diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java | 581 |
1 files changed, 12 insertions, 569 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index 35e4815ba..e8564ad3c 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -110,6 +110,7 @@ import at.gv.egovernment.moa.id.config.stork.STORKConfig; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.storage.AssertionStorage; import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage; +import at.gv.egovernment.moa.id.storage.DBExceptionStoreImpl; import at.gv.egovernment.moa.id.util.HTTPUtils; import at.gv.egovernment.moa.id.util.MOAIDMessageProvider; import at.gv.egovernment.moa.id.util.Random; @@ -146,8 +147,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { /** single instance */ private static AuthenticationServer instance; - /** session data store (session ID -> AuthenticationSession) */ - //private static Map sessionStore = new HashMap(); /** * time out in milliseconds used by {@link cleanup} for session store @@ -178,171 +177,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { super(); } -// /** -// * Processes request to select a BKU. <br/> -// * Processing depends on value of -// * {@link AuthConfigurationProvider#getBKUSelectionType}. <br/> -// * For <code>bkuSelectionType==HTMLComplete</code>, a <code>returnURI</code> -// * for the "BKU Auswahl" service is returned. <br/> -// * For <code>bkuSelectionType==HTMLSelect</code>, an HTML form for BKU -// * selection is returned. -// * -// * @param authURL -// * base URL of MOA-ID Auth component -// * @param target -// * "Geschäftsbereich" -// * @param oaURL -// * online application URL requested -// * @param bkuSelectionTemplateURL -// * template for BKU selection form to be used in case of -// * <code>HTMLSelect</code>; may be null -// * @param templateURL -// * URL providing an HTML template for the HTML form to be used -// * for call <code>startAuthentication</code> -// * @return for <code>bkuSelectionType==HTMLComplete</code>, the -// * <code>returnURI</code> for the "BKU Auswahl" service; for -// * <code>bkuSelectionType==HTMLSelect</code>, an HTML form for BKU -// * selection -// * @throws WrongParametersException -// * upon missing parameters -// * @throws AuthenticationException -// * when the configured BKU selection service cannot be reached, -// * and when the given bkuSelectionTemplateURL cannot be reached -// * @throws ConfigurationException -// * on missing configuration data -// * @throws BuildException -// * while building the HTML form -// */ -// public String selectBKU(String authURL, String target, String oaURL, -// String bkuSelectionTemplateURL, String templateURL) -// throws WrongParametersException, AuthenticationException, -// ConfigurationException, BuildException { -// -// // check if HTTP Connection may be allowed (through -// // FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY) -// String boolStr = AuthConfigurationProvider -// .getInstance() -// .getGenericConfigurationParameter( -// AuthConfigurationProvider.FRONTEND_SERVLETS_ENABLE_HTTP_CONNECTION_PROPERTY); -// if ((!authURL.startsWith("https:")) -// && (false == BoolUtils.valueOf(boolStr))) -// throw new AuthenticationException("auth.07", new Object[] { authURL -// + "*" }); -// if (isEmpty(authURL)) -// throw new WrongParametersException("StartAuthentication", -// "AuthURL", "auth.05"); -// if (isEmpty(oaURL)) -// throw new WrongParametersException("StartAuthentication", PARAM_OA, -// "auth.05"); -// -// ConnectionParameter bkuConnParam = AuthConfigurationProvider -// .getInstance().getBKUConnectionParameter(); -// if (bkuConnParam == null) -// throw new ConfigurationException("config.08", -// new Object[] { "BKUSelection/ConnectionParameter" }); -// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() -// .getOnlineApplicationParameter(oaURL); -// if (oaParam == null) -// throw new AuthenticationException("auth.00", new Object[] { oaURL }); -// -// if (!oaParam.getBusinessService()) { -// if (isEmpty(target)) -// throw new WrongParametersException("StartAuthentication", -// PARAM_TARGET, "auth.05"); -// } else { -// if (!isEmpty(target)) { -// Logger -// .info("Ignoring target parameter thus application type is \"businessService\""); -// } -// target = null; -// } -// -// AuthenticationSession session = newSession(); -// Logger.info("MOASession " + session.getSessionID() + " angelegt"); -// session.setTarget(target); -// session.setOAURLRequested(oaURL); -// session.setPublicOAURLPrefix(oaParam.getPublicURLPrefix()); -// session.setAuthURL(authURL); -// session.setTemplateURL(templateURL); -// session.setBusinessService(oaParam.getBusinessService()); -// -// try { -// AuthenticationSessionStoreage.storeSession(session); -// -// } catch (MOADatabaseException e) { -// throw new AuthenticationException("", null); -// } -// -// String returnURL = new DataURLBuilder().buildDataURL(authURL, -// REQ_START_AUTHENTICATION, session.getSessionID()); -// String bkuSelectionType = AuthConfigurationProvider.getInstance() -// .getBKUSelectionType(); -// if (bkuSelectionType -// .equals(AuthConfigurationProvider.BKU_SELECTION_TYPE_HTMLCOMPLETE)) { -// // bkuSelectionType==HTMLComplete -// String redirectURL = bkuConnParam.getUrl() + "?" -// + AuthServlet.PARAM_RETURN + "=" + returnURL; -// return redirectURL; -// } else { -// // bkuSelectionType==HTMLSelect -// String bkuSelectTag; -// try { -// bkuSelectTag = readBKUSelectTag(AuthConfigurationProvider -// .getInstance(), bkuConnParam); -// } catch (Throwable ex) { -// throw new AuthenticationException("auth.11", new Object[] { -// bkuConnParam.getUrl(), ex.toString() }, ex); -// } -// String bkuSelectionTemplate = null; -// -// //removed in MOAID 2.0 -// // override template url by url from configuration file -//// if (oaParam.getBkuSelectionTemplateURL() != null) { -//// bkuSelectionTemplateURL = oaParam.getBkuSelectionTemplateURL(); -//// } -// -//// if (bkuSelectionTemplateURL != null) { -//// try { -//// bkuSelectionTemplate = new String(FileUtils -//// .readURL(bkuSelectionTemplateURL)); -//// } catch (IOException ex) { -//// throw new AuthenticationException("auth.03", new Object[] { -//// bkuSelectionTemplateURL, ex.toString() }, ex); -//// } -//// } -// -// String htmlForm = new SelectBKUFormBuilder().build( -// bkuSelectionTemplate, returnURL, bkuSelectTag); -// return htmlForm; -// } -// } - -// /** -// * Method readBKUSelectTag. -// * -// * @param conf -// * the ConfigurationProvider -// * @param connParam -// * the ConnectionParameter for that connection -// * @return String -// * @throws ConfigurationException -// * on config-errors -// * @throws PKIException -// * on PKI errors -// * @throws IOException -// * on any data error -// * @throws GeneralSecurityException -// * on security errors -// */ -// private String readBKUSelectTag(ConfigurationProvider conf, -// ConnectionParameter connParam) throws ConfigurationException, -// PKIException, IOException, GeneralSecurityException { -// -// if (connParam.isHTTPSURL()) -// return SSLUtils.readHttpsURL(conf, connParam); -// else -// return HTTPUtils.readHttpURL(connParam.getUrl()); -// } /** * Processes the beginning of an authentication session. @@ -441,6 +275,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { //removed in MOAID 2.0 String pushInfobox = ""; + // VerifyInfoboxParameters verifyInfoboxParameters = oaParam // .getVerifyInfoboxParameters(); // if (verifyInfoboxParameters != null) { @@ -500,18 +335,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { String xmlInfoboxReadResponse = (String) infoboxReadResponseParameters .get(PARAM_XMLRESPONSE); - // System.out.println("PB: " + xmlInfoboxReadResponse); - if (isEmpty(xmlInfoboxReadResponse)) throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_IDENTITY_LINK, PARAM_XMLRESPONSE }); - -// AuthenticationSession session = getSession(sessionID); -// if (session.getTimestampIdentityLink() != null) -// throw new AuthenticationException("auth.01", -// new Object[] { sessionID }); - session.setTimestampIdentityLink(); AuthConfigurationProvider authConf = AuthConfigurationProvider .getInstance(); @@ -537,24 +364,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { return null; } - // for testing new identity link certificate - // xmlInfoboxReadResponse = null; - // try { - // File file = new File("c:/temp/XXXMuster.xml"); - // FileInputStream fis; - // - // fis = new FileInputStream(file); - // byte[] array = Utils.readFromInputStream(fis); - // - // xmlInfoboxReadResponse = new String(array); - // System.out.println(xmlInfoboxReadResponse); - // - // } catch (FileNotFoundException e) { - // e.printStackTrace(); - // } catch (UtilsException e) { - // e.printStackTrace(); - // } - // parses the <InfoboxReadResponse> IdentityLink identityLink = new InfoboxReadResponseParser( xmlInfoboxReadResponse).parseIdentityLink(); @@ -572,10 +381,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( domVerifyXMLSignatureResponse).parseData(); -// if (identityLink.getIdentificationType().equalsIgnoreCase( -// Constants.URN_PREFIX_BASEID)) { -// } - OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); @@ -687,7 +492,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[] { GET_MIS_SESSIONID, PARAM_SESSIONID }); - //AuthenticationSession session = getSession(sessionID); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); @@ -744,7 +548,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { // builds the AUTH-block String authBlock = buildAuthenticationBlock(session, oaParam); - // session.setAuthBlock(authBlock); // builds the <CreateXMLSignatureRequest> List<String> transformsInfos = oaParam.getTransformsInfos(); if ((transformsInfos == null) || (transformsInfos.size() == 0)) { @@ -757,77 +560,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { return createXMLSignatureRequest; } -// /** -// * -// * @param session -// * @param authConf -// * @param oaParam -// * @return -// * @throws ConfigurationException -// * @throws BuildException -// * @throws ValidateException -// */ -// public String getCreateXMLSignatureRequestAuthBlockOrRedirectForOW( -// AuthenticationSession session, AuthConfigurationProvider authConf, -// OAAuthParameter oaParam, boolean isOW) throws ConfigurationException, -// BuildException, ValidateException { -// -// // check for intermediate processing of the infoboxes -// if (session.isValidatorInputPending()) -// return "Redirect to Input Processor"; -// -// if (authConf == null) -// authConf = AuthConfigurationProvider.getInstance(); -// if (oaParam == null) -// oaParam = AuthConfigurationProvider.getInstance() -// .getOnlineApplicationParameter( -// session.getPublicOAURLPrefix()); -// -// // BZ.., calculate bPK for signing to be already present in AuthBlock -// IdentityLink identityLink = session.getIdentityLink(); -// if (identityLink.getIdentificationType().equals( -// Constants.URN_PREFIX_BASEID)) { -// -// // only compute bPK if online application is a public service and we -// // have the Stammzahl -//// if (isOW) { -//// // if person is OW, delete identification value (bPK is calculated via MIS) -//// identityLink.setIdentificationValue(null); -//// identityLink.setIdentificationType(null); -//// } -//// else { -// -// //TODO: check correctness!!! bpk calcultion is done during Assertion generation -//// String bpkBase64 = new BPKBuilder().buildBPK(identityLink -//// .getIdentificationValue(), session.getTarget()); -//// identityLink.setIdentificationValue(bpkBase64); -//// -//// //TODO: insert correct Type!!!! -//// identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget()); -//// } -// -// } -// // ..BZ -// // } -// -// // builds the AUTH-block -// String authBlock = buildAuthenticationBlockForOW(session, oaParam, isOW); -// -// // session.setAuthBlock(authBlock); -// // builds the <CreateXMLSignatureRequest> -// List<String> transformsInfos = oaParam.getTransformsInfos(); -// if ((transformsInfos == null) || (transformsInfos.size() == 0)) { -// // no OA specific transforms specified, use default ones -// transformsInfos = authConf.getTransformsInfos(); -// } -// String createXMLSignatureRequest = new CreateXMLSignatureRequestBuilder() -// .build(authBlock, oaParam.getKeyBoxIdentifier(), -// transformsInfos, oaParam.isSlVersion12()); -// -// System.out.println("XML: " + createXMLSignatureRequest); -// -// return createXMLSignatureRequest; -// } /** * Returns an CreateXMLSignatureRequest for signing the ERnP statement.