aboutsummaryrefslogtreecommitdiff
path: root/id/oa/src
diff options
context:
space:
mode:
Diffstat (limited to 'id/oa/src')
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java62
-rw-r--r--id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java4
2 files changed, 45 insertions, 21 deletions
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
index 4bce49465..0b8251386 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
@@ -43,6 +43,7 @@ import org.opensaml.common.binding.BasicSAMLMessageContext;
import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
import org.opensaml.common.xml.SAMLConstants;
import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
+import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder;
import org.opensaml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml2.core.AuthnRequest;
@@ -124,7 +125,7 @@ public class Authenticate extends HttpServlet {
serviceURL = serviceURL + "/";
//name.setValue(serviceURL);
issuer.setValue(serviceURL);
-
+
// subject.setNameID(name);
// authReq.setSubject(subject);
issuer.setFormat(NameIDType.ENTITY);
@@ -155,13 +156,21 @@ public class Authenticate extends HttpServlet {
for (SingleSignOnService sss :
idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) {
+// //Get the service address for the binding you wish to use
+// if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
+// redirectEndpoint = sss;
+// }
+
//Get the service address for the binding you wish to use
- if (sss.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI)) {
+ if (sss.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
redirectEndpoint = sss;
}
+
}
authReq.setDestination(redirectEndpoint.getLocation());
+ //authReq.setDestination("http://test.test.test");
+
RequestedAuthnContext reqAuthContext =
SAML2Utils.createSAMLObject(RequestedAuthnContext.class);
@@ -191,32 +200,47 @@ public class Authenticate extends HttpServlet {
authReq.setSignature(signer);
//generate Http-POST Binding message
- VelocityEngine engine = new VelocityEngine();
- engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
- engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
- engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
- engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
- engine.setProperty("classpath.resource.loader.class",
- "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
- engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
- "org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
- engine.init();
-
- HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
- "templates/pvp_postbinding_template.html");
+// VelocityEngine engine = new VelocityEngine();
+// engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+// engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
+// engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
+// engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
+// engine.setProperty("classpath.resource.loader.class",
+// "org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
+// engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
+// "org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
+// engine.init();
+//
+// HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
+// "templates/pvp_postbinding_template.html");
+// HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
+// response, true);
+// BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
+// SingleSignOnService service = new SingleSignOnServiceBuilder()
+// .buildObject();
+// service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+// service.setLocation(redirectEndpoint.getLocation());;
+//
+// context.setOutboundSAMLMessageSigningCredential(authcredential);
+// context.setPeerEntityEndpoint(service);
+// context.setOutboundSAMLMessage(authReq);
+// context.setOutboundMessageTransport(responseAdapter);
+
+ //generate Redirect Binding message
+ HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
response, true);
BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
SingleSignOnService service = new SingleSignOnServiceBuilder()
.buildObject();
- service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
- service.setLocation(redirectEndpoint.getLocation());;
-
+ service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+ service.setLocation(redirectEndpoint.getLocation());
context.setOutboundSAMLMessageSigningCredential(authcredential);
context.setPeerEntityEndpoint(service);
context.setOutboundSAMLMessage(authReq);
context.setOutboundMessageTransport(responseAdapter);
-
+ //context.setRelayState(relayState);
+
encoder.encode(context);
} catch (Exception e) {
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
index eecb691c0..1dcc66a56 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
@@ -56,9 +56,9 @@ public class AttributeListBuilder implements PVPConstants{
requestedAttributes.add(buildReqAttribute(EID_CITIZEN_QAA_LEVEL_NAME, EID_CITIZEN_QAA_LEVEL_FRIENDLY_NAME, true));
requestedAttributes.add(buildReqAttribute(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, true));
requestedAttributes.add(buildReqAttribute(EID_SECTOR_FOR_IDENTIFIER_NAME, EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, true));
- requestedAttributes.add(buildReqAttribute(EID_SIGNER_CERTIFICATE_NAME, EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(EID_SIGNER_CERTIFICATE_NAME, EID_SIGNER_CERTIFICATE_FRIENDLY_NAME, false));
requestedAttributes.add(buildReqAttribute(EID_CCS_URL_NAME, EID_CCS_URL_FRIENDLY_NAME, true));
- requestedAttributes.add(buildReqAttribute(EID_AUTH_BLOCK_NAME, EID_AUTH_BLOCK_FRIENDLY_NAME, true));
+ requestedAttributes.add(buildReqAttribute(EID_AUTH_BLOCK_NAME, EID_AUTH_BLOCK_FRIENDLY_NAME, false));
requestedAttributes.add(buildReqAttribute(EID_IDENTITY_LINK_NAME, EID_IDENTITY_LINK_FRIENDLY_NAME, true));
requestedAttributes.add(buildReqAttribute(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false));