameters returned from the BKU as response
* to an infobox read request (including the infobox
* tokens to be verified).
+ * @param hideStammzahl Indicates whether source pins (<code>Stammzahl</code>en)
+ * should be hidden in any SAML attribute that may be
+ * returned by a validator.
*
* @throws AuthenticationException If the verification of at least one infobox fails.
* @throws ConfigurationException If the OAuthParameter cannot be extracted.
*/
private void verifyInfoboxes(
- AuthenticationSession session, Map infoboxReadResponseParams)
+ AuthenticationSession session, Map infoboxReadResponseParams, boolean hideStammzahl)
throws ValidateException, ConfigurationException
{
@@ -584,7 +587,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
// build the parameters for validating the infobox
InfoboxValidatorParams infoboxValidatorParams =
InfoboxValidatorParamsBuilder.buildInfoboxValidatorParams(
- session, verifyInfoboxParameter, infoboxTokenList);
+ session, verifyInfoboxParameter, infoboxTokenList, hideStammzahl);
// now validate the infobox
boolean infoboxValid = false;
try {
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java
index 2d9837f9a..038e549be 100644
--- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java
+++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java
@@ -30,13 +30,17 @@ public class InfoboxValidatorParamsBuilder {
* @param session The actual Authentication session.
* @param verifyInfoboxParameter The configuration parameters for the infobox.
* @param infoboxTokenList Contains the infobox token to be validated.
+ * @param hideStammzahl Indicates whether source pins (<code>Stammzahl</code>en)
+ * should be hidden in any SAML attributes returned by
+ * an infobox validator.
*
* @return Parameters for validating an infobox token.
*/
public static InfoboxValidatorParams buildInfoboxValidatorParams(
AuthenticationSession session,
VerifyInfoboxParameter verifyInfoboxParameter,
- List infoboxTokenList)
+ List infoboxTokenList,
+ boolean hideStammzahl)
{
InfoboxValidatorParamsImpl infoboxValidatorParams = new InfoboxValidatorParamsImpl();
IdentityLink identityLink = session.getIdentityLink();
@@ -71,7 +75,7 @@ public class InfoboxValidatorParamsBuilder {
}
infoboxValidatorParams.setIdentityLink(identityLinkElem);
}
-
+ infoboxValidatorParams.setHideStammzahl(hideStammzahl);
return infoboxValidatorParams;
}
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java
index 26070dc51..381815258 100644
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java
+++ b/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java
@@ -143,6 +143,20 @@ public interface InfoboxValidatorParams {
public Element getIdentityLink();
/**
+ * Indicates whether source pins (<code>Stammzahl</code>en) should be hidden or not.
+ * If an online application lying behind MOA-ID is not allowed to get source pins
+ * (<code>Stammzahl</code>en), any source pins within <code>SAML attributes</code>
+ * returned by the validator must suppressed:<br>
+ * If the parameter <code>getHideStammzahl</code> is <code>true</code>, then the validator
+ * <b>MUST</b> hide (replace by an empty string) any source pin (<code>Stammzahl</code>)
+ * that may be included in a <code>SAML attribute</code> returned by the validator.
+ *
+ * @return <code>true</code> if source pins (<code>Stammzahl</code>en) must be hidden,
+ * otherwise <code>false</code>.
+ */
+ public boolean getHideStammzahl();
+
+ /**
* Returns application specific parameters.
* Each child element of this element contains
* a validating application specific parameter. The
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java
index 46a67d48b..fcfc054d8 100644
--- a/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java
+++ b/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java
@@ -82,6 +82,10 @@ public class InfoboxValidatorParamsImpl implements InfoboxValidatorParams {
* The identity link.
*/
private Element identityLink_;
+ /**
+ * Indicates whether source pins (<code>Stammzahl</code>en) must be hidden or not.
+ */
+ private boolean hideStammzahl_;
/**
* Application specific parameters.
@@ -184,6 +188,13 @@ public class InfoboxValidatorParamsImpl implements InfoboxValidatorParams {
public Element getIdentityLink() {
return identityLink_;
}
+
+ /**
+ * @see at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams#hideStammzahl
+ */
+ public boolean getHideStammzahl() {
+ return hideStammzahl_;
+ }
/**
* @see at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams#getApplicationSpecificParams()
@@ -313,7 +324,6 @@ public class InfoboxValidatorParamsImpl implements InfoboxValidatorParams {
target_ = target;
}
-
/**
* Sets the ID of the trust profile used for validating certificates.
*
@@ -323,4 +333,14 @@ public class InfoboxValidatorParamsImpl implements InfoboxValidatorParams {
trustProfileID_ = trustProfileID;
}
+ /**
+ * Sets the {@link #hideStammzahl_} parameter.
+ *
+ * @param hideStammzahl <code>True</code> if source pins (<code>Stammzahl</code>en) should
+ * be hidden, otherwise <code>false</code>.
+ */
+ public void setHideStammzahl(boolean hideStammzahl) {
+ this.hideStammzahl_ = hideStammzahl;
+ }
+
}