<br> * <ul> @@ -850,15 +582,11 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID }); -// AuthenticationSession session = getSession(sessionID); - AuthConfigurationProvider authConf = AuthConfigurationProvider .getInstance(); OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - - //session.setSignerCertificate(cert); return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam, cert); @@ -921,12 +649,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { throw new AuthenticationException("auth.10", new Object[] { REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE }); - //AuthenticationSession session = getSession(sessionID); - /* - * if (session.getTimestampIdentityLink() != null) throw new - * AuthenticationException("auth.01", new Object[] { sessionID }); - */ - // session.setTimestampIdentityLink(); AuthConfigurationProvider authConf = AuthConfigurationProvider .getInstance(); @@ -949,8 +671,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { VerifyXMLSignatureResponse verifyXMLSignatureResponse = new VerifyXMLSignatureResponseParser( domVerifyXMLSignatureResponse).parseData(); - // int code = verifyXMLSignatureResponse.getSignatureCheckCode(); - return verifyXMLSignatureResponse.getX509certificate(); } @@ -1099,62 +819,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { } - -// /** -// * Builds an authentication block <code><saml:Assertion></code> from -// * given session data. -// * -// * @param session -// * authentication session -// * -// * @return <code><saml:Assertion></code> as a String -// * -// * @throws BuildException -// * If an error occurs on serializing an extended SAML attribute -// * to be appended to the AUTH-Block. -// */ -// private String buildAuthenticationBlockForOW(AuthenticationSession session, -// OAAuthParameter oaParam, boolean isOW) throws BuildException { -// IdentityLink identityLink = session.getIdentityLink(); -// String issuer = identityLink.getName(); -// String gebDat = identityLink.getDateOfBirth(); -// String identificationValue = identityLink.getIdentificationValue(); -// String identificationType = identityLink.getIdentificationType(); -// -// String issueInstant = DateTimeUtils.buildDateTime(Calendar -// .getInstance(), oaParam.getUseUTC()); -// session.setIssueInstant(issueInstant); -// String authURL = session.getAuthURL(); -// String target = session.getTarget(); -// String targetFriendlyName = session.getTargetFriendlyName(); -// // Bug #485 -// // (https://egovlabs.gv.at/tracker/index.php?func=detail&aid=485&group_id=6&atid=105) -// // String oaURL = session.getPublicOAURLPrefix(); -// String oaURL = session.getPublicOAURLPrefix().replaceAll("&", "&"); -// -// -// List extendedSAMLAttributes = session.getExtendedSAMLAttributesAUTH(); -// Iterator it = extendedSAMLAttributes.iterator(); -// // delete bPK attribute from extended SAML attributes -// if (session.isOW()) { -// ExtendedSAMLAttribute toDelete = null; -// while (it.hasNext()) { -// ExtendedSAMLAttribute attr = (ExtendedSAMLAttribute)it.next(); -// if (attr.getName().equalsIgnoreCase("bPK")) -// toDelete = attr; -// } -// if (toDelete != null) -// extendedSAMLAttributes.remove(toDelete); -// } -// -// String authBlock = new AuthenticationBlockAssertionBuilder() -// .buildAuthBlock(issuer, issueInstant, authURL, target, -// targetFriendlyName, identificationValue, -// identificationType, oaURL, gebDat, -// extendedSAMLAttributes, session, oaParam); -// -// return authBlock; -// } /** * Verifies the infoboxes (except of the identity link infobox) returned by @@ -1197,7 +861,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { OAAuthParameter oaParam = authConfigurationProvider .