aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java93
1 files changed, 27 insertions, 66 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index dec5b81cf..bda1e3bfc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -25,7 +25,6 @@ package at.gv.egovernment.moa.id.auth;
import iaik.asn1.ObjectID;
import iaik.pki.PKIException;
-import iaik.x509.CertificateFactory;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionInitException;
@@ -39,12 +38,9 @@ import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import java.util.Set;
import java.util.Vector;
import javax.servlet.http.HttpServletRequest;
@@ -75,9 +71,6 @@ import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder;
import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.InfoboxValidatorParamsBuilder;
-import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
-import at.gv.egovernment.moa.id.auth.builder.SelectBKUFormBuilder;
import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
@@ -85,16 +78,12 @@ import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
import at.gv.egovernment.moa.id.auth.data.IdentityLink;
import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult;
-import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams;
import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.ExtendedInfoboxReadResponseParser;
import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet;
import at.gv.egovernment.moa.id.auth.stork.STORKAuthnRequestProcessor;
import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
@@ -111,16 +100,12 @@ import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants
import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
import at.gv.egovernment.moa.id.config.ConnectionParameter;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter;
-import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters;
import at.gv.egovernment.moa.id.config.stork.CPEPS;
import at.gv.egovernment.moa.id.config.stork.STORKConfig;
import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.moduls.IRequest;
import at.gv.egovernment.moa.id.storage.AssertionStorage;
import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
import at.gv.egovernment.moa.id.util.HTTPUtils;
@@ -130,8 +115,6 @@ import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
import at.gv.egovernment.moa.logging.LogMsg;
import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.BoolUtils;
import at.gv.egovernment.moa.util.Constants;
import at.gv.egovernment.moa.util.DOMUtils;
import at.gv.egovernment.moa.util.DateTimeUtils;
@@ -332,32 +315,32 @@ public class AuthenticationServer implements MOAIDAuthConstants {
// }
// }
- /**
- * Method readBKUSelectTag.
- *
- * @param conf
- * the ConfigurationProvider
- * @param connParam
- * the ConnectionParameter for that connection
- * @return String
- * @throws ConfigurationException
- * on config-errors
- * @throws PKIException
- * on PKI errors
- * @throws IOException
- * on any data error
- * @throws GeneralSecurityException
- * on security errors
- */
- private String readBKUSelectTag(ConfigurationProvider conf,
- ConnectionParameter connParam) throws ConfigurationException,
- PKIException, IOException, GeneralSecurityException {
-
- if (connParam.isHTTPSURL())
- return SSLUtils.readHttpsURL(conf, connParam);
- else
- return HTTPUtils.readHttpURL(connParam.getUrl());
- }
+// /**
+// * Method readBKUSelectTag.
+// *
+// * @param conf
+// * the ConfigurationProvider
+// * @param connParam
+// * the ConnectionParameter for that connection
+// * @return String
+// * @throws ConfigurationException
+// * on config-errors
+// * @throws PKIException
+// * on PKI errors
+// * @throws IOException
+// * on any data error
+// * @throws GeneralSecurityException
+// * on security errors
+// */
+// private String readBKUSelectTag(ConfigurationProvider conf,
+// ConnectionParameter connParam) throws ConfigurationException,
+// PKIException, IOException, GeneralSecurityException {
+//
+// if (connParam.isHTTPSURL())
+// return SSLUtils.readHttpsURL(conf, connParam);
+// else
+// return HTTPUtils.readHttpURL(connParam.getUrl());
+// }
/**
* Processes the beginning of an authentication session.
@@ -472,7 +455,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
String htmlForm = new GetIdentityLinkFormBuilder().build(template,
session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest,
- certInfoDataURL, pushInfobox);
+ certInfoDataURL, pushInfobox, oaParam);
return htmlForm;
}
@@ -608,13 +591,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
session.setIdentityLink(identityLink);
// now validate the extended infoboxes
- //TODO: check correctness
-// verifyInfoboxes(session, infoboxReadResponseParameters, !oaParam
-// .getProvideStammzahl());
verifyInfoboxes(session, infoboxReadResponseParameters, false);
-
- //TODO: make it better!!
return "found!";
}
@@ -760,22 +738,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
.getOnlineApplicationParameter(
session.getPublicOAURLPrefix());
- //TODO: CHECK!! is moved to buildAuthenticationBlock to hold the baseID in identitylink
- // if (!fromMandate) {
- // BZ.., calculate bPK for signing to be already present in AuthBlock
-// IdentityLink identityLink = session.getIdentityLink();
-// if (identityLink.getIdentificationType().equals(
-// Constants.URN_PREFIX_BASEID)) {
-// // only compute bPK if online application is a public service and we
-// // have the Stammzahl
-// String bpkBase64 = new BPKBuilder().buildBPK(identityLink
-// .getIdentificationValue(), session.getTarget());
-// identityLink.setIdentificationValue(bpkBase64);
-// identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget());
-// }
- // ..BZ
- // }
-
// builds the AUTH-block
String authBlock = buildAuthenticationBlock(session, oaParam);
@@ -1924,7 +1886,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK,
false);
- // TODO See Bug #144
// Compare AuthBlock Data with information stored in session, especially
// date and time
CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp);
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-24 21:12:24 +0000