aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java')
-rw-r--r--id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java609
1 files changed, 0 insertions, 609 deletions
diff --git a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java b/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java
deleted file mode 100644
index 9bf92e54b..000000000
--- a/id.server/src/test/abnahme/A/Test300VerifyAuthBlock.java
+++ /dev/null
@@ -1,609 +0,0 @@
-package test.abnahme.A;
-
-import java.util.Calendar;
-import java.util.HashMap;
-
-import org.w3c.dom.Element;
-import test.abnahme.AbnahmeTestCase;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.BuildException;
-import at.gv.egovernment.moa.id.ParseException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
-import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
-import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
-import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
-import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
-import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.auth.validator.ValidateException;
-import at.gv.egovernment.moa.id.auth.validator.VerifyXMLSignatureResponseValidator;
-import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
-import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-
-/**
- * @author Stefan Knirsch
- * @version $Id$
- *
- */
-
-public class Test300VerifyAuthBlock extends AbnahmeTestCase {
-
- public Test300VerifyAuthBlock(String name) {
- super(name);
- }
-
- public void testA301() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- //authDataWriter(authData,this.getName()+"new.xml");
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA302() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- //authDataWriter(authData,this.getName()+"new.xml");
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA303() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA304() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA305() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA306() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA307() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA308() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServer(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
-
- }
-
- public void testA309() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA310() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA311() throws Exception {
- try {
- String sessionID = startAuthentication();
- AuthenticationData authData = initServerWithoutValidateAuthBlock(sessionID);
- assertXmlEquals(readXmldata("AuthenticationData.xml"), clearSamlAssertion(authData.getSamlAssertion()));
- System.out.println("-----------------------Testfall " + this.getName() + " erfolgreich abgearbeitet! -----------------------");
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA351() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- HashMap parameters = new HashMap(1);
- parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse);
- server.verifyIdentityLink(sessionID, parameters);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // nicht existierende Session....
- try {
- server.verifyAuthenticationBlock("0", createXMLSignatureResponse);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA352() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- HashMap parameters = new HashMap(1);
- parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse);
- server.verifyIdentityLink(sessionID, parameters);
- server.setSecondsSessionTimeOut(-100);
- server.cleanup();
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // abgelaufene Session....
- server.setSecondsSessionTimeOut(1000);
- try {
- server.verifyAuthenticationBlock("0", createXMLSignatureResponse);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
-
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA353() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
-
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // Session for VerifyIdentityLink-Aufruf
- try {
-
- server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- fail();
- }
- //NOCH SEHR UNSCHÖN..... (fliegt raus im AuthenticationServer, Methode buildAuthenticationData
- // ( IdentityLink identityLink = session.getIdentityLink(); ==> liefert dann NULL...
- catch (NullPointerException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA354() throws Exception {
- try {
- String sessionID = startAuthentication();
- System.out.println(sessionID);
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- HashMap parameters = new HashMap(1);
- parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse);
- server.verifyIdentityLink(sessionID, parameters);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, AuthConfigurationProvider.getInstance().getMoaSpAuthBlockTrustProfileID());
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
-
- // nicht existierende Session....
-
- server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- try {
- server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- fail();
- }
- catch (AuthenticationException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA355() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ParseException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA356() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ParseException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA357() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA358() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA359() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA360() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA361() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
- public void testA362() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA363() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- public void testA364() throws Exception {
- try {
- String sessionID = startAuthentication();
- try {
-
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {
- System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage() + "-----------------------");
- }
- }
- catch (Exception e) {
- System.err.println("------ FEHLER IN " + this.getName() + ":" + e.getLocalizedMessage());
- throw e;
- }
- }
-
- /* public void testA365() throws Exception {
- String sessionID = startAuthentication();
- try {
- // wegen sinnlosigkeit gestrichen
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
- }*/
-
- public void testA366() throws Exception {
-
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
- }
- public void testA367() throws Exception {
- String sessionID = startAuthentication();
- try {
- initServer(sessionID);
- fail();
- }
- catch (ValidateException e) {System.out.println("-----------------------Fehler in " + this.getName() + " erfolgreich abgefangen: " + e.getLocalizedMessage()+ "-----------------------");}
- }
-
-
- private AuthenticationData initServer(String sessionID) throws Exception {
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- HashMap parameters = new HashMap(1);
- parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse);
- server.verifyIdentityLink(sessionID, parameters);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1");
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
- // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/");
- String samlArtifact = server.verifyAuthenticationBlock(sessionID, createXMLSignatureResponse);
- AuthenticationData authData = server.getAuthenticationData(samlArtifact);
- return authData;
- }
-
- private AuthenticationData initServerWithoutValidateAuthBlock(String sessionID) throws Exception {
- String infoboxReadResponse = readXmldata("InfoBoxReadResponse.xml");
- HashMap parameters = new HashMap(1);
- parameters.put(MOAIDAuthConstants.PARAM_XMLRESPONSE, infoboxReadResponse);
- server.verifyIdentityLink(sessionID, parameters);
- InfoboxReadResponseParser irrp = new InfoboxReadResponseParser(infoboxReadResponse);
- IdentityLink idl = irrp.parseIdentityLink();
- Element domVerifyXMLSignatureRequest = new VerifyXMLSignatureRequestBuilder().build(idl, "TrustProfile1");
- Element domVerifyXMLSignatureResponse = new SignatureVerificationInvoker().verifyXMLSignature(domVerifyXMLSignatureRequest);
- new VerifyXMLSignatureResponseParser(domVerifyXMLSignatureResponse);
- //VerifyXMLSignatureResponseValidator.getInstance().validate(respParser.parseData(), AuthConfigurationProvider.getInstance().getIdentityLinkX509SubjectNames());
- // System.out.println(createXMLSignatureRequest);
- String createXMLSignatureResponse = readXmldata("CreateXMLSignatureResponse.xml");
- // CreateXMLSignatureResponseValidator.getInstance().validate(new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse(),"gb","https://localhost:9443/");
-
- AuthenticationSession session = AuthenticationServer.getSession(sessionID);
- AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance();
- // parses <CreateXMLSignatureResponse>
- CreateXMLSignatureResponse csresp =
- new CreateXMLSignatureResponseParser(createXMLSignatureResponse).parseResponse();
- // validates <CreateXMLSignatureResponse>
- new CreateXMLSignatureResponseValidator().validate(csresp, session);
- // builds a <VerifyXMLSignatureRequest> for a MOA-SPSS call
- String[] vtids = authConf.getMoaSpAuthBlockVerifyTransformsInfoIDs();
- String tpid = authConf.getMoaSpAuthBlockTrustProfileID();
- Element domVsreq = new VerifyXMLSignatureRequestBuilder().build(csresp, vtids, tpid);
- // invokes the call
- Element domVsresp = new SignatureVerificationInvoker().verifyXMLSignature(domVsreq);
- // parses the <VerifyXMLSignatureResponse>
- VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponseParser(domVsresp).parseData();
- // validates the <VerifyXMLSignatureResponse>
- VerifyXMLSignatureResponseValidator.getInstance().validate(vsresp, null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK, true);
- // compares the public keys from the identityLink with the AuthBlock
-
- // builds authentication data and stores it together with a SAML artifact
- AuthenticationData authData = buildAuthenticationData(session, vsresp);
- return authData;
- }
- private AuthenticationData buildAuthenticationData(
- AuthenticationSession session,
- VerifyXMLSignatureResponse verifyXMLSigResp)
- throws ConfigurationException, BuildException {
-
- IdentityLink identityLink = session.getIdentityLink();
- AuthenticationData authData = new AuthenticationData();
- authData.setMajorVersion(1);
- authData.setMinorVersion(0);
- authData.setAssertionID(Random.nextRandom());
- authData.setIssuer(session.getAuthURL());
- authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance()));
- String vpkBase64 = new BPKBuilder().buildBPK(
- identityLink.getIdentificationValue(), session.getTarget());
- authData.setBPK(vpkBase64);
- authData.setGivenName(identityLink.getGivenName());
- authData.setFamilyName(identityLink.getFamilyName());
- authData.setDateOfBirth(identityLink.getDateOfBirth());
- authData.setQualifiedCertificate(verifyXMLSigResp.isQualifiedCertificate());
- authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
- authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode());
- OAAuthParameter oaParam =
- AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(
- session.getPublicOAURLPrefix());
- String prPerson = new PersonDataBuilder().build(
- identityLink, oaParam.getProvideStammzahl());
-
- try {
- String ilAssertion =
- oaParam.getProvideIdentityLink() ? DOMUtils.serializeNode(identityLink.getSamlAssertion()) : "";
- String authBlock = oaParam.getProvideAuthBlock() ? session.getAuthBlock() : "";
- String samlAssertion = new AuthenticationDataAssertionBuilder().build(
- authData, prPerson, authBlock, ilAssertion, session.getBkuURL(), "", false, null);
- authData.setSamlAssertion(samlAssertion);
- return authData;
- }
- catch (Throwable ex) {
- throw new BuildException(
- "builder.00",
- new Object[] { "AuthenticationData", ex.getMessage() },
- ex);
- }
- }
-}