1 files changed, 74 insertions, 75 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 0bbfe25b2..e0ebcbab3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -548,7 +548,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     // now validate the extended infoboxes
     verifyInfoboxes(session, infoboxReadResponseParameters, !oaParam.getProvideStammzahl());
     
-    return getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam);
+    return getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam, false);
   }
   
   
@@ -610,7 +610,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	}
 
     
-    return getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam);
+    return getCreateXMLSignatureRequestAuthBlockOrRedirect(session, authConf, oaParam, true);
   }
   
   /**
@@ -623,7 +623,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
    * @throws BuildException
    * @throws ValidateException
    */
-  public String getCreateXMLSignatureRequestAuthBlockOrRedirect(AuthenticationSession session, AuthConfigurationProvider authConf, OAAuthParameter oaParam)
+  public String getCreateXMLSignatureRequestAuthBlockOrRedirect(AuthenticationSession session, AuthConfigurationProvider authConf, OAAuthParameter oaParam, boolean fromMandate)
     throws 
       ConfigurationException, 
       BuildException,
@@ -635,21 +635,24 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     if (authConf==null) authConf = AuthConfigurationProvider.getInstance();
     if (oaParam==null) oaParam = AuthConfigurationProvider.getInstance().
       getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-    
-    //BZ.., calculate bPK for signing to be already present in AuthBlock
-    IdentityLink identityLink = session.getIdentityLink();
-    if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
-        // only compute bPK if online application is a public service and we have the Stammzahl
-        String bpkBase64 = new BPKBuilder().buildBPK(
-            identityLink.getIdentificationValue(),
-            session.getTarget());
-        identityLink.setIdentificationValue(bpkBase64);
-      }
-    //..BZ
+
+    if (!fromMandate) {
+	    //BZ.., calculate bPK for signing to be already present in AuthBlock
+	    IdentityLink identityLink = session.getIdentityLink();
+	    if (identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) {
+	        // only compute bPK if online application is a public service and we have the Stammzahl
+	        String bpkBase64 = new BPKBuilder().buildBPK(
+	            identityLink.getIdentificationValue(),
+	            session.getTarget());
+	        identityLink.setIdentificationValue(bpkBase64);
+	      }
+	    //..BZ
+    }
     
 
     // builds the AUTH-block
-    String authBlock = buildAuthenticationBlock(session);
+    String authBlock = buildAuthenticationBlock(session, fromMandate);
+    
 //    session.setAuthBlock(authBlock);
     // builds the <CreateXMLSignatureRequest>
     String[] transformsInfos = oaParam.getTransformsInfos();
@@ -832,7 +835,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
    * @throws BuildException If an error occurs on serializing an extended SAML attribute 
    *                        to be appended to the AUTH-Block.
    */
-  private String buildAuthenticationBlock(AuthenticationSession session) throws BuildException {
+  private String buildAuthenticationBlock(AuthenticationSession session, boolean fromMandate) throws BuildException {
      IdentityLink identityLink = session.getIdentityLink();
      String issuer = identityLink.getName();
        String gebDat = identityLink.getDateOfBirth();
@@ -857,7 +860,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
       oaURL, 
       gebDat,
       extendedSAMLAttributes,
-      session);
+      session, 
+      fromMandate);
       
     return authBlock;
   }
@@ -1204,7 +1208,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	  String dob = ParepUtils.extractMandatorDateOfBirth(mandator);
 	  if (dob != null && !"".equals(dob)) {
 		  extendedSamlAttributes.add(new ExtendedSAMLAttributeImpl(ParepValidator.EXT_SAML_MANDATE_DOB, dob, SZRGWConstants.MANDATE_NS, ExtendedSAMLAttribute.ADD_TO_AUTHBLOCK_ONLY));	  
-		  
 	  }
 	  
 	  // Mandate
@@ -1398,77 +1401,73 @@ public class AuthenticationServer implements MOAIDAuthConstants {
       }
     }
 
+    
     // Exchange person data information by a mandate if needed
+    boolean mandateMode = session.getUseMandate();
+    
     List oaAttributes = session.getExtendedSAMLAttributesOA();
     IdentityLink replacementIdentityLink = null;
-    if (session.isMandateCompatibilityMode() && oaAttributes != null && oaAttributes.size()>0) {
-      // look if we have a mandate
-      boolean foundMandate = false;
-      Iterator it = oaAttributes.iterator();
-      while (!foundMandate && it.hasNext()) {
-        ExtendedSAMLAttribute samlAttribute = (ExtendedSAMLAttribute)it.next();
-        if (ParepValidator.EXT_SAML_MANDATE_RAW.equals(samlAttribute.getName())) {
-          Object value = samlAttribute.getValue();
-          if (value instanceof Element) {
-            Element mandate = (Element) value;
-            replacementIdentityLink = new IdentityLink();
-            Element mandator = ParepUtils.extractMandator(mandate);
-            String dateOfBirth = "";
-            Element prPerson = null;
-            String familyName = "";
-            String givenName = "";
-            String identificationType = "";
-            String identificationValue = "";
-            if (mandator != null) {
-              boolean physical = ParepUtils.isPhysicalPerson(mandator);
-              if (physical) {
-                familyName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()");
-                givenName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()");
-                dateOfBirth = ParepUtils.extractMandatorDateOfBirth(mandator);
-              } else {
-                familyName = ParepUtils.extractMandatorFullName(mandator);
-              }
-              identificationType = ParepUtils.getIdentification(mandator, "Type");
-              identificationValue = ParepUtils.extractMandatorWbpk(mandator);
-              prPerson = ParepUtils.extractPrPersonOfMandate(mandate);
-              if (physical && session.getBusinessService() && identificationType!=null && Constants.URN_PREFIX_BASEID.equals(identificationType)) {
-                // now we calculate the wbPK and do so if we got it from the BKU
-                identificationType = Constants.URN_PREFIX_WBPK + "+" + session.getDomainIdentifier();
-                identificationValue = new BPKBuilder().buildWBPK(identificationValue, session.getDomainIdentifier());
-                ParepUtils.HideStammZahlen(prPerson, true, null, null, true);
-              }
 