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - //TODO: check correctness!!!! //removed in MOAID 2.0 // VerifyInfoboxParameters verifyInfoboxParameters = oaParam // .getVerifyInfoboxParameters(); @@ -1210,6 +873,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { // System.out.println("SAML set: " + // session.getExtendedSAMLAttributesAUTH().size()); + //removed in MOAID 2.0 // if (verifyInfoboxParameters != null) { // // infoboxParameters = verifyInfoboxParameters.getInfoboxParameters(); @@ -1461,57 +1125,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { } -// /** -// * Intermediate processing of the infoboxes. The first pending infobox -// * validator may validate the provided input -// * -// * @param session -// * The current authentication session -// * @param parameters -// * The parameters got returned by the user input fields -// */ -// public static void processInput(AuthenticationSession session, -// Map parameters) throws ValidateException { -// -// // post processing of the infoboxes -// Iterator iter = session.getInfoboxValidatorIterator(); -// if (iter != null) { -// while (iter.hasNext()) { -// Vector infoboxValidatorVector = (Vector) iter.next(); -// InfoboxValidator infoboxvalidator = (InfoboxValidator) infoboxValidatorVector -// .get(2); -// if (!ParepUtils.isEmpty(infoboxvalidator.getForm())) { -// String identifier = (String) infoboxValidatorVector.get(0); -// String friendlyName = (String) infoboxValidatorVector -// .get(1); -// InfoboxValidationResult infoboxValidationResult = null; -// try { -// infoboxValidationResult = infoboxvalidator -// .validate(parameters); -// } catch (ValidateException e) { -// Logger.error("Error validating " + identifier -// + " infobox:" + e.getMessage()); -// throw new ValidateException("validator.44", -// new Object[] { friendlyName }); -// } -// if (!infoboxValidationResult.isValid()) { -// Logger.info("Validation of " + identifier -// + " infobox failed."); -// throw new ValidateException("validator.40", -// new Object[] { -// friendlyName, -// infoboxValidationResult -// .getErrorMessage() }); -// } -// AddAdditionalSAMLAttributes( -// session, -// infoboxValidationResult.getExtendedSamlAttributes(), -// identifier, friendlyName); -// } -// } -// } -// } - /** * Adds given SAML Attributes to the current session. They will be appended * to the final SAML Assertion or the AUTH block. If the attributes are @@ -1583,33 +1196,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setExtendedSAMLAttributesOA(oaAttributes); } - // /** - // * Adds given SAML Attributes to the current session. They will be - // appended - // * to the final SAML Assertion or the AUTH block. If the attributes are - // * already in the list, they will be replaced. - // * - // * @param session The current session - // * @param extendedSAMLAttributes The SAML attributes to add - // * @param identifier The infobox identifier for debug purposes - // * @param friendlyNam The friendly name of the infobox for debug purposes - // */ - // private static void AddAdditionalSAMLAttributes(AuthenticationSession - // session, MISMandate mandate) throws ValidateException - // { - // - // List oaAttributes = session.getExtendedSAMLAttributesOA(); - // if (oaAttributes==null) oaAttributes = new Vector(); - // List authAttributes = session.getExtendedSAMLAttributesAUTH(); - // if (authAttributes==null) authAttributes = new Vector(); - // - // - // addExtendedSamlAttributes(authAttributes, mandate); - // - // session.setExtendedSAMLAttributesAUTH(authAttributes); - // session.setExtendedSAMLAttributesOA(oaAttributes); - // } - /** * Adds the AUTH block related SAML attributes to the validation result. * This is needed always before the AUTH block is to be signed, because the @@ -1629,11 +1215,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { extendedSamlAttributes.clear(); - // extendedSamlAttributes.add(new - // ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_RAW, - // mandate, SZRGWConstants.MANDATE_NS, - // ExtendedSAMLAttribute.NOT_ADD_TO_AUTHBLOCK)); - // Name Element domMandate = mandateToElement(mandate); Element nameSpaceNode = domMandate.getOwnerDocument().createElement( @@ -1646,24 +1227,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { Element mandator = (Element) XPathAPI.selectSingleNode(domMandate, "//md:Mandate/md:Mandator", nameSpaceNode); - // first check if physical person - // Element name = (Element) XPathAPI.selectSingleNode(mandator, - // "descendant-or-self::pr:Name/pr:GivenName", nameSpaceNode); - // String mandatorname = ParepUtils.extractMandatorName(mandator); - - // extendedSamlAttributes.add(new - // ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_NAME, - // mandatorname, SZRGWConstants.MANDATE_NS, - // ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); - // Geburtsdatum - // String dob = ParepUtils.extractMandatorDateOfBirth(mandator); - // if (dob != null && !"".equals(dob)) { - // extendedSamlAttributes.add(new - // ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_DOB, dob, - // SZRGWConstants.MANDATE_NS, - // ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); - // } - // Mandate extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl( ParepValidator.EXT_SAML_MANDATE_RAW, domMandate, @@ -1692,15 +1255,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { } } - // String oid = mandate.getProfRep(); - // if (oid != null) { - // String oidDescription = mandate.getTextualDescriptionOfOID(); - // extendedSamlAttributes.add(new - // ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_OIDTEXTUALDESCRIPTION, - // oidDescription, SZRGWConstants.MANDATE_NS, - // ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY)); - // } - ExtendedSAMLAttribute[] ret = new ExtendedSAMLAttribute[extendedSamlAttributes .size()]; extendedSamlAttributes.copyInto(ret); @@ -1831,9 +1385,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { if (isEmpty(xmlCreateXMLSignatureReadResponse)) throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_XMLRESPONSE }); - - //AuthenticationSession session = getSession(sessionID); - + AuthConfigurationProvider authConf = AuthConfigurationProvider .getInstance(); // parses <CreateXMLSignatureResponse> @@ -1938,22 +1490,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { } } } - -// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() -// .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); -// boolean useUTC = oaParam.getUseUTC(); -// boolean useCondition = oaParam.getUseCondition(); -// int conditionLength = oaParam.getConditionLength(); - - //TL: moved to Authentification Data generation -// AuthenticationData authData = buildAuthenticationData(session, vsresp, -// useUTC, false); -// -// //set Authblock -// session.setAuthData(authData); - - session.setXMLVerifySignatureResponse(vsresp); session.setSignerCertificate(vsresp.getX509certificate()); vsresp.setX509certificate(null); @@ -1977,42 +1514,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { Logger.info("Daten angelegt zu MOASession " + newMOASessionID); return newMOASessionID; - /* - String samlAssertion = new AuthenticationDataAssertionBuilder() - .build(authData, session.getAssertionPrPerson(), session - .getAssertionAuthBlock(), session - .getAssertionIlAssertion(), session.getBkuURL(), - session.getAssertionSignerCertificateBase64(), - session.getAssertionBusinessService(), session - .getExtendedSAMLAttributesOA(), - useCondition, conditionLength); - authData.setSamlAssertion(samlAssertion); - - String assertionFile = AuthConfigurationProvider.getInstance() - .getGenericConfigurationParameter( - "AuthenticationServer.WriteAssertionToFile"); - if (!ParepUtils.isEmpty(assertionFile)) - try { - ParepUtils.saveStringToFile(samlAssertion, new File( - assertionFile)); - } catch (IOException e) { - throw new BuildException("builder.00", new Object[] { - "AuthenticationData", e.toString() }, e); - } - - String samlArtifact = new SAMLArtifactBuilder().build(session - .getAuthURL(), session.getSessionID(), session - .getSourceID()); - storeAuthenticationData(samlArtifact, authData); - - // invalidates the authentication session - sessionStore.remove(sessionID); - Logger.info("Anmeldedaten zu MOASession " + sessionID - + " angelegt, SAML Artifakt " + samlArtifact); - return samlArtifact; - */ } - } /** @@ -2102,16 +1604,10 @@ public class AuthenticationServer implements MOAIDAuthConstants { public String getForeignAuthenticationData(AuthenticationSession session) throws AuthenticationException, BuildException, ParseException, ConfigurationException, ServiceException, ValidateException { - - //TODO: CHECK if STORK parts works correct!!!! if (session == null) throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_AUTH_BLOCK, PARAM_SESSIONID }); - - //AuthenticationSession session = getSession(sessionID); - // AuthConfigurationProvider authConf = - // AuthConfigurationProvider.getInstance(); // post processing of the infoboxes Iterator iter = session.getInfoboxValidatorIterator(); @@ -2155,19 +1651,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse(); X509Certificate cert = session.getSignerCertificate(); vsresp.setX509certificate(cert); - -// OAAuthParameter oaParam = AuthConfigurationProvider.getInstance() -// .getOnlineApplicationParameter(session.getPublicOAURLPrefix()); -// boolean useUTC = oaParam.getUseUTC(); - -// boolean useCondition = oaParam.getUseCondition(); -// int conditionLength = oaParam.getConditionLength(); - - //TL: moved to Assertion generation. -// AuthenticationData authData = buildAuthenticationData(session, vsresp, -// useUTC, true); -// -// session.setAuthData(authData); session.setAuthenticatedUsed(false); session.setAuthenticated(true); @@ -2177,43 +1660,9 @@ public class AuthenticationServer implements MOAIDAuthConstants { session.setSignerCertificate(vsresp.getX509certificate()); vsresp.setX509certificate(null); session.setForeigner(true); - - return "new Session"; - - //TODO: regenerate MOASession ID! - /* - String samlAssertion = new AuthenticationDataAssertionBuilder().build( - authData, session.getAssertionPrPerson(), session - .getAssertionAuthBlock(), session - .getAssertionIlAssertion(), session.getBkuURL(), - session.getAssertionSignerCertificateBase64(), session - .getAssertionBusinessService(), session - .getExtendedSAMLAttributesOA(), useCondition, - conditionLength); - authData.setSamlAssertion(samlAssertion); - - String assertionFile = AuthConfigurationProvider.getInstance() - .getGenericConfigurationParameter( - "AuthenticationServer.WriteAssertionToFile"); - if (!ParepUtils.isEmpty(assertionFile)) - try { - ParepUtils.saveStringToFile(samlAssertion, new File( - assertionFile)); - } catch (IOException e) { - throw new BuildException("builder.00", new Object[] { - "AuthenticationData", e.toString() }, e); - } - - String samlArtifact = new SAMLArtifactBuilder().build(session - .getAuthURL(), session.getSessionID(), session.getSourceID()); - storeAuthenticationData(samlArtifact, authData); - // invalidates the authentication session - sessionStore.remove(sessionID); - Logger.info("Anmeldedaten zu MOASession " + sessionID - + " angelegt, SAML Artifakt " + samlArtifact); - - return samlArtifact;*/ + //TODO: regenerate MOASession ID! + return "new Session"; } /** @@ -2242,7 +1691,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { VerifyXMLSignatureResponse verifyXMLSigResp = session.getXMLVerifySignatureResponse(); -// boolean useUTC = oaParam.getUseUTC(); boolean businessService = oaParam.getBusinessService(); authData.setMajorVersion(1); @@ -2266,7 +1714,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { authData.setPublicAuthorityCode(verifyXMLSigResp .getPublicAuthorityCode()); authData.setBkuURL(session.getBkuURL()); -// authData.setUseUTC(oaParam.getUseUTC()); try { @@ -2350,8 +1797,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { try { session = AuthenticationSessionStoreage.getSession(id); - /*(AuthenticationSession) sessionStore - .get(id);*/ if (session == null) throw new AuthenticationException("auth.02", new Object[] { id }); return session; @@ -2373,7 +1818,12 @@ public class AuthenticationServer implements MOAIDAuthConstants { //clean AssertionStore AssertionStorage assertionstore = AssertionStorage.getInstance(); - assertionstore.clean(now, authDataTimeOut); + assertionstore.clean(now, authDataTimeOut); + + //clean ExeptionStore + DBExceptionStoreImpl exstore = DBExceptionStoreImpl.getStore(); + exstore.clean(now, authDataTimeOut); + } /** @@ -2730,13 +2180,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { } catch (Throwable e) { throw new CertificateException(e); } - -// CertificateFactory cf; -// X509Certificate cert = null; -// cf = CertificateFactory.getInstance("X.509"); -// CertificateFactory -// cert = (X509Certificate)cf.generateCertificate(is); -// return cert; } } |