diff options
Diffstat (limited to 'id.server/src')
4 files changed, 47 insertions, 6 deletions
| diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 2baa172f1..0d3166090 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -446,7 +446,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {      session.setIdentityLink(identityLink);      // now validate the extended infoboxes -    verifyInfoboxes(session, infoboxReadResponseParameters); +    verifyInfoboxes(session, infoboxReadResponseParameters, !oaParam.getProvideStammzahl());      // builds the AUTH-block      String authBlock = buildAuthenticationBlock(session);  //    session.setAuthBlock(authBlock); @@ -507,12 +507,15 @@ public class AuthenticationServer implements MOAIDAuthConstants {     * @param infoboxReadResponseParams   The parameters returned from the BKU as response     *                                    to an infobox read request (including the infobox     *                                    tokens to be verified). +   * @param hideStammzahl               Indicates whether source pins (<code>Stammzahl</code>en)  +   *                                    should be hidden in any SAML attribute that may be +   *                                    returned by a validator.     *      * @throws AuthenticationException If the verification of at least one infobox fails.     * @throws ConfigurationException  If the OAuthParameter cannot be extracted.     */    private void verifyInfoboxes( -    AuthenticationSession session, Map infoboxReadResponseParams)  +    AuthenticationSession session, Map infoboxReadResponseParams, boolean hideStammzahl)     throws ValidateException, ConfigurationException    { @@ -584,7 +587,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {                // build the parameters for validating the infobox                InfoboxValidatorParams infoboxValidatorParams =                   InfoboxValidatorParamsBuilder.buildInfoboxValidatorParams( -                  session, verifyInfoboxParameter, infoboxTokenList); +                  session, verifyInfoboxParameter, infoboxTokenList, hideStammzahl);                // now validate the infobox                boolean infoboxValid = false;                try { diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java b/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java index 2d9837f9a..038e549be 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/builder/InfoboxValidatorParamsBuilder.java @@ -30,13 +30,17 @@ public class InfoboxValidatorParamsBuilder {     * @param session                 The actual Authentication session.     * @param verifyInfoboxParameter  The configuration parameters for the infobox.     * @param infoboxTokenList        Contains the infobox token to be validated. +   * @param hideStammzahl           Indicates whether source pins (<code>Stammzahl</code>en)  +   *                                should be hidden in any SAML attributes returned by +   *                                an infobox validator.     *      * @return Parameters for validating an infobox token.     */    public static InfoboxValidatorParams buildInfoboxValidatorParams(      AuthenticationSession session,       VerifyInfoboxParameter verifyInfoboxParameter, -    List infoboxTokenList)  +    List infoboxTokenList, +    boolean hideStammzahl)     {      InfoboxValidatorParamsImpl infoboxValidatorParams = new InfoboxValidatorParamsImpl();      IdentityLink identityLink = session.getIdentityLink();  @@ -71,7 +75,7 @@ public class InfoboxValidatorParamsBuilder {        }        infoboxValidatorParams.setIdentityLink(identityLinkElem);      } -        +    infoboxValidatorParams.setHideStammzahl(hideStammzahl);      return infoboxValidatorParams;    } diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java index 26070dc51..381815258 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParams.java @@ -143,6 +143,20 @@ public interface InfoboxValidatorParams {    public Element getIdentityLink();    /** +   * Indicates whether source pins (<code>Stammzahl</code>en) should be hidden or not. +   * If an online application lying behind MOA-ID is not allowed to get source pins  +   * (<code>Stammzahl</code>en), any source pins within <code>SAML attributes</code> +   * returned by the validator must suppressed:<br> +   * If the parameter <code>getHideStammzahl</code> is <code>true</code>, then the validator  +   * <b>MUST</b> hide (replace by an empty string) any source pin (<code>Stammzahl</code>) +   * that may be included in a <code>SAML attribute</code> returned by the validator. +   *  +   * @return <code>true</code> if source pins (<code>Stammzahl</code>en) must be hidden, +   *         otherwise <code>false</code>. +   */ +  public boolean getHideStammzahl(); +   +  /**     * Returns application specific parameters.     * Each child element of this element contains     * a validating application specific parameter. The   diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java b/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java index 46a67d48b..fcfc054d8 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/data/InfoboxValidatorParamsImpl.java @@ -82,6 +82,10 @@ public class InfoboxValidatorParamsImpl implements InfoboxValidatorParams {     * The identity link.     */    private Element identityLink_; +  /** +   * Indicates whether source pins (<code>Stammzahl</code>en) must be hidden or not. +   */ +  private boolean hideStammzahl_;    /**     * Application specific parameters. @@ -184,6 +188,13 @@ public class InfoboxValidatorParamsImpl implements InfoboxValidatorParams {    public Element getIdentityLink() {      return identityLink_;    } +   +  /** +   * @see at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams#hideStammzahl +   */ +  public boolean getHideStammzahl() { +    return hideStammzahl_; +  }    /**     * @see at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams#getApplicationSpecificParams() @@ -313,7 +324,6 @@ public class InfoboxValidatorParamsImpl implements InfoboxValidatorParams {      target_ = target;    } -    /**     * Sets the ID of the trust profile used for validating certificates.     * @@ -323,4 +333,14 @@ public class InfoboxValidatorParamsImpl implements InfoboxValidatorParams {      trustProfileID_ = trustProfileID;    } +  /** +   * Sets the {@link #hideStammzahl_} parameter. +   * +   * @param hideStammzahl <code>True</code> if source pins (<code>Stammzahl</code>en) should +   *                      be hidden, otherwise <code>false</code>. +   */ +  public void setHideStammzahl(boolean hideStammzahl) { +    this.hideStammzahl_ = hideStammzahl; +  } +  } | 