-            }
-            replacementIdentityLink.setDateOfBirth(dateOfBirth);
-            replacementIdentityLink.setFamilyName(familyName);
-            replacementIdentityLink.setGivenName(givenName);
-            replacementIdentityLink.setIdentificationType(identificationType);
-            replacementIdentityLink.setIdentificationValue(identificationValue);
-            replacementIdentityLink.setPrPerson(prPerson);
-            try {
-              replacementIdentityLink.setSamlAssertion(session.getIdentityLink().getSamlAssertion());
-            } catch (Exception e) {
-              throw new ValidateException("validator.64", null);
-            }
-          } else {
-            Logger.info("The type of Mandate SAML-Attribute is not \"org.w3c.dom.Element\"");
-            throw new ValidateException("validator.64", null);
-          }
-        }
-      }
-    }
+//    if (mandateMode) {
+//        Iterator it = oaAttributes.iterator();
+//          //ExtendedSAMLAttribute samlAttribute = (ExtendedSAMLAttribute)it.next();
+//        Element mandate = session.getMandateElem();
+//        replacementIdentityLink = new IdentityLink();
+//        Element mandator = ParepUtils.extractMandator(mandate);
+//        String dateOfBirth = "";
+//        Element prPerson = null;
+//        String familyName = "";
+//        String givenName = "";
+//        String identificationType = "";
+//        String identificationValue = "";
+//        if (mandator != null) {
+//        	boolean physical = ParepUtils.isPhysicalPerson(mandator);
+//        	if (physical) {
+//        		familyName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:FamilyName/text()");
+//        		givenName = ParepUtils.extractText(mandator, "descendant-or-self::pr:Name/pr:GivenName/text()");
+//        		dateOfBirth = ParepUtils.extractMandatorDateOfBirth(mandator);
+//        	} else {
+//        		familyName = ParepUtils.extractMandatorFullName(mandator);
+//        	}
+//        	identificationType = ParepUtils.getIdentification(mandator, "Type");
+//        	identificationValue = ParepUtils.extractMandatorWbpk(mandator);
+//        	prPerson = ParepUtils.extractPrPersonOfMandate(mandate);
+//        	if (physical && session.getBusinessService() && identificationType!=null && Constants.URN_PREFIX_BASEID.equals(identificationType)) {
+//        		// now we calculate the wbPK and do so if we got it from the BKU
+//        		identificationType = Constants.URN_PREFIX_WBPK + "+" + session.getDomainIdentifier();
+//        		identificationValue = new BPKBuilder().buildWBPK(identificationValue, session.getDomainIdentifier());
+//        		ParepUtils.HideStammZahlen(prPerson, true, null, null, true);
+//        	}
+//        	
+//        
+//        	replacementIdentityLink.setDateOfBirth(dateOfBirth);
+//        	replacementIdentityLink.setFamilyName(familyName);
+//        	replacementIdentityLink.setGivenName(givenName);
+//        	replacementIdentityLink.setIdentificationType(identificationType);
+//        	replacementIdentityLink.setIdentificationValue(identificationValue);
+//        	replacementIdentityLink.setPrPerson(prPerson);
+//        	try {
+//                replacementIdentityLink.setSamlAssertion(session.getIdentityLink().getSamlAssertion());
+//        	} catch (Exception e) {
+//                throw new ValidateException("validator.64", null);
+//              }
+//            
+//          }
+//        
+//      }
     
     // builds authentication data and stores it together with a SAML artifact
     AuthenticationData authData = buildAuthenticationData(session, vsresp, replacementIdentityLink);
     String samlArtifact =
-      new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
+    	new SAMLArtifactBuilder().build(session.getAuthURL(), session.getSessionID());
     storeAuthenticationData(samlArtifact, authData);
     
     // invalidates the authentication session
     sessionStore.remove(sessionID);
     Logger.info(
-      "Anmeldedaten zu MOASession " + sessionID + " angelegt, SAML Artifakt " + samlArtifact);
+    		"Anmeldedaten zu MOASession " + sessionID + " angelegt, SAML Artifakt " + samlArtifact);
     return samlArtifact;
+    
   }
 
   /**