aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java40
1 files changed, 32 insertions, 8 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 209743f45..146137a2c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -31,6 +31,7 @@ import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringWriter;
+import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.CertificateException;
@@ -49,6 +50,7 @@ import javax.servlet.http.HttpSession;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
+import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.velocity.Template;
import org.apache.velocity.VelocityContext;
@@ -123,7 +125,6 @@ import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl;
import at.gv.egovernment.moa.id.util.HTTPUtils;
import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.XMLUtil;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
import at.gv.egovernment.moa.logging.LogMsg;
@@ -142,10 +143,14 @@ import at.gv.util.xsd.srzgw.CreateIdentityLinkRequest.PEPSData;
import at.gv.util.xsd.srzgw.CreateIdentityLinkResponse;
import at.gv.util.xsd.srzgw.MISType;
import at.gv.util.xsd.srzgw.MISType.Filters;
+import eu.stork.oasisdss.api.AdditionalProfiles;
import eu.stork.oasisdss.api.ApiUtils;
import eu.stork.oasisdss.api.ApiUtilsException;
+import eu.stork.oasisdss.api.Profiles;
+import eu.stork.oasisdss.api.QualityLevels;
+import eu.stork.oasisdss.api.SignatureTypes;
+import eu.stork.oasisdss.profile.AnyType;
import eu.stork.oasisdss.profile.DocumentType;
-import eu.stork.oasisdss.profile.InputDocuments;
import eu.stork.oasisdss.profile.SignRequest;
import eu.stork.peps.auth.commons.PEPSUtil;
import eu.stork.peps.auth.commons.PersonalAttribute;
@@ -1912,7 +1917,9 @@ public class AuthenticationServer implements MOAIDAuthConstants {
PersonalAttribute newAttribute = new PersonalAttribute();
newAttribute.setName("signedDoc");
List<String> value = new ArrayList<String>();
- value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession), "application/xhtml+xml"));
+ value.add(generateDssSignRequest(CreateXMLSignatureRequestBuilder.buildForeignIDTextToBeSigned("wie im Signaturzertifikat (as in my signature certificate)", oaParam, moasession),
+ "application/xhtml+xml",
+ moasession.getCcc()));
newAttribute.setValue(value);
attributeList.add(newAttribute);
@@ -2004,20 +2011,37 @@ public class AuthenticationServer implements MOAIDAuthConstants {
Logger.info("STORK AuthnRequest successfully successfully prepared for client with target location: " + authnRequest.getDestination());
}
- private static String generateDssSignRequest(String text, String mimeType) {
+ private static String generateDssSignRequest(String text, String mimeType, String citizenCountry) {
IdentifierGenerator idGenerator;
try {
idGenerator = new SecureRandomIdentifierGenerator();
DocumentType doc = new DocumentType();
- doc.setBase64XML(Base64.encodeBytes(text.getBytes()).getBytes());
+ doc.setBase64XML(text.getBytes());
+ doc.setID(idGenerator.generateIdentifier());
SignRequest request = new SignRequest();
request.setInputDocuments(ApiUtils.createInputDocuments(doc));
- request.setRequestID(idGenerator.generateIdentifier());
+ String id = idGenerator.generateIdentifier();
+ request.setRequestID(id);
+ request.setDocUI(id);
- return ApiUtils.marshalToDocument(request).getTextContent();
+ request.setProfile(Profiles.XADES_BES.toString());
+ request.setNumberOfSigners(BigInteger.ONE);
+ request.setTargetCountry(citizenCountry);
+
+ // no, no todo. PEPS will alter this value anyhow.
+ request.setReturnURL("http://invalid_return");
+
+ AnyType required = new AnyType();
+ required.getAny().add(ApiUtils.createSignatureType(SignatureTypes.XMLSIG_RFC3275.toString()));
+ required.getAny().add(ApiUtils.createAdditionalProfile(AdditionalProfiles.XADES.toString()));
+ required.getAny().add(ApiUtils.createQualityRequirements(QualityLevels.QUALITYLEVEL_QUALIFIEDSIG));
+ required.getAny().add(ApiUtils.createIncludeObject(doc));
+ request.setOptionalInputs(required);
+
+ return IOUtils.toString(ApiUtils.marshalToInputStream(request));
} catch (NoSuchAlgorithmException e) {
Logger.error("Cannot generate id", e);
throw new RuntimeException(e);
@@ -2027,7 +2051,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
} catch (DOMException e) {
Logger.error("Could not create SignRequest", e);
throw new RuntimeException(e);
- } catch (ParserConfigurationException e) {
+ } catch (IOException e) {
Logger.error("Could not create SignRequest", e);
throw new RuntimeException(e);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 00:41:09 +0000