1 files changed, 42 insertions, 17 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 68e6b950a..a68dca65a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -24,11 +24,15 @@
 
 package at.gv.egovernment.moa.id.auth;
 
+import iaik.ixsil.exceptions.UtilsException;
+import iaik.ixsil.util.Utils;
 import iaik.pki.PKIException;
 import iaik.x509.X509Certificate;
 
 import java.io.ByteArrayInputStream;
 import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.security.GeneralSecurityException;
 import java.security.Principal;
@@ -49,7 +53,6 @@ import org.apache.xpath.XPathAPI;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
-import org.w3c.dom.NodeList;
 import org.xml.sax.SAXException;
 
 import at.gv.egovernment.moa.id.AuthenticationException;
@@ -114,7 +117,6 @@ import at.gv.egovernment.moa.util.DOMUtils;
 import at.gv.egovernment.moa.util.DateTimeUtils;
 import at.gv.egovernment.moa.util.FileUtils;
 import at.gv.egovernment.moa.util.StringUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
 
 
 /**
@@ -305,7 +307,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
    * @param useMandate Indicates if mandate is used or not               
    * @param templateURL URL providing an HTML template for the HTML form generated
    * @param templateMandteURL URL providing an HTML template for the HTML form generated (for signing in mandates mode)
-   * @param scheme determines the protocol used 
+   * @param scheme determines the protocol used
+   * @param sourceID 
    * @return HTML form
    * @throws AuthenticationException
    * @see GetIdentityLinkFormBuilder
@@ -320,7 +323,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     String bkuURL,
     String useMandate,
     String sessionID,
-    String scheme)
+    String scheme, 
+    String sourceID)
     throws WrongParametersException, AuthenticationException, ConfigurationException, BuildException {
 
 	  String useMandateString = null;
@@ -381,7 +385,9 @@ public class AuthenticationServer implements MOAIDAuthConstants {
       session.setPublicOAURLPrefix(oaParam.getPublicURLPrefix());
       session.setAuthURL(authURL);
       session.setTemplateURL(templateURL);
-      session.setBusinessService(oaParam.getBusinessService());      
+      session.setBusinessService(oaParam.getBusinessService());
+      if (sourceID != null)
+    	  session.setSourceID(sourceID);
     }
     // BKU URL has not been set yet, even if session already exists
     if (bkuURL == null) {
@@ -510,17 +516,16 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     }
        
     // for testing new identity link certificate
-    // https://localhost:8443/moa-id-auth/StartAuthentication?Target=AR&OA=https://localhost:8443/TestMOAID_OA/LoginServletExample
 //    xmlInfoboxReadResponse = null;
 //    try {
-//    File file = new File("c:/temp/xxxMuster-new-cert_infobox.xml");
+//    File file = new File("c:/temp/XXXMuster.xml");
 //    FileInputStream fis;
 //	
 //		fis = new FileInputStream(file);
 //		byte[] array = Utils.readFromInputStream(fis);
 //    
 //    xmlInfoboxReadResponse = new String(array);
-//    //System.out.println(xmlInfoboxReadResponse);
+//    System.out.println(xmlInfoboxReadResponse);
 //    
 //    } catch (FileNotFoundException e) {
 //		// TODO Auto-generated catch block
@@ -529,7 +534,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 //		// TODO Auto-generated catch block
 //		e.printStackTrace();
 //	}
-//    
+    
  	
     
  // parses the <InfoboxReadResponse>
@@ -687,7 +692,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     
 
     // builds the AUTH-block
-    String authBlock = buildAuthenticationBlock(session);
+    String authBlock = buildAuthenticationBlock(session, oaParam);
     
 //    session.setAuthBlock(authBlock);
     // builds the <CreateXMLSignatureRequest>
@@ -871,14 +876,14 @@ public class AuthenticationServer implements MOAIDAuthConstants {
    * @throws BuildException If an error occurs on serializing an extended SAML attribute 
    *                        to be appended to the AUTH-Block.
    */
-  private String buildAuthenticationBlock(AuthenticationSession session) throws BuildException {
+  private String buildAuthenticationBlock(AuthenticationSession session, OAAuthParameter oaParam) throws BuildException {
      IdentityLink identityLink = session.getIdentityLink();
      String issuer = identityLink.getName();
        String gebDat = identityLink.getDateOfBirth();
      String identificationValue = identityLink.getIdentificationValue();
      String identificationType = identityLink.getIdentificationType();
 
