diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java | 58 |
1 files changed, 18 insertions, 40 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java index fcaa4f053..01c6a512f 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java @@ -21,6 +21,7 @@ import iaik.x509.X509Certificate; import java.io.File; import java.io.IOException; import java.security.GeneralSecurityException; +import java.security.Principal; import java.util.Calendar; import java.util.Date; import java.util.HashMap; @@ -540,15 +541,16 @@ public class AuthenticationServer implements MOAIDAuthConstants { } /** - * Returns a CreateXMLSignatureRequest for the foreign ID.<br> + * Returns an CreateXMLSignatureRequest for signing the ERnP statement.<br> + * <ul> + * <li>Creates an CreateXMLSignatureRequest to be signed by the user</li> + * </ul> * * @param sessionID ID of associated authentication session data - * @param infoboxReadResponseParameters The parameters from the response returned from - * the BKU - * @param cert The certificate of the foreign ID + * @param cert The certificate from the user * @return String representation of the <code><CreateXMLSignatureRequest></code> */ - public String getCreateXMLSignatureRequestForeignID(String sessionID, Map infoboxReadResponseParameters, X509Certificate cert) + public String createXMLSignatureRequestForeignID(String sessionID, X509Certificate cert) throws AuthenticationException, BuildException, @@ -558,57 +560,33 @@ public class AuthenticationServer implements MOAIDAuthConstants { ServiceException { if (isEmpty(sessionID)) - throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_IDENTITY_LINK, PARAM_SESSIONID}); + throw new AuthenticationException("auth.10", new Object[] { REQ_VERIFY_CERTIFICATE, PARAM_SESSIONID}); - AuthenticationSession session = getSession(sessionID); + AuthConfigurationProvider authConf = AuthConfigurationProvider.getInstance(); - + OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter( session.getPublicOAURLPrefix()); - - return getCreateXMLSignatureRequestForeignID(session, authConf, oaParam); + return getCreateXMLSignatureRequestForeigID(session, authConf, oaParam, cert); } - public String getCreateXMLSignatureRequestForeignID(AuthenticationSession session, AuthConfigurationProvider authConf, OAAuthParameter oaParam) - throws - ConfigurationException, - BuildException, - ValidateException { + public String getCreateXMLSignatureRequestForeigID(AuthenticationSession session, AuthConfigurationProvider authConf, OAAuthParameter oaParam, X509Certificate cert) throws ConfigurationException + { + // check for intermediate processing of the infoboxes + if (session.isValidatorInputPending()) return "Redirect to Input Processor"; if (authConf==null) authConf = AuthConfigurationProvider.getInstance(); if (oaParam==null) oaParam = AuthConfigurationProvider.getInstance(). getOnlineApplicationParameter(session.getPublicOAURLPrefix()); - //BZ.., calculate bPK for signing to be already present in AuthBlock -// IdentityLink identityLink = session.getIdentityLink(); -// if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { -// // only compute bPK if online application is a public service and we have the Stammzahl -// String bpkBase64 = new BPKBuilder().buildBPK( -// identityLink.getIdentificationValue(), -// session.getTarget()); -// identityLink.setIdentificationValue(bpkBase64); -// } - //..BZ + Principal subject = cert.getSubjectDN(); - - // builds the AUTH-block - String authBlock = buildAuthenticationBlock(session); -// session.setAuthBlock(authBlock); - // builds the <CreateXMLSignatureRequest> - String[] transformsInfos = oaParam.getTransformsInfos(); - if ((transformsInfos == null) || (transformsInfos.length == 0)) { - // no OA specific transforms specified, use default ones - transformsInfos = authConf.getTransformsInfos(); - } String createXMLSignatureRequest = - new CreateXMLSignatureRequestBuilder().build(authBlock, - oaParam.getKeyBoxIdentifier(), - transformsInfos, - oaParam.getSlVersion12()); + new CreateXMLSignatureRequestBuilder().buildForeignID(subject.toString(), oaParam, session); return createXMLSignatureRequest; } @@ -642,7 +620,6 @@ public class AuthenticationServer implements MOAIDAuthConstants { String xmlCreateXMLSignatureResponse = (String)createXMLSignatureResponseParameters.get(PARAM_XMLRESPONSE); - System.out.println(xmlCreateXMLSignatureResponse); if (isEmpty(xmlCreateXMLSignatureResponse)) throw new AuthenticationException("auth.10", new Object[] { REQ_GET_FOREIGN_ID, PARAM_XMLRESPONSE}); @@ -757,6 +734,7 @@ public class AuthenticationServer implements MOAIDAuthConstants { return authBlock; } + /** * Verifies the infoboxes (except of the identity link infobox) returned by the BKU by |