-     String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance());
+    String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance(), oaParam.getUseUTC());
     session.setIssueInstant(issueInstant);
     String authURL = session.getAuthURL();
     String target = session.getTarget();
@@ -1418,6 +1423,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     // parses <CreateXMLSignatureResponse>
     CreateXMLSignatureResponse csresp =
       new CreateXMLSignatureResponseParser(xmlCreateXMLSignatureReadResponse).parseResponse();
+    
     try {
       String serializedAssertion = DOMUtils.serializeNode(csresp.getSamlAssertion());
       session.setAuthBlock(serializedAssertion);
@@ -1502,12 +1508,21 @@ public class AuthenticationServer implements MOAIDAuthConstants {
       }
     }
 
+    OAAuthParameter oaParam =
+        AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(
+          session.getPublicOAURLPrefix());
+    boolean useUTC = oaParam.getUseUTC();
     
     // builds authentication data and stores it together with a SAML artifact
-    AuthenticationData authData = buildAuthenticationData(session, vsresp);
+    AuthenticationData authData = buildAuthenticationData(session, vsresp, useUTC);
     
     if (session.getUseMandate()) {    	
     	// mandate mode
+    	//session.setAssertionAuthBlock(assertionAuthBlock)
+    	
+    	// set signer certificate
+    	session.setSignerCertificate(vsresp.getX509certificate());
+    	
     	return null;
     }
     else {
@@ -1521,6 +1536,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
               session.getBkuURL(),
               session.getAssertionSignerCertificateBase64(),
               session.getAssertionBusinessService(),
+              session.getSourceID(),
               session.getExtendedSAMLAttributesOA());
           authData.setSamlAssertion(samlAssertion);
           
@@ -1677,6 +1693,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     			session.getBkuURL(),
     			session.getAssertionSignerCertificateBase64(),
     			session.getAssertionBusinessService(),
+    			session.getSourceID(),
     			session.getExtendedSAMLAttributesOA());
     authData.setSamlAssertion(samlAssertion);
           
@@ -1772,9 +1789,14 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     }
 
     VerifyXMLSignatureResponse vsresp = new VerifyXMLSignatureResponse();
-    X509Certificate cert = session.getForeignSignerCertificate();
+    X509Certificate cert = session.getSignerCertificate();
     vsresp.setX509certificate(cert);
-    AuthenticationData authData = buildAuthenticationData(session, vsresp);
+    
+    OAAuthParameter oaParam =
+        AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(
+          session.getPublicOAURLPrefix());
+    boolean useUTC = oaParam.getUseUTC();
+    AuthenticationData authData = buildAuthenticationData(session, vsresp, useUTC);
     
     
     String samlAssertion =
@@ -1786,6 +1808,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
           session.getBkuURL(),
           session.getAssertionSignerCertificateBase64(),
           session.getAssertionBusinessService(),
+          session.getSourceID(),
           session.getExtendedSAMLAttributesOA());
       authData.setSamlAssertion(samlAssertion);
       
@@ -1823,7 +1846,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
    */
   private AuthenticationData buildAuthenticationData(
     AuthenticationSession session,
-    VerifyXMLSignatureResponse verifyXMLSigResp)
+    VerifyXMLSignatureResponse verifyXMLSigResp, 
+    boolean useUTC)
     throws ConfigurationException, BuildException {
 
     IdentityLink identityLink = session.getIdentityLink();
@@ -1836,7 +1860,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     authData.setMinorVersion(0);
     authData.setAssertionID(Random.nextRandom());
     authData.setIssuer(session.getAuthURL());
-    authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance()));
+    authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar.getInstance(), useUTC));
     authData.setIdentificationType(identityLink.getIdentificationType());    
     authData.setGivenName(identityLink.getGivenName());
     authData.setFamilyName(identityLink.getFamilyName());
@@ -1845,6 +1869,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
     authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
     authData.setPublicAuthorityCode(verifyXMLSigResp.getPublicAuthorityCode());
     authData.setBkuURL(session.getBkuURL());
+    authData.setUseUTC(oaParam.getUseUTC());
     boolean provideStammzahl = oaParam.getProvideStammzahl();
     if (provideStammzahl) {
       authData.setIdentificationValue(identityLink.getIdentificationValue());